Mohamed A. Baset Posted March 11, 2017 Share Posted March 11, 2017 (edited) HI Guys, This topic is not about a problem in bash bunny or something more than discussing future ideas to make the bash bunny more malicious. 1. What about installing Metasploit framework on the bunny and automatically launch it with aux/browser_autopwn with a proper payload and combining this scenario with captive_portal bunny payload, plug the bunny to a locked machine, the machine automatically launch the captive_portal which in fact is the browser_autopwn aux module link and take over the machine and the best part is "MACHINE IS LOCKED"! 2. If time is not relevant because this requires time, then we can NMAP the $Target_IP, Get all the opened ports, Pass it to metasploit for auto pwning per service/opened port. Just an ideas, Let me hear yours and Happy Bash Bunning.... Edited March 14, 2017 by Mohamed A. Baset refreshing the thread Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.