Jump to content

Search the Community

Showing results for tags 'windows'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • WiFi Pineapple
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Gear
    • Hak5 Cloud C²
    • Plunder Bug
    • Bash Bunny
    • Signal Owl
    • USB Rubber Ducky
    • Packet Squirrel
    • LAN Turtle
    • Screen Crab
    • Shark Jack
  • O.MG (Mischief Gadgets)
    • O.MG DemonSeed EDU
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

Found 34 results

  1. Will a payload targeted at a Windows 7 OS still work on a Windows 10 OS, or are they completely different?
  2. Will a payload targeted at a Windows 7 OS still work on a Windows 10 OS, or are they completely different?
  3. Windows Persistent Reverse Shell for Bash Bunny Author: 0dyss3us (KeenanV) Version: 1.0 Description Opens a persistent reverse shell through NetCat on victim's Windows machine and connects it back to host attacker. Targets Windows 10 (working on support for older versions) Connection can be closed and reconnected at any time Deploys in roughly 15-20 sec Works with NetCat Requirements Have a working Bash Bunny :) STATUS LED STATUS Purple Setup Amber (Single Blink) Installing and running scripts Green Finished Installation and Execution Plug in Bash Bunny in arming mode Move files from WindowsPersistentReverseShell to either switch folder Edit the persistence.vbs file and replace ATTACKER_IP with attacker's IP and PORT with whichever port you like to use (I use 1337 ?) Save the persistence.vbs file Unplug Bash Bunny and switch it to the position the payload is loaded on Plug the Bash Bunny into your victim's Windows machine and wait until the final light turns green (about 15-20 sec) Unplug the Bash Bunny and go to attacker's machine Listen on the port you chose in the persistence.vbs file on NetCat Run the command nc -nlvp 1337 (replace the port with the port in persistence.vbs) If using Windows as the attacker machine, you must install Ncat from: http://nmap.org/dist/ncat-portable-5.59BETA1.zip and use the command ncat instead of nc from the directory that you installed ncat.exe. Wait for connection (Should take no longer than 1 minute as the powershell command runs every minute) Once a Windows cmd prompt appears...YOU'RE DONE!! ? and you can disconnect and reconnect at any time as long as the user is logged in Download Click here to download
  4. One of the problems I had with the ducky is that when typing a script on a target's pc it's really hard if there is a person in front of it. Instead of trying to create the command screen as small as possible so the targets won't see the screen, I've made it so big that they will think the monitor crashed or the cable fell out. The only thing you see now is a black screen and black text so the targets won't see any strings the ducky types. It also doesn't matter if the user clicks on somewhere on the screen with the mouse, because te whole screen is the command line. Here is the payload: REM Make Black Screen DELAY 1000 GUI r DELAY 100 STRING cmd CTRL-SHIFT ENTER DELAY 100 ALT y DELAY 100 STRING mode con: cols=30 lines=1 ALT SPACE UP ENTER DELAY 100 TAB SPACE SHIFT TAB SHIFT TAB STRING 5 SHIFT TAB RIGHT TAB UP TAB TAB TAB SHIFT TAB STRING 0 TAB STRING 0 TAB STRING 0 TAB TAB TAB TAB TAB DOWN DOWN DOWN TAB TAB TAB SHIFT TAB STRING 0 TAB STRING 0 TAB STRING 0 TAB TAB ENTER ALT ENTER REM Black Screen made! REM ***Disable keyboard & mice *** REM ***PAYLOAD**** One problem I had was to disable the targets keyboard (and mouse) so the target can't screw up the script/program the ducky is writing. It is a possibility that the target will freak out and push a lot of keys when they see a black screen. If anyone knows a sollution to this problem, please notify me.
  5. HoldEmUp Private Encryption Locker By REDD (aka Ar1k88) Fork from: https://github.com/private-locker/Private-Encrypted-Locker GitHub URL: https://github.com/private-locker/bashbunny-payloads/tree/master/payloads/library/general/HoldEmUp (Waiting on Official Hak5 Merge) This Script was previously released on here, then taken down. I had decided to release it on here again since we have also released the Source on our Community GitHub. Features: Use 256 AES Encryption to encrypt and secure files with a Uniquely Generated AES Key. Edit "settings.db" to change the file format of encrypted files. No need to 3rd Party Applications to hide documents. "How this was made? I saw how WannaCry and other Ransomware would "Hold You Hostage". So I decided to sit down, make a PoC (Proof of Concept) that quickly turned into a Security Tool that could be used to lock and unlock your own files. So I held onto the files, even released them for Hak5 as a Demo on the BashBunny, but quickly realized it had "Ransomware" qualities. I quickly removed it. But as times come to pass; Security is getting better. There's other Programmers besides myself that could benefit from this project. Prevent the next wave of "Ransomware". -REDD " DO NOT LOSE YOUR LOCKER KEY'S! NO KEY = NO DECRYPTING. YOU HAVE BEEN WARNED!
  6. In the spirit of april fools, I ported the original UnifiedRickRoll to windows, so you can easily switch between apple and windows computers and still get the same effect. https://github.com/hak5/bashbunny-payloads/pull/139
  7. I've had two BashBunny payloads fail on me (USB_File_Exfiltration and SmartFileExtract_Exfiltration) when I ran them in the morning, after working on them for a full day trying to get them to work (the night before). Debugging the scripts on Windows, I found out that the date/time stamp formatting for the filename was causing the issue. The hour is left-padded with a space in the AM. I found the following hint for creating Windows Batch Script variables that are properly formatted with the date/time. My modified code to match the format in the payload scripts is below: @echo off for /f "tokens=2 delims==" %%a in ('wmic OS Get localdatetime /value') do set "dt=%%a" set "YY=%dt:~2,2%" & set "YYYY=%dt:~0,4%" & set "MM=%dt:~4,2%" & set "DD=%dt:~6,2%" set "HH=%dt:~8,2%" & set "Min=%dt:~10,2%" & set "Sec=%dt:~12,2%" set "datestamp=%YYYY%%MM%%DD%" & set "timestamp=%HH%%Min%%Sec%" & set "fullstamp=%YYYY%%MM%%DD%_%HH%%Min%%Sec%" echo datestamp: "%datestamp%" echo timestamp: "%timestamp%" echo fullstamp: "%fullstamp%" pause Here is the output: datestamp: "20190809" timestamp: "084546" fullstamp: "20190809_084546" Press any key to continue . . . And here is the link that helped me figure it out: How do I get current datetime on the Windows command line, in a suitable format for using in a filename? I hope this helps someone avoid the struggle I've been having the last two days.
  8. Hi All, I know this one seems to have been done to death on the forum but I am not sure what else to do. I have read all the posts that I can find on trying to get an internet connection on the BB. I have set, reset the different permutations with regards to RNDIS device, IPs, Drivers etc and get the same results. No internet. Ive tried on Windows 10, 8 and 7 and its the same. Ive tried deploying the payload to the different switches. Ive tried sharing the WiFi and Ethernet connections on the laptop. Okay, so I have updated the firmware to the latest. Storage and HID are fine. The payload is the simple ATTACKMODE RNDIS_ETHERNET. internet sharing is set on the laptop, IP address of BB is 172.16.64.1. IP address of windows side is 172.16.64.10 (have also tried 64). I have also tried disabling and enabling the lan devices as per some of the advice. I can Putty in both serial (arming mode) or SSL in on either the attack switches. When running ifconfig on the BB side, i get the expected 172.16.64.1 IP so all seems ok there. Ive set some LEDs to track the payload going through its motions but i get a red LED and no internet. Its the same for every configuration of the BB on all windows machines. This must be something so silly thats staring me in the face but for all the trees in the woods, i just cannot see it. Any help will be greatly appreciated.
  9. Hi, Based on the powershell script written to extract creds from Google Chrome, I made a script to read the SQLite database where the cookies are stored and extract Facebook session cookies. It uses no library, like in the ChromeCreds payload, I use regex to search for the cookies. I haven't written any payload, and I also want to do the same with Firefox. http://pastebin.com/25Z8peMb Enjoy
  10. Discussion thread for the RevShellBack payload. I've seen quite a few Rubber Ducky projects to do with getting a reverse shell running on a PC so that the shell can be accessed remotely on a different computer. But what got me thinking is this: the Bash Bunny is a full-on Linux ARM computer, right? It has netcat and it can do HID and ethernet simultaneously. So.. why not use that instead? At first, this payload will use a bit of HID trickery to hide itself from an observer as best as it can. As soon as it has done executing the final PowerShell command, HID is no longer used. User-defined commands will be sent to the computer in the background. By default, 4 commands are executed as a demo: Write file (with content) to the desktop Eject CD/DVD tray (if it exists) -- thank PowerShell for making that possible Open calculator application Message box -- powered by PowerShell For information about the payload, the payload script itself and how to configure it, it can be found at this GitHub repository: https://github.com/uintdev/RevShellBack
  11. Testing the BashBunny for use on a physical pentest/red team engagement but noticing a huge problem with using this device for a real world assessment. Mainly, on a Windows 7 x64 desktop, the initial driver install process took over 2 minutes to install. After initial drivers are installed, my payload initializes and finishes within 10 seconds which is great if only I didn't have to install the drivers first... What makes this issue even worse is that the BashBunny doesn't wait until the drivers have been installed before executing the payload which means you need to unplug/re-plug the device in after waiting 2 minutes to execute the payload. Ideally, it would be nice to build some code into the BashBunny to automatically detect when the drivers are installed and then run the payload. Has anyone had any issues with this and is there any way to improve the speed here? 2 minutes is wayyy to long to wait around at an unlocked workstation. I would be better off typing out the payload by hand if it meant only taking 20-30 seconds max.
  12. deck_bsd

    QuickCreds

    Hi everybody, I just flashed my bash bunny to the new 1.3 version of the firmware. I would like to test the QuickCreds payload on my windows 10 Enterprise. It seems to be stuck in yellow mode (LED ATTACK) forever. Responder is correctly installed into the tools folder. In loot/QuickCreds i have a good folder name but nothing into it. I m doing something wrong ? i have noticed some few thins like, in the payload , it is using the -P option but responder.py doesn 't have it, i erased it, but nothing change. Any ideas ? The thing is, before i just change the LED color , when i tried QuickCreds, after the setup light it was directly the blinking green ligh (i didn't get the yellow one, that's why i would like to test it). After i modified those LED instruction (juste the LED i promes) , the payload always stay in yellow mode. Thanks in advance for your support :-)
  13. When I connect the Bash Bunny with ATTACKMODE RNDIS_ETHERNET it sets itself as a default network interface, which is desired in most cases. However, I would like it to show up as a secondary interface as part of my payload requires actual internet. Since the Bash Bunny doesn't have internet itself, it can't provide internet to the windows box. It would be nice if I could configure the Bash Bunny to show up as a non-default interface. It is possible to change the metric in powershell, so if my payload uses powershell, I can do this to change it: Get-NetAdapter | Where-Object -FilterScript {$_.LinkSpeed -Eq "2 Gbps"} | Set-NetIPInterface -InterfaceMetric 100
  14. I am trying to setup wifi pineapple nano but when I get to the part with load bulletin it crashes my PC and gives me the error in this picture. Also when I try to do "firmware upgrade" to also check if it's working I get this error: "Error connecting to WiFiPineapple.com. Please check your connection." Any Help?
  15. https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/recon/InfoGrabber It has been a while since my script was updated so if anyone want to want to help make it more effective or make it faster it would be much appreciated :D
  16. Hello, i just got my bash bunny yday, and i tried fews payloads straight after setting up languages & tools. I only managed to run, with the 1.3 firmware, the PasswordGrabber exploit with the lazaro.exe on a windows 7 computer. All others scripts claming "browsers creds" and other, are actually not working, on the 1.3. I can read that many people managed to make it work on a 1.2 or 1.1 version. If any of you, could actually tell me if this is a known problem, or tell me if you managed to run a creds grabber on a win8 or 10, with the 1.3 firmware. Thx for your answers :)
  17. Hi there, I just finished the first version of my BB keylogger. It basicly launches a powershell which keylogs to the loot folder of the BB. Features: Fast launching (thanks to USB Exfil for the one line launcher) Leaves no traces when cleanup is enabled. (Insert feature?) Link: https://github.com/Vinc0682/bashbunny-payloads/tree/master/payloads/library/phishing/WinKeylogger VincBreaker PS: I will create a push request upon positive feedback and improve the payload in the other case.
  18. how does the bash bunny gain execution access in mass storage attack mode (in windows)? will it always work when windows autorun is disabled? i would love to get a detailed explanation of how it works
  19. Localized SMB Powershell delivery. For when USB and Web methods are disabled or too noisy. https://github.com/hak5/bashbunny-payloads/pull/172
  20. Violation of CoC
  21. Hi, When I am trying to install the tools_installer payload the bash the green led is plain solid and windows 10 can seem to be able to install the driver for ATTACKMODE SERIAL I guess ? Did anyone manage to solve this ? I can connect to it via SSH (Serial) when in arming mode so I am not sure what is going on. I did try the automatic driver search function and google around a bit for a generic driver but I am still a bit stuck. Can anyone help ? / Albert
  22. Violation of CoC
  23. Hi, I just received my Bash Bunny a few days ago and I've been tinkering around with it. It seems, to me, to be quite buggy: - Windows does not recognise the RNDIS interface at all. Not on Windows 7, not on Windows 10. - On MacOS, the ethernet interface *sometimes* works, sometimes it doesn't. When it does work, *sometimes* it is possible to connect to the Bunny using, quite often, SSH doesn't start up even though FTP and other services are running. This even after a few minutes waiting. - The serial interface often conflicts with having network & storage together, resulting in nothing happening or giving only access to storage. (I did this by adding "SERIAL" to the standard payloads already on the Bunny) - Using the manuals found online for network sharing (MacOS Internet sharing through 172.16.64.64), I cannot access the internet from the Bunny, so I cannot update it. On Windows, that's entirely out of the question as Windows does not even recognise the RNDIS network device. Windows gives the following message on the RNDIS driver: The drivers for this device are not installed. (Code 28) There are no compatible drivers for this device. To find a driver for this device, click Update Driver.
×
×
  • Create New...