Not unlike the previous post, PowerShell Data Exfil, this is another example of how we would move data outside the network using email.  This time, we're using a simple Bash script that base64 encodes the data, calls Sendmail, and exfiltrates the data to a Gmail account.  By default, Gmail will not allow what it considers "less secure apps" to send data but a simple flip of the switch will solve that issue.  As a final point, we're obviously not confined to using Gmail, I would suggest using a provider that supports TLS rather than sending this over port 25. 

In Gmail, we "Allow less secure apps" :


-f From
-u Subject
-t To
-s Server
-o Options
-xu Username
-xp Password
-m Message

We give our script execute permissions and then we execute it -- the result:

We dump the base64 into a file, decode it, unzip it:

And we successfully exfil data using Gmail.