hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
643 Commits 3 Branches 3 Tags
3d9d1f8c00f3caa87092306d5f6a337bfbc702b6
Commit Graph

482 Commits

Author SHA1 Message Date
TW-D
3d9d1f8c00 Update payload.txt 2022-12-28 06:16:55 -05:00
TW-D
7bfca60e72 Update README.md 2022-12-28 06:16:09 -05:00
TW-D
1e9f8f9bee "VideoLan VLC Media Player" Bind Shell 
1) Hide "PowerShell" window.
2) Determines the path of the "VLC Media Player" executable.
3) Creates two rules on the native firewall of "Microsoft Windows" to :
- Allow the executable to open a TCP port.
- Allow all incoming connections on that TCP port.
4) Starts the "VLC Media Player" executable with the "Telnet" interface enabled.
5) Redirects the standard error output of this process and retrieves the payload for execution.
 2022-12-21 15:25:32 -05:00
atomic
2266a9ddf6 New Payload - cApS-Troll (#566) 
* Add files via upload

* Add files via upload

* Add files via upload

* Update payload.txt
 2022-12-16 13:01:05 -06:00
KryptoKola
d237d080e6 payload.txt (#567) 
What the payload does:
#                   1) Disables Tamper Protection in Windows Defender.
#                   2) Disables UAC / Turns UAC off
#                   3) Creates Payload Directory in C:/ Drive
#                   4) Disables Real-Time Protection in Windows Defender.
#                   5) Adds the Payload Directory as an exclusion in Windows Defender
#                   6) Downloads Payload from Specified URI (Enter in Variable Below)
#                   7) Runs Payload on System
 2022-12-16 12:59:18 -06:00
rsxchin
d68298eaa3 Add GET BB_LABEL function and docs (#569) 
* Add GET BUNNY_LABEL to get.sh

Instead of hardcoding "BashBunny" or whatever new name the Bunny has, attackers can use a GET command.

* Add docs for GET HOST_IP & GET BB_LABEL
 2022-12-16 12:58:09 -06:00
drapl0n
858bb2df2c uploading LINUX_MOUNT extension (#570) 
* uploading LINUX_MOUNT extension

* uploading LINUX_MOUNT_DEMO

* decreasing delay time

* removed delays
 2022-12-16 12:52:57 -06:00
atomic
e8e2103c36 Add files via upload 2022-11-14 22:41:01 -05:00
atomic
5dba64108f Add files via upload 2022-11-02 23:10:25 -04:00
atomic
0f3b7db81d Add files via upload 2022-10-29 12:37:42 -04:00
hak5glytch
fa0c413458 Merge pull request #561 from cribb-it/DesktopBunny 
New Payload - Desktop Bunny
 2022-10-26 12:11:14 -07:00
cribb-it
c2dc211ad8 New Payload - Desktop Bunny 2022-10-26 20:06:32 +01:00
hak5glytch
afc3ac3478 Merge pull request #560 from 0iphor13/master 
Updated PingZhellBunny
 2022-10-20 10:36:29 -07:00
hak5glytch
eab131c783 Merge pull request #559 from I-Am-Jakoby/master 
New Payload - JumpScare-2.0
 2022-10-20 10:28:24 -07:00
0iphor13
a035d268c4 Update README.md 2022-10-19 18:36:48 +02:00
0iphor13
a67650031f Merge branch 'hak5:master' into master 2022-10-19 18:32:42 +02:00
0iphor13
427150a0dc Update Bunny.pl 2022-10-19 18:32:24 +02:00
0iphor13
0c39fffbf2 Update payload.txt 2022-10-19 18:30:42 +02:00
0iphor13
9494ab8d2e Update README.md 2022-10-19 18:29:26 +02:00
0iphor13
a991cd7af4 Update payload.txt 2022-10-19 18:26:40 +02:00
0iphor13
cad1abe00b Update and rename PingZhell.ps1 to PingZhellBunny.ps1 2022-10-19 18:25:53 +02:00
0iphor13
caafcfb103 Update Bunny.pl 2022-10-19 18:24:26 +02:00
I-Am-Jakoby
e74796ae1e New Payload - JumpScare-2.0 2022-10-17 18:05:41 -05:00
hak5glytch
962477433c Merge pull request #558 from I-Am-Jakoby/master 
New Payload - ADV Rick Roll
 2022-10-14 13:06:33 -06:00
I-Am-Jakoby
b110693304 New Payload - YouTube Tripwire 2022-10-13 22:15:32 -05:00
I-Am-Jakoby
3ee453979d Add files via upload 2022-10-13 01:20:15 -05:00
hak5glytch
ab146c05d2 Merge pull request #557 from I-Am-Jakoby/master 
New Payload - Shortcut Jacker
 2022-10-11 17:03:52 -06:00
I-Am-Jakoby
92e76d35fc Add files via upload 2022-10-10 23:37:26 -05:00
atomic
85ecdd5889 Add files via upload 2022-10-10 23:10:33 -04:00
atomic
1977d49f8e Add files via upload 2022-10-10 23:05:56 -04:00
hak5glytch
8f19915a5f Merge pull request #546 from atomiczsec/master 
New Payload - Copy-And-Waste
 2022-10-09 11:57:16 -06:00
hak5glytch
322cf4f7c1 Merge pull request #548 from atomiczsec/master 
New Payload - Water-UnMark
 2022-10-09 11:05:57 -06:00
hak5glytch
5a67438f87 Merge pull request #549 from drapl0n/master 
BunnyLogger2.0: Tweaks and Updates
 2022-10-08 18:40:32 -06:00
hak5glytch
7892015c02 Merge pull request #550 from Jeklah/patch-1 
Update BBB.ps1
 2022-10-08 18:39:25 -06:00
hak5glytch
1b76be74ee Merge pull request #551 from Jeklah/patch-2 
Update payload.txt
 2022-10-08 18:39:01 -06:00
atomic
a08e9b382d New Payload - Screen-Shock (#552) 
* Add files via upload

* Update c.ps1

* Add files via upload
 2022-10-08 18:32:28 -06:00
TW-D
fa5dae9b11 Linux Random Reverse Shell (#553) 
1) Checks the availability of binaries on the system.
2) Builds a list of possible payloads.
3) Performs one at random.
 2022-10-08 18:25:34 -06:00
Jeklah
5a15fac2f0 Update payload.txt 
Minor typo in comments.
 2022-09-07 00:14:14 +01:00
Jeklah
3e608cdd3d Update BBB.ps1 
Typo in comments, Chrome should be Edge.
 2022-09-06 23:32:19 +01:00
drapl0n
6d4455d239 Update payload.txt 2022-09-05 21:44:49 +05:30
drapl0n
c9dafb479f moving payload.sh 2022-09-05 21:43:42 +05:30
drapl0n
b813f1b196 moving bunnyLoggerMgr 2022-09-05 21:43:01 +05:30
drapl0n
b5bd4487b1 Update uninstall.sh 2022-09-05 21:41:46 +05:30
drapl0n
d328ab9db3 Update install.sh 2022-09-05 21:41:13 +05:30
drapl0n
5738de5e9e uploading BunnyLogger 2.0 (#545) 
* Uploaded BunnyLogger

* uploading payload intel

* Create README.md

* Update README.md

* uploaded LinuxPreter

* uploaded FileRipper

Faster executing version

* Update README.md

* fixing typo

* uploaded sudoSnatch

* Update README.md

* deleting sudoSnatch

* uploading payload

* Delete payload.sh

* Delete shell

* Delete systemBus

* Delete camPeek directory

* Update payload.sh

* Update payload.sh

* Delete payloads/library/execution/FileRipper directory

* Update payload.sh

* Update payload.sh

* Update payload.sh

* Update payload.sh

* uploading BLE_EXFIL extension

BLE_EXFIL extension, exfiltrates data via BLE

* BLE_EXFIL demo

* uploading mine4me

mine4me payload makes your target system mine Monero for you. Spread payload in multiple systems to acquire more Monero.

* category update

* Uploading BunnyLogger 2.0
 2022-09-01 14:19:05 -05:00
atomic
7169158bb8 Add files via upload 2022-08-30 18:50:10 -04:00
atomic
f864ad8323 Merge branch 'hak5:master' into master 2022-08-30 18:39:55 -04:00
atomic
8e322706bc New payload - Bookmark-Hog (#543) 2022-08-30 09:56:42 -05:00
TW-D
b10a644277 Add Fake SSH (#544) 
1) Copies the "ssh" command spoofing program to the user's home directory.
2) Defines a new persistent "ssh" alias with the file "~/.bash_aliases".
3) When the user executes the command "ssh" in a terminal, the spoofing program :
- __By default__ retrieves the username@address and password and writes them to "/tmp/.ssh_password".
- __But__ this behavior can be changed in line 20 of the "ssh-phishing.sh" file.
 2022-08-30 09:37:50 -05:00
Carey Balboa
2aa4910d0c add my own exfil payload (#540) 
* add my own exfil payload

Exfiltrates files from logged in users Documents and Desktop folders

* updated

* Update readme.md
 2022-08-30 09:28:28 -05:00