* Create setkb.sh
* Update setkb.sh
added a delay after the powershell to allow the execution of the powershell command.
* Update setkb.sh
Modified so that its even easier.
SETKB START will set the keyboard to a en-US keyboard layout.
SETKB DONE will reset the keyboard to the default layout based on the culture settings.
SET xx-XX will set the keyboard layout to whatever is specified as xx-XX
* DumpCreds Version 2.1
- new payload.txt special for BashBunny FW 1.1
- minor changes in main.ps1
- insert some code for debugging
* Updadet becaus new fork sync
* new payload.txt special for BashBunny FW 1.1
+ minor changes in main.ps1
+ insert some code for debugging
* Adding the MacPhish payload, uses HID and STORAGE modes on BashBunny. For OS X, uses spotlight to launch terminal, then uses osascript command to phish for the users password, then saves the phished password back to the bashbunny.
* Update readme.md
* Scan for files that contain a specific phrase and exfil info about them
* Delete FileInfoExfil
* Create FileInfoExfil
* Delete FileInfoExfil
* Scans system for files beginning with a specific phrase and exfils data from them
* Delete ducky_script.txt
* Delete p.bat
* Delete payload.txt
* Exfil file information to the loot folder
Exfiltrates file information of files that contain a specific phrase, including if it is a directory, the file path and file size (in KB) to the loot folder of the BashBunny.
* Delete p.ps1
* Add files via upload
* Create readme.md
* Delete readme.md
* Create readme.md
* Update payload.txt
* Update readme.md
* added wifi grabber and windows meterpreter staged payload
* created details and updated content of payloads - ready for publication to hak5 bash bunny scripts
* created details and updated content of payloads - ready for publication to hak5 bash bunny scripts
* Added a rename file
* added the rename file
* Mac Reverse Shell
Starts a terminal window on a Mac,then creates a bash reverse shell inside a script, s.sh. It then runs the script in the background and closes the terminal window.
* Added variables for IP and Port of the Netcat Listener
For ease of use, variables were added at the top for the IP Address and Port of the Netcat Listener. Change those values to your listener and no other edits should be needed.
* Added persistence (and a reason to have a dropper)
This payload creates a bash reverse shell inside a script and adds persistence by adding the script to the Mac Launch Agent at a user defined interval.
* InfoGrabber by MrSnowMonster - Version 1.0
A payload that collects information about a wndows computer and places it in a textfile.
* Update readme.md
* Update readme.md
* Update readme.md
* Update readme.md
* Update readme.md
* Update readme.md
* Update readme.md
* Update readme.md
* Update readme.md
* Update readme.md
* Update readme.md
* Update readme.md
* Version 1.1
* Update info.ps1
Added some mor informations and repaired "0123"
Testen on Win10
* Update 2
added windows passwords
* Update 1.1
Updated
* Initial commit
HID Powershell attack to dump WiFiCreds
* Update readme.md
* changed initial LED blink color to white
* Changed initial LED color to white
* Changed initial LED Color to white
* swapped sync before LED
* switched from powershell to batch
* Update payload.txt
* using powershell again , updated version and LEDs
* using powershell, added usb eject, Win 7,8,10
* added window resizing to hide payload typing
* Update payload.txt
* pull request
* BrowserCreds Pull
* separate powershell script called from payload
also added result detection
* update LEDs
* Update payload.txt
* initial commit
* Update payload.txt
* initial pull
* initial commit
* BlackBackup
BlackBackup is a Powershell (and thus Windows) backup script that is easy to configure. Make quick backups of files, the registry, passwords, WiFi Keys, SAM database etc. and save them to the BashBunny. This is a HID + STORAGE attack. Now, let's eat some carrots!
* Update credentials.ps1
* Created payload to shell an amazon fire tv
The payload performs keyboard emulation in order to enable ADB and unknown sources on the target FireTV. Once this is completed the payload then installs a payload.apk file via ADB and then runs it.
* Created readme
* Add files via upload
Init of DumpCreds 2.0
Dumps the usernames & plaintext passwords from
- Browsers (Crome, IE, FireFox)
- Wifi
- SAM Hashes
- Mimimk@tz Dump
- Computerinformation (Hardware Info, Windows ProductKey, Hotfixes, Software, Local, AD Userlist)
without
- Use of USB Storage (Because USB Storage ist mostly blocked by USBGuard or DriveLock)
- Internet connection (becaus Firewall ContentFilter Blocks the download sites)
* Minor Fix
* Somf file to much
* Changes in main.ps1 - paralellize the Powershell scripts
Changes in payload.txt - Universal payload no matter if admin rights or not
Some minor changes in all PS\*.ps1 files
Signed-off-by: qdba <dieter@baur.nu>
* Forget a File
* WifiCreds changed
* Changes in README.md
* Changed Get Chrome-Cred.ps1 from https://github.com/EmpireProject/Empire/tree/master/data/module_source/collection
Changed BUILD in main.ps1
Changed Build and Credits in README.md
* optimized WiPassDump payload to run in one file and a bit quicker.
* Create Prank folder and add UnifiedRickRoll payload
* Added UnifiedRickRoll support for windows
* Updated documentation on UnifiedRickRollWindows
* Causes payload to use roughly 30 times less processing power.
* Added Ascii-Prank Rick roll and Photo-Booth prank