Jump to content

Mohamed A. Baset

Active Members
 View Profile  See their activity

  • Posts

    38

  • Joined

  • Last visited

  • Days Won

    2

1 Follower

Recent Profile Visitors

1,387 profile views

Mohamed A. Baset's Achievements

Newbie

Newbie (1/14)

  1. peterbuilt started following Mohamed A. Baset
  2. Mohamed A. Baset
    Mohamed A. Baset changed their profile photo
  3. Mohamed A. Baset
    https://github.com/elkentaro/bashbunny-payloads/blob/master/library/extensions/runpower.sh
  4. Mohamed A. Baset
    @qdba Look at this screenshot and you will understand the reason of my ignored reply! I hope you can find a solution for this. I did a manually debug and the error seems to be in the networking stuff, i don't know!
  5. Mohamed A. Baset
    @qdba Why relying on an SMB server when you can rely on a simple python HTTP one with a little POST script? HTTP servers make sense more than SMB shits, I'm always facing nightmares with SMB :D
  6. Mohamed A. Baset
    The question is straightforward from the title, How to simulate MAC brightness and volume keys with rubber ducky? I tried DELAY 2000 F1 Nothing happened and DELAY 2000 ALT SHIFT F1 Nothing happened too!
  7. Mohamed A. Baset
    The idea is to do this on a locked machine not unlocked, I got the bunny days ago and tried the captive portal payload and i can confirm that the browser firing automatically scenario won't happen on any OS so this stopped my idea on exploiting a browser on a locked machine :) Thanks for your catch up @Opticon
  8. Mohamed A. Baset
    UPDATE: Future Bash Bunny 2.0 and Remote bluetooth controller, Plug it into a locked victim machine, once come back, in a glimpse send a command to act as a duck to implant reverse shell or add admin user, send another command to act as unknown device. Boom done. Many ideas here for sure! Wish you guys be more creative than me :D
  9. Mohamed A. Baset
    Why you're talking about this as it's easy-peasy thing to do? :D There's a must-of a lot of requirements to be done before you will be able to remotely accessing a Windows Registry!
  10. Mohamed A. Baset
    Of course i know that captive portals won't show or popup on top of the lock screen :D but since it pops up in the background and the executed page is controlled by the Bash Bunny attacker then the first scenario mentioned in the original post is possible on one condition (if the bash bunny will be able to run Metasploit) then our captive portal url will be the final url of aux/browser_autopwn metasploit module which will exploit the machine's browser (default if found old) silently. What do you think?
  11. Mohamed A. Baset
    Cool script @illwill but It's prefered to use sync before LEDding
  12. Mohamed A. Baset
    Okay, as per @Sebkinne's clarification that the captive portals won't be able to open the web browser automatically while the machine is locked, What about combining both Samy Kamkar's PoisonTab and metasploit aux/browser_autopwn script (if the Bash Bunny will be able to hold metasploit run and steady) or running pre-plugging it in (the idea of the battery + bash bunny) to exploit the opened browser in the background which of course doing some ajaxed requests or any background activity (the idea of PoisonTab)?!! :D
  13. Mohamed A. Baset
    @Sebkinne Off topic, Can you please confirm if captive portals can automatically opens the browser if devices are locked or not?
  14. Mohamed A. Baset
    Interesting! If captive portals fires automatically in the background on a locked machine then there will be unlimited forms of exploitation, I just want to be sure
  15. Mohamed A. Baset
    Could be! FIrst i want to be sure if the Captive portals fires automatically even if devices are locked or not? This is for scenario #1, For the second scenario it doesn't matter!
  16. Mohamed A. Baset
    HI Guys, This topic is not about a problem in bash bunny or something more than discussing future ideas to make the bash bunny more malicious. 1. What about installing Metasploit framework on the bunny and automatically launch it with aux/browser_autopwn with a proper payload and combining this scenario with captive_portal bunny payload, plug the bunny to a locked machine, the machine automatically launch the captive_portal which in fact is the browser_autopwn aux module link and take over the machine and the best part is "MACHINE IS LOCKED"! 2. If time is not relevant because this requires time, then we can NMAP the $Target_IP, Get all the opened ports, Pass it to metasploit for auto pwning per service/opened port. Just an ideas, Let me hear yours and Happy Bash Bunning....
  17. Mohamed A. Baset
    The link for downloading the script that @Enzym3 wrote!
×
×
  • Create New...