mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
b64503fe23
* Uploaded ReverseBunny
Obfuscated reverse shell via powershell
* Uploaded WifiSnatch
Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇
* Update ReverseBunny.txt
Changed payload to evade Windows Defender
* Update payload.txt
Added new "Eject Method" - props to Night(9o3)
* Update README.md
* Deleted ReverseBunny.txt
Deleted because of higher risk to get caught by AV
* Updated ReverseBunny to version 1.2
Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design
* Updated ReverseBunny to version 1.2
Updated README for ReverseBunny update
* Updated payload
fixed some stupid left overs <3
* Uploaded pingUinBunny
a reverse shell using icmp
* Delete payloads/library/remote_access/switch1 directory
* Uploaded pingUinBunny
A reverse shell using icmp
* Update README.md
* Update README.md
* Updated to PingZhell
* Update Bunny.pl
* Update README.md
* Update README.md
* Update payload.txt
* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl
* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1
* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md
* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt
* Update payload.txt
* Update README.md
* Update README.md
* Update Bunny.pl
42 lines
1.6 KiB
Markdown
42 lines
1.6 KiB
Markdown
**Title: PingZhellBunny**
|
||
|
||
Author: 0iphor13
|
||
|
||
Version: 1.3
|
||
|
||
What is PingZhellBunny?
|
||
#
|
||
*Imagine a scenario in which communication to and from the server is protected and filtered by a firewall and does not allow TCP shell communication to take place on any listening port (both reverse and bind TCP connection).*
|
||
*But many environments allow ping requests to be sent and received. Ping requests work on the ICMP protocol.*
|
||
*ICMP stands for Internet Control Message Protocol; it is used by network devices’ query and error messages. ICMP differs from the widely used TCP and UDP protocols because ICMP is not used for transferring data between network devices.*
|
||
*When a device wants to test connectivity to another device, it uses the PING tool (ICMP communication) to send an ECHO REQUEST and waits for an ECHO RESPONSE.*
|
||
*The client ICMP agent (Bunny.pl) listens for ICMP packets from a specific host and uses the data in the packet for command execution.*
|
||
*The server ICMP Agent (Bunny.pl) sends ICMP packets to connect to the victim running a custom ICMP agent (PingZhell.ps1) and sends it commands to execute.*
|
||
#
|
||
There you go, a reverse shell.
|
||
|
||
**Instruction:**
|
||
|
||
Upload Bunny.pl onto your attacking machine.
|
||
Install dependencies, if needed:
|
||
- IO::Socket
|
||
- NetPacket::IP
|
||
- NetPacket::ICMP
|
||
|
||
Disable ICMP replies by the OS:
|
||
*sysctl -w net.ipv4.icmp_echo_ignore_all=1*
|
||
|
||
Start Bunny.pl -> perl Bunny.pl
|
||
#
|
||
!!!Insert the IP of your attacking machine into PingZhell.ps1!!!
|
||
#
|
||
Plug in Bashbunny with PingZhellBunny equipped.
|
||
Achieve reverse shell.
|
||
run away <3
|
||
|
||
|
||
Credit for code and ideas:
|
||
- bdamele
|
||
- nishang
|
||
- krabelize
|