hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c52ce015de9bb83d31a1486783e3ec665dca704d
bashbunny-payloads/payloads/library/remote_access/SSHhhhhh (Linux)
History
WWVB c52ce015de Update readme.md
2019-03-26 08:52:28 -04:00
..
boom.sh
Added SSHhhhhh (Linux) to the library
2019-03-26 08:51:04 -04:00
payload.txt
Added SSHhhhhh (Linux) to the library
2019-03-26 08:51:04 -04:00
readme.md
Update readme.md
2019-03-26 08:52:28 -04:00

readme.md

SSHhhhhh

Author: WWVB

Version: Version 1.0

Description

Target = Unlocked Linux machine (only tested on Ubuntu 18.04 LTS)

                Base install of OS, plus OPENSSH-SERVER & NET-TOOLS (if NET-TOOLS is not installed, the route command will not return data [noting major])

Loot = Contents of ~/$USER/.ssh folder (pub/priv RSA keys, known_hosts, etc..)

                whoami
                ip addr
                route -n
                /etc/passwd
                /etc/shadow (on the off chance you get a root terminal)
                uname -a

Two opportunites for persistence are injected:
        Attacker's RSA key is added to ~/$USER/.ssh/authorized_keys (aka I'll Call You)
        Reverse_TCP shell script is dropped in the ~/$USER/.config folder and a CRON job
            added that calls it on a schedule (aka Call Me Later)

Configuration = HID STORAGE

Reference in New Issue View Git Blame Copy Permalink