Commit Graph

247 Commits (5f06649cd27bf137153179d1271f96c8f900567a)

Author SHA1 Message Date
Ben 941180d59a Added SudoBackdoor payload (#216)
* add SudoBackdoor patload

* fix readme

* fix readme 2

* fix readme 3

* add skip key for sc (ssh)
2017-05-12 11:55:40 +10:00
Mule Skinner bf063c1219 Added sFTP Directory Grabber payload (#215) 2017-05-11 19:24:33 +10:00
hacXsbix 6ea0d43662 Edited setkb.sh to restore to systems locale (#214)
the existing `get-Culture | Select -ExpandProperty Name` in `SETKB DONE` returned to en-GB by default
changed to `Get-WinSystemLocale | Select -ExpandProperty Name` to restore to the System Locale set by the User
2017-05-10 10:47:25 +10:00
Sebastian Kinne 4dbc20f972
Updated docs/readme.txt for firmware v1.3 2017-05-08 16:15:04 +10:00
Sebastian Kinne dd2013ef9d
Added newline into config.txt 2017-05-08 16:11:10 +10:00
Sebastian Kinne 7f44c67c17
Added CUCUMBER extension 2017-05-08 16:10:34 +10:00
hink 0eef84647e Updated psh_DownloadExec to v1.2 (#210)
* Powershell SMB Delivery

* fixed smbserver.py call

* Updated to use HID and RNDIS_ETHERNET at the same time. Upgraded to Golang webserver

* Removed binary
2017-05-03 14:17:19 -07:00
David d02d25d2b6 Add initial readme to UndercoverBunny (#211) 2017-05-02 19:02:05 -07:00
TheRoninRunner 4e55aae0ac Added WifiPass payload (#212)
* WifiPass payload

Based on the WiFiCreds payload, with a focus on WPA networks and wider OS scope.

* Lights

Solid rather than blinking

* Extra comment

* Update payload.txt

* Create readme.md

* Update readme.md

* Update payload.txt

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md
2017-05-02 19:00:44 -07:00
hink 4d9bfeedd3 Updated psh_DownloadExecSMB payload for fw v1.2 (#209)
* Powershell SMB Delivery

* fixed smbserver.py call

* Combined ATTACK MODES, improved SMB check

* version fix
2017-05-02 18:41:44 -07:00
Bry-fi 4165a2dda9 Updated browserData payload for firmware v1.1+ (#185)
* Fixed for 1.0 and 1.1

Fixed the payload for 1.0 but if you want it ported for 1.1, change line 38 to (LED M)

* Made 1.1 compatible.

Still need to examine Get-BrowserData.ps1
2017-05-02 02:26:32 +10:00
Sebastian Kinne d819b33afb
Moved extension folder out of the payload library folder 2017-05-01 12:14:54 +10:00
Sebastian Kinne 744165b31e
Added config.txt with default values and removed all references of DUCKY_LANG from existing payloads 2017-05-01 12:11:20 +10:00
Sebastian Kinne 415852c8f9
Remove superfluous DuckyInstall payload 2017-05-01 12:04:43 +10:00
David bf5beeefbe Added Bunny-Flip payload (#208)
* Create payload.txt

* Create README.md

* Added options

* Create README.md

* Create payload.txt

* Rename payloads/library/prank/README.md to payloads/library/prank/Bunny-Flip/README.md

* Delete README.md

* Delete payload.txt
2017-05-01 10:21:08 +10:00
jdetmold 33d62ff9e9 Added MacProfiler payload (#195)
* clean up loot

added sub folder so all files are not in root of loot folder

* MacProfiler

NewPayload for Profiling Mac systems

* Make DIR
2017-04-30 11:19:19 +10:00
SkiddieTech a11091c5c4 Added languages from ducktoolkit and added UACBypass payload (#193)
* UACBypass ported from ducky to bunny

* Forgot to set device as storage

* Improvment

* Updated for firmware 1.1

* Old

* languages from ducktoolkit
2017-04-30 11:13:18 +10:00
Nimrod levy 960bd207f9 Payload: Fixed stability issues and updated "MrRobot" for firmware v1.1 (#207) 2017-04-30 11:09:53 +10:00
RalphyZ 750d384df7 Updated payloads for fw v1.1 (#176)
* Mac Reverse Shell

Starts a terminal window on a Mac,then creates a bash reverse shell inside a script, s.sh.  It then runs the script in the background and closes the terminal window.

* Added variables for IP and Port of the Netcat Listener

For ease of use, variables were added at the top for the IP Address and Port of the Netcat Listener.  Change those values to your listener and no other edits should be needed.

* Added persistence (and a reason to have a dropper)

This payload creates a bash reverse shell inside a script and adds persistence by adding the script to the Mac Launch Agent at a user defined interval.

* Mac Reverse Shell

Starts a terminal window on a Mac,then creates a bash reverse shell inside a script, s.sh.  It then runs the script in the background and closes the terminal window.

* Added variables for IP and Port of the Netcat Listener

For ease of use, variables were added at the top for the IP Address and Port of the Netcat Listener.  Change those values to your listener and no other edits should be needed.

* Added persistence (and a reason to have a dropper)

This payload creates a bash reverse shell inside a script and adds persistence by adding the script to the Mac Launch Agent at a user defined interval.

* Fixed additional MacReverseShell

* Added readme.md files

* Added readme.md files

* Added readme.md

* Added readme.md files

* Added readme.md files

* Updated for firmware 1.1

* Updated for firmware 1.1

* Added ThemeChanger and updated for firmware 1.1

* Updated readme.md

* Updated for firmware 1.1 - using RUN command

* Fixed issues with the new RUN - reverted

* Fixed a few script problems

* removed binary and updated readme.md

* added a check for themepack

* edited themechanger readme

* updated readme.md and version
2017-04-29 08:49:35 +10:00
Alex Flores ca9e53c5a8 updates sMacAndGrab for bashbunny fw1.1 (#202) 2017-04-27 13:04:38 +10:00
Alex Flores 22cbf92a3b updates shellexec for bashbunny fw1.1 (#203) 2017-04-27 13:03:57 +10:00
SkiddieTech 9efc5e95a0 Added UACBypass payload (#191)
* UACBypass ported from ducky to bunny

* Forgot to set device as storage

* Improvment

* Updated for firmware 1.1

* Old
2017-04-20 10:55:56 +10:00
Sebastian Kinne 57aff92f82
Move setkb extension to correct folder 2017-04-18 16:51:35 +10:00
hink ca5d404dbe Added psh_DownloadExecSMB payload (#172)
* Powershell SMB Delivery

* fixed smbserver.py call
2017-04-17 10:19:49 +10:00
hkessel1 e06b42b328 Create Undercover Bunny
Undercover bunny is a Bash Bunny script that creates a wifi network when connected using the hosts internet connection.

Added LED's

Update Undercover Bunny

Rename Undercover Bunny to payload.txt

Moved UndercoverBunny into the correct payload folder
2017-04-17 10:00:18 +10:00
Biocow b40541f787 Updated Ducky Template for firmware v1.1 (#177)
* Updated for firmware version 1.1

Updated version number.
Updated LED status table.

* Update Ducky Template for firmware 1.1

Updated LED statuses
Updated language to DUCKY_LANG
removed 'source bunny_helpers.sh' and used 'GET SWITCH_POSITION' instead.

* Fix DUCKY_LANG vs. DUCK_LANG typo

Fix typo pointed out by Sebkinne

* Update payload.txt
2017-04-17 09:48:08 +10:00
elkentaro dc6e0a99ff Added an extension to overwrite the default keyboard layout to en-US (#167)
* Create setkb.sh

* Update setkb.sh

added a delay after the powershell to allow the execution of the powershell command.

* Update setkb.sh

Modified so that its even easier.

SETKB START will set the keyboard to a en-US keyboard layout.
SETKB DONE will reset the keyboard to the default layout based on the culture settings.
SET xx-XX will set the keyboard layout to whatever is specified as xx-XX
2017-04-16 21:16:45 +10:00
Sebastian Kinne b930b97baa
Moved PasswordGrabber into correct category 2017-04-16 19:07:52 +10:00
RazerBlade 2903a16d89 Added Password Grabber payload (#169)
* Add files via upload

* Update readme.md

* Update e.cmd

* Update payload.txt

Added 1.1 Firmware support

* Update e.cmd

Added Date and time functions and added some comments

* Delete laZagne.exe

* Update readme.md

Added support to Hak5 new guidelines

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md
2017-04-16 19:03:03 +10:00
TheRealNoob 1d95d9bfb8 Updated SMB_Exfiltrator payload to wait for port 445 (SMB) rather than ICMP Ping response (#173) 2017-04-16 18:57:02 +10:00
0xCoto 7c1a4a30f2 Updated SingleSecondShell for Bash Bunny v1.1 (#179) 2017-04-16 18:15:38 +10:00
Baur 2d651c75f0 Updated DumpCreds for bunny fw v1.1 (#168)
* DumpCreds Version 2.1
- new payload.txt special for BashBunny FW 1.1
- minor changes in main.ps1
- insert some code for debugging

* Updadet becaus new fork sync

* new payload.txt special for BashBunny FW 1.1
+ minor changes in main.ps1
+ insert some code for debugging
2017-04-16 16:03:02 +10:00
k1ul3ss 7534270a7a Added MacPDFExfil payload (#186) 2017-04-16 15:53:49 +10:00
GeneralBison 6cf19a1fdb Fixed typo in NotepadFun payload (#165)
DELY vs DELAY
(Look Mum, I'm helping!)
2017-04-10 17:42:25 +10:00
Darren Kitchen b4b23c04f1 Added file sync to smb_exfiltrator payload 2017-04-10 15:54:39 +10:00
Darren Kitchen bdcbc45c94 Updated smb_exfiltrator payload for Bash Bunny v1.1 2017-04-10 15:50:27 +10:00
Wesley 7f1172849b Updated LinuxReverseShell for BashBunny Fw v1.1 (#164) 2017-04-10 15:38:02 +10:00
Sebastian Kinne 85b1bc7aca
Cleanup: Sort payloads by category 2017-04-10 13:29:17 +10:00
Didier Stevens 288d90c60e Added InfiniteControl payload (#157)
Hit the CONTROL key every 10 seconds in an infinite loop, while blinking
the red LED with every keypress.
2017-04-10 12:31:31 +10:00
The10FpsGuy 100ccb0e63 Updated Notepad_Fun payload.txt to include target (#158) 2017-04-10 12:15:24 +10:00
Ben 32468087e1 Updated WindowsCookie for firmware v1.1 and fix powershell regex for Windows 7 (#161) 2017-04-10 12:11:33 +10:00
hink ce0c7d2dbd Updated QuickCreds payload for Bash Bunny v1.1 2017-04-10 12:06:04 +10:00
Nicholas Adamou 6e7292699b Updated GitBunnyGit to work with Firmware v1.1 (#145) 2017-04-10 12:00:00 +10:00
Dan Borges ca9e466ce7 Added MacPhish payload (#70)
* Adding the MacPhish payload, uses HID and STORAGE modes on BashBunny. For OS X, uses spotlight to launch terminal, then uses osascript command to phish for the users password, then saves the phished password back to the bashbunny.

* Update readme.md
2017-04-07 17:23:48 +10:00
Mohamed A. Baset 05f34b16ee Updated SmacAndGrab payload with more loot :)
More loot from https://github.com/Seekurity/BrowserCookieGrabber/blob/master/browserCookieGrabber.sh
2017-04-07 17:22:23 +10:00
Biocow de28cc7679 Updated MacInfoGrabber payload to remove superfluous newline (#74)
There was a line break on line 30 where in reads Chrome cookies and moves to BashBunny mass storage. Removed line break.
2017-04-07 17:20:12 +10:00
RazerBlade aaa246f714 Added PasswordGrabber payload
* Add files via upload

* Update readme.md

* Update e.cmd
2017-04-07 17:19:41 +10:00
ASarcasticGuy 6542907c6e Added FileInfoExfil payload (#76)
* Scan for files that contain a specific phrase and exfil info about them

* Delete FileInfoExfil

* Create FileInfoExfil

* Delete FileInfoExfil

* Scans system for files beginning with a specific phrase and exfils data from them

* Delete ducky_script.txt

* Delete p.bat

* Delete payload.txt

* Exfil file information to the loot folder

Exfiltrates file information of files that contain a specific phrase, including if it is a directory, the file path and file size (in KB) to the loot folder of the BashBunny.

* Delete p.ps1

* Add files via upload

* Create readme.md

* Delete readme.md

* Create readme.md

* Update payload.txt

* Update readme.md
2017-04-07 17:18:48 +10:00
zachstanford 217dee5249 Added Browser Data payload
* browserData

* Fix error
2017-04-07 17:16:18 +10:00
Eric fe70f7e5b4 Added MacGetUsers payload (#78) 2017-04-07 17:14:35 +10:00