Jump to content

WiPassDump


Sl0thy2406

Recommended Posts

Hi Guys,

Just trying to get my head around the payloads and the like.

I have just testing the WiPassDump on a fresh windows 7 laptop and I plug the bunny in, and up pops the Set Network Location window.

Am I doing something wrong or should the bunny be a little less conspicuous

 

Link to comment
Share on other sites

Is your switch position in the correct place?  This payload shouldn't install a network adapter, which is why I ask, and that is what it sounds like it's doing...

ATTACKMODE HID STORAGE

From my experience, some of these payloads don't seem to be 100% and will require you to dink around a bit to get them to work.  This was one of them for me.  I couldn't get it to work and had to rewrite it before I got anywhere.

Link to comment
Share on other sites

  • 2 weeks later...

Sorry I got to start somewhere.  I too have tried this payload from the github then just copying yours Kel.  It completes but the folder is empty.  What am I doing wrong?

Also my keyboard is a US or EN layout...what's the two letter for that?  Is it just EN or US?  I'm not sure if that's causing it or if there is something messed up with my powershell.  Any help would be great.  Thanks.

Link to comment
Share on other sites

Hi Bob,

yeah, for you  it'll be :

Q SET_LANGUAGE us

(or gb if you are from Great Britain)

 

  • Silly question, do you use it on a computer that has some WIFI capabilities ?
  • Whatsoever, what is the result of this command : netsh wlan export profile key=clear in a command prompt ?

 

 

 

Edited by Kel
orthography / spelling / grammar
Link to comment
Share on other sites

3 hours ago, Bob123 said:

Sorry I got to start somewhere.  I too have tried this payload from the github then just copying yours Kel.  It completes but the folder is empty.  What am I doing wrong?

Also my keyboard is a US or EN layout...what's the two letter for that?  Is it just EN or US?  I'm not sure if that's causing it or if there is something messed up with my powershell.  Any help would be great.  Thanks.

Hey there. You may need to change the name in the script

Q STRING 'cd (gwmi win32_volume -f "'"Label='BASH BUNNY'"'").Name'

My bash bunny is named "BASH BUNNY" So, you may have to change the name to whatever the name is when you put it in arming mode.

Link to comment
Share on other sites

Hey guys and thanks for getting back with me.  Looks like US is the way to go.  It amazes me though how one person's script can work on their machine but not on others.  I don't do a lot in powershell but it's strange how it would be slightly different for everyone. 

The string in the script is:  'cd (gwmi win32_volume -f "'"Label='BashBunny'"'").Name'

But mine had to be: 'cd (gwmi win32_volume -Filter "Label='BashBunny'").Name’

I have no idea why -f and -Filter are different...they appear to be the same to me yet -f didn't work and the Label """"" had too many """"" which again must work on someone's powershell but not mine.  Overall with the few mods the script will work...mine is loosing focus for some reason, not sure if it's due to the storage loading up too or what but I can physically see things happening...but it's still not completing.  And looking at the script I see no reason why it shouldn't.

Kel, yes you would want to use this on a laptop or some machine with wifi.  netsh wlan export profile key=clear  grabs whatever is stored on your machine for SSID's and makes an XML file of each one with it's password shown in clear text.  It's not clean but it does work.  Having taken this laptop pretty much everywhere I travel for work, I get on a lot of wifi networks and Windows keeps track of them.  This script simply grabs them all and shoves them in a folder.

 

Link to comment
Share on other sites

Yay I got it to work.  My line above was incorrect.  I did need the "'" thingy because the duck / bunny was typing...not me.  Human's don't need the starting ' and ending ' and because I didn't realize that it would fail on the Label part because of another ' which made sense after using my brain. 

What's puzzling though is the amount of delay's I had to put in the code.  I understand these are mostly just POC's but the way these are sold to the audience...these should be quick and covert.  I basically had to put a delay after every line to get it to execute properly.  Granted my laptop is no slouch...it definitely makes you realize that ALL computers are different and will behave differently when things are plugged into them.

Link to comment
Share on other sites

  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...