Commit Graph

446 Commits (b58284adaa8904ad0e6b8e164b14a6960795f4ce)

Author SHA1 Message Date
drapl0n b58284adaa
uploaded dirtypipe (#506)
* uploaded dirtypipe

Exploit for a new Linux vulnerability known as 'Dirty Pipe(CVE-2022-0847)' allows local users to gain root privileges.

* exploit

* Create README.md

* fixing typo
2022-03-23 10:12:49 -05:00
drapl0n 7f3972b88a
uploaded sudoSnatch (#507)
* uploaded sudoSnatch

sudoSnatch payload grabs sudo password in plain text, imediately after victim uses `sudo` command and sends it back to attacker remotely/locally.

* changing payload category

* uploaded sudoSnatch
2022-03-22 16:09:51 -05:00
cribb-it 946879ae90
New Payload - Random vid (#504)
* readme

* Payload
2022-03-16 16:28:18 -05:00
0iphor13 6bacea8bc8
Uploaded MiniDumpBunny (#503)
* Uploaded ReverseBunny

Obfuscated reverse shell via powershell

* Uploaded WifiSnatch

Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇

* Update ReverseBunny.txt

Changed payload to evade Windows Defender

* Update payload.txt

Added new "Eject Method" - props to Night(9o3)

* Update README.md

* Deleted ReverseBunny.txt

Deleted because of higher risk to get caught by AV

* Updated ReverseBunny to version 1.2

Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design

* Updated ReverseBunny to version 1.2

Updated README for ReverseBunny update

* Updated payload

fixed some stupid left overs <3

* Uploaded pingUinBunny

a reverse shell using icmp

* Delete payloads/library/remote_access/switch1 directory

* Uploaded pingUinBunny

A reverse shell using icmp

* Update README.md

* Update README.md

* Updated to PingZhell

* Update Bunny.pl

* Update README.md

* Update README.md

* Update payload.txt

* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl

* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1

* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md

* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt

* Update payload.txt

* Update README.md

* Update README.md

* Update Bunny.pl

* Created ProcDumpBunny

Dump lsass.exe with a renamed version of procdump and get the users hashes with Mimikatz

* Update README.md

* Update payload.txt

* Updated ReverseBunny

Fixed wrong DELAY commands

* Updated PingZhellBunny

Fixed wrong DELAY commands

* Updated WifiSnatch

Fixed multiple mistakes

* Uploaded HashDumpBunny

Use your BashBunny to dump the user hashes of your target - similar to the msf post-module.
The script was obfuscated with multiple layers, so don't be confused.
If you don't trust this script, run it within a save testing space - which should be best practice anyways ;)

* added example picture

* Update README.md

* Uploaded SessionBunny

Utilize SessionGopher (Slightly modified) to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP.
Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords.

Afterwards decide which is important and what you want to save onto your BashBunny.

* Uploaded SessionBunny

Utilize the famous, here slightly modified SessionGopher script, to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP.
Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords.

Decide which inforamtion you wanna take with you - save it onto your BashBunny!

* Update README.md

* Delete SessionBunny directory

* Uploaded MiniDumpBunny

Dump lsass with this rewritten and for BashBunny adapted version of Powersploits Out-MiniDump.
2022-03-14 09:25:29 -05:00
su3158 2e297ba861
Array for Japanese added. (#465) 2022-03-13 18:01:52 +00:00
drapl0n tuxed0 a4141f7312
Uploaded LinuxPreter (#502)
* Uploaded BunnyLogger

* uploading payload intel

* Create README.md

* Update README.md

* uploaded LinuxPreter
2022-03-12 16:27:24 -06:00
electronicintifida f03f67be29
Add files via upload (#422) 2022-03-10 19:30:54 +00:00
drapl0n tuxed0 2785fbc4db
Uploading payload "intel(intelligence)" (#501)
* Uploaded BunnyLogger

* uploading payload intel

* Create README.md

* Update README.md
2022-03-08 11:22:58 -06:00
drapl0n tuxed0 2fdb38a3b4
Uploaded BunnyLogger (#500) 2022-03-07 09:50:39 -06:00
drapl0n tuxed0 db8fdc67f4
created sshDump (#499) 2022-03-04 13:35:03 -06:00
cribb-it ba801201a7
Update - Hi there (#498)
* New Payload - Hi There

* Update Description
2022-02-28 15:31:15 -06:00
cribb-it a0ee4512b3
New Payload - Hi There (#496) 2022-02-27 12:31:27 -06:00
Darren Kitchen b86412afbd
Update README.md 2022-02-27 12:30:09 -06:00
Decidedly Gray 0d51a41aeb
Updated links in README.md (#497)
Fixed some stale links in the README.md
2022-02-27 12:28:26 -06:00
Whiskey Xray a5d11747cf
Simple MacOS EICAR PoC Payload (#350)
* Add files via upload

* Add files via upload

Co-authored-by: Ciph3rtxt <30738667+Ciph3rtxt@users.noreply.github.com>
2022-02-15 02:40:59 +00:00
Bearz314 3184c229c7
Fix for zsh (#351)
While comparison = and == are identical on bash (refer http://www.tldp.org/LDP/abs/html/comparison-ops.html ), double equals behave differently on zsh (refer https://unix.stackexchange.com/questions/255480/why-does-behave-differently-inside-in-zsh-and-bash ). Single = is also equally POSIX compliant.

Co-Authored-By: Minh Thien Nhat Nguyen <nhat286@users.noreply.github.com>

Co-authored-by: Minh Thien Nhat Nguyen <nhat286@users.noreply.github.com>
2022-02-15 02:40:29 +00:00
Skeleton022 0f86f0ee24
Hungarian language support (Hu-hu) (#450)
* Hungarian language support

* Updated with missing COMMAND-OPTION

Updated with the extra 3 command variation.

* Last update to the language

Completely done.
2022-02-15 02:37:50 +00:00
0iphor13 e91c3b46eb
Uploaded SessionBunny (#494)
* Uploaded ReverseBunny

Obfuscated reverse shell via powershell

* Uploaded WifiSnatch

Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇

* Update ReverseBunny.txt

Changed payload to evade Windows Defender

* Update payload.txt

Added new "Eject Method" - props to Night(9o3)

* Update README.md

* Deleted ReverseBunny.txt

Deleted because of higher risk to get caught by AV

* Updated ReverseBunny to version 1.2

Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design

* Updated ReverseBunny to version 1.2

Updated README for ReverseBunny update

* Updated payload

fixed some stupid left overs <3

* Uploaded pingUinBunny

a reverse shell using icmp

* Delete payloads/library/remote_access/switch1 directory

* Uploaded pingUinBunny

A reverse shell using icmp

* Update README.md

* Update README.md

* Updated to PingZhell

* Update Bunny.pl

* Update README.md

* Update README.md

* Update payload.txt

* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl

* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1

* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md

* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt

* Update payload.txt

* Update README.md

* Update README.md

* Update Bunny.pl

* Created ProcDumpBunny

Dump lsass.exe with a renamed version of procdump and get the users hashes with Mimikatz

* Update README.md

* Update payload.txt

* Updated ReverseBunny

Fixed wrong DELAY commands

* Updated PingZhellBunny

Fixed wrong DELAY commands

* Updated WifiSnatch

Fixed multiple mistakes

* Uploaded HashDumpBunny

Use your BashBunny to dump the user hashes of your target - similar to the msf post-module.
The script was obfuscated with multiple layers, so don't be confused.
If you don't trust this script, run it within a save testing space - which should be best practice anyways ;)

* added example picture

* Update README.md

* Uploaded SessionBunny

Utilize SessionGopher (Slightly modified) to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP.
Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords.

Afterwards decide which is important and what you want to save onto your BashBunny.

* Uploaded SessionBunny

Utilize the famous, here slightly modified SessionGopher script, to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP.
Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords.

Decide which inforamtion you wanna take with you - save it onto your BashBunny!

* Update README.md

* Delete SessionBunny directory
2022-02-14 18:34:28 -08:00
TW-D 83c38586b4
Add "Microsoft Windows" WinRM Backdoor (#493)
1) Adds a user account.
2) Adds this local user to local administrator group.
3) If the target computer is equipped with a compatible Wi-Fi card :
    Avoids security measures on the internal network with the 
    creation of a wireless "Hosted Network".
4) Enables "Windows Remote Management" with default settings.
5) Adds a rule to the firewall.
6) Sets a value to "LocalAccountTokenFilterPolicy" to disable "UAC" remote restrictions.
7) Hides user account.
2022-02-08 08:23:11 -08:00
TW-D bbab037efb
Add "Microsoft Windows" SMB Backdoor (#492)
1) Adds a user account.
2) Adds this local user to local administrator group.
3) If the target computer is equipped with a compatible Wi-Fi card :
    Avoids security measures on the internal network with the 
    creation of a wireless "Hosted Network".
4) Shares "C:\" directory.
5) Adds a rule to the firewall.
6) Sets a value to "LocalAccountTokenFilterPolicy" to access the "C:" with a local account.
7) Hides user account.
2022-02-07 18:07:25 -08:00
0iphor13 5eaf7d9dc7
Uploaded HashDumpBunny + some fixes (#491)
* Uploaded ReverseBunny

Obfuscated reverse shell via powershell

* Uploaded WifiSnatch

Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇

* Update ReverseBunny.txt

Changed payload to evade Windows Defender

* Update payload.txt

Added new "Eject Method" - props to Night(9o3)

* Update README.md

* Deleted ReverseBunny.txt

Deleted because of higher risk to get caught by AV

* Updated ReverseBunny to version 1.2

Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design

* Updated ReverseBunny to version 1.2

Updated README for ReverseBunny update

* Updated payload

fixed some stupid left overs <3

* Uploaded pingUinBunny

a reverse shell using icmp

* Delete payloads/library/remote_access/switch1 directory

* Uploaded pingUinBunny

A reverse shell using icmp

* Update README.md

* Update README.md

* Updated to PingZhell

* Update Bunny.pl

* Update README.md

* Update README.md

* Update payload.txt

* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl

* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1

* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md

* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt

* Update payload.txt

* Update README.md

* Update README.md

* Update Bunny.pl

* Created ProcDumpBunny

Dump lsass.exe with a renamed version of procdump and get the users hashes with Mimikatz

* Update README.md

* Update payload.txt

* Updated ReverseBunny

Fixed wrong DELAY commands

* Updated PingZhellBunny

Fixed wrong DELAY commands

* Updated WifiSnatch

Fixed multiple mistakes

* Uploaded HashDumpBunny

Use your BashBunny to dump the user hashes of your target - similar to the msf post-module.
The script was obfuscated with multiple layers, so don't be confused.
If you don't trust this script, run it within a save testing space - which should be best practice anyways ;)

* added example picture

* Update README.md
2022-02-02 09:09:37 -06:00
TW-D 1b8b6048f5
Update README with binaries checksums informations (#490) 2022-01-29 18:00:12 +00:00
Marc 96cfd80035
pwnkit: strip binaries 2022-01-29 17:30:36 +00:00
TW-D c06fd4aa80
Add "PwnKit Vulnerability" - LPE (#489)
* Add "PwnKit Vulnerability" - LPE

The Qualys Research Team has discovered a memory corruption 
vulnerability in polkit’s pkexec, a SUID-root program that 
is installed by default on every major Linux distribution.

* Add Credits to README.MD

* pwnkit: Move to shorter directory name

* pwnkit: Add compiled version

* pwnkit: Copy built binaries instead of compiling

* make it executable

* add credits

Co-authored-by: Marc <foxtrot@malloc.me>
2022-01-29 17:26:56 +00:00
TW-D 5e95ba3d40
Add Win_ProblemStepsRecorder (#488)
Abuse of "Windows Problem Steps Recorder" to spy on a user's activities.
2022-01-28 11:53:24 -06:00
0iphor13 287faf1f1e
Created ProcDumpBunny (#487)
* Uploaded ReverseBunny

Obfuscated reverse shell via powershell

* Uploaded WifiSnatch

Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇

* Update ReverseBunny.txt

Changed payload to evade Windows Defender

* Update payload.txt

Added new "Eject Method" - props to Night(9o3)

* Update README.md

* Deleted ReverseBunny.txt

Deleted because of higher risk to get caught by AV

* Updated ReverseBunny to version 1.2

Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design

* Updated ReverseBunny to version 1.2

Updated README for ReverseBunny update

* Updated payload

fixed some stupid left overs <3

* Uploaded pingUinBunny

a reverse shell using icmp

* Delete payloads/library/remote_access/switch1 directory

* Uploaded pingUinBunny

A reverse shell using icmp

* Update README.md

* Update README.md

* Updated to PingZhell

* Update Bunny.pl

* Update README.md

* Update README.md

* Update payload.txt

* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl

* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1

* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md

* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt

* Update payload.txt

* Update README.md

* Update README.md

* Update Bunny.pl

* Created ProcDumpBunny

Dump lsass.exe with a renamed version of procdump and get the users hashes with Mimikatz

* Update README.md

* Update payload.txt
2022-01-25 12:31:59 -06:00
JustaProgrammer9 fab1466896
so it actually works (#486)
I foolishly forgot to add a second backslash to $ImageName
2022-01-24 13:28:25 -06:00
JustaProgrammer9 f5292aa8ce
Desktop flooder (#479)
* Desktop Flooder

downloads an image from a link and saves it, then copies the images all over the desktop.

* Update README.md

* Update README.md

* Update README.md

* Update payload.txt
2022-01-21 19:02:26 -06:00
TW-D 95e1d22dee
Add Win_SSLKeyLog (#485)
* Add Win_SSLKeyLog

Captures the client network session.
Captures the client side session keys.

1) Partially avoids "PowerShell Script Block Logging".
2) Closing of all windows.
3) Hide "PowerShell" window.
4) Check if current process have "Administrator" privilege.
5) Sets the "SSLKEYLOGFILE" environment variable to store SSL session key information. 
6) Starts a "Network Tracing Session" with "ETW (Event Tracing for Windows)".
7) Writes the file system cache to disk (thanks to @dark_pyrro).
8) Safely eject (thanks to @Night (9o3)).

* Correction of some information in "README.md"
2022-01-21 18:53:08 -06:00
Jake Wimmer 4c1c8d47cd
Initial commit (#484) 2022-01-19 13:32:58 -06:00
TW-D 8f28d0ab0e
"Microsoft Windows 10" Fake Logon Screen (#482)
1) Change "monitor-timeout (AC and DC)" at NEVER with "powercfg" utility.
2) Change "standby-timeout (AC and DC)" at NEVER with "powercfg" utility.
3) Retrieve the current username.
4) Full-screen opening of the phishing HTML page using the default web browser with a random wallpaper.
5) The "Bash Bunny" can be removed because the files are cached in the web browser.
6) The password will be sent by HTTP POST to the URL specified in the "DROP_URL" constant.
2022-01-07 13:47:55 -06:00
StaDo0815 77bf57308f
Update payload.txt (#397) 2022-01-04 11:44:53 -06:00
0iphor13 b64503fe23
Uploaded PingZhellBunny (#480)
* Uploaded ReverseBunny

Obfuscated reverse shell via powershell

* Uploaded WifiSnatch

Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇

* Update ReverseBunny.txt

Changed payload to evade Windows Defender

* Update payload.txt

Added new "Eject Method" - props to Night(9o3)

* Update README.md

* Deleted ReverseBunny.txt

Deleted because of higher risk to get caught by AV

* Updated ReverseBunny to version 1.2

Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design

* Updated ReverseBunny to version 1.2

Updated README for ReverseBunny update

* Updated payload

fixed some stupid left overs <3

* Uploaded pingUinBunny

a reverse shell using icmp

* Delete payloads/library/remote_access/switch1 directory

* Uploaded pingUinBunny

A reverse shell using icmp

* Update README.md

* Update README.md

* Updated to PingZhell

* Update Bunny.pl

* Update README.md

* Update README.md

* Update payload.txt

* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl

* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1

* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md

* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt

* Update payload.txt

* Update README.md

* Update README.md

* Update Bunny.pl
2021-12-23 15:42:21 -06:00
Overtime b5fd8b50fc
Add Mac Pass (#428)
* Added MacPass

* Update readme.md

Co-authored-by: Overtime <39917164+0vertime-dev@users.noreply.github.com>
2021-12-21 17:34:55 -06:00
cribb-it 39fd0e838c
New Payload - Excel QR Rickroll (#436)
* Add files via upload

* Update readme.md

* Update readme.md

* Update payload.txt

* Update readme.md

* fix rebase errors

* Fix for rebase

* Fix for fewer details

* Extensions: Add wait_for BTLE extensions

* Quick and Dirty PrintNightmare Payload (#432)

* New Payload

Added new PrintNightmare Payload (Quick and dirty)

* Fixed my potty mouth

I'm a child sometimes

* Renamed Payload

* PrintNightmare: Use SWITCH_POSITION in payload path

* Fixing a typo

Co-authored-by: Marc <foxtrot@malloc.me>

* Bugfix (#433)

* New Payload

Added new PrintNightmare Payload (Quick and dirty)

* Fixed my potty mouth

I'm a child sometimes

* Renamed Payload

* PrintNightmare: Use SWITCH_POSITION in payload path

* Fixing a typo

* Added Delays

Added some delays due to the fact that it was inconsistently reliable, occasionally it'd half type out the command. The delays have resolved the consistency issue on my end. Feel free to tweak as required.

* Amending Version Number

I'm a fool

* Updated Readme with proper credit

Co-authored-by: Marc <foxtrot@malloc.me>

* General Imrovements to PrintNightmare (#434)

* Housekeeping

Moved some of the QUACK Powershell commands into the juicybit.txt file for speed and ease of use.

* Update README.md

* More improvement

Added exit to the juicybits rather than using alt  and /noprofile to the run as

* Update README.md

Co-authored-by: Marc <foxtrot@realloc.me>

* New Payload - Excel QR Rickroll

Co-authored-by: Marc <foxtrot@malloc.me>
Co-authored-by: panicacid <steve@pcquicktips.net>
Co-authored-by: Marc <foxtrot@realloc.me>
2021-12-21 17:33:03 -06:00
cribb-it e1700bdc91
New payload - Replace Cursor (#437)
* New payload - Replace Cursor

* Added Cursor - follow the white rabbit

* Update Readme
2021-12-21 17:31:08 -06:00
cribb-it 8a7606aa0a
New Payload - Read It Out (#444) 2021-12-21 17:28:38 -06:00
TW-D 5d4367787f
SanDisk Wireless Stick Exfiltration (#445)
Uses the "SanDisk Wireless Stick" for files exfiltration.
1) Avoids "PowerShell Script Block Logging".
2) Hide "PowerShell" window.
3) Deletes Wi-Fi connection profiles in automatic mode, each deletion causes a disconnection.
4) Adds the profile for the "SanDisk Connect Wireless Stick" in automatic mode.
5) Checks whether the Wi-Fi interface is connected to the "SanDisk" and whether the gateway can be reached, if not, automatically starts again.
6) Exfiltration of the files via the HTTP channel.
2021-12-21 17:24:09 -06:00
cribb-it 49f7018bf3
New Payload - SSH Server (#451)
* New Payload - SSH Server

* Update Delay
2021-12-21 17:20:37 -06:00
cribb-it 73bf1c0c48
New Payload - Spinning Around (#452)
* New Payload - Spinning Around

* Update readme.md
2021-12-21 17:17:12 -06:00
saintcrossbow bb601883ef
New Exfiltration Payload: Smart Data Thief (#453)
* Exfiltrate using Windows utility SmartFileExtract

Script to find all files that a) have filenames with the word "pass" or "secret" in them or b) are standard .DOC files and copy them to loot. SmartFileExtract is used to kill the copy after 500 MBs and / or 90 seconds and will display the copy status using a fake install window.

Dependencies:
Binary (SmartFileExtract.exe) from https://github.com/saintcrossbow/SmartFileExtract

* New Exfiltration: Smart Data Thief

Timed exfiltration attack targeting high value data and WiFi creds. Highly configurable to start / stop attack using BLE beacons, create distraction when aborting attack, and full shutdown for removal after attack complete.

* Revolver BLE controlled multi-attack

New payload: Revolver - a multi option attack controlled by BLE beacons. Plug in Bash Bunny and choose your attack based on what you need in the field.
2021-12-21 17:11:50 -06:00
scaery 9e54726597
Original from scaery/ducked (#456)
* Create procdump.txt

* Create duck_code.txt

* Create run.ps1

* Create payload.txt
2021-12-16 11:52:13 -06:00
Hacksawfred3232 0414f0cfc7
New Payload/Tool: FICBunny (#471)
* Added FICBunny

* Added disclaimer regarding modifying /dev/nandg

* Add changes from Austin Spraggins + Some cleanup.

* Update readme.md
2021-12-16 11:50:56 -06:00
JustaProgrammer9 72d424232a
Bluetooth2 (#477)
* Bluetooth2

Bluetooth2 is a program that can use multiple triggers instead of waiting for just one and run different things depending on that trigger. Anyone willing to update it would be appreciated as it probably looks... not great.

* Update payload.txt

* Update payload.txt

* Update README.md
2021-12-16 11:48:02 -06:00
0iphor13 54505507b9
Updated ReverseBunny to version 1.2 (#475)
* Uploaded ReverseBunny

Obfuscated reverse shell via powershell

* Uploaded WifiSnatch

Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇

* Update ReverseBunny.txt

Changed payload to evade Windows Defender

* Update payload.txt

Added new "Eject Method" - props to Night(9o3)

* Update README.md

* Deleted ReverseBunny.txt

Deleted because of higher risk to get caught by AV

* Updated ReverseBunny to version 1.2

Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design

* Updated ReverseBunny to version 1.2

Updated README for ReverseBunny update

* Updated payload

fixed some stupid left overs <3
2021-12-06 20:08:42 +00:00
0iphor13 86c989f9a0
Updated ReverseBunny (#469)
* Uploaded ReverseBunny

Obfuscated reverse shell via powershell

* Uploaded WifiSnatch

Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇

* Update ReverseBunny.txt

Changed payload to evade Windows Defender

* Update payload.txt

Added new "Eject Method" - props to Night(9o3)

* Update README.md
2021-10-02 14:58:58 -05:00
xhico 78eb6e3828
Wallpaper Changer (#245) 2021-10-02 13:25:34 -05:00
HackingMark ee97a0820d
USB Exfiltration Payload with Win10 Fake Update V020821 (#455)
* USB Exfiltration Payload with Win10 Fake Update

This Payload exfiltrates defined files to the Bunny. While copying is in progress, it shows a Fake Win10 Update Screen and removes traces. When it's ready, the target machine is forced to reboot.

* Correction for the Key injection F11

* Create test

* Delete payloads/library/USB_Exfil_with_Fake_Update _and_force-reboot directory

* Create tst

* Add files via upload

* Delete tst

* Delete payloads/library/exfiltration/USB Exfil with Fake Update and force reboot directory
2021-09-30 17:08:02 -05:00
0iphor13 e79e39f95d
WifiSnatch (#468)
* Uploaded ReverseBunny

Obfuscated reverse shell via powershell

* Uploaded WifiSnatch

Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇
2021-09-24 12:41:15 -05:00
0iphor13 80c724ad99
Uploaded ReverseBunny (#464)
Obfuscated reverse shell via powershell
2021-09-10 20:36:12 +01:00