hak5/bashbunny-payloads

mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00

History

root d978800874 merge upstream

2017-12-19 13:29:12 -06:00

..

p.txt

Update and fix payloads (#277 )

2017-10-25 11:10:17 +11:00

payload.txt

merge upstream

2017-12-19 13:29:12 -06:00

readme.md

Update and fix payloads (#277 )

2017-10-25 11:10:17 +11:00

readme.md

psh_DownloadExecSMB

Powershell Download and Execute SMB

Author: LowValueTarget
Version: Version 1.2
Target: Windows XP SP3+ (Powershell)
Category: Powershell
Attackmodes: HID, RNDIS_Ethernet
Firmware: >= 1.2

Description

Quick HID attack to retrieve and run powershell payload from BashBunny SMBServer. SMB Credentials are stored as loot.

Configuration

Ensure p.txt exists in payload directory. This is the powershell script that will be downloaded and executed.
Requires Impacket

Installation

See Hak5's Tool Thread Here: https://forums.hak5.org/index.php?/topic/40971-info-tools/

STATUS

Attack Stage	Description
Stage 1	Powershell
Stage 2	Delivering powershell payload