hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
bashbunny-payloads/payloads/library/execution/psh_DownloadExec
History
hink 0eef84647e Updated psh_DownloadExec to v1.2 (#210) 
* Powershell SMB Delivery

* fixed smbserver.py call

* Updated to use HID and RNDIS_ETHERNET at the same time. Upgraded to Golang webserver

* Removed binary
2017-05-03 14:17:19 -07:00
..
payload.txt
Updated psh_DownloadExec to v1.2 (#210)
2017-05-03 14:17:19 -07:00
psh.txt
Updated psh_DownloadExec to v1.2 (#210)
2017-05-03 14:17:19 -07:00
readme.md
Updated psh_DownloadExec to v1.2 (#210)
2017-05-03 14:17:19 -07:00

readme.md

psh_DownloadExec

Powershell Download and Execute

  • Author: LowValueTarget
  • Version: Version 1.2
  • Target: Windows XP SP3+ (Powershell)
  • Category: Powershell
  • Attackmodes: HID, RNDIS_Ethernet
  • Firmware: >= 1.2

Description

Quick HID attack to retrieve and run powershell payload from BashBunny web server.

Configuration

Ensure psh.txt exists in payload directory. This is the powershell script that will be downloaded and executed.

Requirements

gohttp

gohttp is a standalone simple webserver that is quicker and more stable than python's SimpleHTTPServer.

Installation

Assuming you have Golang Installed (https://golang.org/dl/)

go get -u github.com/itang/gohttp
cd $GOPATH/src/github.com/itang/gohttp
GOOS=linux GOARCH=arm go build
mkdir $HOME/gohttp
mv gohttp $HOME/gohttp/

Then copy the gohttp folder in your home directory to the BashBunny /tools/ folder.

STATUS

| Attack Stage        | Description                              |
| ------------------- | ---------------------------------------- |
| Stage 1             | Running Initial Powershell Commands      |
| Stage 3             | Delivering powershell payload            |