vander Posted December 26, 2023 Share Posted December 26, 2023 Hello, I have been trying to use the password grabber payload for a while now. I have installed the required tool. When executed it finishes normally with a green light on the bunny but the text file supposed to be containing items is empty. Any ideas? Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted December 26, 2023 Share Posted December 26, 2023 The green LED doesn't really say anything about if the payload was successful or not in this particular case. It just tells you that it has kicked off the ps1 file and waited 10 seconds. You have to be more detailed about the "scenario". For example; What Windows version is the target running? Is the A-V disabled? If it's not disabled, how did you make sure that the "malicious" exe isn't detected and eliminated? Did you try to run the exe manually on the target to verify that it at all works as expected? Quote Link to comment Share on other sites More sharing options...
vander Posted December 26, 2023 Author Share Posted December 26, 2023 15 minutes ago, dark_pyrro said: The green LED doesn't really say anything about if the payload was successful or not in this particular case. It just tells you that it has kicked off the ps1 file and waited 10 seconds. You have to be more detailed about the "scenario". For example; What Windows version is the target running? Is the A-V disabled? If it's not disabled, how did you make sure that the "malicious" exe isn't detected and eliminated? Did you try to run the exe manually on the target to verify that it at all works as expected? I am running windows 10 on the target machine with all anti viruses disabled, lasagne works normally but it doesn’t with the bash bunny Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted December 26, 2023 Share Posted December 26, 2023 So, if you run that payload but remove -windowstyle hidden and instead add -NoExit, will it show any errors in the PowerShell window as the ps1 file has been executed? Quote Link to comment Share on other sites More sharing options...
vander Posted December 26, 2023 Author Share Posted December 26, 2023 21 minutes ago, dark_pyrro said: So, if you run that payload but remove -windowstyle hidden and instead add -NoExit, will it show any errors in the PowerShell window as the ps1 file has been executed? Nope, no errors Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted December 26, 2023 Share Posted December 26, 2023 yes, there were, you just presented one on Discord, it's rather difficult to try to help troubleshooting when asking for errors and getting reports back there are none, and... still there are... Quote Link to comment Share on other sites More sharing options...
vander Posted December 26, 2023 Author Share Posted December 26, 2023 5 minutes ago, dark_pyrro said: yes, there were, you just presented one on Discord, it's rather difficult to try to help troubleshooting when asking for errors and getting reports back there are none, and... still there are... Sorry it popped up after I did what you said a couple time my bad Quote Link to comment Share on other sites More sharing options...
Solution dark_pyrro Posted December 26, 2023 Solution Share Posted December 26, 2023 I'd suggest that you open an issue report on the GitHub of the LaZagne creator. That doesn't seem payload, or Bunny, related. It's sounds more like something to do with Python (since the LaZagne exe seems to be Python based and that an exe is created using pyinstaller or such). Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.