hak5
/
bashbunny-payloads
mirror of https://github.com/hak5/bashbunny-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
bashbunny-payloads/payloads/library/credentials/DumpCreds
History
Marc 8947bcfb8e
Cleanup: DumpCreds: Add new payload header 		2019-07-05 05:35:05 +00:00
..
PS Cleanup: Sort payloads by category 2017-04-10 13:29:17 +10:00
README.md Updated DumpCreds for bunny fw v1.1 (#168) 2017-04-16 16:03:02 +10:00
main.ps1 Updated DumpCreds for bunny fw v1.1 (#168) 2017-04-16 16:03:02 +10:00
payload.txt Cleanup: DumpCreds: Add new payload header 2019-07-05 05:35:05 +00:00

README.md

DumpCreds 2.1

  • Author: QDBA
  • Version: Version 2.1.0 Build 1004
  • Target: Windows 10

Description

** !!!!! works only at Bash Bunny with FW 1.1 !!!!! **

Dumps the usernames & plaintext passwords from

  • Browsers (Crome, IE, FireFox)
  • Wifi
  • SAM Hashes (only if AdminMode=True)
  • Mimimk@tz Dump (only if AdminMode=True)
  • Computerinformation (Hardware Info, Windows ProductKey, Hotfixes, Software, Local, AD Userlist)

without

  • Use of USB Storage (Because USB Storage ist mostly blocked by USBGuard or DriveLock)
  • Internet connection (becaus Firewall ContentFilter Blocks the download sites)

Problems

  • if you first use the payload on a computer, it will take some time and tries until the drivers are successfully loaded.
  • If the payload doesnt work. (Red LED or Yellow LED blinks 2 or 4 times) plug off the BB and try it once more (can take 3 or 4 times)
  • If the payload stops working yellow LED blinks very fast longer than 2min. You get no white LED. Your run in a time out. If you plugin the BB every payload has 1min 30sfor doing the job. At 1min 30s every payload stops. (Thats a FW 1.1 issue)

Debug

If you want some debug information, create a file with name "DEBUG" in the payload folder you got the debug information in \loot\DumpCred_2.1\log.txt Folder

Configuration

None needed.

Requirements

Download

https://github.com/qdba/bashbunny-payloads/tree/master/payloads/library/DumpCreds_2.0

Install

  1. Put Bash Bunny in arming mode

  2. Coppy All Folders into the root of Bunny Flash Drive Mandatory * payloads/library/DumpCreds_2.1 --> the payload Files * payloads/library/DumpCreds_2.1/PS --> the Powershell scripts for the payload * tools --> impacket tools (provide the smbserver.py) (not neccessary if you had already installed) Not neccessary * docs --> this doc file * languages --> languauge files for DUCKY_LANG

  3. eject Bash Bunny safely!!

  4. Insert Bash Bunny in arming mode ( Impacket and languages will be installed )

  5. Put all Files and Folders to payload from payloads /payloads/library/DumpCreds_2.1 to payloads/switch1 or payloads/switch2

  6. eject Bash Bunny safely

  7. move switch in right position

  8. plugin Bash Bunny and have fun....! :-)

STATUS

LED Status
Magenta Solid Setup
Red slow blink Impacket not found
Red fast blink Target did not acquire IP address
Yellow single blink Initialization
Yellow double blink HID Stage
Yellow triple blink Wait for IP coming up
Yellow quad blink Wait for Handshake (SMBServer Coming up)
Yellow very fast blink Powershell scripts running
White fast blink Cleanup, copy Files to /loot
Green Finished
----------------------- --------------------------------------------

Discussion

https://forums.hak5.org/index.php?/topic/40582-payload-drumpcreds-20-wo-internet-wo-usb-storage

Credits

to...... 

https://github.com/EmpireProject/Empire         Get-FoxDump.ps1, Invoke-M1m1k@tz.ps1, Invoke-PowerDump.ps1, Get-ChromeCreds.ps1

Changelog

  • Complete new payload.txt code for BashBunny 1.1
  • Added a lot of debug cod into the payload