Jump to content

[PAYLOAD] QuickCreds


Darren Kitchen

Recommended Posts

  • Replies 106
  • Created
  • Last Reply

Not that I've seen, but that doesn't mean that it wouldn't work. Are you asking because you have tried and can't get it to work or asking in more general terms if it would be possible at all?

QuickCreds is based on Responder and you don't need Hak5 gear to use Responder. If you have a Mac (as a target to test on) but no Hak5 devices, then you could set up Responder on some other type of device and see if it works.

Link to comment
Share on other sites

1 hour ago, dark_pyrro said:

Not that I've seen, but that doesn't mean that it wouldn't work. Are you asking because you have tried and can't get it to work or asking in more general terms if it would be possible at all?

QuickCreds is based on Responder and you don't need Hak5 gear to use Responder. If you have a Mac (as a target to test on) but no Hak5 devices, then you could set up Responder on some other type of device and see if it works.

I got the BashBunny MkII the other day, so just playing around, and trying to figure my away around how it all works on my Mac.

Looks like ill have to learn how responder works first.

Any suggestions on which payloads I can start off with, knowing very little about about ethical hacking penetration testing in order to learn?

Link to comment
Share on other sites

It all depends on the scope and what types of targets that are involved. I would suggest getting familiar with the basic functionality of the Bunny/DuckyScript (reading the documentation and also browse the payload repo on GitHub) and move on from there. If the target is Windows mainly, then I'd recommend doing some studies in PowerShell. Not that it's native to the Bunny, but it's often used in payloads/engagements. Other than that, it's good to get some more in depth knowledge about Debian and bash scripting since it's what you face when using the Bunny "internally".

Link to comment
Share on other sites

27 minutes ago, dark_pyrro said:

It all depends on the scope and what types of targets that are involved. I would suggest getting familiar with the basic functionality of the Bunny/DuckyScript (reading the documentation and also browse the payload repo on GitHub) and move on from there. If the target is Windows mainly, then I'd recommend doing some studies in PowerShell. Not that it's native to the Bunny, but it's often used in payloads/engagements. Other than that, it's good to get some more in depth knowledge about Debian and bash scripting since it's what you face when using the Bunny "internally".

Thank you. I'll definitely be browsing around.

Happy hacking!

Link to comment
Share on other sites

Perhaps someone could assist me please.

I am still trying to run the QuickCreds payload targeting my Mac.

It has been uncessfull and in trying to figure out where/what the problem could be, I've reduced the payload to:

Quote

ATTACKMODE ECM_ETHERNET STORAGE HID

GET TARGET_HOSTNAME
GET TARGET_IP

RUN OSX notes
Q DELAY 300
Q STRING ${TARGET_HOSTNAME}
Q ENTER
Q STRING ${TARGET_IP}

However it just types blanks in notepad.

I am assuming that the problem is with the ECM_ETHERNET command, as it appears that im not getting an IP address, or hostname.

Iv'e also tried AUTO_ETHERNET in its place, and that doesn't work either.

Any suggestion would be appreciated 🙏🏼

Link to comment
Share on other sites

49 minutes ago, sneakypoke said:

Perhaps someone could assist me please.

I am still trying to run the QuickCreds payload targeting my Mac.

It has been uncessfull and in trying to figure out where/what the problem could be, I've reduced the payload to:

However it just types blanks in notepad.

I am assuming that the problem is with the ECM_ETHERNET command, as it appears that im not getting an IP address, or hostname.

Iv'e also tried AUTO_ETHERNET in its place, and that doesn't work either.

Any suggestion would be appreciated 🙏🏼

It seems to be related with this thread which doesn't seem to have been resolved:

 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...