hak5/bashbunny-payloads

mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00

History

Darren Kitchen 9b86d8c991 cleaned up directory structure to match payloads.hak5.org

2021-08-24 10:04:24 -05:00

..

auto_pwn.rc

cleaned up directory structure to match payloads.hak5.org

2021-08-24 10:04:24 -05:00

payload.txt

cleaned up directory structure to match payloads.hak5.org

2021-08-24 10:04:24 -05:00

readme.md

cleaned up directory structure to match payloads.hak5.org

2021-08-24 10:04:24 -05:00

readme.md

Metasploit-Autopwn

Author: Mohamed A. Baset - @SymbianSyMoh - Seekurity.com
Version: Version 0.1
Target: All OS / services

Description:

Runs Metasploit db_autopwn module against the dhcp connected client to the Bash Bunny device exploiting locked and unlocked machines that running vulnerable OSes or services.

Configuration/Prequisities:

Ruby 2.4.1 installed via 'rbenv' (the best to have ruby installed without any problems)
You must have metasploit installation up and running in path /toos/metasploit-framework/
Copy auto_pwn.rc metasploit resources file from the payload folder to /tools/ by SSHing into your bunny
One-time fix for adding user "postgres" to the network user groups (should be done by HAK5 folks in the first place)

STATUS

LED	Status
Setup	Setting up stuff
ATTACK	Running Metasploit Autopwn Module
FINISH	Attack Finished (hopefully we got some shells)

Discussion

https://forums.hak5.org/topic/41737-metasploit-framework-with-db_autopwn-module-on-bashbunny/