Skip to content
/ qr-exfil Public

A web-based no-fix (?) tool to exfiltrate data from restricted environments using QR codes.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hack3n/qr-exfil

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
util
util
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
qr-exfil.html
qr-exfil.html
 
 
reader.py
reader.py
 
 

Repository files navigation

Issues MIT License LinkedIn

QR Exfil

A web-based no-fix (?) tool to exfiltrate data from a restricted environment using QR codes.
Install »

Table of Contents
  1. About The Project
  2. Installation
  3. Usage
  4. License
  5. Contact
  6. Acknowledgements

About The Project

Do you have RDP or VDI access, but no copy/paste, no outbound network, and need to exfiltrate some sensitive data? This tool provides a method to reliably move files from restricted environments such as these to your own machine. It's web-based, circumventing client-side security controls such as AV/EDR or application control, and usually performant enough to transfer moderately large files (50MB) in a reasonable amount of time (a few hours).

Installation

Run the following:

git clone https://github.com/hack3n/qr-exfil
pip3 install pyzbar pillow pybase64 opencv-python

What you need:

  • Some kind of desktop session on a remote machine
  • A Flipper or a rubber ducky USB

If you need to transfer files from a restricted physical machine as well:

  • A laptop to receive
  • USB video capture card
  • HDMI cable

Usage

Basic usage:

  • Prepare qr-exfil.html to display QR codes on your primary monitor, either within your remote session (RDP or VDI), or using a USB video capture card and displaying the camera on screen.
  • Run reader.py on your host.
  • Start the QR code output on the target.
  • Wait for it to complete, then exit with CTRL + C.
  • Use the util\dump-from-json.py script to get your output file on your host.

This repository includes a number of scripts and utilities that you may require:

  • reader.py - Reads your primary moniter for QR codes and dumps them to a raw.json file.
  • qr-exfil.html - The payload HTML that chunks and displays a local file in rotating QR codes.
  • util\dump-from-json.py - Reads the raw data from raw.json and outputs it to a file output.
  • util\find-missing-ids.py - Reads raw.json and checks that no chunks were missed by the reader.
  • util\make-ducky.py - Converts qr-exfil.html into a ruber ducky script payload to infil into your target environment.
  • util\make-ducky-hex-string.py - Sometimes VDI's can be sensitive with capital letters and special characters, so same as above, but as hex.
  • util\decode-hex.html - Intended to be manually typed out on the target environment to decode the hex inserted by the above script.

License

Distributed under the MIT License. See LICENSE.txt for more information.

Contact

Project Link: https://github.com/hack3n/qr-exfil

Acknowledgments

About

A web-based no-fix (?) tool to exfiltrate data from restricted environments using QR codes.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages