5a15fac2f0
Minor typo in comments. |
||
|---|---|---|
| .. | ||
| payload.txt | ||
| readme.md | ||
| userlist.txt | ||
| wordlist.txt | ||
readme.md
Jackalope
`\ # # /'
| \ # # /;|
\ :\# #|; /
\./#_#\./
/ \
: O O "
| \ / |
\ v /
\_x_/
Jackalope
by: catatonic
- Author: catatonic
- Target: Windows (for now)
Description
Uses ethernet to attempt dictionary attacks against passwords. When the password is discovered it is stored in a file for future use. The password may be used to unlock the machine by:
- Manually select user & place focus on the password field at the login screen
- Toggle the switch position from switch1 to switch2 (or vice versa) & the bunny will auto-type the stored password.
To clear a stored password move the switch to switch3 (aka arming mode) after the payload runs and displays GREEN. The status light will change to SPECIAL (cyan) indicating the password has been removed. Positioning the switch to switch1 or switch2 will re-initiate the attack.
Configuration
You must have a Metasploit installation up and running in path /tools/metasploit-framework/
Information and instructions for the installation of additional tools to the Bash Bunny can be found here.
No further initial configuration is required for Firmware v1.6+.
Per attack configuration
- userlist.txt contains usernames to use in attack.
- wordlist.txt contains passwords to use in attack.
Note: A fantastic collection of password wordlists are available: SecLists
STATUS
| LED | Status |
|---|---|
| FAIL | Attack failed, username/password not found |
| FAIL2 | Attack failed, network inaccessible |
| STAGE 1 | Stage 1: checking for SMB port with nmap |
| STAGE 2 | Stage 2: Brute forcing |
| Green (solid) | Attack complete, check loot or flip switch to switch1 or switch2 to enter password. Flip switch to switch3 (arming) to clear password. |
| SPECIAL | Clearing/cleared password, flip switch to switch 1 or switch 2 to initiate attack. |
| Purple (solid) | Preparing to attack |