hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
bashbunny-payloads/payloads/library/credentials/HashDumpBunny
History
0iphor13 5eaf7d9dc7
Uploaded HashDumpBunny + some fixes (#491) 
* Uploaded ReverseBunny

Obfuscated reverse shell via powershell

* Uploaded WifiSnatch

Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇

* Update ReverseBunny.txt

Changed payload to evade Windows Defender

* Update payload.txt

Added new "Eject Method" - props to Night(9o3)

* Update README.md

* Deleted ReverseBunny.txt

Deleted because of higher risk to get caught by AV

* Updated ReverseBunny to version 1.2

Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design

* Updated ReverseBunny to version 1.2

Updated README for ReverseBunny update

* Updated payload

fixed some stupid left overs <3

* Uploaded pingUinBunny

a reverse shell using icmp

* Delete payloads/library/remote_access/switch1 directory

* Uploaded pingUinBunny

A reverse shell using icmp

* Update README.md

* Update README.md

* Updated to PingZhell

* Update Bunny.pl

* Update README.md

* Update README.md

* Update payload.txt

* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl

* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1

* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md

* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt

* Update payload.txt

* Update README.md

* Update README.md

* Update Bunny.pl

* Created ProcDumpBunny

Dump lsass.exe with a renamed version of procdump and get the users hashes with Mimikatz

* Update README.md

* Update payload.txt

* Updated ReverseBunny

Fixed wrong DELAY commands

* Updated PingZhellBunny

Fixed wrong DELAY commands

* Updated WifiSnatch

Fixed multiple mistakes

* Uploaded HashDumpBunny

Use your BashBunny to dump the user hashes of your target - similar to the msf post-module.
The script was obfuscated with multiple layers, so don't be confused.
If you don't trust this script, run it within a save testing space - which should be best practice anyways ;)

* added example picture

* Update README.md
2022-02-02 09:09:37 -06:00
..
BunnyDump.bat
Uploaded HashDumpBunny + some fixes (#491)
2022-02-02 09:09:37 -06:00
censoredhash.png
Uploaded HashDumpBunny + some fixes (#491)
2022-02-02 09:09:37 -06:00
payload.txt
Uploaded HashDumpBunny + some fixes (#491)
2022-02-02 09:09:37 -06:00
README.md
Uploaded HashDumpBunny + some fixes (#491)
2022-02-02 09:09:37 -06:00

README.md

Title: HashDumpBunny

Author: 0iphor13

Version: 1.0

Instruction:

This payload will run an obfuscated script to dump user hashes. If you don't trust this obfuscated .bat file, you should run it within a save space first - which should be best practice anyways ;-)

Instruction:

Place BunnyDump.bat in the same payload switch-folder as your payload.txt

Plug in BashBunny. Exfiltrate the out.txt file and try to crack the hashes. alt text