* Add files via upload
* Rename Read-Me.txt to Read-Me
* Rename payload.txt.txt to payload
* Add files via upload
Added some features and fixed a few bugs I found
* Delete payload
* Rename payload.txt.txt to payload
* Uploaded ReverseBunny
Obfuscated reverse shell via powershell
* Uploaded WifiSnatch
Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇
* Update ReverseBunny.txt
Changed payload to evade Windows Defender
* Update payload.txt
Added new "Eject Method" - props to Night(9o3)
* Update README.md
* Deleted ReverseBunny.txt
Deleted because of higher risk to get caught by AV
* Updated ReverseBunny to version 1.2
Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design
* Updated ReverseBunny to version 1.2
Updated README for ReverseBunny update
* Updated payload
fixed some stupid left overs <3
* Uploaded pingUinBunny
a reverse shell using icmp
* Delete payloads/library/remote_access/switch1 directory
* Uploaded pingUinBunny
A reverse shell using icmp
* Update README.md
* Update README.md
* Updated to PingZhell
* Update Bunny.pl
* Update README.md
* Update README.md
* Update payload.txt
* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl
* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1
* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md
* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt
* Update payload.txt
* Update README.md
* Update README.md
* Update Bunny.pl
* Created ProcDumpBunny
Dump lsass.exe with a renamed version of procdump and get the users hashes with Mimikatz
* Update README.md
* Update payload.txt
* Updated ReverseBunny
Fixed wrong DELAY commands
* Updated PingZhellBunny
Fixed wrong DELAY commands
* Updated WifiSnatch
Fixed multiple mistakes
* Uploaded HashDumpBunny
Use your BashBunny to dump the user hashes of your target - similar to the msf post-module.
The script was obfuscated with multiple layers, so don't be confused.
If you don't trust this script, run it within a save testing space - which should be best practice anyways ;)
* added example picture
* Update README.md
Uses the "SanDisk Wireless Stick" for files exfiltration.
1) Avoids "PowerShell Script Block Logging".
2) Hide "PowerShell" window.
3) Deletes Wi-Fi connection profiles in automatic mode, each deletion causes a disconnection.
4) Adds the profile for the "SanDisk Connect Wireless Stick" in automatic mode.
5) Checks whether the Wi-Fi interface is connected to the "SanDisk" and whether the gateway can be reached, if not, automatically starts again.
6) Exfiltration of the files via the HTTP channel.
* Exfiltrate using Windows utility SmartFileExtract
Script to find all files that a) have filenames with the word "pass" or "secret" in them or b) are standard .DOC files and copy them to loot. SmartFileExtract is used to kill the copy after 500 MBs and / or 90 seconds and will display the copy status using a fake install window.
Dependencies:
Binary (SmartFileExtract.exe) from https://github.com/saintcrossbow/SmartFileExtract
* New Exfiltration: Smart Data Thief
Timed exfiltration attack targeting high value data and WiFi creds. Highly configurable to start / stop attack using BLE beacons, create distraction when aborting attack, and full shutdown for removal after attack complete.
* Revolver BLE controlled multi-attack
New payload: Revolver - a multi option attack controlled by BLE beacons. Plug in Bash Bunny and choose your attack based on what you need in the field.
* USB Exfiltration Payload with Win10 Fake Update
This Payload exfiltrates defined files to the Bunny. While copying is in progress, it shows a Fake Win10 Update Screen and removes traces. When it's ready, the target machine is forced to reboot.
* Correction for the Key injection F11
* Create test
* Delete payloads/library/USB_Exfil_with_Fake_Update _and_force-reboot directory
* Create tst
* Add files via upload
* Delete tst
* Delete payloads/library/exfiltration/USB Exfil with Fake Update and force reboot directory
* Uploaded ReverseBunny
Obfuscated reverse shell via powershell
* Uploaded WifiSnatch
Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇
* Updated all Payloads for Version 1.2+
Fixed Style Issues on extensions and payloads.
Added GET TARGET_OS to get.sh
Removed and Fixed all uses ducky_helper.sh (Issue #248)
Removed all mention of DUCKY_LANG (Issue #248)
Renamed Payloads with spaces in name
Added an extension to keep Macs Happy
Added a payload for Mac DNS poisoning
Fixed Issue #271 changed wget to curl -o
Implemented PR #268
Implemented PR #273
* Fixed e.cmd
* Fix e.cmd pt2
* Fixed Issues
Fixed issues pointed out by @sebkinne
Fixed styling errors
* Fixed for 1.0 and 1.1
Fixed the payload for 1.0 but if you want it ported for 1.1, change line 38 to (LED M)
* Made 1.1 compatible.
Still need to examine Get-BrowserData.ps1
