From e11f9281cbb311ed7cff83e0a8c9f32353604227 Mon Sep 17 00:00:00 2001 From: 0iphor13 <79219148+0iphor13@users.noreply.github.com> Date: Fri, 8 Apr 2022 16:43:17 +0200 Subject: [PATCH] Updated ReadMe (#512) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Uploaded ReverseBunny Obfuscated reverse shell via powershell * Uploaded WifiSnatch Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇 * Update ReverseBunny.txt Changed payload to evade Windows Defender * Update payload.txt Added new "Eject Method" - props to Night(9o3) * Update README.md * Deleted ReverseBunny.txt Deleted because of higher risk to get caught by AV * Updated ReverseBunny to version 1.2 Updated ReverseBunny to version 1.2. - Deleted payload on disk because of AV - Added custom shell design * Updated ReverseBunny to version 1.2 Updated README for ReverseBunny update * Updated payload fixed some stupid left overs <3 * Uploaded pingUinBunny a reverse shell using icmp * Delete payloads/library/remote_access/switch1 directory * Uploaded pingUinBunny A reverse shell using icmp * Update README.md * Update README.md * Updated to PingZhell * Update Bunny.pl * Update README.md * Update README.md * Update payload.txt * Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl * Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1 * Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md * Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt * Update payload.txt * Update README.md * Update README.md * Update Bunny.pl * Created ProcDumpBunny Dump lsass.exe with a renamed version of procdump and get the users hashes with Mimikatz * Update README.md * Update payload.txt * Updated ReverseBunny Fixed wrong DELAY commands * Updated PingZhellBunny Fixed wrong DELAY commands * Updated WifiSnatch Fixed multiple mistakes * Uploaded HashDumpBunny Use your BashBunny to dump the user hashes of your target - similar to the msf post-module. The script was obfuscated with multiple layers, so don't be confused. If you don't trust this script, run it within a save testing space - which should be best practice anyways ;) * added example picture * Update README.md * Uploaded SessionBunny Utilize SessionGopher (Slightly modified) to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP. Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords. Afterwards decide which is important and what you want to save onto your BashBunny. * Uploaded SessionBunny Utilize the famous, here slightly modified SessionGopher script, to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP. Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords. Decide which inforamtion you wanna take with you - save it onto your BashBunny! * Update README.md * Delete SessionBunny directory * Uploaded MiniDumpBunny Dump lsass with this rewritten and for BashBunny adapted version of Powersploits Out-MiniDump. * Update README.md added disclaimer * Update README.md * Update README.md --- payloads/library/credentials/HashDumpBunny/README.md | 3 ++- payloads/library/remote_access/ReverseBunny/README.md | 10 +++++----- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/payloads/library/credentials/HashDumpBunny/README.md b/payloads/library/credentials/HashDumpBunny/README.md index f2b9c89a..b1460dd5 100644 --- a/payloads/library/credentials/HashDumpBunny/README.md +++ b/payloads/library/credentials/HashDumpBunny/README.md @@ -9,7 +9,8 @@ Version: 1.0 This payload will run an obfuscated script to dump user hashes. If you don't trust this obfuscated .bat file, you should run it within a save space first - which should be best practice anyways ;-) # - +**!Depending on your Windows version, this might not work as intended!** +# **Instruction:** Place BunnyDump.bat in the same payload switch-folder as your payload.txt diff --git a/payloads/library/remote_access/ReverseBunny/README.md b/payloads/library/remote_access/ReverseBunny/README.md index 7fced069..5cd530b3 100644 --- a/payloads/library/remote_access/ReverseBunny/README.md +++ b/payloads/library/remote_access/ReverseBunny/README.md @@ -1,14 +1,14 @@ -Title: ReverseBunny +**Title: ReverseBunny** Author: 0iphor13 -Version: 1.2 +Version: 1.3 -Getting remote access via obfuscated reverse shell. -Change the variables in payload.txt to your attacking maschine & start your listener. +

Getting remote access via obfuscated reverse shell.
+Change the variables in payload.txt to your attacking maschine & start your listener. (for example netcat: nc -lvnp [PORT] )

-Whats new in version 1.2? +Whats new in version 1.3? - Changed the whole payload - Added custom shell design