Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by trumoo

  1. Long time hak5 customer, but just got my first Pineapple and it is the Mark VII! Hooray! Wondering if there are any plans to make a portal of a router firmware upgrade page that asks for wi-fi creds, similar to what wifiphisher does. There was talk of someone porting one over here - it looks like this was abandoned or the final project was never uploaded.
  2. Cool, but why not just use autohotkey or similar macro program? What's the rate limit before facebook flags you?
  3. Working on win10 1703 for me with latest bb fw..unsure why Defender didn't flag the exe. Darren says the client AV may purge the exe in the latest hak5 youtube video. Anyone make a workaround yet to prevent AV deletion of the binary by means of relocating to a write protected area? Also, can someone add something to purge the Windows event viewer? Apparently that is where Defender logs are stored on Win10.
  4. The date in my loot folder is incorrect (example; date modified on the folders and files created within the loot folder from this payload) - is this a setting in the linux side of BB that cannot be changed because there's no RTC in the bb or is this a setting I can change with SSH, or is something else wrong?
  5. Thanks. Issue was I didn't change lang from de to us in the payload.txt. Payload is working now. At the end of the script, it closes the first cmd prompt but leaves open the red elevated cmd prompt. I'm running Windows 10 1607 as an admin. I added # Kill powershell.exe kill -processname powershell -ErrorAction SilentlyContinue to the bottom of my .ps1 to properly terminate the powershell window. I love this script, thank you for all your hard work!
  6. Seems to be installing now with above command, thanks.
  7. url is bad, was this pulled? edit: https://github.com/qdba/bashbunny-payloads/tree/master/payloads/library/credentials/DumpCreds my payload just blinks yellow 4 times endlessly until it times out. nothing is ever run. i can't figure out how to get the debug information.
  8. Same. How do we install impacket manually?
  9. unsure if this is working for me. the script opens a powershell window, which stays open and reads; and then the bunny blinks purple endlessly. is this a bug when there is no saved passwords in chrome or a syntax error in the script?
  10. Thanks! URL to script is wrong in first post, you typo'd it with wificreds instead of chromecreds. Question, can you please make a version that stores the powershell script locally for extraction on devices that are offline at the time of capture? Cheers!
  11. I altered this script to copy a folder from appdata. It copied OK and worked fine, light turned green, safely removed, etc. Problem now is when I go to delete the folder, nothing happens in Windows explorer. The stuff in question is the Chrome folder from %appdata% - I can delete individual files within subdirectories on my Bash Bunny, but when I try to delete or access certain folders in my loot, I get no activity or a message saying Location is not available - The file or directory is corrupted and unreadable. What gives? What can I run via cmd line to delete these ghost folders now? PS: Every time my script finishes, I hear a Ghostbuster saying "light is green; trap is clean"
  • Create New...