sneakypoke Posted November 11, 2022 Share Posted November 11, 2022 Has anyone managed to get QuickCreds to work on a Mac? Link to comment Share on other sites More sharing options...
dark_pyrro Posted November 11, 2022 Share Posted November 11, 2022 Not that I've seen, but that doesn't mean that it wouldn't work. Are you asking because you have tried and can't get it to work or asking in more general terms if it would be possible at all? QuickCreds is based on Responder and you don't need Hak5 gear to use Responder. If you have a Mac (as a target to test on) but no Hak5 devices, then you could set up Responder on some other type of device and see if it works. Link to comment Share on other sites More sharing options...
sneakypoke Posted November 11, 2022 Share Posted November 11, 2022 1 hour ago, dark_pyrro said: Not that I've seen, but that doesn't mean that it wouldn't work. Are you asking because you have tried and can't get it to work or asking in more general terms if it would be possible at all? QuickCreds is based on Responder and you don't need Hak5 gear to use Responder. If you have a Mac (as a target to test on) but no Hak5 devices, then you could set up Responder on some other type of device and see if it works. I got the BashBunny MkII the other day, so just playing around, and trying to figure my away around how it all works on my Mac. Looks like ill have to learn how responder works first. Any suggestions on which payloads I can start off with, knowing very little about about ethical hacking penetration testing in order to learn? Link to comment Share on other sites More sharing options...
dark_pyrro Posted November 11, 2022 Share Posted November 11, 2022 It all depends on the scope and what types of targets that are involved. I would suggest getting familiar with the basic functionality of the Bunny/DuckyScript (reading the documentation and also browse the payload repo on GitHub) and move on from there. If the target is Windows mainly, then I'd recommend doing some studies in PowerShell. Not that it's native to the Bunny, but it's often used in payloads/engagements. Other than that, it's good to get some more in depth knowledge about Debian and bash scripting since it's what you face when using the Bunny "internally". Link to comment Share on other sites More sharing options...
sneakypoke Posted November 11, 2022 Share Posted November 11, 2022 27 minutes ago, dark_pyrro said: It all depends on the scope and what types of targets that are involved. I would suggest getting familiar with the basic functionality of the Bunny/DuckyScript (reading the documentation and also browse the payload repo on GitHub) and move on from there. If the target is Windows mainly, then I'd recommend doing some studies in PowerShell. Not that it's native to the Bunny, but it's often used in payloads/engagements. Other than that, it's good to get some more in depth knowledge about Debian and bash scripting since it's what you face when using the Bunny "internally". Thank you. I'll definitely be browsing around. Happy hacking! Link to comment Share on other sites More sharing options...
sneakypoke Posted November 17, 2022 Share Posted November 17, 2022 Perhaps someone could assist me please. I am still trying to run the QuickCreds payload targeting my Mac. It has been uncessfull and in trying to figure out where/what the problem could be, I've reduced the payload to: Quote ATTACKMODE ECM_ETHERNET STORAGE HID GET TARGET_HOSTNAME GET TARGET_IP RUN OSX notes Q DELAY 300 Q STRING ${TARGET_HOSTNAME} Q ENTER Q STRING ${TARGET_IP} However it just types blanks in notepad. I am assuming that the problem is with the ECM_ETHERNET command, as it appears that im not getting an IP address, or hostname. Iv'e also tried AUTO_ETHERNET in its place, and that doesn't work either. Any suggestion would be appreciated 🙏🏼 Link to comment Share on other sites More sharing options...
sneakypoke Posted November 17, 2022 Share Posted November 17, 2022 49 minutes ago, sneakypoke said: Perhaps someone could assist me please. I am still trying to run the QuickCreds payload targeting my Mac. It has been uncessfull and in trying to figure out where/what the problem could be, I've reduced the payload to: However it just types blanks in notepad. I am assuming that the problem is with the ECM_ETHERNET command, as it appears that im not getting an IP address, or hostname. Iv'e also tried AUTO_ETHERNET in its place, and that doesn't work either. Any suggestion would be appreciated 🙏🏼 It seems to be related with this thread which doesn't seem to have been resolved: Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.