Sl0thy2406 Posted March 17, 2017 Share Posted March 17, 2017 Hi Guys, Just trying to get my head around the payloads and the like. I have just testing the WiPassDump on a fresh windows 7 laptop and I plug the bunny in, and up pops the Set Network Location window. Am I doing something wrong or should the bunny be a little less conspicuous Quote Link to comment Share on other sites More sharing options...
larsc3po Posted March 18, 2017 Share Posted March 18, 2017 Is your switch position in the correct place? This payload shouldn't install a network adapter, which is why I ask, and that is what it sounds like it's doing... ATTACKMODE HID STORAGE From my experience, some of these payloads don't seem to be 100% and will require you to dink around a bit to get them to work. This was one of them for me. I couldn't get it to work and had to rewrite it before I got anywhere. Quote Link to comment Share on other sites More sharing options...
Sl0thy2406 Posted March 18, 2017 Author Share Posted March 18, 2017 @larsc3poyes I was in switch position 2, so it was loading a different payload, my bad! It also took me a while to realise that the wrong keyboard was being set. Now to write some code to pull the keyboard info first and set it automatically. Thanks Quote Link to comment Share on other sites More sharing options...
Kel Posted March 22, 2017 Share Posted March 22, 2017 (edited) Same here I had to rewrite this one. Works now in Win 10 & 7 here is my version based on samdeg555 's (BTW : no need of a.cmd anymore) payload.txt Edited March 22, 2017 by Kel removed useless parts Quote Link to comment Share on other sites More sharing options...
Bob123 Posted March 31, 2017 Share Posted March 31, 2017 Sorry I got to start somewhere. I too have tried this payload from the github then just copying yours Kel. It completes but the folder is empty. What am I doing wrong? Also my keyboard is a US or EN layout...what's the two letter for that? Is it just EN or US? I'm not sure if that's causing it or if there is something messed up with my powershell. Any help would be great. Thanks. Quote Link to comment Share on other sites More sharing options...
Kel Posted March 31, 2017 Share Posted March 31, 2017 (edited) Hi Bob, yeah, for you it'll be : Q SET_LANGUAGE us (or gb if you are from Great Britain) Silly question, do you use it on a computer that has some WIFI capabilities ? Whatsoever, what is the result of this command : netsh wlan export profile key=clear in a command prompt ? Edited March 31, 2017 by Kel orthography / spelling / grammar Quote Link to comment Share on other sites More sharing options...
Bryfi Posted March 31, 2017 Share Posted March 31, 2017 3 hours ago, Bob123 said: Sorry I got to start somewhere. I too have tried this payload from the github then just copying yours Kel. It completes but the folder is empty. What am I doing wrong? Also my keyboard is a US or EN layout...what's the two letter for that? Is it just EN or US? I'm not sure if that's causing it or if there is something messed up with my powershell. Any help would be great. Thanks. Hey there. You may need to change the name in the script Q STRING 'cd (gwmi win32_volume -f "'"Label='BASH BUNNY'"'").Name' My bash bunny is named "BASH BUNNY" So, you may have to change the name to whatever the name is when you put it in arming mode. Quote Link to comment Share on other sites More sharing options...
Bob123 Posted April 1, 2017 Share Posted April 1, 2017 Hey guys and thanks for getting back with me. Looks like US is the way to go. It amazes me though how one person's script can work on their machine but not on others. I don't do a lot in powershell but it's strange how it would be slightly different for everyone. The string in the script is: 'cd (gwmi win32_volume -f "'"Label='BashBunny'"'").Name' But mine had to be: 'cd (gwmi win32_volume -Filter "Label='BashBunny'").Name’ I have no idea why -f and -Filter are different...they appear to be the same to me yet -f didn't work and the Label """"" had too many """"" which again must work on someone's powershell but not mine. Overall with the few mods the script will work...mine is loosing focus for some reason, not sure if it's due to the storage loading up too or what but I can physically see things happening...but it's still not completing. And looking at the script I see no reason why it shouldn't. Kel, yes you would want to use this on a laptop or some machine with wifi. netsh wlan export profile key=clear grabs whatever is stored on your machine for SSID's and makes an XML file of each one with it's password shown in clear text. It's not clean but it does work. Having taken this laptop pretty much everywhere I travel for work, I get on a lot of wifi networks and Windows keeps track of them. This script simply grabs them all and shoves them in a folder. Quote Link to comment Share on other sites More sharing options...
Bob123 Posted April 2, 2017 Share Posted April 2, 2017 Yay I got it to work. My line above was incorrect. I did need the "'" thingy because the duck / bunny was typing...not me. Human's don't need the starting ' and ending ' and because I didn't realize that it would fail on the Label part because of another ' which made sense after using my brain. What's puzzling though is the amount of delay's I had to put in the code. I understand these are mostly just POC's but the way these are sold to the audience...these should be quick and covert. I basically had to put a delay after every line to get it to execute properly. Granted my laptop is no slouch...it definitely makes you realize that ALL computers are different and will behave differently when things are plugged into them. Quote Link to comment Share on other sites More sharing options...
defiant Posted April 16, 2017 Share Posted April 16, 2017 On 3/31/2017 at 1:09 PM, Kel said: Hi Bob, yeah, for you it'll be : Q SET_LANGUAGE us I added the above and the payload finally worked for me! Thanks for this. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.