mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
5a77792c1d
* Updated all Payloads for Version 1.2+ Fixed Style Issues on extensions and payloads. Added GET TARGET_OS to get.sh Removed and Fixed all uses ducky_helper.sh (Issue #248) Removed all mention of DUCKY_LANG (Issue #248) Renamed Payloads with spaces in name Added an extension to keep Macs Happy Added a payload for Mac DNS poisoning Fixed Issue #271 changed wget to curl -o Implemented PR #268 Implemented PR #273 * Fixed e.cmd * Fix e.cmd pt2 * Fixed Issues Fixed issues pointed out by @sebkinne Fixed styling errors
36 lines
976 B
Markdown
36 lines
976 B
Markdown
# psh_DownloadExec
|
|
## Powershell Download and Execute
|
|
|
|
* Author: LowValueTarget
|
|
* Version: Version 1.3
|
|
* Target: Windows XP SP3+ (Powershell)
|
|
* Category: Powershell
|
|
* Attackmodes: HID, RNDIS_Ethernet
|
|
* Firmware: >= 1.3
|
|
|
|
## Description
|
|
|
|
Quick HID attack to retrieve and run powershell payload from BashBunny web server.
|
|
|
|
## Configuration
|
|
|
|
Ensure p.txt exists in payload directory. This is the powershell script that will be downloaded and executed.
|
|
|
|
## Requirements
|
|
|
|
### gohttp
|
|
|
|
gohttp is a standalone simple webserver that is quicker and more stable than python's SimpleHTTPServer.
|
|
|
|
__Installation__
|
|
|
|
See Hak5's Tool Thread Here: https://forums.hak5.org/index.php?/topic/40971-info-tools/
|
|
|
|
## STATUS
|
|
```
|
|
| Attack Stage | Description |
|
|
| ------------------- | ---------------------------------------- |
|
|
| Stage 1 | Running Initial Powershell Commands |
|
|
| Stage 2 | Delivering powershell payload |
|
|
```
|