Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by kuyaya

  1. There is no i.vbs and e.cmd anymore. You can see that on github. You'd have to download past releases This made me laugh🤣
  2. kuyaya


    Googled it, didn't find anything. I guess you have to provide more details :).
  3. Hmm, sorry. I won't tell you that. Let's see if I find some other ways and then I'll PM you about it, ok?
  4. OK, now try this: Download the bunnyupdater from here. Run it twice, so you're 100% sure everything's fully upgraded. Try a payload with the following contents: LED SETUP ATTACKMODE HID LED ATTACK DUCKY_LANG=xx # Example would be DUCKY_LANG=ch RUN WIN "notepad" Q DELAY 1000 Q STRING "the quick brown fox jumps over the lazy dog" LED FINISH and see if it outputs the sentence correctly.
  5. Then there is probably an issue with the language or something else
  6. That's my little secret😉 If I upload it here, I'm sure some idiots will upload it to virustotal and then it'll get flagged soon. There's a lot of information about obfuscating scripts out there, I'm sure you'll find your way :).
  7. Hey I guess this is a username problem (it's on metasploit, not the bunny). I'm sure there are some videos that show how to use it on domain machines.
  8. kuyaya


    Seriously??? Read the post from darren again. What does it say on the third line? Exactly. This post is made pre firmware v1.6 You said you want this to work on firmware 1.6_305. So you're following a guide for an older firmware. To install it on your firmware, just get the metasploit firmware from here. Copy it to the tools folder and then replug the bunny. Then you're done :). Then you can SSH into it, cd /tools/metasploit-framework, ./msfconsole and you're presented with the msfconsole And for god sake, please stop with the "....", it pisses me off. In case you t
  9. Jep the Bash Bunny was the first tool I've bought from hak5. I still use it today and I still love it. It's very useful and you can do all kinds of pentests with it. It's the best Hak5 tool imo.
  10. I don't have a lan turtle and don't know the modules, but I assume that the quickcreds is 'specialized' on the quickcreds payload, while you have more options with the responder module. Just guessing from the name.
  11. I don't have a ducky, but I really don't think that the ducky itself gets detected. Is it relevant? Depends on what you want to do. It still works as good as it did 8 years ago, but it definitly got harder to make it useful these days. If I were you, I would buy a BashBunny, which has a lot more functionalities.
  12. He P.M.'d me and it is fixed now :).
  13. I've already answered your question on discord. For those who aren't in discord: it was probably the wrong keyboard layout.
  14. Hey all For anyone still searching for a solution, I found one! I've been searching for a working solution just to dump the logon hashes with powershell. Haven't found a working one, but instead found a working invoke-mimikatz! The one from PowerSploit and Empire doesn't work, but the one from nishang does. Link: https://github.com/samratashok/nishang/blob/master/Gather/Invoke-Mimikatz.ps1 Time to obfuscate it... Update (09.09, 23:41 CEST): Successfully obfuscated! I tested it on the latest win10 (version 1903 build 18362.1016). AV was Windows Defender, so it also shouldn't
  15. Hey there The payloads which are uploaded to github are tested, they should work. BashBunny payloads are typically written in bash. Get started with bash, combine it with the bunny language and try writing your own little script. What payloads have you tested so far? By the way, the text would be much easier to understand if you would use punctuation marks.
  16. Ah, that's why u asked. You cannot run these payloads on an ordinary USB drive, and there are no drivers which will make it work. The BB is a Linux machine. It's not a ordinary USB drive, it's a Linux system inside a USB drive. You could maybe recreate it with a raspberry pi, but that would take a lot of time and effort.
  17. Read what I said above. Read the payload...After the payload successfully ran, press shift five times and CMD comes up. READ.MY.TEXT.ABOVE The payload does that for you. You don't have to configure anything. But I also said that above. Read. My. Texts. No, the payload only works when the computer is unlocked. But that is written in the readme.txt. Read. The. Fucking. Manual. After the payload is executed, you can "spawn" a cmd shell even when the comptuer is locked. Please inform yourself what a product does before buying it. And read the manuals. https://d
  18. tf is that text formatting😂
  19. Just click on the github link and copy it into the switch positions. That's all you have to do. Save the file as .txt, you don't need to configure anthing. When you take a look on the payload.txt, you see that it opens powershell. So yes, powershell needs to be installed on the victim computer (but that's default in win10 and win7).
  20. Hm, that shouldn't be the case. There's no such thing as a timeout. I'd maybe make a factory reset, although I don't know if that helps. It's probably a hardware issue. I'm sorry, I don't know any further.
  21. Does the bunny behave the same on other computers aswell?
  22. maybe first update your firmware
  23. Yeah, those are corrupted files. You also can't delete them (by just right click > delete) . Reformat the USB drive and you should be good. You don't have to bin it.
  24. Both sold...😓I wish I would've seen it earlier
  • Create New...