hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Cleanup: smb_exfiltrator: Update Payload Header

Browse Source
This commit is contained in:
Marc
2019-07-05 20:35:15 +01:00
committed by GitHub
parent 20ca26ee74
commit e3c4e45e29
1 changed files with 13 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
payloads/library/exfiltration/smb_exfiltrator/payload.txt
View File

@@ -4,47 +4,20 @@
# Author: Hak5Darren # Author: Hak5Darren
# Props: ImNatho, mike111b, madbuda # Props: ImNatho, mike111b, madbuda
# Version: 1.1 # Version: 1.1
# Category: Exfiltration # Target: Windows XP
# Target: Windows XP SP3+ (Powershell) # Attack Modes: HID, RNDIS_ETHERNET
# Attackmodes: HID, Ethernet # Requires: Impacket Tool
# Description: Exfiltrates select files from users's documents folder via SMB.
# Liberated documents will reside in Bash Bunny loot directory under
# loot/smb_exfiltrator/HOSTNAME/DATE_TIME. Exfiltration options configured from included s.ps1 script.
# #
# CHANGELOG # LEDS:
# ========= # Red: Failed to find dependencies
# Rewrite of the original SMB Exfiltrator payload with: # Yellow Single Blink: HID Stage
# - Faster copying, using robocopy multithreaded mode # Yellow Double Blink: Ethernet Stage
# - Faster finish, using a EXFILTRATION_COMPLETE file # Cyan: Receiving Files
# - Offload logic to target PC for accurate date/time # White: Moving Liberated Files
# - Clears tracks by default without second run dialog # Green: Finished
# - Test-Connection handling by ICMP (no lame sleeps)
# - Hidden powershell window by default
#
# REQUIREMENTS
# ============
# Needs impacket to be copied to /tools/impacket and installed
# Option A:
# 1. Download impacket from https://github.com/CoreSecurity/impacket
# 2. Copy impacket folder to /tools on the Bash Bunny flash drive
# 3. Boot Bash Bunny into arming mode and connect to console via serial
# 4. Issue "python /tools/impacket/setup.py install"
# Option B:
# 1. Download impacket deb package
# 2. Copy impacket.deb to /tools on the Bash Bunny flash drive
# 3. Boot Bash Bunny into arming mode. Impacket will install automatically.
#
# LED STATUS
# ==========
# FAIL........Failed to find dependencies
# STAGE1......HID Stage
# STAGE2......Ethernet Stage
# SPECIAL.....Receiving Files
# CLEANUP.....Moving Liberated Files
# FINISH......Finished
#
# OPTIONS
# =======
# Exfiltration options configured from included s.ps1 script
######## INITIALIZATION ######## ######## INITIALIZATION ########
REQUIRETOOL impacket REQUIRETOOL impacket