Coder Social home page Coder Social logo

qr-exfil's Introduction

Issues MIT License LinkedIn

QR Exfil

A web-based no-fix (?) tool to exfiltrate data from a restricted environment using QR codes.
Install »

Table of Contents
  1. About The Project
  2. Installation
  3. Usage
  4. License
  5. Contact
  6. Acknowledgements

About The Project

Do you have RDP or VDI access, but no copy/paste, no outbound network, and need to exfiltrate some sensitive data? This tool provides a method to reliably move files from restricted environments such as these to your own machine. It's web-based, circumventing client-side security controls such as AV/EDR or application control, and usually performant enough to transfer moderately large files (50MB) in a reasonable amount of time (a few hours).

Installation

Run the following:

git clone https://github.com/hack3n/qr-exfil
pip3 install pyzbar pillow pybase64 opencv-python

What you need:

  • Some kind of desktop session on a remote machine
  • A Flipper or a rubber ducky USB

If you need to transfer files from a restricted physical machine as well:

  • A laptop to receive
  • USB video capture card
  • HDMI cable

Usage

Basic usage:

  • Prepare qr-exfil.html to display QR codes on your primary monitor, either within your remote session (RDP or VDI), or using a USB video capture card and displaying the camera on screen.
  • Run reader.py on your host.
  • Start the QR code output on the target.
  • Wait for it to complete, then exit with CTRL + C.
  • Use the util\dump-from-json.py script to get your output file on your host.

This repository includes a number of scripts and utilities that you may require:

  • reader.py - Reads your primary moniter for QR codes and dumps them to a raw.json file.
  • qr-exfil.html - The payload HTML that chunks and displays a local file in rotating QR codes.
  • util\dump-from-json.py - Reads the raw data from raw.json and outputs it to a file output.
  • util\find-missing-ids.py - Reads raw.json and checks that no chunks were missed by the reader.
  • util\make-ducky.py - Converts qr-exfil.html into a ruber ducky script payload to infil into your target environment.
  • util\make-ducky-hex-string.py - Sometimes VDI's can be sensitive with capital letters and special characters, so same as above, but as hex.
  • util\decode-hex.html - Intended to be manually typed out on the target environment to decode the hex inserted by the above script.

License

Distributed under the MIT License. See LICENSE.txt for more information.

Contact

Project Link: https://github.com/hack3n/qr-exfil

Acknowledgments

qr-exfil's People

Contributors

hack3n avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.