* USB Exfiltration Payload with Win10 Fake Update
This Payload exfiltrates defined files to the Bunny. While copying is in progress, it shows a Fake Win10 Update Screen and removes traces. When it's ready, the target machine is forced to reboot.
* Correction for the Key injection F11
* Create test
* Delete payloads/library/USB_Exfil_with_Fake_Update _and_force-reboot directory
* Create tst
* Add files via upload
* Delete tst
* Delete payloads/library/exfiltration/USB Exfil with Fake Update and force reboot directory
* Uploaded ReverseBunny
Obfuscated reverse shell via powershell
* Uploaded WifiSnatch
Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇
* New Payload
Added new PrintNightmare Payload (Quick and dirty)
* Fixed my potty mouth
I'm a child sometimes
* Renamed Payload
* PrintNightmare: Use SWITCH_POSITION in payload path
* Fixing a typo
* Added Delays
Added some delays due to the fact that it was inconsistently reliable, occasionally it'd half type out the command. The delays have resolved the consistency issue on my end. Feel free to tweak as required.
* Amending Version Number
I'm a fool
* Updated Readme with proper credit
* Housekeeping
Moved some of the QUACK Powershell commands into the juicybit.txt file for speed and ease of use.
* Update README.md
* More improvement
Added exit to the juicybits rather than using alt and /noprofile to the run as
* Update README.md
* Pineapple-Connect-Windows New Payload For Connecting Client To Pineapple AP / Any AP
Pineapple-Connect-Windows new Bashbunny payload for connecting target machine quickly and efficiently to your Pineapple AP or an AP of your choosing (and control!)
* Changed from RUN WIN to QUACK STRING
Changed from RUN WIN to QUACK STRING as I was having issues with the formatting, presume it needs wrapping in quotes or something but it just kept breaking. QUACK STRING works fine so meh
* Added command to cover traks at the end of the script
added a line of powershell to clean out the run registry key to hide any evidence of the script running
Co-authored-by: Marc <foxtrot@malloc.me>
Co-authored-by: Marc <foxtrot@realloc.me>
Exploit Razer USA HID driver installation to System authority PowerShell.
This is heavily based on Tweet by @_MG_ on 22nd Aug 2021 but modified to work with BashBunny
* Delete stage3.ps1
* Update ATNT to work as intended.
Update ATNT to work as intended. Requires reboot or logoff to fully register AT.
* Remove DONE file in cleanup.
Forgot to remove DONE file. Now also makes sure this file does not exist before running.
Disable "PowerShell" logging
Check if current process have "Administrator" privilege
Check "SeDebugPrivilege" policy
Retrieves the processes belonging to the "SYSTEM" account
For each system PID, test to obtain the "SYSTEM" account via the parent process
* Housekeeping
Moved some of the QUACK Powershell commands into the juicybit.txt file for speed and ease of use.
* Update README.md
* More improvement
Added exit to the juicybits rather than using alt and /noprofile to the run as
* Update README.md
Co-authored-by: Marc <foxtrot@realloc.me>
* New Payload
Added new PrintNightmare Payload (Quick and dirty)
* Fixed my potty mouth
I'm a child sometimes
* Renamed Payload
* PrintNightmare: Use SWITCH_POSITION in payload path
* Fixing a typo
* Added Delays
Added some delays due to the fact that it was inconsistently reliable, occasionally it'd half type out the command. The delays have resolved the consistency issue on my end. Feel free to tweak as required.
* Amending Version Number
I'm a fool
* Updated Readme with proper credit
Co-authored-by: Marc <foxtrot@malloc.me>
* New Payload
Added new PrintNightmare Payload (Quick and dirty)
* Fixed my potty mouth
I'm a child sometimes
* Renamed Payload
* PrintNightmare: Use SWITCH_POSITION in payload path
* Fixing a typo
Co-authored-by: Marc <foxtrot@malloc.me>
* Added files
The payload.txt and the README.md have been added to the project!
* Updated Readme
The Readme file has been updatet.
* Added development status
The development status entry has been added to the list.
* Added header.
A header containing important information has been added.
* Made a joke
A joke has been made out of the Tested: No
* Completed InfoBox and added Configuring
The InfoBox is now a real box, and the Configuring section that is currently empty has been added.
* Added DUCKY_LANG notice.
In the configuration header, the sentence "You are required to change the DUCKY_LANG." has been added.
* Various changes.
Following changes have been made:
Removed the "Tested joke"
Setting the LED
Setting the Attackmode
Added configurationstuff
Added Setting up
Added the actual shutting down
* Changed development status.
The development status has been changed to "Actually quite done".
* Changed development status
* Added quality notice.
The standard notice for Emilius123 payloads "Emilius123 payloads. Quality made in Notepad since 2019." has been added.
* Changed category
The category has been changed from "Prank" to "Prank and Troll".
* Changed version
In the files README.md and payload.txt, the Version label has changed to
version 1.0
* Changed development status.
The development status has been changed from "Actually quite done" to
"1.0 done"
* Changed Status at FINISH LED
* Quality notice is now cursive
The quality notice is now in a cursive font.
* Added notice
The notice "Please give feedback in the Forum topic." has been added and surrounded nicely.
* Update README.md
* Forum topic is now cursive
* Added pull request
The sentence "Please give Feedback in the Forum topic." has been changed to "Please give Feedback in the Forum Topic and check out the Pull request.
* Update README.md
* Update README.md
* Added additional information.
To the README and the payload, the Description, Attackmode and used
Extensions have been added.
* Removed lines
* Removed empty lines
HackingMark
0iphor13
panicacid
cribb-it
9o3
emptyhen
Darren Kitchen
TW-D
Marc
Marc
Ian Costa
Alex
theofandato
DavidHaintz
kuyaya
Emil Albrecht
Mike Galvin
Mohamed A. Baset
TheDragonkeeper