mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
46 lines
1.5 KiB
Markdown
46 lines
1.5 KiB
Markdown
# Title: FireSnatcher
|
||
# Description: Copies Wifi Keys, and Firefox Password Databases
|
||
# Author: KarrotKak3
|
||
# Props: saintcrossbow & 0iphor13
|
||
# Version: 1.0.2.0 (Work in Progress)
|
||
# Category: Credentials
|
||
# Target: Windows (Logged in)
|
||
# Attackmodes: HID, Storage
|
||
|
||
# Full Description
|
||
# ----------------
|
||
# Attacks an Unlocked Windows Machine
|
||
# Payload targets:
|
||
# - All WiFi creds
|
||
# - Firefox Saved Password Database
|
||
#
|
||
# PAYLOAD RUNS START TO FINISH IN ABOUT 20 SEC
|
||
# Delays to Allow Powershell Time to Open and to Give Attack time to Run
|
||
|
||
# HOW TO USE PASSWORD DB: COPY KEY4.DB AND LOGINS.JSON TO YOUR COMPUTER AT
|
||
# %APPDATA%\MOZILLA\FIREFOX\PROFILES\*.DEFAULT-RELEASE
|
||
# Open Firefox and find loot in Settings-> Privacy & Security -> Saved Logins
|
||
|
||
|
||
# KNOWN ISSUES
|
||
# ---------------
|
||
# Loot is saved in Payloads/switch#/loot
|
||
|
||
|
||
# Files
|
||
# -----
|
||
# - payload.txt: Starts the attack. All configuration contained in this file.
|
||
# - FireSnatcher.bat: Worker that grabs Creds
|
||
|
||
|
||
# Setup
|
||
# -----
|
||
# - Place the payload.txt and FireSnatcher.bat in Payload folder
|
||
# - If you are using a SD card, copy FireSnatcher.bat under /payloads/switchn/ (where n is the switch you are running)
|
||
# - Good idea to have the Bunny ready to copy to either the device or SD for maximum versatility
|
||
|
||
**LED meanings**
|
||
- Magenta: Initial setup – about 1 – 3 seconds
|
||
- Single yellow blink: Attack in progress
|
||
- Green rapid flash, then solid, then off: Attack complete
|