Password Grabber Bash Bunny Payload - Hak5 2305

Поделиться
HTML-код
  • Опубликовано: 24 дек 2024

Комментарии • 95

  • @david808323
    @david808323 4 года назад +9

    skip to 4:05 for beginning of relevant content

  • @barrymccauley7351
    @barrymccauley7351 5 лет назад +9

    17:10 That sigh, when Darren types 'ls' on Windows!!! Same here. Every-freakin-time! :-D

    • @agentjeyjey9757
      @agentjeyjey9757 4 года назад +2

      he should do doskey ls=dir or create the file ls.bat with the command dir in it in the System32 folder

  • @happinin
    @happinin 5 лет назад +12

    I really hope you guys grow the bash bunny community and expand it. just bought mine and its disappointing to see there hasnt been much in a year and a lot of the software is outdated. would love to see more stuff for newer macs too. please work on growing this community and keeping it alive!
    would really like to find better payloads

    • @thedrunkenguitarist552
      @thedrunkenguitarist552 5 лет назад +1

      When I first bought mine, pre-order, I was incredibly excited. I started writing payloads for Mac/OSX exclusively. I shared them with so many people, but that wasn't enough. In the end, it comes down to people much smarter than myself, to create and code new payloads. I would sell mine if I hadn't invested so much time into it. In other words- I'm on your side and I wish there was more that I can do.

  • @TheLordFinny
    @TheLordFinny 5 лет назад +8

    starts at 3:00

  • @DaemonEyeDeathStar
    @DaemonEyeDeathStar 7 лет назад

    Glad to see I'm not the only one who occasionally pulls out the eeePC. I still have two of them fully operational

  • @rogerabercrombie8450
    @rogerabercrombie8450 7 лет назад +4

    Is it just me or does attacks they go over never work when I try them

  • @xana3790
    @xana3790 7 лет назад +4

    You could have the windows box ping the bash bunny if %errorlevel% is = 0... and if the bash bunny hears the icmp echo request then the command can be read as having run correctly.

  • @elizle
    @elizle 7 лет назад

    Start using powershell instead of cmd. You can run all of the cmd commands and they work fine, but it also doesn't yell at you when you run ls instead of dir.

    • @debugklk799
      @debugklk799 2 года назад

      You could also just create ur ls alias, if you really want to use the ls in cmd

  • @shreyaskul
    @shreyaskul 7 лет назад +3

    _FYI,_ *BashBunny=Bash+Bunny*
    *_"Bash"_** part implies it runs Bash i.e. **_Linux_** .*
    *_"Bunny"_** part is just for analogy for an animal similar to "Ducky" ( **_"USB rubber ducky"_** ).*

  • @vader1490
    @vader1490 7 лет назад +1

    Anyone else catch Darren possibly mention the new tool they're releasing? It seems like it'll be called the Packet Squirrel

  • @TheDanishGamers0705
    @TheDanishGamers0705 7 лет назад +3

    Windows Firewall told me "A trojan has been found" Lmao

  • @SilvianDragan
    @SilvianDragan 7 лет назад

    This is brilliant

  • @ggtomm1
    @ggtomm1 5 лет назад +1

    Video starts at 3:05

  • @codyvolckmar9939
    @codyvolckmar9939 7 лет назад

    Would disabling autoplay group policy on a corporate domain mitigate such an attack? Well not mitigate but at least slow down the attacker? I've seen great ways to use Group policy to tighten security for example Ransomeware is often executed with a JS file, a simple GPO can modify the default associated program for JS to be notepad and you have just saved your entire company from being held ransom.

  • @charon7320
    @charon7320 2 года назад

    the rabbit is the symbol of fertility thus femininity. even the funny sketch where they depict a rabbit fighting a knight, it's actually based on a legend where rabbits(females) were persuading, conning knights to renounce their missions and stay with them, from where the word con(also latin descent)

  • @ShotYoNer
    @ShotYoNer 2 года назад

    Windows security can't let me download the file. The virus security block me. How I change?

  • @ibrooklyn27
    @ibrooklyn27 5 лет назад

    Windows Defender kept removing the Lazagne.exe. Can you guys show how to do a check for Windows Defender and copy a new copy over ? or configure the RO as you suggested in the video ? Thanks

  • @X-MSK
    @X-MSK Год назад

    How can i get this payload

  • @totaltrinkets
    @totaltrinkets 7 лет назад +1

    Getting rid of a old computer is there a bootable usb to wipe hard drive, A iso i can download for usb boot? Thanks love the show.

    • @NxCmp
      @NxCmp 7 лет назад +2

      Vito look into Darik's Boot And Nuke also know as "DBAN"

    • @totaltrinkets
      @totaltrinkets 7 лет назад

      Ok. thanks NxCmp

    • @shreyaskul
      @shreyaskul 7 лет назад +1

      Create Hirens boot disk and flash it to usb using a tool called "Etcher" And boot to it. Use the partition tool to format it...

    • @MineCedi
      @MineCedi 7 лет назад +1

      just live boot into any linux you want and use the "dd" command

  • @nachoorozcog
    @nachoorozcog 7 лет назад

    It can be done with the tools of Nirsoft too right?? @hak5

  • @kwazplays5118
    @kwazplays5118 7 лет назад +2

    No matter how much I watch hak5 I will never learn how to do these things. I want to practice but can't. Bc I need a laptop😔😆

  • @NoraFulcanelli
    @NoraFulcanelli 6 лет назад

    Oh no I just learned. Kirby is awesome. He will be missed.

  • @hosfit
    @hosfit 7 лет назад

    Set-MpPreference -DisableRealtimeMonitoring $true will disable win def and Set-MpPreference -DisableRealtimeMonitoring $false will re enable

  • @shreyaskul
    @shreyaskul 7 лет назад +1

    I just created a same thing yesterday! (I didn't know LaZagne until now)
    But I did it differently.
    I used my Arduino rubber ducky to find and execute a batch file in a pendrive and batch file executes other 17 batch files. First batch file creates a directory in %appdata%/text/%username%/%date%. Other 16 batch files execute and print to the newly created dir in plaintext files of browser's, Wifi and windows creds using nirsoft tools and mimikatz. The 17th batch file disables write protection from a diskpart script and xcopy from %appdata%/text/... To the %~dp0 and then again runs a diskpart script to reapplies the readonly attributes to the pendrive....

  • @Zachsnotboard
    @Zachsnotboard 7 лет назад +13

    My idea of going outside is flying fpv drones

  • @bditt
    @bditt 7 лет назад +4

    Do most of these payloads require administration permissions?

    • @connorwilson2689
      @connorwilson2689 7 лет назад

      no

    • @david808323
      @david808323 5 лет назад

      it depends what you are trying to exfiltrate. The passwords in this video are standard-user accessible. The password hashes in the registry or the SAM and SYSTEM files in c:\windows\system32\config are not exfiltratable with the BashBunny unless you somehow get admin first. Someone correct me if I'm wrong.

  • @TheDigigram
    @TheDigigram 7 лет назад

    Copy and Pasta episode with LaZagne... Lovit

  • @johnyalowica8423
    @johnyalowica8423 6 лет назад

    Does the bunny work on Mac?

  • @AJ-nc4vr
    @AJ-nc4vr 7 лет назад +4

    "Sometimes I just want boys to drive me around and get me drinks" - Darren Kitchen 2017

  • @seanr2109
    @seanr2109 6 лет назад

    if i had one of these id probably make the time its running an attack RO storage, then change the storage to writeable only for the time the password file needs to be stored then turn of storage when the attack ends to give the computer minimal time to access the files as writeable

  • @AgreatnessM
    @AgreatnessM 7 лет назад +3

    Does the bash bunny replace the ducky?

    • @xana3790
      @xana3790 7 лет назад +2

      Alex the Great the bash bunny is superior to the rubber duck in several respects. 1 no need to run the twin duck firmware 2 no need to compile your payloads 3 can run a lot of lan turtle stuff as well. But is much more conspicuous and doesn’t look like an ordinary flash drive

    • @shreyaskul
      @shreyaskul 7 лет назад +4

      Kinda... But in my opinion, the original rubber duckey is more stealthy...

  • @happinin
    @happinin 5 лет назад +3

    nice products. too bad the communities for them stopped supporting them 2 years ago

  • @RemainZStudio
    @RemainZStudio 7 лет назад

    If windows 10 enterprise is running and its also running WDATP " Advanced threat Protection " its monitoring any PowerShell, CMD commands ... this will not work at all... ATP use machine learning

  • @cntrix2047
    @cntrix2047 7 лет назад

    Please do a metasploit one :^) So you set up your machine at home with a metasploit script that like instantly runs the persist command and/or some others. And the bash Bunny runs the malicious file on the target pc.

  • @tomjohnson7512
    @tomjohnson7512 7 лет назад +1

    Closed beverages.... Just got that heheheh

  • @carsten.
    @carsten. 7 лет назад

    Remember when he sounded happy?

  • @TheDanishGamers0705
    @TheDanishGamers0705 7 лет назад +1

    Help guys, I just got my bashbunny after waiting over a month. And none of the exploits work (None of them save anything to the loot folder) I followed this scriptkiddie payload, and it still didn't work
    I've tried recovery, installing old firmware, installing new firmware. ect

    • @TheDanishGamers0705
      @TheDanishGamers0705 7 лет назад

      laZagne gave me an - Error too few arguments.

    • @lickcarpet
      @lickcarpet 7 лет назад

      yeah i have had bunny since it came out and I have never to this date got 1 payload to work. I have tried the entire library on multiple setups. Updated fw

    • @TheSuperman979
      @TheSuperman979 7 лет назад

      lickcarpet I'm considering getting one myself after borrowing one from someone else to get it working, and once it was working it worked great. (However windows 10 edu is a bit iffy) have you flashed the firmware step by step from the earliest to most recent releases in succession from one another?

    • @TheDanishGamers0705
      @TheDanishGamers0705 7 лет назад

      DoctorDan I did:$

  • @over00lordunknown12
    @over00lordunknown12 6 лет назад

    Pshhht! Who needs a Bash Bunny, I've got a Sandisk Cruzer Micro U3 Smart Drive... XD

  • @tonttupc
    @tonttupc 7 лет назад

    Nice cop-stash

  • @MyIronman8
    @MyIronman8 7 лет назад

    What was that flash at 129

    • @tacojoe7996
      @tacojoe7996 7 лет назад

      Looks like an additional frame. Nothing to see here, move along.

  • @ThatNateGuy
    @ThatNateGuy 7 лет назад +1

    I don't hate Edge.

  • @MrB37ns
    @MrB37ns 7 лет назад

    I have my own USB drive with readable storage, that emulates a CD drive and a seperate flash storage and made a batch script that executes the lasagne and other exe's and basic Winbox commands to steal creds and other usefull info. But Some virus scanners prevent the exe's (lasagne included) from running so there's always that :(.
    I'm a big fan of the hak5 shows and seen some episodes of the LAN Turtle and the bash bunny but can't choose between them.
    Each have there own unique capabilities but the one thing that's really nice is the steal creds from locked PC's :).
    I bought some ducks in the past but ran out of time to play with them and now with the bunny they almost seen absolete.
    If you want to steal passwords and the bunnies storage is fast why not use procdump on the lsass and later read it out with mimikatz? You don't have to replace the lasagne (mmmm good food :)) since the procdump is a valid exe?

    • @debugklk799
      @debugklk799 2 года назад

      Maybe do a batch file instead of exe,,,

  • @ByGraceThroughFaith777
    @ByGraceThroughFaith777 5 лет назад

    What do hackers and skateboarders have in common?

  • @zlothra
    @zlothra 7 лет назад +1

    I'm going :D

  • @ellieday24
    @ellieday24 7 лет назад

    Hakgear in australia???

    • @happinin
      @happinin 5 лет назад

      got mine in australia no problems. it arrives fast. just order on their website.

  • @fallencentury3396
    @fallencentury3396 6 лет назад

    Like, like every sentence xD

  • @luseres_j
    @luseres_j 7 лет назад +1

    Early again

  • @camerontgore
    @camerontgore 7 лет назад +1

    "Baby Steps: A guide to living life One step at a time..." By Leo M. Marvin, M.D., Ph.D

    • @camerontgore
      @camerontgore 7 лет назад

      BDBD16 It's been awhile, is that from the movie? Cause I only posted it once from what I can tell...

  • @elizle
    @elizle 7 лет назад

    Vitamin D3 deficiencies make depression worse. The Sun does help. Also, high doses of D3 help.

    • @Lucy-dk5cz
      @Lucy-dk5cz 5 лет назад

      Elizle my sister said she had 3 Ds yesterday. She must be very health

  • @eliaszmichal4182
    @eliaszmichal4182 3 года назад

    Sorry but i didn't understand any of this, beautiful show , but average lecture. From what I saw in the manual, you need to put the file.exe in the tools folder and also into the switch folder with payload. the second day I struggle with it, it does not work on linux also windows 10, creates folders but empty inside, maybe my Bashbunny can not cope, it is already 4 years old, not used at all 2Gb disk, now i have already seen 8 Gb new Bashbunny has. I like you anyway. Best Regards

  • @lanceroark6386
    @lanceroark6386 7 лет назад

    Baby steps....

  • @gunkshot9011
    @gunkshot9011 7 лет назад +4

    Hi

  • @usamasattar1139
    @usamasattar1139 5 лет назад

    I've FUD lazagne here

  • @badrbanchikh3755
    @badrbanchikh3755 7 лет назад +1

    تحية لكل مغربي متابع هذه القناة

    • @9.09z
      @9.09z 7 лет назад

      تحياتي من المريخ

  • @TheDanishGamers0705
    @TheDanishGamers0705 7 лет назад

    Its pronounced lasagna :P

  • @abbasfaizy4769
    @abbasfaizy4769 7 лет назад +1

    Why is she faking facial expressions and laughing. looks like they dont like each other

  • @Chris-wy1qf
    @Chris-wy1qf 7 лет назад

    Fix your random frames. Your hackers. people will think your trying to hack into their brain interface

  • @YuryMartynov
    @YuryMartynov 7 лет назад

    0021_pochtalyon_pechkin.jpeg

  • @peany2012
    @peany2012 6 лет назад +1

    Can you quit saying the word "like"...I counted 30 times in opening segment....enough already

    • @musicmannsd
      @musicmannsd 5 лет назад

      They/we live in California, Chris. That's how we speak.

  • @anonymousquebec6014
    @anonymousquebec6014 7 лет назад

    LaZagna

  • @DAVIDGREGORYKERR
    @DAVIDGREGORYKERR 7 лет назад

    Not c++