Search the Community

So, when using macinfograbber it doesn't work unless I comment out the following lines: QUACK STRING cat \~/Library/Application\\ Support/Google/Chrome/Default/Cookies \> /Volumes/BashBunny/$lootdir/chromecookies.db Upon further inspection, I located my Cookies file on all of my Macs. It's here: /Library/Application\\ Support/Google/Chrome/Profile\\ 3/Cookies Is there anything I can do to change this? Meaning, are all of my computers unique in some way, or is this normal Chrome file placement, and can code be added to look for all profile folders and the cookie files therein? Thanks in advance! -Cheers!

Hello, i just got my bash bunny yday, and i tried fews payloads straight after setting up languages & tools. I only managed to run, with the 1.3 firmware, the PasswordGrabber exploit with the lazaro.exe on a windows 7 computer. All others scripts claming "browsers creds" and other, are actually not working, on the 1.3. I can read that many people managed to make it work on a 1.2 or 1.1 version. If any of you, could actually tell me if this is a known problem, or tell me if you managed to run a creds grabber on a win8 or 10, with the 1.3 firmware. Thx for your answers :)

I've completed the firmware 1.1 update and the impacket tools installation. However, when I place the creds payload into payload.txt under the payload\switch1 directory. I get a quick green flash and nothing else. The only switch position that seems to work is zero. Any advice as to what my next step should be?

Hello everyone! I was having some trouble running the QuickCreds payload with my Bash Bunny. I have tested other payloads that work (such as the nmapper and a basic ducky hello world that I wrote). I have installed the tools into the /pentest folder properly. It seems to get stuck in an infinite loop where it's blinking amber (I believe). When I unplug it, switch to arming mode, and open up the files I see a loot folder that wasn't there before. It then goes to quickcreds --> name_of_computer but there's nothing inside that folder. I've let it go for as high as about thirty minutes before giving up on it. I'm not sure what I'm doing wrong. I've tested it on a MacBook Pro, a linux laptop, and a Windows 7 64 bit Virtual Machine, all with the same problem. I saw other people post about it with the same issue as me but I didn't see a response that worked. Thanks in advance for your help!

I have setup and confirmed the funcitonality of this payload via tcpdump; but the Invoke mimikatz payload's "rx.php" fails to create .creds files. Confirmed appropriate permissions on the php script for www-data. Still nothing is created and no creds are captured. I can see them get sent to the server via packet capture; but if that's not running I don't ever see the creds files the rx.php script is supposed to create.

Multithreaded asynchronous packet parsing/injecting ARP poisoner. Individually poisons the ARP tables of the target box, the router and the DNS server if necessary. Does not poison anyone else on the network. Displays all most the interesting bits of their traffic and can inject custom html into pages they visit. Cleans up after itself. Prereqs: Linux, scapy, python nfqueue-bindings 0.4.3+, aircrack-ng, python twisted, BeEF (optional), and a wireless card capable of promiscuous mode if you choose not to use the -ip option Tested on Kali 1.0. In the following examples 192.168.0.5 will be the attacking machine and 192.168.0.10 will be the victim. All options: python LANs.py [-h] [-b BEEF] [-c CODE] [-u] [-ip IPADDRESS] [-vmac VICTIMMAC] [-d] [-v] [-dns DNSSPOOF] [-r IPADDRESS] [-set] [-p] [-na] [-n] [-i INTERFACE] [-rip ROUTERIP] [-rmac ROUTERMAC] [-pcap PCAP] https://forums.kali.org/showthread.php?19139-Python-tool-for-seeing-everything-a-LAN-user-is-doing https://github.com/DanMcInerney/LANs.py Is it possible to have the above as an infusion or to get this to interact with the Mark V? This would be a great addition.