hak5
/
bashbunny-payloads
mirror of https://github.com/hak5/bashbunny-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
bashbunny-payloads/payloads/library/recon/Link_File_analysis
History
Aidan Holland 5a77792c1d Update and fix payloads (#277) 
* Updated all Payloads for Version 1.2+

Fixed Style Issues on extensions and payloads.
Added GET TARGET_OS to get.sh
Removed and Fixed all uses ducky_helper.sh (Issue #248)
Removed all mention of DUCKY_LANG (Issue #248)
Renamed Payloads with spaces in name
Added an extension to keep Macs Happy
Added a payload for Mac DNS poisoning
Fixed Issue #271 changed wget to curl -o
Implemented PR #268
Implemented PR #273

* Fixed e.cmd

* Fix e.cmd pt2

* Fixed Issues

Fixed issues pointed out by @sebkinne
Fixed styling errors
 		2017-10-25 11:10:17 +11:00
..
payload.txt Update and fix payloads (#277) 2017-10-25 11:10:17 +11:00
readme.md Update and fix payloads (#277) 2017-10-25 11:10:17 +11:00
run.ps1 Update and fix payloads (#277) 2017-10-25 11:10:17 +11:00

readme.md

Based on a payload written by Simen Kjeserud

Tested on firmware 1.3

Searches the user profile for .lnk files and reports on the file name, Target file, Date Created, Date Last Written. Results are provided in a CSV file.

Output = \loot\Link-Files\link_files.csv

Background In an incident where it is suspected that a user has exfiltrated data to a USB drive, the target element of any .lnk files may show files on external media (i.e. not the C: drive.).

Note - using this payload is NOT forensically sound!

STATUS

LED Status
Purple (blinking) Attack in progress
Green (blinking) Attack Finished