LowValueTarget Posted April 7, 2017 Share Posted April 7, 2017 (edited) Updated QuickCreds for v1.1 https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/credentials/QuickCreds Edited April 10, 2017 by LowValueTarget Quote Link to comment Share on other sites More sharing options...
Bryfi Posted April 7, 2017 Share Posted April 7, 2017 (edited) Payload runs fine. Goes through the setup but for some reason the LED turns off instead of finishing. Also nothing comes up in the loot/ folder Edited April 7, 2017 by Bryfi Quote Link to comment Share on other sites More sharing options...
LowValueTarget Posted April 7, 2017 Author Share Posted April 7, 2017 I noticed that behavior sometimes Sebkinne may have a solution or at least some insight. Quote Link to comment Share on other sites More sharing options...
Bryfi Posted April 7, 2017 Share Posted April 7, 2017 27 minutes ago, LowValueTarget said: I noticed that behavior sometimes Sebkinne may have a solution or at least some insight. I also have this issue with bunnytap (payload not running correctly) Do you think it is due to the update? It was working fine before then. Quote Link to comment Share on other sites More sharing options...
qdba Posted April 8, 2017 Share Posted April 8, 2017 (edited) Can be a runtime problem. With default setting a payload does not run longer than 1min 30s since.(measured since plug in the bunny) After 1min 30 every payload stops working. Check your /var/log/syslog if there is an entry like : bunny.service start operation timed out. Terminating Failed to start bunny.service Edited April 8, 2017 by qdba Quote Link to comment Share on other sites More sharing options...
Bryfi Posted April 10, 2017 Share Posted April 10, 2017 Tried with both Win7 and Win10. Seems that this payload is also bricked. Any idea how I can log these payload while they are running so I have something to give to the devs? Quote Link to comment Share on other sites More sharing options...
LowValueTarget Posted April 10, 2017 Author Share Posted April 10, 2017 The payload works fine for me on Win8, Win10. You could potentially pipe the output of this line to a file in the loot or payload folder python Responder.py -I usb0 $RESPONDER_OPTIONS & Quote Link to comment Share on other sites More sharing options...
Bryfi Posted April 11, 2017 Share Posted April 11, 2017 (edited) On 04/10/2017 at 3:14 PM, LowValueTarget said: The payload works fine for me on Win8, Win10. You could potentially pipe the output of this line to a file in the loot or payload folder python Responder.py -I usb0 $RESPONDER_OPTIONS & How are you guys getting this to work?! Ever since this update, both Bunnytap and Quickcreds are broken for me. EDIT: Downgrading to 1.0 seemed to solve the issue. Edited April 16, 2017 by Bryfi Quote Link to comment Share on other sites More sharing options...
qdba Posted April 11, 2017 Share Posted April 11, 2017 (edited) Try this, 1. ssh to bunny. 2. Backup the file /usr/local/bunny/bin/bunny_framework to /usr/local/bunny/bin/bunny_framerwork.bak cp /usr/local/bunny/bin/bunny_framework /usr/local/bunny/bin/bunny_framework.bak 3. enter followed command cat /usr/local/bunny/bin/bunny_framework.bak | sed 's/^hop\w*$/hop \&/' > /usr/local/bunny/bin/bunny_framework Advice: taking a look at /var/log/syslog is a good idea for debugging Edited April 11, 2017 by qdba Quote Link to comment Share on other sites More sharing options...
Vagabond Posted April 13, 2017 Share Posted April 13, 2017 I ran Quick Creds version 1.0 (firmware >= 1.1) against a windows 10 machine and it seemed to run fine on the first attempt. Quote Link to comment Share on other sites More sharing options...
l3z Posted May 10, 2017 Share Posted May 10, 2017 Hi, i have some trouble with quick creds. Here my syslog i don´t know why but the usb0 is not finding. Sorry for my bad engl. May 7 22:00:39 bunny bunny_framework[300]: got dhcp ip address after 3 seconds May 7 22:00:39 bunny bunny_framework[300]: TARGET_IP = 172.16.64.10, TARGET_HOSTNAME = MSI, HOST_IP = 172.16.64.1 May 7 22:00:44 bunny kernel: [ 18.600044] usb0: no IPv6 routers present May 7 22:00:44 bunny bunny_framework[300]: __ May 7 22:00:44 bunny bunny_framework[300]: .----.-----.-----.-----.-----.-----.--| |.-----.----. May 7 22:00:44 bunny bunny_framework[300]: | _| -__|__ --| _ | _ | | _ || -__| _| May 7 22:00:44 bunny bunny_framework[300]: |__| |_____|_____| __|_____|__|__|_____||_____|__| May 7 22:00:44 bunny bunny_framework[300]: |__| May 7 22:00:44 bunny bunny_framework[300]: #033[1;33mNBT-NS, LLMNR & MDNS Responder 2.3.3.6#033[0m May 7 22:00:44 bunny bunny_framework[300]: Author: Laurent Gaffie (laurent.gaffie@gmail.com) May 7 22:00:44 bunny bunny_framework[300]: To kill this script hit CRTL-C May 7 22:00:44 bunny bunny_framework[300]: #033[1;32m[+] #033[0mPoisoners: May 7 22:00:44 bunny bunny_framework[300]: LLMNR #033[1;32m[ON]#033[0m May 7 22:00:44 bunny bunny_framework[300]: NBT-NS #033[1;32m[ON]#033[0m May 7 22:00:44 bunny bunny_framework[300]: DNSDec 31 16:00:10 bunny rsyslogd: [origin software="rsyslogd" swVersion="8.4.2" x-pid="340" x-info="http://www.rsyslog.com"] start Dec 31 16:00:10 bunny systemd[1]: Starting Trigger Flushing of Journal to Persistent Storage... Dec 31 16:00:10 bunny systemd[1]: Starting Copy rules generated while the root was ro... Dec 31 16:00:10 bunny systemd[1]: Started Copy rules generated while the root was ro. Dec 31 16:00:10 bunny systemd[1]: Started Trigger Flushing of Journal to Persistent Storage. Dec 31 16:00:10 bunny networking[172]: Configuring network interfaces...Cannot find device "usb0" Dec 31 16:00:10 bunny networking[172]: Failed to bring up usb0. Quote Link to comment Share on other sites More sharing options...
mhuggins Posted May 26, 2017 Share Posted May 26, 2017 ok i got this working like a champ but quick question..... i keep getting ntlmv2 hash and not ntlm. Is there a way to get the ntlm hash instead of v2? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.