MrSnowMonster

Thank you for replying will try to change it up a bit when my exams are over :P

Try using PowerShell.exe -ExecutionPolicy Bypass -File mimikatz.ps1 -DumpCerts > $passwordPath Not really sure what the problem is but looks like you may have one > too much :) If i were you I would try to run the line in a powershell command window and see if there is any errors showing up :D You could also try to remove the -DumpCerts :) Just happy to help, finally had a break from my exams so I use the time to code :P

https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/recon/InfoGrabber It has been a while since my script was updated so if anyone want to want to help make it more effective or make it faster it would be much appreciated :D

This is very easy to do, just make a script file which holds the mimikatz code and place this code in the run.ps1 script file in the payloads folder :) The code: "PowerShell.exe -ExecutionPolicy Bypass -File mimikatz.ps1" remember to remove the " thingy :) A little info abouth why this works. The code bypases windows script policy so it wont need to allow scipts to run and in this way makes it possible to run scripts without using an administrator account :) Your welcome! Always fun to know people find the help I give and things I create usefull! :D !!EDIT!! If I were you I would look at the run.ps1 script and see if I could understand how it works. It may help you later, because its a great way to bypass a lot of uneccesary typing. :D Remember to remove the last string in run.ps1 if you want to change it so it only runs mimikatz

Hey! I no longer have this script because I started using The twin duck firmware and made my bashbunny script work on the rubberducky. :) It still does the same, but because of the twin duck firmware you no longer have to send the information through mail, and it is A LOT faster. It executes in around 6 seconds :) It also finds more information than it did before :) Just drag the files i upload into your rubberducky running twin duck firmware. You can also see the inject.txt in there so you can convert it to the language you want :) The rubberducky also has to have the name DUCKY for this script to work, because the command it runs is searching for a usb with the name DUCKY. Hope this helps :) !!Edit!! Rememeber this only works if you use the twin duck firmware on you rubberducky. :) The information you grab from you victim will be saved inside a folder called Loot. !!Edit!! You can either download the files from my github https://github.com/MrSnowMonster/MrSnows-SnowGlobe/tree/master/Tech/Hacking and Pentesting/RubberDucky/Infograbber rubberducky version or download the rar file I uploaded here. :) info.zip

I thought about first a folder for which os and also a multi os folder for attacks that work on multiple os, then inside the os folder what type of attack (Like HID, RNDIS_ETHERNET, ECM_ETHERNET and so on). :P and maybe also combined attacks like HID and ECM_ETHERNET :D

You could always copy this inside your payload: check_switch() { switch1=`cat /sys/class/gpio_sw/PA8/data` switch2=`cat /sys/class/gpio_sw/PL4/data` switch3=`cat /sys/class/gpio_sw/PL3/data` if [ "x$switch1" = "x0" ] && [ "x$switch2" = "x1" ] && [ "x$switch3" = "x1" ]; then SWITCH_POSITION="switch1" elif [ "x$switch1" = "x1" ] && [ "x$switch2" = "x0" ] && [ "x$switch3" = "x1" ]; then SWITCH_POSITION="switch2" elif [ "x$switch1" = "x1" ] && [ "x$switch2" = "x1" ] && [ "x$switch3" = "x0" ]; then SWITCH_POSITION="switch3" else SWITCH_POSITION="invalid" fi } check_switch This is basicly what the bunny helper does. If this doesnt work, then something is wrong with your bashbunny...

Sounds cool, but the hard part is to make it work ?

Hey everyone i just had a thought... wouldnt it be better to categorize all payloads in different folders for what it is meant to attack? Like a folder for windows attacks, one for mac, one for linux, one for universal, one for bashbunny innstallers and so on.. I just feel like the library is going to be very messy if not :/

Why woud you do it though? It itself look suspicious xD And I am not sure if this is the best to just drop on the floor and hope someone picks it up and plugs it in :| I would instead use a rubber duky if this is what you are trying to do :)

At the moment I just installed all the tools manually :)

Ok so I think there have been a problem with my bashbunny because I have had trouble installing both the tools and duckytools so what I would like is to reset it like it was when I got it, but using the recoverymode does nothing... All my files are still there, including those in udisk and /root/tools/ :/ Could anyone help me out?

Hey since you managed to get it working, could you share a screenshot of your settings? Like how the connection is set up and so on? I cant get it to work...

Yup and when I ssh into it it works like normal, just that internet connection wont work :/ And I cant use rdp checker without pyOpenSSL which I need a network connection to download and install :/

Did anyone of you get a working internet connection? I am trying to apt-get update, but it just continue to connect to httpredir.debian.com... root@bunny:/pentest/impacket/examples# apt-get update 0% [Connecting to httpredir.debian.org (140.211.166.202)] I think I need to update because every time I try to run rdp_check.py I get The error under: root@bunny:/pentest/impacket/examples# rdp_check.py CRITICAL:root:pyOpenSSL is not installed, can't continue

Did anyone of you get a working internet connection? I am trying to apt-get update, but it just continue to connect to httpredir.debian.com... root@bunny:/pentest/impacket/examples# apt-get update 0% [Connecting to httpredir.debian.org (140.211.166.202)] I think I need to update because every time I try to run rdp_check.py I get The error under: root@bunny:/pentest/impacket/examples# rdp_check.py CRITICAL:root:pyOpenSSL is not installed, can't continue

Thank you <3

Hahahah well at least I am not alone ???

I found out that if you try to use the QUACK mode in the bunny it dosnt support keyboards that have any other languages than english... any fix for this yet?

My solution with help from wrewdison: Turned out it wasnt recovery, but the payload who failed :) (God i feel like a noob right now xD)

Turns out its still working but now it gets the blinking red lights every time i try to set up shared connections.. cant get wifi on it any other way

Whait what? Ive been sitting here terrified out of my ass and you are telling me its not recovery mode??? Btw it happened after i tried to set network to shared so thats may be why... Did you get shared connection to work? I mean so I will be able to update the bashbunny

Played around with my bashbunny and installed tools. While I tried to setup a shared connection the LED started blinking red (Recovery mode). I have now been stuck in this mode for 15 minutes pls help :(

!! EDIT !! !! Now updated so it should be very fast and effective !! !! This is a remake of my bashbunny script so it works on the rubberducky too https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/recon/InfoGrabber !! Hello everyone! I made this nice script that gives you a lot of information about your victims computer and stores it on the rubberducky if it runs twin duck firmware. for example their ip and public ip Change it as much as you want, but please make me as source since I spent around 15 hours on this It executes in around 6 seconds :) It also finds more information than it did before :) Just drag the files i upload into your rubberducky running twin duck firmware. You can also see the inject.txt in there so you can convert it to the language you want :) The rubberducky also has to have the name DUCKY for this script to work, because the command it runs is searching for a usb with the name DUCKY. Rememeber this only works if you use the twin duck firmware on you rubberducky. :) The information you grab from you victim will be saved inside a folder called Loot. You can either download the files from my github https://github.com/MrSnowMonster/MrSnows-SnowGlobe/tree/master/Tech/Hacking and Pentesting/RubberDucky/Infograbber rubberducky version or download the rar file I uploaded here. :) info.zip