Jump to content

qdba

Active Members
  • Posts

    87
  • Joined

  • Last visited

  • Days Won

    2

Profile Information

  • Gender
    Male
  • Location
    Stuttgart
  • Interests
    IT-Security, Linux, Programming Languages

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

qdba's Achievements

Newbie

Newbie (1/14)

  1. Please go the right forum........
  2. New Version added You can set UAC_MODE=0 in payload.txt
  3. Which Version of DumpCreds do you use? The newest ist 2.3. You can download it here https://github.com/qdba/bashbunny-payloads/tree/master/payloads/library/credentials/DumpCreds
  4. @PoSHMagiC0de Thanks for your comment. This comes from not searching enough. But now there are 2 scripts for encrypting code. This helps to hide some code from detecting by AV. I just started with powershell scripting so it was good for learning.
  5. EncDecFiles.ps1 Author: (c) 2017 by QDBA Version 1.0 Description EncDecFiles.ps1 is a powershell script to Encrypt / Decrypt a powershell (or any other) file with AES. You can use it to obfuscate your powershell script, so AV Scanner doesn't detect it. Usage: EncDecFiles.ps1 < -Encrypt | -Decrypt > # encrypt or decrypt a file < -In Filename > # Input File [ -Out Filename ] # Output File [ -Pass Password ] # Password Example 1 - encdecfiles.ps1 -In c:\test.ps1 -encrypt Encrypts File c:\test.ps1 with password "hak5bunny" encrypted file is c:\test.enc Example 2 - encdecfiles.ps1 -In c:\test.ps1 -encrypt -pass secret Encrypts File c:\test.ps1 with password "secret" encrypted file is c:\test.enc Example 3 - encdecfiles.ps1 -In c:\test.ps1 -encrypt -Out c:\encrypted-file.aes -pass Secret Encrypt a File c:\Test.ps1 with password "Secret" encrypted file is c:\encrypted-file.aes Example 4 - encdecfiles.ps1 -In c:\Test.enc -decrypt Decrypt a encrypted file c:\test1.enc to c:\test1.ps1 with default password "hak5bunny" How to run the encrypted powershell script In the Script "Run_Script_Example.ps1" you see an example how to load and execute the encrypted Script. Load the encrypted script to a variable. Than execute the function Run with the variable and a password Download https://github.com/qdba/MyBashBunny/tree/master/Other/EncDecFiles
  6. smbserver stuff removed handshake removed HTTP Server added (Download Powershell scripts, upload loot) Invoke-m1m1d0gz.ps1 AES encrypted to Invoke-m1m1d0gz.enc. Not really neccessary but if you are in storage mode, the AV doesn't remove it. All in all a little bit faster removed the debug code recoded the Get-WiFiCreds.ps1 for working on Windows 7
  7. 2.2 is heavy under development and not ready for use. - Payload not ready - main.ps1 50% ready all powershell files were aes encoded they will encoded direct to memory so av scanner does not detect them too fast. - Encode Decode Script ready Please wait a few days until all is working fine.
  8. does it work if you are no admin and there is no uac prompt?
  9. yes, that's what I said. The only way for me to get rid of the timeout problem at the moment was set the Timeoutsec variable as I described in the first post of these thread. But it is only for experienced linux users who knows what they do. For others waiting for FW 1.2
  10. hi sebkinne I changed the bunny_framework and changed the hop command at the last line to hop & Payload does not work and when I boot in arming mode the blue Led stop blinking and goes off after a few seconds. I can login in serial mode. can you confirm? I will so some more investigation and give you some logs.
  11. in version FW 1.0 there is no bunny_framework. Important that you can login to bunny, so the bunny works. You put the & at the wrong place.I got the advice with the & from sebkinne, but during writing the patch I'm not sure if it works right. Therefor I removed the post from this list. Please wait for the patch. Or wait for FW 1.2 which will come asap.
  12. had you plug off the bunny during recovery or installation fw1.1 could you login with serial in arming mode.
  13. so do a Clean Factory reset. November Stay at fw 1.0 .Test if you can reach the bunny
  14. Open the File with the vi editor. Are there ^M at the end of the line. Be sure the notepad++ Edit --> EOL Conversion is set to "Convert to Unix Format" My scripts was also created with notepad++
×
×
  • Create New...