From 45c3d788366f78e566fd0da6852833c89774464f Mon Sep 17 00:00:00 2001 From: Martin Sundhaug Date: Sat, 21 Oct 2017 08:42:21 +0200 Subject: [PATCH 1/9] Added best-practice meta to sebs payloads --- payloads/library/dnsspoof/payload.sh | 8 +++++++- payloads/library/openvpn/payload.sh | 8 +++++++- payloads/library/tcpdump/payload.sh | 8 +++++++- 3 files changed, 21 insertions(+), 3 deletions(-) diff --git a/payloads/library/dnsspoof/payload.sh b/payloads/library/dnsspoof/payload.sh index ca88fbe..b474b25 100755 --- a/payloads/library/dnsspoof/payload.sh +++ b/payloads/library/dnsspoof/payload.sh @@ -1,5 +1,11 @@ #!/bin/bash -# DNSSpoof payload +# +# Title: DNSSpoof +# Author: SebKinne +# Version: 1.0 +# Category: interception +# Target: Any +# Net Mode: NAT function setup() { diff --git a/payloads/library/openvpn/payload.sh b/payloads/library/openvpn/payload.sh index 2e271eb..7bc7576 100755 --- a/payloads/library/openvpn/payload.sh +++ b/payloads/library/openvpn/payload.sh @@ -1,5 +1,11 @@ #!/bin/bash -# OpenVPN payload +# +# Title: OpenVPN +# Author: SebKinne +# Version: 1.0 +# Category: remote-access +# Target: Any +# Net Mode: BRIDGE, VPN # Set to 1 to allow clients to use the VPN FOR_CLIENTS=0 diff --git a/payloads/library/tcpdump/payload.sh b/payloads/library/tcpdump/payload.sh index bc6f130..df4796d 100755 --- a/payloads/library/tcpdump/payload.sh +++ b/payloads/library/tcpdump/payload.sh @@ -1,5 +1,11 @@ #!/bin/bash -# TCPDump payload v1.0 +# +# Title: TCPDump +# Author: SebKinne +# Version: 1.0 +# Category: sniffing +# Target: Any +# Net Mode: TRANSPARENT function monitor_space() { while true From 08edd1610a70c8b7bb43520709b78a29b028c32c Mon Sep 17 00:00:00 2001 From: Martin Sundhaug Date: Sat, 21 Oct 2017 08:52:34 +0200 Subject: [PATCH 2/9] Add PBP-metas for the dummy --- payloads/switch1/payload.sh | 8 ++++++++ payloads/switch2/payload.sh | 8 ++++++++ payloads/switch3/payload.sh | 8 ++++++++ 3 files changed, 24 insertions(+) diff --git a/payloads/switch1/payload.sh b/payloads/switch1/payload.sh index 730b83f..586fee7 100755 --- a/payloads/switch1/payload.sh +++ b/payloads/switch1/payload.sh @@ -1,4 +1,12 @@ #!/bin/bash +# +# Title: default +# Description: Sets the NETMODE to NAT, then sets the LED to ATTACK +# Author: SebKinne +# Version: 1.0 +# Category: default +# Target: Any +# Net Mode: NAT NETMODE NAT LED ATTACK diff --git a/payloads/switch2/payload.sh b/payloads/switch2/payload.sh index 730b83f..586fee7 100755 --- a/payloads/switch2/payload.sh +++ b/payloads/switch2/payload.sh @@ -1,4 +1,12 @@ #!/bin/bash +# +# Title: default +# Description: Sets the NETMODE to NAT, then sets the LED to ATTACK +# Author: SebKinne +# Version: 1.0 +# Category: default +# Target: Any +# Net Mode: NAT NETMODE NAT LED ATTACK diff --git a/payloads/switch3/payload.sh b/payloads/switch3/payload.sh index 730b83f..586fee7 100755 --- a/payloads/switch3/payload.sh +++ b/payloads/switch3/payload.sh @@ -1,4 +1,12 @@ #!/bin/bash +# +# Title: default +# Description: Sets the NETMODE to NAT, then sets the LED to ATTACK +# Author: SebKinne +# Version: 1.0 +# Category: default +# Target: Any +# Net Mode: NAT NETMODE NAT LED ATTACK From 1622d1818f15119c28d37b098e43535a3a1a6106 Mon Sep 17 00:00:00 2001 From: Martin Sundhaug Date: Sat, 21 Oct 2017 09:09:36 +0200 Subject: [PATCH 3/9] Added descriptions --- payloads/library/dnsspoof/payload.sh | 17 +++++++++-------- payloads/library/openvpn/payload.sh | 13 +++++++------ payloads/library/tcpdump/payload.sh | 17 +++++++++++------ 3 files changed, 27 insertions(+), 20 deletions(-) diff --git a/payloads/library/dnsspoof/payload.sh b/payloads/library/dnsspoof/payload.sh index b474b25..1b03921 100755 --- a/payloads/library/dnsspoof/payload.sh +++ b/payloads/library/dnsspoof/payload.sh @@ -1,11 +1,12 @@ #!/bin/bash # -# Title: DNSSpoof -# Author: SebKinne -# Version: 1.0 -# Category: interception -# Target: Any -# Net Mode: NAT +# Title: DNSSpoof +# Description: Forge replies to arbitrary DNS queries using DNSMasq +# Author: SebKinne +# Version: 1.0 +# Category: interception +# Target: Any +# Net Mode: NAT function setup() { @@ -20,7 +21,7 @@ function setup() { cp $(dirname ${BASH_SOURCE[0]})/spoofhost /tmp/dnsmasq.address &> /dev/null # Restart dnsmasq with the new configuration - /etc/init.d/dnsmasq restart + /etc/init.d/dnsmasq restart } function run() { @@ -28,7 +29,7 @@ function run() { LED ATTACK # Redirect all DNS traffic to ourselves - iptables -A PREROUTING -t nat -i eth0 -p udp --dport 53 -j REDIRECT --to-port 53 + iptables -A PREROUTING -t nat -i eth0 -p udp --dport 53 -j REDIRECT --to-port 53 } setup diff --git a/payloads/library/openvpn/payload.sh b/payloads/library/openvpn/payload.sh index 7bc7576..072f4c8 100755 --- a/payloads/library/openvpn/payload.sh +++ b/payloads/library/openvpn/payload.sh @@ -1,11 +1,12 @@ #!/bin/bash # -# Title: OpenVPN -# Author: SebKinne -# Version: 1.0 -# Category: remote-access -# Target: Any -# Net Mode: BRIDGE, VPN +# Title: OpenVPN +# Description: Create a connection to a VPN-connection to an OpenVPN-server. Optionally: Send traffic from the clients through said tunnel. +# Author: SebKinne +# Version: 1.0 +# Category: remote-access +# Target: Any +# Net Mode: BRIDGE, VPN # Set to 1 to allow clients to use the VPN FOR_CLIENTS=0 diff --git a/payloads/library/tcpdump/payload.sh b/payloads/library/tcpdump/payload.sh index df4796d..b7101e8 100755 --- a/payloads/library/tcpdump/payload.sh +++ b/payloads/library/tcpdump/payload.sh @@ -1,11 +1,16 @@ #!/bin/bash # -# Title: TCPDump -# Author: SebKinne -# Version: 1.0 -# Category: sniffing -# Target: Any -# Net Mode: TRANSPARENT +# Title: TCPDump +# Description: Dumps networking-data to USB storage. Completes on button-press or storage full. +# Author: SebKinne +# Version: 1.0 +# Category: sniffing +# Target: Any +# Net Mode: TRANSPARENT + +# LEDs +# SUCCESS: Dump complete +# FAIL: No USB storage found function monitor_space() { while true From 4492ac6a3835b0b9c943456b0a98975b054bd215 Mon Sep 17 00:00:00 2001 From: Martin Sundhaug Date: Sat, 21 Oct 2017 09:26:20 +0200 Subject: [PATCH 4/9] Tabs --- payloads/library/tcpdump/payload.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/payloads/library/tcpdump/payload.sh b/payloads/library/tcpdump/payload.sh index b7101e8..a8a4888 100755 --- a/payloads/library/tcpdump/payload.sh +++ b/payloads/library/tcpdump/payload.sh @@ -1,10 +1,10 @@ #!/bin/bash # # Title: TCPDump -# Description: Dumps networking-data to USB storage. Completes on button-press or storage full. +# Description: Dumps networking-data to USB storage. Completes on button-press or storage full. # Author: SebKinne # Version: 1.0 -# Category: sniffing +# Category: sniffing # Target: Any # Net Mode: TRANSPARENT From 7fc3fa3cdfaa1703dc4f7d66b073fcab49c10b97 Mon Sep 17 00:00:00 2001 From: Martin Sundhaug Date: Sat, 21 Oct 2017 09:26:47 +0200 Subject: [PATCH 5/9] Tabs --- payloads/library/dnsspoof/payload.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/payloads/library/dnsspoof/payload.sh b/payloads/library/dnsspoof/payload.sh index 1b03921..7e821b6 100755 --- a/payloads/library/dnsspoof/payload.sh +++ b/payloads/library/dnsspoof/payload.sh @@ -1,10 +1,10 @@ #!/bin/bash # # Title: DNSSpoof -# Description: Forge replies to arbitrary DNS queries using DNSMasq +# Description: Forge replies to arbitrary DNS queries using DNSMasq # Author: SebKinne # Version: 1.0 -# Category: interception +# Category: interception # Target: Any # Net Mode: NAT From b7e5c2e3b0a8491b4e6b7662d779233ef2fe66d1 Mon Sep 17 00:00:00 2001 From: Martin Sundhaug Date: Sat, 21 Oct 2017 09:27:10 +0200 Subject: [PATCH 6/9] Tabs --- payloads/library/openvpn/payload.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/payloads/library/openvpn/payload.sh b/payloads/library/openvpn/payload.sh index 072f4c8..014fbed 100755 --- a/payloads/library/openvpn/payload.sh +++ b/payloads/library/openvpn/payload.sh @@ -1,10 +1,10 @@ #!/bin/bash # # Title: OpenVPN -# Description: Create a connection to a VPN-connection to an OpenVPN-server. Optionally: Send traffic from the clients through said tunnel. +# Description: Create a connection to a VPN-connection to an OpenVPN-server. Optionally: Send traffic from the clients through said tunnel. # Author: SebKinne # Version: 1.0 -# Category: remote-access +# Category: remote-access # Target: Any # Net Mode: BRIDGE, VPN From bc322b4fe71b6379ab3d554152cf60d8be5dec49 Mon Sep 17 00:00:00 2001 From: Martin Sundhaug Date: Fri, 27 Oct 2017 03:32:43 +0200 Subject: [PATCH 7/9] Fixed issues --- payloads/library/dnsspoof/payload.sh | 2 +- payloads/library/openvpn/payload.sh | 2 +- payloads/library/tcpdump/payload.sh | 4 ++-- payloads/switch1/payload.sh | 4 ++-- payloads/switch2/payload.sh | 4 ++-- payloads/switch3/payload.sh | 4 ++-- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/payloads/library/dnsspoof/payload.sh b/payloads/library/dnsspoof/payload.sh index 1b03921..cedcab2 100755 --- a/payloads/library/dnsspoof/payload.sh +++ b/payloads/library/dnsspoof/payload.sh @@ -2,7 +2,7 @@ # # Title: DNSSpoof # Description: Forge replies to arbitrary DNS queries using DNSMasq -# Author: SebKinne +# Author: Hak5 # Version: 1.0 # Category: interception # Target: Any diff --git a/payloads/library/openvpn/payload.sh b/payloads/library/openvpn/payload.sh index 072f4c8..37bf7b3 100755 --- a/payloads/library/openvpn/payload.sh +++ b/payloads/library/openvpn/payload.sh @@ -2,7 +2,7 @@ # # Title: OpenVPN # Description: Create a connection to a VPN-connection to an OpenVPN-server. Optionally: Send traffic from the clients through said tunnel. -# Author: SebKinne +# Author: Hak5 # Version: 1.0 # Category: remote-access # Target: Any diff --git a/payloads/library/tcpdump/payload.sh b/payloads/library/tcpdump/payload.sh index b7101e8..3dce864 100755 --- a/payloads/library/tcpdump/payload.sh +++ b/payloads/library/tcpdump/payload.sh @@ -2,9 +2,9 @@ # # Title: TCPDump # Description: Dumps networking-data to USB storage. Completes on button-press or storage full. -# Author: SebKinne +# Author: Hak5 # Version: 1.0 -# Category: sniffing +# Category: sniffing # Target: Any # Net Mode: TRANSPARENT diff --git a/payloads/switch1/payload.sh b/payloads/switch1/payload.sh index 586fee7..25da1c3 100755 --- a/payloads/switch1/payload.sh +++ b/payloads/switch1/payload.sh @@ -1,8 +1,8 @@ #!/bin/bash # -# Title: default +# Title: Default Payload # Description: Sets the NETMODE to NAT, then sets the LED to ATTACK -# Author: SebKinne +# Author: Hak5 # Version: 1.0 # Category: default # Target: Any diff --git a/payloads/switch2/payload.sh b/payloads/switch2/payload.sh index 586fee7..25da1c3 100755 --- a/payloads/switch2/payload.sh +++ b/payloads/switch2/payload.sh @@ -1,8 +1,8 @@ #!/bin/bash # -# Title: default +# Title: Default Payload # Description: Sets the NETMODE to NAT, then sets the LED to ATTACK -# Author: SebKinne +# Author: Hak5 # Version: 1.0 # Category: default # Target: Any diff --git a/payloads/switch3/payload.sh b/payloads/switch3/payload.sh index 586fee7..25da1c3 100755 --- a/payloads/switch3/payload.sh +++ b/payloads/switch3/payload.sh @@ -1,8 +1,8 @@ #!/bin/bash # -# Title: default +# Title: Default Payload # Description: Sets the NETMODE to NAT, then sets the LED to ATTACK -# Author: SebKinne +# Author: Hak5 # Version: 1.0 # Category: default # Target: Any From 9429187384fb796fcf7739d09cd58aec9b6207c4 Mon Sep 17 00:00:00 2001 From: Martin Sundhaug Date: Fri, 27 Oct 2017 05:48:13 +0200 Subject: [PATCH 8/9] Added links Links to twitters, forum-post and PR --- payloads/library/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/payloads/library/README.md b/payloads/library/README.md index d9a1f1f..3ed46aa 100644 --- a/payloads/library/README.md +++ b/payloads/library/README.md @@ -2,5 +2,5 @@ - interception - sniffing -- remote-access (Maybe a VPN subfolder @sundhaug92) -- recon (@thehappydinoa is working on payloads for this ) +- remote-access (Maybe a VPN subfolder, [@sundhaug92](twitter.com/sundhaug92) proposed this in https://forums.hak5.org/topic/42103-categorization/?tab=comments#comment-299068)) +- recon ([@thehappydinoa](twitter.com/thehappydinoa) is working on payloads for this. For example "nmapper" at [PR-8](https://github.com/hak5/packetsquirrel-payloads/pull/8)) From 28af46e171571f0b85bdae75455ab7468c4cec60 Mon Sep 17 00:00:00 2001 From: Martin Sundhaug Date: Sat, 28 Oct 2017 06:35:54 +0200 Subject: [PATCH 9/9] https and gh --- payloads/library/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/payloads/library/README.md b/payloads/library/README.md index 3ed46aa..21d94ac 100644 --- a/payloads/library/README.md +++ b/payloads/library/README.md @@ -2,5 +2,5 @@ - interception - sniffing -- remote-access (Maybe a VPN subfolder, [@sundhaug92](twitter.com/sundhaug92) proposed this in https://forums.hak5.org/topic/42103-categorization/?tab=comments#comment-299068)) -- recon ([@thehappydinoa](twitter.com/thehappydinoa) is working on payloads for this. For example "nmapper" at [PR-8](https://github.com/hak5/packetsquirrel-payloads/pull/8)) +- remote-access (Maybe a VPN subfolder, [@sundhaug92](https://twitter.com/sundhaug92) proposed this in https://forums.hak5.org/topic/42103-categorization/?tab=comments#comment-299068)) +- recon ([@thehappydinoa](https://github.com/thehappydinoa) is working on payloads for this. For example "nmapper" at [PR-8](https://github.com/hak5/packetsquirrel-payloads/pull/8))