hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
40a9afa7c47a8d343ef3314a59e4ce3ef0d2eaae
bashbunny-payloads/payloads/library/remote_access/SSHhhhhh (Linux)
History
WWVB 40a9afa7c4 Update readme.md
2019-03-26 09:01:09 -04:00
..
boom.sh
Added SSHhhhhh (Linux) to the library
2019-03-26 08:51:04 -04:00
payload.txt
Added SSHhhhhh (Linux) to the library
2019-03-26 08:51:04 -04:00
readme.md
Update readme.md
2019-03-26 09:01:09 -04:00

readme.md

SSHhhhhh

Author: WWVB

Version: Version 1.0

Description

Target = Unlocked Linux machine (only tested on Ubuntu 18.04 LTS)

Base install of OS, plus OPENSSH-SERVER & NET-TOOLS (if NET-TOOLS is not installed, the route command will not return data [noting major])

Loot = Contents of ~/$USER/.ssh folder (pub/priv RSA keys, known_hosts, etc..)

whoami

ip addr

route -n

/etc/passwd

/etc/shadow (on the off chance you get a root terminal)

uname -a

Two opportunites for persistence are injected:

Attacker's RSA key is added to ~/$USER/.ssh/authorized_keys (aka I'll Call You)

Reverse_TCP shell script is dropped in the ~/$USER/.config folder and a CRON job added that calls it on a schedule (aka Call Me Later)

Configuration = HID STORAGE

Reference in New Issue View Git Blame Copy Permalink