Closed githubkuyaya closed 5 years ago
I feel bad for the devs in this repo, after they put a video on The Modern Rogue this place is going to be filled with people saying it isn't working and asking for help with little to no leads or logs.
Maybe the antivirus from host delete the lazagne.exe ? Give a look in the logs windows defender or so.
Idk but are my settings correct? (comment on the top)
Ilovebashbunny, I did the same thing, had the same result. The windows defender ate up the lasagne.exe. So I placed the file in the tools folder on the udisk with defender disabled from registry. That seemed to work.
Which file? Udisk? Disabled windows defender from registry?
Sorry for the late reply. I fixed it
On Mon, Jan 21, 2019 at 11:29 AM ilovebashbunny notifications@github.com wrote:
Which file? Udisk? Disabled windows defender from registry?
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/hak5/bashbunny-payloads/issues/359#issuecomment-456131012, or mute the thread https://github.com/notifications/unsubscribe-auth/ArwoWdpUC1AahBezOrLdjDiDo3k07D6gks5vFerWgaJpZM4ZkKRU .
Okay, my keyboard wasnt US keyboard layout, thats why it didnt work. I created now a payload who changed the keyboard layout to us (with powershell) and then it just runs the payload
Explain what a bashbunny is?
@jd305 are you serious?
Go to their website and read, https://shop.hak5.org/products/bash-bunny
You should be embarrassed with that question.
As to the deleted lasagna.exe. VERY possible it is your anti virus deleting your payloads. To get around this and continue testing, you can simply add lasagne.exe to the “allowed files” in Windows defender, you can actually have the bunny do this itself before executing the actual payload! :) I’ll post mine later. (..Mmm coffee)
As I wrote before, my keyboard layout was false. And DUCKY_LANG didn't work because I live in Swiss and there is only a german DUCKY_LANG and the German and Swiss keyboard are different. So I wrote a code with Q ALTCODE which change the keyboard layout to en-US (via PowerShell). Then everything worked. I also wrote a code which disables Windows Defender. Idk if the code still works when the Antivirus would be Avast or something..... The Issue is solved
i placed lazagne.exe in the tools folder, and payload.txt, payload.ps1, lazagne.exe and lazagne-2.4 in the switch 2. im not sure but is this right? after i "attacked" my computer with switch 2, lazagne .exe in the tools folder just disappears, probably it got deleted and idk why, and in the loot folder, the folder passwordgrabber is there but theres nothing in there. Pls help i need it