From d79312d4a6a777def87c2679a8622395dcc716f4 Mon Sep 17 00:00:00 2001 From: Nicole Rappe Date: Tue, 16 Jul 2024 22:47:51 -0600 Subject: [PATCH] Update Scripts/Powershell/Upload Data to Nextcloud.md --- .../Powershell/Upload Data to Nextcloud.md | 60 +++++++++++++++++-- 1 file changed, 56 insertions(+), 4 deletions(-) diff --git a/Scripts/Powershell/Upload Data to Nextcloud.md b/Scripts/Powershell/Upload Data to Nextcloud.md index e5b7a9e..2619c52 100644 --- a/Scripts/Powershell/Upload Data to Nextcloud.md +++ b/Scripts/Powershell/Upload Data to Nextcloud.md @@ -102,9 +102,61 @@ === "MacOS/Linux" ``` sh - placeholder # (1) - placeholder # (2) + #!/bin/bash + + # -------------------------- + # Variables to Pass to the Script at Execution + # -------------------------- + # NEXTCLOUD_SERVER_URL # (1) + # NEXTCLOUD_SHARE_PASSWORD # (2) + # NEXTCLOUD_SHARE # (3) + # DATA_TO_COPY # (4) + # LOGFILE="uploaded_files.log" # (5) + + # Directory to search + DIR=$DATA_TO_COPY + + # URL for the upload + URL="$NEXTCLOUD_SERVER_URL/public.php/webdav/" + + # Check if log file exists. If not, create one. + if [ ! -f "$LOGFILE" ]; then + touch "$LOGFILE" + fi + + # Iterate over each file in the directory and its subdirectories + find "$DIR" -type f -print0 | while IFS= read -r -d '' file; do + # Extract just the filename + filename=$(basename "$file") + + # Check if this file has been uploaded before + if ! grep -q "$file" "$LOGFILE"; then + echo "Uploading $file ..." + + # Upload the file + response=$(curl -k -s -T "$file" -u "$NEXTCLOUD_SHARE:$NEXTCLOUD_SHARE_PASSWORD" -H 'X-Requested-With: XMLHttpRequest' "$URL$filename") + + # Get the HTTP status code + status_code=$(curl -s -o /dev/null -w ''%{http_code}'' "$URL$filename") + + # # Print the HTTP status code + # echo "HTTP status code: $status_code" + + # # Check the HTTP status code + # if [[ "$status_code" = "200" ]]; then + # # If upload was successful, record this file in the log + echo "$file" >> "$LOGFILE" + # else + # echo "Failed to upload $file" + # fi + else + echo "Skipping previously uploaded file $file" + fi + done ``` - 1. placeholder - 2. placeholder \ No newline at end of file + 1. This is the base URL of the Nextcloud server that data will be copied to. For example `https://cloud.bunny-lab.io` + 2. You need to create a share on Nextcloud, and configure it as a `File Drop`, then put a password to protect it. Put that password here. + 3. This directory target is the primary focus of the upload / backup / exfiltration. The script will iterate through this target. The target can be a directory or a single file. e.g. (`C:\Users\Example`) + 4. The tail-end of a nextcloud share link, e.g. `https://cloud.bunny-lab.io/s/<>` + 5. This file is how the script has "persistence". In case the computer is shut down, rebooted, etc, when it comes back online and the script is re-ran against it, it reads this file to pick up where it last was, and attempts to resume from that point. If this transfer is meant to be hidden, put this file somewhere someone is not likely to find it easily. \ No newline at end of file