mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00

History

* New Payload

Added new PrintNightmare Payload (Quick and dirty)

* Fixed my potty mouth

I'm a child sometimes

* Renamed Payload

* PrintNightmare: Use SWITCH_POSITION in payload path

* Fixing a typo

* Added Delays

Added some delays due to the fact that it was inconsistently reliable, occasionally it'd half type out the command. The delays have resolved the consistency issue on my end. Feel free to tweak as required.

* Amending Version Number

I'm a fool

* Updated Readme with proper credit

Co-authored-by: Marc <foxtrot@malloc.me>

2021-07-05 02:33:36 +01:00

juicybit.txt

Quick and Dirty PrintNightmare Payload (#432 )

2021-07-05 01:27:46 +01:00

payload.txt

Bugfix (#433 )

2021-07-05 02:33:36 +01:00

README.md

Bugfix (#433 )

2021-07-05 02:33:36 +01:00

README.md

Title: PrintNightmare Author: PanicACid Version: 1.1

Leverages the following Powershell script https://github.com/calebstewart/CVE-2021-1675 to invoke the PrintNightmare Vuln and create a local administator

As Powershell ASAI or whatever it's called kept picking it up and blocking it. However if we run it via PowersShell ISE it works fine. So we're going to type out the whole thing!

Huge thanks to Cribbit for the clipboard string- without it I would have been typing out the whole thing which when I tried it took FOREVER. Additionally thanks to Korben and Foxtrot for putting up with my nonsense.

Purple.............Loading

Green .............Execute

Off................Finished

Note that it's set to GB for my language, set to yours so you get the correct 's when copying the text file to clipboard.

Other than that it creates the function for Invoke-Nightmare and then uses that to create our Hak5Rules user (which is an admin) and then launches CMD as said admin.