Commit Graph

525 Commits (659312b2ec040d32283fe42f793cf8a524e27047)

Author SHA1 Message Date
Overtime b5fd8b50fc
Add Mac Pass (#428)
* Added MacPass

* Update readme.md

Co-authored-by: Overtime <39917164+0vertime-dev@users.noreply.github.com>
2021-12-21 17:34:55 -06:00
cribb-it 39fd0e838c
New Payload - Excel QR Rickroll (#436)
* Add files via upload

* Update readme.md

* Update readme.md

* Update payload.txt

* Update readme.md

* fix rebase errors

* Fix for rebase

* Fix for fewer details

* Extensions: Add wait_for BTLE extensions

* Quick and Dirty PrintNightmare Payload (#432)

* New Payload

Added new PrintNightmare Payload (Quick and dirty)

* Fixed my potty mouth

I'm a child sometimes

* Renamed Payload

* PrintNightmare: Use SWITCH_POSITION in payload path

* Fixing a typo

Co-authored-by: Marc <foxtrot@malloc.me>

* Bugfix (#433)

* New Payload

Added new PrintNightmare Payload (Quick and dirty)

* Fixed my potty mouth

I'm a child sometimes

* Renamed Payload

* PrintNightmare: Use SWITCH_POSITION in payload path

* Fixing a typo

* Added Delays

Added some delays due to the fact that it was inconsistently reliable, occasionally it'd half type out the command. The delays have resolved the consistency issue on my end. Feel free to tweak as required.

* Amending Version Number

I'm a fool

* Updated Readme with proper credit

Co-authored-by: Marc <foxtrot@malloc.me>

* General Imrovements to PrintNightmare (#434)

* Housekeeping

Moved some of the QUACK Powershell commands into the juicybit.txt file for speed and ease of use.

* Update README.md

* More improvement

Added exit to the juicybits rather than using alt  and /noprofile to the run as

* Update README.md

Co-authored-by: Marc <foxtrot@realloc.me>

* New Payload - Excel QR Rickroll

Co-authored-by: Marc <foxtrot@malloc.me>
Co-authored-by: panicacid <steve@pcquicktips.net>
Co-authored-by: Marc <foxtrot@realloc.me>
2021-12-21 17:33:03 -06:00
cribb-it e1700bdc91
New payload - Replace Cursor (#437)
* New payload - Replace Cursor

* Added Cursor - follow the white rabbit

* Update Readme
2021-12-21 17:31:08 -06:00
cribb-it 8a7606aa0a
New Payload - Read It Out (#444) 2021-12-21 17:28:38 -06:00
TW-D 5d4367787f
SanDisk Wireless Stick Exfiltration (#445)
Uses the "SanDisk Wireless Stick" for files exfiltration.
1) Avoids "PowerShell Script Block Logging".
2) Hide "PowerShell" window.
3) Deletes Wi-Fi connection profiles in automatic mode, each deletion causes a disconnection.
4) Adds the profile for the "SanDisk Connect Wireless Stick" in automatic mode.
5) Checks whether the Wi-Fi interface is connected to the "SanDisk" and whether the gateway can be reached, if not, automatically starts again.
6) Exfiltration of the files via the HTTP channel.
2021-12-21 17:24:09 -06:00
cribb-it 49f7018bf3
New Payload - SSH Server (#451)
* New Payload - SSH Server

* Update Delay
2021-12-21 17:20:37 -06:00
cribb-it 73bf1c0c48
New Payload - Spinning Around (#452)
* New Payload - Spinning Around

* Update readme.md
2021-12-21 17:17:12 -06:00
saintcrossbow bb601883ef
New Exfiltration Payload: Smart Data Thief (#453)
* Exfiltrate using Windows utility SmartFileExtract

Script to find all files that a) have filenames with the word "pass" or "secret" in them or b) are standard .DOC files and copy them to loot. SmartFileExtract is used to kill the copy after 500 MBs and / or 90 seconds and will display the copy status using a fake install window.

Dependencies:
Binary (SmartFileExtract.exe) from https://github.com/saintcrossbow/SmartFileExtract

* New Exfiltration: Smart Data Thief

Timed exfiltration attack targeting high value data and WiFi creds. Highly configurable to start / stop attack using BLE beacons, create distraction when aborting attack, and full shutdown for removal after attack complete.

* Revolver BLE controlled multi-attack

New payload: Revolver - a multi option attack controlled by BLE beacons. Plug in Bash Bunny and choose your attack based on what you need in the field.
2021-12-21 17:11:50 -06:00
scaery 9e54726597
Original from scaery/ducked (#456)
* Create procdump.txt

* Create duck_code.txt

* Create run.ps1

* Create payload.txt
2021-12-16 11:52:13 -06:00
Hacksawfred3232 0414f0cfc7
New Payload/Tool: FICBunny (#471)
* Added FICBunny

* Added disclaimer regarding modifying /dev/nandg

* Add changes from Austin Spraggins + Some cleanup.

* Update readme.md
2021-12-16 11:50:56 -06:00
JustaProgrammer9 72d424232a
Bluetooth2 (#477)
* Bluetooth2

Bluetooth2 is a program that can use multiple triggers instead of waiting for just one and run different things depending on that trigger. Anyone willing to update it would be appreciated as it probably looks... not great.

* Update payload.txt

* Update payload.txt

* Update README.md
2021-12-16 11:48:02 -06:00
0iphor13 54505507b9
Updated ReverseBunny to version 1.2 (#475)
* Uploaded ReverseBunny

Obfuscated reverse shell via powershell

* Uploaded WifiSnatch

Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇

* Update ReverseBunny.txt

Changed payload to evade Windows Defender

* Update payload.txt

Added new "Eject Method" - props to Night(9o3)

* Update README.md

* Deleted ReverseBunny.txt

Deleted because of higher risk to get caught by AV

* Updated ReverseBunny to version 1.2

Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design

* Updated ReverseBunny to version 1.2

Updated README for ReverseBunny update

* Updated payload

fixed some stupid left overs <3
2021-12-06 20:08:42 +00:00
0iphor13 86c989f9a0
Updated ReverseBunny (#469)
* Uploaded ReverseBunny

Obfuscated reverse shell via powershell

* Uploaded WifiSnatch

Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇

* Update ReverseBunny.txt

Changed payload to evade Windows Defender

* Update payload.txt

Added new "Eject Method" - props to Night(9o3)

* Update README.md
2021-10-02 14:58:58 -05:00
xhico 78eb6e3828
Wallpaper Changer (#245) 2021-10-02 13:25:34 -05:00
HackingMark ee97a0820d
USB Exfiltration Payload with Win10 Fake Update V020821 (#455)
* USB Exfiltration Payload with Win10 Fake Update

This Payload exfiltrates defined files to the Bunny. While copying is in progress, it shows a Fake Win10 Update Screen and removes traces. When it's ready, the target machine is forced to reboot.

* Correction for the Key injection F11

* Create test

* Delete payloads/library/USB_Exfil_with_Fake_Update _and_force-reboot directory

* Create tst

* Add files via upload

* Delete tst

* Delete payloads/library/exfiltration/USB Exfil with Fake Update and force reboot directory
2021-09-30 17:08:02 -05:00
0iphor13 e79e39f95d
WifiSnatch (#468)
* Uploaded ReverseBunny

Obfuscated reverse shell via powershell

* Uploaded WifiSnatch

Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇
2021-09-24 12:41:15 -05:00
0iphor13 80c724ad99
Uploaded ReverseBunny (#464)
Obfuscated reverse shell via powershell
2021-09-10 20:36:12 +01:00
panicacid 8fa093b67e
New Payload Pineapple-Connect-Windows (#439)
* New Payload

Added new PrintNightmare Payload (Quick and dirty)

* Fixed my potty mouth

I'm a child sometimes

* Renamed Payload

* PrintNightmare: Use SWITCH_POSITION in payload path

* Fixing a typo

* Added Delays

Added some delays due to the fact that it was inconsistently reliable, occasionally it'd half type out the command. The delays have resolved the consistency issue on my end. Feel free to tweak as required.

* Amending Version Number

I'm a fool

* Updated Readme with proper credit

* Housekeeping

Moved some of the QUACK Powershell commands into the juicybit.txt file for speed and ease of use.

* Update README.md

* More improvement

Added exit to the juicybits rather than using alt  and /noprofile to the run as

* Update README.md

* Pineapple-Connect-Windows New Payload For Connecting Client To Pineapple AP / Any AP

Pineapple-Connect-Windows new Bashbunny payload for connecting target machine quickly and efficiently to your Pineapple AP or an AP of your choosing (and control!)

* Changed from RUN WIN to QUACK STRING

Changed from RUN WIN to QUACK STRING as I was having issues with the formatting, presume it needs wrapping in quotes or something but it just kept breaking. QUACK STRING works fine so meh

* Added command to cover traks at the end of the script

added a line of powershell to clean out the run registry key to hide any evidence of the script running

Co-authored-by: Marc <foxtrot@malloc.me>
Co-authored-by: Marc <foxtrot@realloc.me>
2021-09-09 14:45:26 -05:00
cribb-it 3fb08e01ae
New Payload - ANSI Sebs cow (#460)
* New Payload - ANSI Sebs cow

* Update Cow

* Making the cow symmetrical
2021-08-24 20:31:02 +01:00
9o3 605b7f1cab
New payload: HiveNightmare (#462)
Leverages CVE-2021–36934 to get SAM/SYSTEM/SECURITY hives.
2021-08-24 20:30:47 +01:00
emptyhen 9fdacee185
New Payload: Razer System Shell (#463)
Exploit Razer USA HID driver installation to System authority PowerShell. 
This is heavily based on Tweet by @_MG_ on 22nd Aug 2021 but modified to work with BashBunny
2021-08-24 20:30:24 +01:00
Darren Kitchen 9b86d8c991 cleaned up directory structure to match payloads.hak5.org 2021-08-24 10:04:24 -05:00
Darren Kitchen 1b042f6f2d Moved sFTP Directory Grabber payload to recon directory 2021-08-24 09:38:52 -05:00
9o3 1efd6a1116
ATNT update: working version (#461)
* Delete stage3.ps1

* Update ATNT to work as intended.

Update ATNT to work as intended. Requires reboot or logoff to fully register AT.

* Remove DONE file in cleanup.

Forgot to remove DONE file.  Now also makes sure this file does not exist before running.
2021-08-18 10:37:59 -05:00
TW-D 4f6cd4b54d
Execution - Get System (#446)
Disable "PowerShell" logging
Check if current process have "Administrator" privilege
Check "SeDebugPrivilege" policy
Retrieves the processes belonging to the "SYSTEM" account
For each system PID, test to obtain the "SYSTEM" account via the parent process
2021-08-16 07:43:01 -05:00
cribb-it 49dff6e659
Fixing my bad spelling (#457) 2021-08-12 15:32:45 +01:00
9o3 9c55288403
New payload ATNT; Ease of Access Assistive Technology (#454)
Uses Windows Ease of Access Assistive Technology (https://docs.microsoft.com/en-us/windows/win32/winauto/ease-of-access---assistive-technology-registration) 
to persistently run code with NT AUTHORITY\SYSTEM rights.
2021-08-11 09:47:17 -05:00
Darren Kitchen 66bc18cbe2
Added bluetooth geofence profiler payload 2021-08-07 11:39:24 -05:00
cribb-it 785e5d2a75
Various small fixes (#435)
* Add files via upload

* Update readme.md

* Update readme.md

* Update payload.txt

* Update readme.md

* fix rebase errors

* Fix for rebase

* Fix for fewer details
2021-07-06 20:02:27 +01:00
panicacid babdc72743
General Imrovements to PrintNightmare (#434)
* Housekeeping

Moved some of the QUACK Powershell commands into the juicybit.txt file for speed and ease of use.

* Update README.md

* More improvement

Added exit to the juicybits rather than using alt  and /noprofile to the run as

* Update README.md

Co-authored-by: Marc <foxtrot@realloc.me>
2021-07-05 16:36:42 +01:00
panicacid efb5f63ad8
Bugfix (#433)
* New Payload

Added new PrintNightmare Payload (Quick and dirty)

* Fixed my potty mouth

I'm a child sometimes

* Renamed Payload

* PrintNightmare: Use SWITCH_POSITION in payload path

* Fixing a typo

* Added Delays

Added some delays due to the fact that it was inconsistently reliable, occasionally it'd half type out the command. The delays have resolved the consistency issue on my end. Feel free to tweak as required.

* Amending Version Number

I'm a fool

* Updated Readme with proper credit

Co-authored-by: Marc <foxtrot@malloc.me>
2021-07-05 02:33:36 +01:00
panicacid 73ca91c3ba
Quick and Dirty PrintNightmare Payload (#432)
* New Payload

Added new PrintNightmare Payload (Quick and dirty)

* Fixed my potty mouth

I'm a child sometimes

* Renamed Payload

* PrintNightmare: Use SWITCH_POSITION in payload path

* Fixing a typo

Co-authored-by: Marc <foxtrot@malloc.me>
2021-07-05 01:27:46 +01:00
Marc 829a4db6b2
Extensions: Add wait_for BTLE extensions 2021-07-01 16:29:44 +01:00
cribb-it 8cd8d859cd
New Payload: Win_PoSH_WordReport, Fix typos in Win_PoSH_FakeLoginScreen (#431)
* Add files via upload

* Update readme.md

* Update payload.txt

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md

* Add files via upload

* Update readme.md

* Update readme.md

* Add Payload WIN_PoSH_HKU_RegBackUp

* Update readme.md

* Update payload.txt

* Change for admin shell

* Update readme.md

* Update payload.txt

* Update payload.txt

* Update readme.md

* Added payload WIN_PoSH_SaveSecurityHive

Added new payload to exfiltration that saves the HKLM security hive to the bunny

* Morse Code File Exfiltration

A bit pointless with limitation of morse code but I thought it was fun to create.

* Update readme.md

* Update for non-alphanumeric

* Update for timing

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md

* Update payload.txt

* New payload - Fake Login

Shows a fake version of the windows 10 login screen

* Update readme.md

* Changes to Fake Login Payload

* Changes to Fake Login

* Win_PoSH_FakeLogin: Changes to payload and readme

* New recon payload: Win_PoSH_WordReport

* Update fixed typo: Win_PoSH_WordReport
2021-04-30 17:02:21 +01:00
Marc 7a0d036b74
Win_PoSH_FakeLogin: Fix typo in LED command. 2021-04-24 01:31:18 +01:00
cribb-it 6375315a33
Update PoSH_Morsecode, Add Windows 10 Login Screen (#430)
* Add files via upload

* Update readme.md

* Update payload.txt

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md

* Add files via upload

* Update readme.md

* Update readme.md

* Add Payload WIN_PoSH_HKU_RegBackUp

* Update readme.md

* Update payload.txt

* Change for admin shell

* Update readme.md

* Update payload.txt

* Update payload.txt

* Update readme.md

* Added payload WIN_PoSH_SaveSecurityHive

Added new payload to exfiltration that saves the HKLM security hive to the bunny

* Morse Code File Exfiltration

A bit pointless with limitation of morse code but I thought it was fun to create.

* Update readme.md

* Update for non-alphanumeric

* Update for timing

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md

* Update payload.txt

* New payload - Fake Login

Shows a fake version of the windows 10 login screen

* Update readme.md

* Changes to Fake Login Payload

* Changes to Fake Login
2021-04-22 16:44:33 +01:00
cribb-it 27d63ad5a5
Morse Code File Exfiltration (#429)
* Add files via upload

* Update readme.md

* Update payload.txt

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md

* Add files via upload

* Update readme.md

* Update readme.md

* Add Payload WIN_PoSH_HKU_RegBackUp

* Update readme.md

* Update payload.txt

* Change for admin shell

* Update readme.md

* Update payload.txt

* Update payload.txt

* Update readme.md

* Added payload WIN_PoSH_SaveSecurityHive

Added new payload to exfiltration that saves the HKLM security hive to the bunny

* Morse Code File Exfiltration

A bit pointless with limitation of morse code but I thought it was fun to create.

* Update readme.md

* Update for non-alphanumeric

* Update for timing

* Update readme.md
2021-04-04 09:33:48 -07:00
Ian Costa e9916c88aa
Windows Powershell Local DNS Poisoning payload (#427)
* Created Powershell_Local_DNS_Poisoning payload

* Fixed README.md formatting
2021-01-11 08:43:00 -08:00
Darren Kitchen 5b234069f0
Added Single Character Quacker payload 2020-12-17 18:21:24 -08:00
cribb-it 3904f165d9
Added new payload WIN_PoSH_HKU_RegBackUp (#424)
* Add files via upload

* Update readme.md

* Update payload.txt

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md

* Add files via upload

* Update readme.md

* Update readme.md

* Add Payload WIN_PoSH_HKU_RegBackUp

* Update readme.md

* Update payload.txt

* Change for admin shell

* Update readme.md

* Update payload.txt

* Update payload.txt

* Update readme.md

* Added payload WIN_PoSH_SaveSecurityHive

Added new payload to exfiltration that saves the HKLM security hive to the bunny
2020-12-14 23:53:42 +00:00
Marc 3840f5330b
Jackalope: Small cleanup 2020-12-14 23:48:44 +00:00
Alex fc0fa47dcb
Jackalope: Update README to show Metasploit dependency.
Provided information on the dependency of Metasploit for the payload to work. 
Provided information on the installation of the tool accordingly.
2020-12-14 16:47:55 +01:00
Alex 6e0955fb2b
Update read.md
Change configuration description
2020-12-12 23:59:29 +01:00
cribb-it 5ccaa5562e
Add new prank payload (#419)
* Add files via upload

* Update readme.md

* Update payload.txt

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md

* Add files via upload

* Update readme.md

* Update readme.md
2020-07-13 14:54:57 -07:00
cribb-it 5548c0b1cd
Add hide-startbar payload (#418)
* Add files via upload

* Update readme.md

* Update payload.txt

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md
2020-06-29 09:53:18 -07:00
Darren Kitchen 3e3979221f
Update wait.sh 2020-06-09 10:16:15 -07:00
theofandato 27332a9f14
Use more standard LED commands (#415) 2020-05-07 11:33:30 -07:00
DavidHaintz 5d608972bc
Adding new payload Bash Bunny Manager (#411)
* Added bash bunny manager to repository

* Moved bash bunny manager into general folder
2020-03-14 20:13:00 -07:00
kuyaya 68621324d2
Add files via upload (#414) 2020-03-14 20:12:16 -07:00
Emil Albrecht da6251df9f Add NiceShutdown (#408)
* Added files

The payload.txt and the README.md have been added to the project!

* Updated Readme

The Readme file has been updatet.

* Added development status

The development status entry has been added to the list.

* Added header.

A header containing important information has been added.

* Made a joke

A joke has been made out of the Tested: No

* Completed InfoBox and added Configuring

The InfoBox is now a real box, and the Configuring section that is currently empty has been added.

* Added DUCKY_LANG notice.

In the configuration header, the sentence "You are required to change the DUCKY_LANG." has been added.

* Various changes.

Following changes have been made:
Removed the "Tested joke"
Setting the LED
Setting the Attackmode
Added configurationstuff
Added Setting up
Added the actual shutting down

* Changed development status.

The development status has been changed to "Actually quite done".

* Changed development status

* Added quality notice.

The standard notice for Emilius123 payloads "Emilius123 payloads. Quality made in Notepad since 2019." has been added.

* Changed category

The category has been changed from "Prank" to "Prank and Troll".

* Changed version

In the files README.md and payload.txt, the Version label has changed to
version 1.0

* Changed development status.

The development status has been changed from "Actually quite done" to
"1.0 done"

* Changed Status at FINISH LED

* Quality notice is now cursive

The quality notice is now in a cursive font.

* Added notice

The notice "Please give feedback in the Forum topic." has been added and surrounded nicely.

* Update README.md

* Forum topic is now cursive

* Added pull request

The sentence "Please give Feedback in the Forum topic." has been changed to "Please give Feedback in the Forum Topic and check out the Pull request.

* Update README.md

* Update README.md

* Added additional information.

To the README and the payload, the Description, Attackmode and used
Extensions have been added.

* Removed lines

* Removed empty lines
2019-11-05 19:47:47 -08:00
Mike Galvin f1bf173d22 Enable RDP, disable NLA, log network information. (#401) 2019-10-19 12:36:45 -07:00
Marc d67b95a220
Merge pull request #383 from SymbianSyMoh/master
Yet another but FASTER SMB Bruteforce payload for Bash Bunny
2019-07-12 01:11:16 +00:00
Mohamed A. Baset d36f90f26c
Update payload.txt 2019-07-11 19:33:28 -05:00
Mohamed A. Baset e889c414d5
Update payload.txt
Adding the payload header!
2019-07-11 17:58:20 -05:00
Mohamed A. Baset d387f4e185
Update payload.txt
Require tool "impacket"
2019-07-11 17:09:39 -05:00
Marc 08a71de1d8
Merge pull request #389 from hak5/jackalope-patch
Update Jackalope to remove references to RVM.
2019-07-10 21:26:02 +00:00
Marc 81dd9531bf
Jackalope: Fix typo in REQUIRETOOL function call. 2019-07-09 21:38:02 +01:00
Marc 9a6d515add
Jackalope: Un-comment REQUIRE_TOOL.
Starting with 1.6, a Metasploit tools package will be available.
2019-07-04 00:10:24 +01:00
Marc 947b08fc0f
Update Jackalope to remove references to RVM.
Starting with Firmware 1.6 and the Metasploit tools package, RVM will no longer be needed.
2019-07-04 00:08:01 +01:00
Foxtrot db87d0dc02 Set executable bit on extensions 2019-06-28 22:35:27 +01:00
Marc e2f848c6b0
Merge pull request #377 from TheDragonkeeper/ex-payloads
Create runpayload.sh
2019-06-28 21:13:42 +00:00
TheDragonkeeper 81317d83b1
Update runpayload.sh 2019-06-28 22:08:44 +01:00
TheDragonkeeper 066b7846da
Rename payload.sh to runpayload.sh 2019-06-28 22:03:48 +01:00
Marc 938fe29c94
Merge pull request #379 from TheDragonkeeper/chromeos
Chromeos Enrollment
2019-06-28 20:50:17 +00:00
Marc e82fb6166b
Merge pull request #347 from mathew-fleisch/master
Two Stage Mac Payload
2019-06-28 20:20:33 +00:00
Marc f9aadb0a4d
Merge pull request #339 from JamesCullum/master
Updated RaZ_ReverseShell
2019-06-28 00:25:07 +00:00
Marc 00b2ea8aa9
Merge pull request #340 from hink/master
[PAYLOAD UPDATE] psh_DownloadExec Update
2019-06-28 00:23:05 +00:00
Marc 0b9f7c0b47
Merge pull request #349 from TheG3ntl3man/patch-1
Adding Delay to Prank/Startup-Message
2019-06-28 00:15:21 +00:00
Marc b6af89dbdc
Merge pull request #360 from Atrolantra/master
Moved screen height and width to configurable options
2019-06-28 00:07:40 +00:00
Marc 2f23f34e6a
Merge pull request #367 from 0rion5/patch-4
Update for Info.ps1
2019-06-28 00:04:13 +00:00
Marc d3727bd899
Merge pull request #368 from 0rion5/patch-5
Update Info.ps1
2019-06-28 00:03:29 +00:00
Darren Kitchen aec718806e
Update payload.txt 2019-06-06 12:45:35 -07:00
Darren Kitchen 8dd4797e5d
Update payload.txt 2019-06-06 12:45:12 -07:00
Mohamed A. Baset 3980bab638
Critical fixes
I really missed the BB's original variable "$SWITCH_POSITION" since in my testing BB's payload I'm maintaining it in my code as: 

ORIGINAL_SWITCH="/root/udisk/payloads/$SWITCH_POSITION"

Thanks to @catatonicprime for offering the fix for this issue.
2019-06-01 02:22:45 -05:00
Mohamed A. Baset 6ee12332e5
Update userlist.txt 2019-06-01 02:03:17 -05:00
Mohamed A. Baset 0a407d0348
Update userlist.txt 2019-05-30 04:08:46 -05:00
Mohamed A. Baset 0068cfccd5
Update payload.txt 2019-05-30 04:01:38 -05:00
Mohamed A. Baset 072c659943
Update payload.txt 2019-05-30 03:44:12 -05:00
Mohamed A. Baset 92f1be3a52
A little nasty trick!
Sometimes the host name is the same as the username so we will add it to the username and the password wordlists automatically to be used during the brute force attack.
2019-05-30 01:43:13 -05:00
Mohamed A. Baset b3537e7a65
Update payload.txt 2019-05-30 00:55:17 -05:00
Mohamed A. Baset d9d741e828
Update readme.md 2019-05-30 00:54:11 -05:00
Mohamed A. Baset 0973bf25ec
Create payload.txt 2019-05-30 00:50:08 -05:00
Mohamed A. Baset fcb15af701
Update readme.md 2019-05-30 00:36:31 -05:00
Mohamed A. Baset ddffe360a4
Update readme.md 2019-05-30 00:35:55 -05:00
Mohamed A. Baset bb2c9c5bfd
Create mmcbrute.py 2019-05-30 00:31:56 -05:00
Mohamed A. Baset 4778effde3
Create README.md 2019-05-30 00:31:11 -05:00
Mohamed A. Baset 0ac9056917
Create LICENSE 2019-05-30 00:30:30 -05:00
Mohamed A. Baset fcac3b6d29
Create userlist.txt 2019-05-30 00:08:51 -05:00
Mohamed A. Baset 031a47b0d2
Create passlist.txt 2019-05-30 00:07:30 -05:00
Mohamed A. Baset d11515bf59
Create readme.md 2019-05-30 00:05:43 -05:00
Darren Kitchen 36e34feac4
Update payload.txt 2019-05-28 12:42:10 -07:00
Catatonic c282540f52 Clarying documentation based on user feedback. (#381) 2019-05-22 18:46:59 -07:00
Catatonic f171837db2 Add Jackalope (#380)
* Adding Jackalope, a Bunny+Metasploit chimera project.

* Fixing inaccurate documentation.

* Generate the password entry payload on the alternate switch.

* Additional documentation concerning alternate payload mechanism.

* Branding

* Update readme.md

* rearchitecting payload to be independent. No longer overwrites alternate payload location. Uses WAIT interface to interact with the tester to reuse a password, clear the password, and re-attack the machine.
2019-05-22 16:53:59 -07:00
TheDragonkeeper ca22f20b53
Update payload.txt 2019-04-20 04:48:38 +01:00
TheDragonkeeper d22c2481a0
Update Readme.md 2019-04-20 04:46:02 +01:00
TheDragonkeeper 63c62a4871
Update Readme.md 2019-04-20 04:34:31 +01:00
TheDragonkeeper 81b4e060c8
Update Readme.md 2019-04-20 04:33:15 +01:00
TheDragonkeeper a9b191045b added all auth options 2019-04-20 03:59:41 +01:00
TheDragonkeeper bed7de2cd4
Update payload.sh 2019-04-08 19:16:09 +01:00
TheDragonkeeper f573cb9b0b
Create payload.sh 2019-04-08 18:43:01 +01:00
TheDragonkeeper cda2430080 ChromeOS Enrolment Payload 2019-04-06 03:14:38 +01:00
Kamots 6760498c27 Created waiteject.sh to wait on USB storage eject. (#374) 2019-03-29 15:03:54 -07:00
Darren Kitchen 7c8fbf0f41
Extension by Raf 2019-03-26 18:28:18 -07:00
G4te-Keep3r 502576d7ed Made ALTCODE-TRANSCODER. (#373)
* Response to Hak5 2506

* A random 'e' ended up on line 58.

Line is blank now like it is supposed to be.

* Created readme

STAGE2 made more sense when it was STAGE1/STAGE2, but the transcoding is a special stage and the typing is stage 2 since the transcoding had to be done first.
2019-02-13 12:41:46 -08:00
Darren Kitchen b1309229cc
Added ALTCODE demo payload 2019-02-06 18:19:47 -08:00
Darren Kitchen d341068548
Added dropbox exfiltrator PoC payload 2019-01-30 12:17:55 -08:00
Rosius Yves 0ee25f8d0d Update payload.txt (#365)
Some more shortening. Only 183 characters!

powershell -w h "$p=$home+'\b.jpg';iwr h4k.cc/b.jpg -O $p;SP 'HKCU:Control Panel\Desktop' WallPaper $p;1..59|%{RUNDLL32.EXE USER32.DLL,UpdatePerUserSystemParameters ,1 ,True;sleep 1}"

* Omit http:// from URI
* powershell -w h to start a hidden powershell windows
* set variable $p for later re-use (saves characters)
* Omit -Uri and redundant characters in -Outfile (-O)
 switches
* 1..59|% to create a loop for 60 seconds
* use $home as directory
2019-01-22 23:24:56 -08:00
Darren Kitchen 0273c87be2
Added key code spammer test payload 2019-01-22 23:22:21 -08:00
0rion fed24a87b4
Update Info.ps1
Gets COM& Serial Device PID&VID if doing a walk about and want to collect info on HID/PID&VID + MI for future use. just a thought
#Get - Com & Serial Devices
$COMDevices = Get-Wmiobject Win32_USBControllerDevice | ForEach-Object{[Wmi]($_.Dependent)} | Select-Object Name, DeviceID, Manufacturer | Sort-Object -Descending Name | Format-Table

"COM & SERIAL DEVICES"
"==================================================================" + ($COMDevices | Out-String)
""
2019-01-17 19:29:40 -07:00
0rion 9777ae0fee
Update for Info.ps1
Removes all Variables created during the session. I noticed my version of PS was storing them between simulated attacks. so removing them entirely was my resolve.

Remove-Variable -Name computerPubIP,
computerIP,IsDHCPEnabled,Network,Networks, 
computerMAC,computerSystem,computerBIOS,computerOs,
computerCpu, computerMainboard,computerRamCapacity,
computerRam,driveType,Hdds,RDP,WLANProfileNames,WLANProfileName,
Output,WLANProfileObjects,WLANProfilePassword,WLANProfileObject,luser,
process,listener,listenerItem,process,service,software,drivers,videocard,
vault -ErrorAction SilentlyContinue -Force
2019-01-17 19:21:02 -07:00
Darren Kitchen 9687a8d830
Added cross platform lockout payload 2019-01-16 17:57:32 -08:00
Darren Kitchen d386f07d8e
Added wallpaper prank payload re: Hak5 episode 2502 2019-01-09 10:58:36 -08:00
Darren Kitchen 820576a103
Updated title 2019-01-01 14:37:25 -08:00
Darren Kitchen e61d58d488
Added the cross platform continuous locker payload 2019-01-01 14:36:44 -08:00
Eric Briese e0c355da0a Changed options to be in payload.txt per best practices 2018-12-29 22:51:23 +10:00
Eric e527ab16a5
Moved screen height and width to config file. 2018-12-29 22:27:19 +10:00
TheG3ntl3man aac697e89a
Adding Delay
You must add a delay after RUN WIN cmd or it won't always write on the cmd
2018-08-05 10:33:50 -04:00
Mathew Fleisch ae176d1d14
Two stage mac (#2)
* Add init payload files
* Unhide hidden files after copy. bug fixes
* update readme
2018-07-07 12:32:44 -07:00
Mathew Fleisch 33b71367c4 Bring up to date 2018-06-23 08:01:42 -07:00
metalkey ee48a74dc6 Added readme (#337)
Updated author details
2018-06-04 13:31:43 +10:00
golem445 9fab25740d Bunnyhound and Quickdraw added (#343)
* Add files via upload

Initial payload

* Add files via upload

Initial payload
2018-05-20 14:23:53 -07:00
golem445 be78dafbfc Add files via upload (#342) 2018-05-20 11:29:10 -07:00
root 989be5976a update powershell run line and fix complete check 2018-05-10 13:07:22 -05:00
root e984278d66 Merge remote-tracking branch 'upstream/master' 2018-05-07 09:35:47 -05:00
James Cullum (Pseudonym) 33ba79d692 Updated RaZ_ReverseShell
- Clean up traces
- Bugfixes on newer firmware
- Improved documentation
- Fake hardware identifier
- Added persistence via autostart
- Disconnect on end
2018-04-16 22:57:50 +02:00
metalkey 65d652a15c Add Hershell Encrypted Reverse shell payload (#335) 2018-04-11 21:21:40 +10:00
Darren Kitchen 032061688d
WAIT extension pauses until switch position changes 2018-01-30 22:10:24 -08:00
Aidan Holland 4df763c4a4 Update mac_happy extension (#319) 2018-01-31 09:17:56 +11:00
Aidan Holland 38a7460fe6 Update GET TARGET_OS so it works with AUTO_ETHERNET (#320) 2018-01-31 09:17:09 +11:00
Tudor Gheorghiu 9011db7fae Update unicorn readme.md (#302) 2018-01-28 10:27:46 +11:00
Alex Flores 6345354375 Added chrome extension installer payload (#315)
- uses new AUTOETHERNET attackmode
 - uses new GET TARGET_OS functionality
 - uses new DEBUG function
 - uses new MAC_HAPPY extension
2018-01-28 10:26:53 +11:00
Alex Flores 65ad5f6e89 fixes mac_happy extension (#313)
- fixes state leakage of `command` variable by removing it
 - remove unecessary use of forked processes/sub-commands
 - combine input validation conditionals
 - match the standard of existing extensions of exporting function
   names as all caps
 - bump version number
2018-01-28 10:25:55 +11:00
bg-wa 920ff7fa67 New options for optical exfil payload (#317) 2018-01-28 10:24:58 +11:00
bg-wa 81e6d536dd Added Optical Exfiltration Payload (#316) 2018-01-27 15:47:39 +11:00
Alex Flores b37aed0edc fixes debug extention (#312)
- resolve sytax errors with variable declarations
 - resolve misuse of command substition / variabl dereferencing
 - internal functions were being called before being declared
 - remove superfluous file existence checks
2018-01-24 06:12:30 +11:00
KeenanV 7f902403d4 Persistent Reverse Shells for MacOS and Windows 10 (#306) 2018-01-22 10:39:14 +11:00
c64whiz a998f5c86c Add random interval to InfiniteControl payload (#310) 2018-01-22 10:38:38 +11:00
Jonathan Debétaz 940dc09043 Payload updates (#309) 2018-01-15 15:36:49 +10:00
bg-wa 650772e9e4 Added debug extension (#155) 2018-01-10 08:22:29 +10:00
root d978800874 merge upstream 2017-12-19 13:29:12 -06:00
Thorsten Sick f8a442e66d Proof-of-concept added: EICAR of bash bunny HID simulation for Linux (#298) 2017-12-12 19:12:36 +11:00
danthegoodman1 6fa5887aae Addition of Exfiltration payload (#300) 2017-12-12 19:11:25 +11:00
Thorsten Sick fae8746466 Added "Info Grabber for Linux" payload (#299) 2017-12-08 07:13:14 +11:00
saintcrossbow 08c24c4389 Added SmartFileExtract payload (#296) 2017-11-27 12:16:17 +11:00
Trae Horton 53cf608b7f Add BlueTeamPCAudit payload (#261) 2017-11-23 06:32:45 +11:00
Wesley a48d9e2a61 Updated "Linux Reverse Shell" to v1.2 (#262) 2017-11-22 09:59:18 +11:00
Michael Weinstein 00cee07ec0 Added "Bushings blue turtle" payload (#263) 2017-11-22 09:54:02 +11:00
Prodicode e0abae7179 Added Powershell injection script with Unicorn payload. (#288) 2017-11-22 09:51:59 +11:00
illwill 3a1b26e9c4 Violation of CoC (#294)
* removed due to Code Of Conduct

* removed due to violation of Code of Conduct

* Delete md.ps1

* Delete p.ps1

* violation of coc

* Delete server.py

* violation of coc

* Delete payload.txt

* Delete readme.md

* Delete payload.txt


 Deleted due to CoC. 
 please see original code 
 https://github.com/xillwillx/BashBunny

* Delete readme.md


 Deleted due to CoC. 
 please see original code 
 https://github.com/xillwillx/BashBunny

* Delete readme.md


 Deleted due to CoC. 
 please see original code 
 https://github.com/xillwillx/BashBunny

* Delete payload.txt


 Deleted due to CoC. 
 please see original code 
 https://github.com/xillwillx/BashBunny

* Delete readme.md


 Deleted due to CoC. 
 please see original code 
 https://github.com/xillwillx/BashBunny

* Delete RR.ps1


 Deleted due to CoC. 
 please see original code 
 https://github.com/xillwillx/BashBunny

* Delete background.mp3


 Deleted due to CoC. 
 please see original code 
 https://github.com/xillwillx/BashBunny

* Delete payload.txt


 Deleted due to CoC. 
 please see original code 
 https://github.com/xillwillx/BashBunny

* Delete readme.md


 Deleted due to CoC. 
 please see original code 
 https://github.com/xillwillx/BashBunny

* Delete Sherlock.ps1


 Deleted due to CoC. 
 please see original code 
 https://github.com/xillwillx/BashBunny

* Delete payload.txt


 Deleted due to CoC. 
 please see original code 
 https://github.com/xillwillx/BashBunny

* Delete readme.md


 Deleted due to CoC. 
 please see original code 
 https://github.com/xillwillx/BashBunny
2017-11-20 23:23:52 -08:00
danielgohlke dbae32c86d Update win93 prank payload (#291)
Removed usage fixed browsers and added commands to use the default system browser
2017-11-20 14:21:15 +11:00
Mikee 69cd48ee05 Added Startup-Message payload (#260) 2017-11-20 14:20:16 +11:00
ReshephTheGray d65380bd94 New payload GetServicePerm (#290) 2017-11-20 14:16:56 +11:00
RazerBlade f97b75983d Updating PasswordGrabber to make it more easily understandble (#293) 2017-11-20 14:15:12 +11:00
fratervi fc0b43a403 Added Lock PC prank payload (#282) 2017-10-27 09:46:37 +11:00
Sebastian Kinne f8c2edc325 Ensure all extensions are executable 2017-10-27 08:57:48 +11:00
Sebastian Kinne e866ad438b Ensure 'GET TARGET_OS' has access to TARGET_IP 2017-10-27 08:57:22 +11:00
dbuttars12 763639b305 Add win support for prank 93 (#264) 2017-10-26 14:34:04 +11:00
DannyK999 060d5744b0 Updated InfoGrabber payload (#279) 2017-10-26 11:38:08 +11:00
Andre Santos c58e10dcab Add RevShellBack payload (#265) 2017-10-26 07:06:13 +11:00
TheDragonkeeper b894aa5842 Ensure TARGET_OS is exported (#280) 2017-10-26 06:59:25 +11:00
Aidan Holland 5a77792c1d Update and fix payloads (#277)
* Updated all Payloads for Version 1.2+

Fixed Style Issues on extensions and payloads.
Added GET TARGET_OS to get.sh
Removed and Fixed all uses ducky_helper.sh (Issue #248)
Removed all mention of DUCKY_LANG (Issue #248)
Renamed Payloads with spaces in name
Added an extension to keep Macs Happy
Added a payload for Mac DNS poisoning
Fixed Issue #271 changed wget to curl -o
Implemented PR #268
Implemented PR #273

* Fixed e.cmd

* Fix e.cmd pt2

* Fixed Issues

Fixed issues pointed out by @sebkinne
Fixed styling errors
2017-10-25 11:10:17 +11:00
Hink 91c7c2276f cleaned up and extended 2017-10-11 11:42:03 -05:00
Darren Kitchen c0ab8d3e88 Fixed RNDIS typo in Win93 Prank (#259) 2017-09-28 17:38:47 +10:00
James Coates 01dd281e4f Update PasswordGrabber payload (#246)
Fixed issue where script would not work before 10 AM, puts in a space which makes the path broken.
2017-09-12 16:22:29 +10:00
Mohamed A. Baset ddcd785deb Metasploit Autopwn Bash Bunny Payload (#242) 2017-09-08 09:18:44 +10:00
Didier Stevens cb706bcacc New version of InfiniteControl (#243)
Changed LED colors, added BREAK.
2017-09-08 09:17:44 +10:00
Layer8Err 61793e6f0b Added Windows NIC Sharing payload (#233)
Bash Bunny payload for setting up Internet Sharing with Windows 10
2017-08-15 11:23:19 +10:00
jafahulo 761dd0e433 Add macDesktop prank (#236)
* Add macDesktop prank

Runs a script in background that will download pictures of my little pony (or whatever else you'd like, just change the urls to the pictures) and randomly sets that as their desktop background every 45 minutes - 5 hours. You can change number in for loop to decide how many times it will change their background.

https://forums.hak5.org/topic/41605-payload-macwallpaper/

* Update readme

* Save process Id as file name to /tmp

Save process Id as file name to /tmp so that you can easily kill the prank if someone is screaming at you.
2017-08-15 10:59:04 +10:00
InvaderSquibs 3c2dd4ac1e Added stickyBunny payload (#232) 2017-07-24 14:00:33 -07:00
DavidSpek 6a9134d84b Added Simple Hosts DNS Spoofing payload (#223)
* Local hosts DNS spoofing attack

This is a simple hosts DNS spoofin attack, where the target gets redirected to a set IP when going to a certain website.

* Create README.md

* Update README.md
2017-07-10 07:34:00 +10:00
Johan Moritz 691f7e5bc9 Fixed errors in public IP address command (#226)
When no Internet connection is available the command runs into an error:
"The remote name could not be resolved: 'ipinfo.io'"
Fixed this with a try and catch block

The command also runs into an error when Internet Explorer was never started.
"Invoke-WebRequest : The response content cannot be parsed because the Internet Explorer engine is not available, or Internet Explorer's first-launch configuration is not complete. Specify the
UseBasicParsing parameter and try again"
Fixed this with the -UseBasicParsing parameter
2017-07-10 07:30:55 +10:00
RalphyZ 113e35c736 Fixed a couple of bugs in payloads (#230) 2017-07-10 07:29:38 +10:00
Tristan Mahé 80d622e16e Added Win93 prank payload (#231)
* win93 payload initial release

* readme.md: added TODO

* payload.txt: corrected the command, no need to escape everything

* initial windows support
2017-07-10 07:28:11 +10:00
Murty007 0f83db10f5 Added payload to analyse users .lnk files (#228)
* Add files via upload

* Add files via upload
2017-07-10 07:27:22 +10:00
Zac fd0a0d0f6f Update Gitbunnygit README.md (#221)
Updated the tail command listed to monitor progress to point to the git log used in the script.
2017-06-01 14:04:54 +10:00
subinacls a487d0a5db Added JavaScript Reverse Meterpreter payload (#217)
* Create JSRevMeter

* Update JSRevMeter

* Update JSRevMeter

* Update JSRevMeter

* Update JSRevMeter

* Update JSRevMeter

* Update JSRevMeter

* Update JSRevMeter

* Update JSRevMeter

final version before pull request

* Update JSRevMeter

* Update JSRevMeter

* Update JSRevMeter

had to chop up the shellcode so it would echo properly to file, overly long strings terminated premature

* Create Readme.md

* Update Readme.md

* Update Readme.md

* Update Readme.md

* Update Readme.md

* Update JSRevMeter

* Update Readme.md

* Update Readme.md

* Update Readme.md

* Rename JSRevMeter to payload.txt
2017-05-18 14:56:15 +10:00
Kyle Hoehn 9c527c29c4 Added USB Intruder payload (#220)
* USB Intruder

Initial upload of the USB Intruder v1.1

Tested on Windows 7 and Windows 10.

* USB Intruder

Updated Readme.

Forgot to add a line.

* Update...again...

Added link for forum comments/discussion.

* USB Intruder

USB Intruder v1.1 Commit.
2017-05-18 14:52:54 +10:00
hink 9eed215260 Update psh_downloadexec to use proper gohttp path (#219) 2017-05-18 09:55:02 +10:00
Ben 941180d59a Added SudoBackdoor payload (#216)
* add SudoBackdoor patload

* fix readme

* fix readme 2

* fix readme 3

* add skip key for sc (ssh)
2017-05-12 11:55:40 +10:00
Mule Skinner bf063c1219 Added sFTP Directory Grabber payload (#215) 2017-05-11 19:24:33 +10:00
hacXsbix 6ea0d43662 Edited setkb.sh to restore to systems locale (#214)
the existing `get-Culture | Select -ExpandProperty Name` in `SETKB DONE` returned to en-GB by default
changed to `Get-WinSystemLocale | Select -ExpandProperty Name` to restore to the System Locale set by the User
2017-05-10 10:47:25 +10:00
Sebastian Kinne 7f44c67c17
Added CUCUMBER extension 2017-05-08 16:10:34 +10:00
hink 0eef84647e Updated psh_DownloadExec to v1.2 (#210)
* Powershell SMB Delivery

* fixed smbserver.py call

* Updated to use HID and RNDIS_ETHERNET at the same time. Upgraded to Golang webserver

* Removed binary
2017-05-03 14:17:19 -07:00
David d02d25d2b6 Add initial readme to UndercoverBunny (#211) 2017-05-02 19:02:05 -07:00
TheRoninRunner 4e55aae0ac Added WifiPass payload (#212)
* WifiPass payload

Based on the WiFiCreds payload, with a focus on WPA networks and wider OS scope.

* Lights

Solid rather than blinking

* Extra comment

* Update payload.txt

* Create readme.md

* Update readme.md

* Update payload.txt

* Update readme.md

* Update readme.md

* Update readme.md

* Update readme.md
2017-05-02 19:00:44 -07:00
hink 4d9bfeedd3 Updated psh_DownloadExecSMB payload for fw v1.2 (#209)
* Powershell SMB Delivery

* fixed smbserver.py call

* Combined ATTACK MODES, improved SMB check

* version fix
2017-05-02 18:41:44 -07:00
Bry-fi 4165a2dda9 Updated browserData payload for firmware v1.1+ (#185)
* Fixed for 1.0 and 1.1

Fixed the payload for 1.0 but if you want it ported for 1.1, change line 38 to (LED M)

* Made 1.1 compatible.

Still need to examine Get-BrowserData.ps1
2017-05-02 02:26:32 +10:00
Sebastian Kinne d819b33afb
Moved extension folder out of the payload library folder 2017-05-01 12:14:54 +10:00
Sebastian Kinne 744165b31e
Added config.txt with default values and removed all references of DUCKY_LANG from existing payloads 2017-05-01 12:11:20 +10:00
Sebastian Kinne 415852c8f9
Remove superfluous DuckyInstall payload 2017-05-01 12:04:43 +10:00
David bf5beeefbe Added Bunny-Flip payload (#208)
* Create payload.txt

* Create README.md

* Added options

* Create README.md

* Create payload.txt

* Rename payloads/library/prank/README.md to payloads/library/prank/Bunny-Flip/README.md

* Delete README.md

* Delete payload.txt
2017-05-01 10:21:08 +10:00
jdetmold 33d62ff9e9 Added MacProfiler payload (#195)
* clean up loot

added sub folder so all files are not in root of loot folder

* MacProfiler

NewPayload for Profiling Mac systems

* Make DIR
2017-04-30 11:19:19 +10:00
Nimrod levy 960bd207f9 Payload: Fixed stability issues and updated "MrRobot" for firmware v1.1 (#207) 2017-04-30 11:09:53 +10:00
RalphyZ 750d384df7 Updated payloads for fw v1.1 (#176)
* Mac Reverse Shell

Starts a terminal window on a Mac,then creates a bash reverse shell inside a script, s.sh.  It then runs the script in the background and closes the terminal window.

* Added variables for IP and Port of the Netcat Listener

For ease of use, variables were added at the top for the IP Address and Port of the Netcat Listener.  Change those values to your listener and no other edits should be needed.

* Added persistence (and a reason to have a dropper)

This payload creates a bash reverse shell inside a script and adds persistence by adding the script to the Mac Launch Agent at a user defined interval.

* Mac Reverse Shell

Starts a terminal window on a Mac,then creates a bash reverse shell inside a script, s.sh.  It then runs the script in the background and closes the terminal window.

* Added variables for IP and Port of the Netcat Listener

For ease of use, variables were added at the top for the IP Address and Port of the Netcat Listener.  Change those values to your listener and no other edits should be needed.

* Added persistence (and a reason to have a dropper)

This payload creates a bash reverse shell inside a script and adds persistence by adding the script to the Mac Launch Agent at a user defined interval.

* Fixed additional MacReverseShell

* Added readme.md files

* Added readme.md files

* Added readme.md

* Added readme.md files

* Added readme.md files

* Updated for firmware 1.1

* Updated for firmware 1.1

* Added ThemeChanger and updated for firmware 1.1

* Updated readme.md

* Updated for firmware 1.1 - using RUN command

* Fixed issues with the new RUN - reverted

* Fixed a few script problems

* removed binary and updated readme.md

* added a check for themepack

* edited themechanger readme

* updated readme.md and version
2017-04-29 08:49:35 +10:00
Alex Flores ca9e53c5a8 updates sMacAndGrab for bashbunny fw1.1 (#202) 2017-04-27 13:04:38 +10:00
Alex Flores 22cbf92a3b updates shellexec for bashbunny fw1.1 (#203) 2017-04-27 13:03:57 +10:00
SkiddieTech 9efc5e95a0 Added UACBypass payload (#191)
* UACBypass ported from ducky to bunny

* Forgot to set device as storage

* Improvment

* Updated for firmware 1.1

* Old
2017-04-20 10:55:56 +10:00
Sebastian Kinne 57aff92f82
Move setkb extension to correct folder 2017-04-18 16:51:35 +10:00
hink ca5d404dbe Added psh_DownloadExecSMB payload (#172)
* Powershell SMB Delivery

* fixed smbserver.py call
2017-04-17 10:19:49 +10:00
hkessel1 e06b42b328 Create Undercover Bunny
Undercover bunny is a Bash Bunny script that creates a wifi network when connected using the hosts internet connection.

Added LED's

Update Undercover Bunny

Rename Undercover Bunny to payload.txt

Moved UndercoverBunny into the correct payload folder
2017-04-17 10:00:18 +10:00