hak5 / bashbunny-payloads

The Official Bash Bunny Payload Repository
https://bashbunny.com
2.63k stars 1.47k forks source link

Doesnt work #359

Closed githubkuyaya closed 5 years ago

githubkuyaya commented 5 years ago

i placed lazagne.exe in the tools folder, and payload.txt, payload.ps1, lazagne.exe and lazagne-2.4 in the switch 2. im not sure but is this right? after i "attacked" my computer with switch 2, lazagne .exe in the tools folder just disappears, probably it got deleted and idk why, and in the loot folder, the folder passwordgrabber is there but theres nothing in there. Pls help i need it

stuarthayhurst commented 5 years ago

I feel bad for the devs in this repo, after they put a video on The Modern Rogue this place is going to be filled with people saying it isn't working and asking for help with little to no leads or logs.

hahnstep commented 5 years ago

Maybe the antivirus from host delete the lazagne.exe ? Give a look in the logs windows defender or so.

githubkuyaya commented 5 years ago

Idk but are my settings correct? (comment on the top)

0rion5 commented 5 years ago

Ilovebashbunny, I did the same thing, had the same result. The windows defender ate up the lasagne.exe. So I placed the file in the tools folder on the udisk with defender disabled from registry. That seemed to work.

githubkuyaya commented 5 years ago

Which file? Udisk? Disabled windows defender from registry?

0rion5 commented 5 years ago

Sorry for the late reply. I fixed it

On Mon, Jan 21, 2019 at 11:29 AM ilovebashbunny notifications@github.com wrote:

Which file? Udisk? Disabled windows defender from registry?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/hak5/bashbunny-payloads/issues/359#issuecomment-456131012, or mute the thread https://github.com/notifications/unsubscribe-auth/ArwoWdpUC1AahBezOrLdjDiDo3k07D6gks5vFerWgaJpZM4ZkKRU .

githubkuyaya commented 5 years ago

Okay, my keyboard wasnt US keyboard layout, thats why it didnt work. I created now a payload who changed the keyboard layout to us (with powershell) and then it just runs the payload

Jd305 commented 5 years ago

Explain what a bashbunny is?

Treelovah commented 5 years ago

@jd305 are you serious?

Go to their website and read, https://shop.hak5.org/products/bash-bunny

You should be embarrassed with that question.

Treelovah commented 5 years ago

As to the deleted lasagna.exe. VERY possible it is your anti virus deleting your payloads. To get around this and continue testing, you can simply add lasagne.exe to the “allowed files” in Windows defender, you can actually have the bunny do this itself before executing the actual payload! :) I’ll post mine later. (..Mmm coffee)

githubkuyaya commented 5 years ago

As I wrote before, my keyboard layout was false. And DUCKY_LANG didn't work because I live in Swiss and there is only a german DUCKY_LANG and the German and Swiss keyboard are different. So I wrote a code with Q ALTCODE which change the keyboard layout to en-US (via PowerShell). Then everything worked. I also wrote a code which disables Windows Defender. Idk if the code still works when the Antivirus would be Avast or something..... The Issue is solved