Jump to content

[PAYLOAD] HiveNightmare - "SeriousSam"


hitem
 Share

Recommended Posts

 

HiveNightmare for Bush Bunny

  • Author: hitem
  • Version: 1.0

Description

Leverages the following exploit CVE-2021–36934 dubbed "SeriousSam". It uses a PoC-Tool by GosiTheDog.

  • Targets Windows 10
  • Deploys in roughly 8-10 sec from plugin to execution completed
  • Now you have SAM, SYSTEM and SECURITY in your loot folder!
  • It clears some basic traces! (run/folder)

Requirements

Bash Bunny \o/

STATUS

LED STATUS
Purple Initializing
Blue (blinking) Installing and running scripts
Green Finished

Installation and Execution

  1. Plug in Bash Bunny in arming mode
  2. Move files to the switch you want em to be executed from (dont forget the *.exe from GossiTheDogs repository)
  3. Edit the Scripts to fit your deployment (*.ps1 switch path as an example)
  4. Eject the Bash Bunny and go ahead!
    Only known mitigation in my limited testing is "folder protection"-On by Windows Defender.
  5. I have also attached the /Mitigation/ possibility in the repository below for those who want to remedy this exploit via Bash Bunny.

Download

Click here to go to my github and download



Note and Creds:
I have owned a Bash Bunny MKII for 1 week, im completly new to this. SeriousSam however is "get it while its fresh" exploit and i wrote a simple Bash Bunny script and a powershellscript to leverage the GossiTheDog's PoC-tool. More info in the scripts!

Link to comment
Share on other sites

Hi Hitem,
First off awesome that you also made a BB payload for the SeriousSAM vulnerability!
If I had known you were also working on it I wouldn't have submitted my own payload. My apologies for that.

I look forward to seeing what other payloads you'll create.
~9o3

  • Like 1
Link to comment
Share on other sites

No worries good sir, its all my pleasure - i enjoyed your code (it was handsome) so i wanted to include it in this thread as well!
Its good to have different versions and approaches, that's how we improve! 🙂 (exe can run in cmd incase ps is blocked as an example).
Your code teach me a lot so keep up the good stuff!

Same to you!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...