Jump to content

[PAYLOAD] Network Recon Payload with email exfiltration


Recommended Posts

This is a based on MonsieurMarc's Sample Nmap Payload with Patebin exfiltration script, which was based on the original HAK5 sample payload.

This payload:

  • Performs an nmap ping scan of the local subnet and logs it to a text file
  • Pulls LLDP neighbor and switch information and logs it to a text file
  • Performs an IFconfig and ip addr show and logs it to a text file
  • Performs a traceroute to and logs it to a text file
  • Performs a public IP address lookup via curl and icanhazip.com and logs it to a text file
  • Sends all of the created text files via email to the address set with MAIL_RCPT

This payload requires you to have curl, lldpd, and msmtp mutt already installed and configured via opkg


Link to comment
Share on other sites

19 hours ago, Darren Kitchen said:

Awesome! Would like to host this on the Hak5 repo if you'd like to submit a pull request 🙂

Just attempted to submit it. This is my first time using github so I might have done it wrong. Let me know if anything needs to be done differently. Thanks! Happy to have it hosted on the Hak5 Repo!!


Link to comment
Share on other sites

Thanks! PR accepted 🙂

I will note that this payload overwrites the nameserver in the /etc/resolv.conf file to If I were to recommend any change - it would be to make that configurable in the variables at the top of the payload. 

Otherwise, fantastic work - and I'll see if we can't get some of those dependencies baked into the next official release so it's even easier to use out of the box.

Link to comment
Share on other sites

  • 4 weeks later...
  • 5 months later...


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...