thekid96 Posted May 19, 2017 Share Posted May 19, 2017 Hi everyone, im new here and just got my bash bunny in the mail. I updated to 1.3 and installed impacket and responder with no issues. The only trouble I am facing is running several of the credentials payloads dont work. I either get an error during running or the script finishes and the loot folder is empty or has a created folder with nothing in it. Is anyone else experiencing issues? Quote Link to comment Share on other sites More sharing options...
Vert Posted May 19, 2017 Share Posted May 19, 2017 (edited) it should be noted none of the creds payloads work on microsoft accounts only local accounts. also note there are many ways to exploit systems with microsoft accounts but none in the official payloads. Edited May 19, 2017 by Vert Quote Link to comment Share on other sites More sharing options...
kingzark Posted May 20, 2017 Share Posted May 20, 2017 On 5/19/2017 at 2:55 PM, Vert said: it should be noted none of the creds payloads work on microsoft accounts only local accounts. also note there are many ways to exploit systems with microsoft accounts but none in the official payloads. what do you mean by local accounts? Quote Link to comment Share on other sites More sharing options...
Vert Posted May 20, 2017 Share Posted May 20, 2017 (edited) 51 minutes ago, kingzark said: what do you mean by local accounts? local accounts are on the system it self only microsoft accounts are linked to an email account and are regularly used in win10 as doing so links the account to the device and allows restoring of activation on multi devices. microsoft has pushed hard to make people use microsoft accounts generally the only way someone has a local account is if they don't have internet service but there are exceptions. Edited May 20, 2017 by Vert Quote Link to comment Share on other sites More sharing options...
kingzark Posted May 20, 2017 Share Posted May 20, 2017 (edited) 46 minutes ago, Vert said: local accounts are on the system it self only microsoft accounts are linked to an email account and are regularly used in win10 as doing so links the account to the device and allows restoring of activation on multi devices. microsoft has pushed hard to make people use microsoft accounts generally the only way someone has a local account is if they don't have internet service but there are exceptions. so if extracting credentials is difficult to do on Microsoft account win 10 machines then what are other way's to exploit these machines using the bash bunny if you dont mind me asking. Particularly for acquiring credentials.. Edited May 20, 2017 by kingzark Quote Link to comment Share on other sites More sharing options...
Vert Posted May 21, 2017 Share Posted May 21, 2017 (edited) as things stand with microsoft accounts and the bunny there is not really a way to do that but it is possible using the scripting system of the bunny as it can literally do anything a person can. i made a payload that exploits the inactive admin account on most win10 systems by simply activating it and putting a password on it but this requires admin access for at least a few seconds. i quickly realized the payloads that are provided are nothing more then examples & old proof of concepts and not to expect to walk up to any system and walk off with everything. not to say that you cant make your own scripts that can do anything you want them to. honestly it would be rather irresponsible for them to provide fully functional tools capable of breaking in to the latest security not to say the platform it self is not capable of such a thing. since they do not deliver the device ready to use with all the tools required built in to the firmware and everything ready to go the only conclusion is they have do so to protect them self's my distancing the product from its full capability's requiring you the end user to complete the process making it your responsibility for how its used. if you bought the bunny thinking there would be all these great payloads to use and you would not be making any of your own you may be in for a long wait the community is not very big, yet at least. Edited May 21, 2017 by Vert Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.