hak5
/
bashbunny-payloads
mirror of https://github.com/hak5/bashbunny-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
bashbunny-payloads/payloads/library/recon/Win_PoSH_WordReport
History
cribb-it 785e5d2a75
Various small fixes (#435) 
* Add files via upload

* Update readme.md

* Update readme.md

* Update payload.txt

* Update readme.md

* fix rebase errors

* Fix for rebase

* Fix for fewer details
 		2021-07-06 20:02:27 +01:00
..
Recon.ps1 New Payload: Win_PoSH_WordReport, Fix typos in Win_PoSH_FakeLoginScreen (#431) 2021-04-30 17:02:21 +01:00
payload.txt Various small fixes (#435) 2021-07-06 20:02:27 +01:00
readme.md New Payload: Win_PoSH_WordReport, Fix typos in Win_PoSH_FakeLoginScreen (#431) 2021-04-30 17:02:21 +01:00

readme.md

Word Report

  • Author: Cribbit
  • Version: 1.0
  • Target: Windows (Powershell 5.1+)
  • Category: Recon
  • Attackmode: HID & Storage
  • Extensions: Run
  • Props: Don Murdoch, Boe Prox, Simen Kjeserud, DannyK999 & T.J. Connor

Change Log

Version Changes
1.0 Initial release

Description

This payload in similar to the InfoGrabber payload. But save the info to a MS Word document and collects some different data.

This payload needs an admin powershell prompt to run

Configuration

This payload is written for an English version of windows. You will need to update the letters used when accessing the menu with ALT for other languages

Colours

Status Colour Description
SETUP Magenta solid Setting attack mode
ATTACK Yellow single blink Injecting Powershell script
INJECTED Green blink followed by SOLID Injection finished
FINISHED Blinks the scroll lock twice Script is finished