Jump to content

[Question]Copy file to locked PC


Recommended Posts

Short Answer: No (not that i am aware of)

Long Answer: The BashBunny is not some magic hacking device. Think of it this way. If you have a linux computer, a USB flash drive, a USB keyboard,  a USB ethernet adapter, and a USB serial device, would you be able to accomplish what you are trying to accomplish? That's basically what the bashbunny is, with automation capabilities.

Theoretical: You might be able to use responder to get a password hash from the target, then crack it or pass it to the victim assuming they aren't using SMBV2 and have SMB file sharing enabled. Even then, you'd be limited to file location if the user is not an Administrator.

Link to post
Share on other sites

You want to copy a file (or files) from BB to locked PC right? Are you really asking that question haha Yes of course the BB can do that. It can be done with BBTPS (see documentation here https://github.com/PoSHMagiC0de/BBTPS ) The BB really can be used as a magic hacking device if you know what you're doing. 

Edited by ccollins
Link to post
Share on other sites
On 9/2/2017 at 9:11 AM, ccollins said:

You want to copy a file (or files) from BB to locked PC right? Are you really asking that question haha Yes of course the BB can do that. It can be done with BBTPS (see documentation here https://github.com/PoSHMagiC0de/BBTPS ) The BB really can be used as a magic hacking device if you know what you're doing. 

Can it though? BBTPS requires Powershell, which requires an unlocked computer to access. I'm a bit skeptical of it working on a locked PC.

Link to post
Share on other sites

Not even possible with the BBTPS.  It will take a procedure to do it if you can do it.  The machine has to be accessible remotely through network meaning no firewall rules and possible to access admin shares and/or wmi through network.  Then you would need the admin credentials of that machine.  With those two it is possible to come up with a way.

Man, so many people ask about interacting with a locked machine without creds.  Here you go.  You cannot.  If QuickCreds no workie, walk away.  Unless you have credentials to the machine or can get them, or have an exploit to a vulnerable network service running on that machine, you aren't doing anything without a reboot and a boot disk.  Unless you pretampered with the machine so you have a backdoor like the sethc/cmd swap backdoor or something.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...