| 1 |
CaptivePortal |
Redirects and spoofs all DNS requests to the Bash Bunny, and serves a configurable captive portal. All captured credentials will be logged in the payload's folder in a file named *capture.log*. |
| 2 |
QuickCreds |
Snags credentials from locked or unlocked machines
Based on the attack by Mubix of Room362.com
Implements a responder attack. Saves creds to the loot folder on the USB Disk
Looks for *NTLM* log files |
| 3 |
NMapper |
Scans target with nmap using specified options
Saves sequential logs to mass storage loot folder |
| 4 |
RDPChecker |
Checks whether RDP is enabled on target machine |
| 5 |
ToolsInstaller |
Moves tools from the tools_to_install/ USB disk to /pentest on the Bash Bunny |
| 6 |
USBExfiltrator |
Exfiltrates files from the users Documents folder |
| 7 |
ExecutableInstaller |
Copies an executable (or executable in a directory) from the Bash Bunny USB Mass Storage
to %APPDATA% |
| 8 |
DuckyLibraryUpdate |
Adds support for new languages. and uses the Ducktoolkit python library for encoding. |
| 9 |
DuckyTemplate |
Boilerplate for running Ducky Code on a Bash Bunny |
| 10 |
MACInfoGrabber |
A payload that grabs the chrome cookies sqlite3 file and also any spreadsheets in
the Documents folder and places them inside a folder on the BashBunny called MacLoot. |
| 11 |
BunnyTap |
Based on PoisonTap created by @SamyKamkar |
| 12 |
SmacAndGrab |
Mounts as storage and acts as HID. Backup a list of files to the BashBunny |
| 13 |
WiPassDump |
Dumps saved Wi-Fi infos including clear text passwords to the bash bunny |
| 14 |
90sMode |
Turns back the clock to a k-rad ultra ereet 1990's VGA resolution Executes p.ps1 from the selected switch folder of the Bash Bunny USB Disk partition. |
| 15 |
GitBunnyGit |
Clones the bashbunny-payloads repository and also will update an existing repository. Use this payload to get all the other payloads! |
| 16 |
MacReverseShell |
opens a python reverse shell to the IP and PORT of your choosing. Also, as a nice little bonus, it runs the DYLD exploit that, if vulnerable will give you a root shell |
| 17 |
RAZ_ReverseShell |
Executes a netcat reverse cmd shell at a given IP and Port |
| 18 |
RAZ_VBScript |
Executes a VBScript, concealed in a hidden PowerShell window |