From 08607a79aef06af095cd2642855fbdefeedf8850 Mon Sep 17 00:00:00 2001 From: Nicole Rappe Date: Tue, 16 Jul 2024 23:10:39 -0600 Subject: [PATCH] Update Scripts/Powershell/Upload Data to Nextcloud.md --- .../Powershell/Upload Data to Nextcloud.md | 33 ++++++++----------- 1 file changed, 14 insertions(+), 19 deletions(-) diff --git a/Scripts/Powershell/Upload Data to Nextcloud.md b/Scripts/Powershell/Upload Data to Nextcloud.md index a77a871..ef9a3c8 100644 --- a/Scripts/Powershell/Upload Data to Nextcloud.md +++ b/Scripts/Powershell/Upload Data to Nextcloud.md @@ -1,6 +1,6 @@ **Purpose**: In some unique cases, you want to be able to either perform backups of data or exfiltrate data to Nextcloud from a local device via the use of a script. Doing such a thing with Nextcloud as the destination is not very documented, but you can achieve that result by running a script like what is seen below: -=== "Windows" +## Windows !!! abstract "Environment Variables" You will need to assign the following variables either within the script or externally via environment variables at the time the script is executed. @@ -89,20 +89,21 @@ ``` -=== "MacOS/Linux" - +## MacOS/Linux +!!! abstract "Environment Variables" + You will need to assign the following variables either within the script or externally via environment variables at the time the script is executed. + + | **Variable** | **Default Value** | **Description** | + | :--- | :--- | :--- | + | `NEXTCLOUD_SERVER_URL` | `https://cloud.bunny-lab.io` | This is the base URL of the Nextcloud server that data will be copied to. | + | `NEXTCLOUD_SHARE_PASSWORD` | `` | You need to create a share on Nextcloud, and configure it as a `File Drop`, then put a share password to protect it. Put that password here. | + | `NEXTCLOUD_SHARE` | `ABCDEFGHIJK` | The tail-end of a nextcloud share link, e.g. `https://cloud.bunny-lab.io/s/<>` | + | `DATA_TO_COPY` | `/home/bunny/example` | This directory target is the primary focus of the upload / backup / exfiltration. The script will iterate through this target first before it moves onto the secondary target. The target can be a directory or a single file. This will act as the main priority of the transfer. | + | `LOGFILE` | `/tmp/uploaded_files.log` | This file is how the script has "persistence". In case the computer is shut down, rebooted, etc, when it comes back online and the script is re-ran against it, it reads this file to pick up where it last was, and attempts to resume from that point. If this transfer is meant to be hidden, put this file somewhere someone is not likely to find it easily. | + ``` sh #!/bin/bash - # -------------------------- - # Variables to Pass to the Script at Execution - # -------------------------- - # NEXTCLOUD_SERVER_URL # (1) - # NEXTCLOUD_SHARE_PASSWORD # (2) - # NEXTCLOUD_SHARE # (3) - # DATA_TO_COPY # (4) - # LOGFILE="uploaded_files.log" # (5) - # Directory to search DIR=$DATA_TO_COPY @@ -143,10 +144,4 @@ echo "Skipping previously uploaded file $file" fi done - ``` - - 1. This is the base URL of the Nextcloud server that data will be copied to. For example `https://cloud.bunny-lab.io` - 2. You need to create a share on Nextcloud, and configure it as a `File Drop`, then put a password to protect it. Put that password here. - 3. This directory target is the primary focus of the upload / backup / exfiltration. The script will iterate through this target. The target can be a directory or a single file. e.g. (`C:\Users\Example`) - 4. The tail-end of a nextcloud share link, e.g. `https://cloud.bunny-lab.io/s/<>` - 5. This file is how the script has "persistence". In case the computer is shut down, rebooted, etc, when it comes back online and the script is re-ran against it, it reads this file to pick up where it last was, and attempts to resume from that point. If this transfer is meant to be hidden, put this file somewhere someone is not likely to find it easily. \ No newline at end of file + ``` \ No newline at end of file