Search the Community

Hello Guys! I've just received my Bash Bunny and need some Help. I've updated it already and want to use the Document Exfiltration. Can someone explain it step by step, what I've to do? I want to exfiltrate PDFs and .docx from a computer and/or from a USB stick plugged in a computer. Is this possible? Please HELP

After seeing the new [ PAYLOAD ] video, I thought to myself: "hmm... Wouldn't a tool that automatically reconstructs all data be handy?", so I created one. Please note it's not 100% stable and could use more work. I just want to know the community's opinion. I am new here, but I have contributed to hak5's bash bunny payloads in the past. Pull requests are more than welcomed! I have already submitted it to https://hak5.org/payload, so I'm hoping it will get featured. Github link: https://github.com/Prodicode/qr-data-reconstruct Demo video:

I posted this in a seperate HAK5 forum room. How do you think is the best way to deploy this code? I tested it on a Windows 10 machine. It writes all SSID and Credentials to a temp file, then emails it to the attacker.

Hey guys.. Can someone help me out with this cmdlet error ? I've flashed my duck with no probs.. No spelling error from the scripts. When i keyed this manually with win+r key... STRING powershell ".((gwmi win32_volume -f 'label=''_''').Name+'d.cmd')" It created a folder inside of slurp but with no files exfiltrated.. And whenever i tried to run the inject with twin duck(1).. I got this error popped out instead. Did i missed something here ? Thank you.

Kindly post a tutorial for Concealed exfiltration attacks with bash bunny for Android devices??

Hello, After doing some reading on the SMB Exfiltration, would it be possible to create the same kind of payload but for an Android phone? Say for someone to connect the BB to an Android phone and copy over a certain file.

Hello, first of all sorry if this is the wrong place to post this... I'm a super newbie but I have an exfiltration attack I need to carry out and was hiping you could help out. I don't particularly feel comfortable in betting on a period of time alone with the target computer so I'd rather socially engineer it. I plan to do this by offering to transfer peace offering files off of my USB (likely to be either a rubber ducky or a bash bunny) whilst the payload does its thing. The main problem I'm having is in the size of the files I plan to exfiltrate they are upwards of 10mb and there may be hundreds. In order to cover the time it would take to exfiltrate these files, my "peace offering" also needs to be sizeable. My question is do you think this is possible and also what tool do you think can best carry out this task? Any help welcome!! P.S. My research has lead me to believe that exfiltration isn't possible through wifi pineapple, if this is incorrect please let me me know :)

So just a simple question, I have the means to do the below but just need a proof of concept. I want to run an OwnCloud server on a raspberry pie so I can access all of my files on the cloud for anywhere (as you do), but was also wondering if you're able to send file to OwnCloud from powershell. I know you can send files and email with powershell but can an OwnCloud server receive them? If anyone has any idea of the actual command involved to send a file to an OwnCloud server from powershell could you please post that as well? Thanks for all the help.

Hello, In the recent episodes Darren showed how to use the USB rubber duck to exfiltrate specified files from a victims computer when they are logged in. I am wondering if there is any way of doing this when no one is logged in? and the computer is at the login screen. thanks!

This is a cross post of sorts: https://forums.hak5.org/index.php?/topic/31831-super-devious-exfiltration/?hl=logger I'm making the contention that if a keylogger had enough memory, that it could log a binary file (base64 or hex encoded first) and exfiltrate it without the network or needing a Flashdrive/Firewire (other)connection.Be it document, db etc... It is a bit of inception, the binary to base64 script would need to be written to the computer first, then pipe the target binary (document/db...) through that script. That script could pause, or wait for the keylogger to say "go", and then using native functions perhpas (like Sendkeys) or some other KB emulation, and the keylogger would then, eventually have the converted binary. It could be a binary that gets written by the RD to the computer, we'll call it kb.exe, and it executes and lt pipes the target file/binary into base64 and then the kb.exe would "type" the converted file for the keylogger to pick up. The RubberDucky function of getting files/scripts onto a computer is done, how about the reverse? Getting (target)files converted into keystrokes and recording those back into the RD or I suppose a second hardware keylogger if RD can't be modified to listen on the bus. It's not a typical use case, and the network or USB drive are quick and easy for networks that aren't very locked down, but on others, this would be the way to do it. If it's been done I aplogize, I can't seem to find anyone suggesting it the way i am. I also understand that it might not be very quick way to get files out of a network, but I don't know, it could be... Memory of course being one of the most significant issues. Compression in the script (upx? 7z?) against the binary first might help. Just throwing it out there. -rich