hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
bashbunny-payloads/payloads/library/execution/psh_DownloadExecSMB
History
hink ca5d404dbe Added psh_DownloadExecSMB payload (#172) 
* Powershell SMB Delivery

* fixed smbserver.py call
2017-04-17 10:19:49 +10:00
..
payload.txt
Added psh_DownloadExecSMB payload (#172)
2017-04-17 10:19:49 +10:00
psh.txt
Added psh_DownloadExecSMB payload (#172)
2017-04-17 10:19:49 +10:00
readme.md
Added psh_DownloadExecSMB payload (#172)
2017-04-17 10:19:49 +10:00

readme.md

psh_DownloadExecSMB

Powershell Download and Execute SMB

  • Author: LowValueTarget
  • Version: Version 1.0
  • Target: Windows XP SP3+ (Powershell)
  • Category: Powershell
  • Attackmodes: HID, RNDIS_Ethernet
  • Firmware: >= 1.1

Description

Quick HID attack to retrieve and run powershell payload from BashBunny SMBServer. Credentials are stored as loot.

Configuration

  • Ensure psh.txt exists in payload directory. This is the powershell script that will be downloaded and executed.
  • Requires Impacket is installed (python ./impacket/setup.py install)

STATUS

Attack Stage Description
Stage 1 HID
Stage 2 RNDIS_ETHERNET
Stage 3 Delivering powershell payload