heartbleed Posted May 17, 2018 Share Posted May 17, 2018 Hi! I've started using the bash bunny and I've noticed that when I use a payload that uses ATTACKMODE HID STORAGE and use the mkdir command to create a folder inside the loot foolder (PasswordGrabber and WiPassDump for example), I can't see the folder created by them on the first time. If I change to arming mode and check, the folder appears but empty (and it only appears in arming mode, if i run the first time the payload and dont remove the Bash Bunny, it wont appear)! If i run the payload again, now that the folder is already created (the folder now appears on switch 1 or 2 ) everything works ok. If I create manually the folder inside the loot folder for the payload, it will work too on the first time. All that I said is related to ATTACKMODE HID STORAGE, because if I use a payload like QuickCreds, it will create its folder inside loot folder and everything works in the first time! If I change the ATTACKMODE in PasswordGrabber and WiPassDump to ATTACKMODE RNDIS_ETHERNET before the "mkdir" comand and then use ATTACKMODE HID STORAGE again right after the "mkdir" command, then these payloads will work for the first time too!! So is there any problem with ATTACKMODE HID STORAGE to create folder inside loot folder for the first time you run a payload? Why this is not happening with payloads that uses ATTACKMODE RNDIS_ETHERNET? Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.