mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00

History

Aidan Holland 5a77792c1d Update and fix payloads (#277 )

* Updated all Payloads for Version 1.2+

Fixed Style Issues on extensions and payloads.
Added GET TARGET_OS to get.sh
Removed and Fixed all uses ducky_helper.sh (Issue #248)
Removed all mention of DUCKY_LANG (Issue #248)
Renamed Payloads with spaces in name
Added an extension to keep Macs Happy
Added a payload for Mac DNS poisoning
Fixed Issue #271 changed wget to curl -o
Implemented PR #268
Implemented PR #273

* Fixed e.cmd

* Fix e.cmd pt2

* Fixed Issues

Fixed issues pointed out by @sebkinne
Fixed styling errors

2017-10-25 11:10:17 +11:00

payload.txt

Update and fix payloads (#277 )

2017-10-25 11:10:17 +11:00

readme.md

Cleanup: Sort payloads by category

2017-04-10 13:29:17 +10:00

Sherlock.ps1

Cleanup: Sort payloads by category

2017-04-10 13:29:17 +10:00

readme.md

PrivEscChecker

Author: illwill
Version: Version 0.1
Target: Windows

Description

Checks Windows boxes for unpatched vulns that allow privilege escalation then stores the result in /root/udisk/loot/PrivEscChecker/%ComputerName%-%username%

Credits to rasta-mouse for their powershell script: https://github.com/rasta-mouse/Sherlock Sherlock.ps1

Tested on:

Windows 7 SP1 32-bit
Windows 7 SP1 64-bit
Windows 8 64-bit
Windows 10 64-bit

Configuration

Option to change payload.txt to webDL the powershell script by commenting line 47 & uncommenting line 50

STATUS

LED	Status
Blue (blinking)	Running Powershell script
Purple (blinking)	Checking Results
Green (blinking)	Found Possible Privilege Escalation
Red (solid	No Possible Privilege Escalation

TO-DO

Add more priv checks Eventually add https://github.com/PowerShellMafia/PowerSploit/tree/master/Privesc to check for unquoted paths,dll hijacking, editable services, and other misconfigurations...

Discussion

https://forums.hak5.org/index.php?/topic/40642-payload-privescchecker/