only getting usernames and not password

hvidlog commented 1 year ago

Payload Title

[Browser-Passwords-Dropbox-Exfiltration]

Payload URL

https://github.com/hak5/usbrubberducky-payloads/tree/master/payloads/library/credentials/Browser-Passwords-Dropbox-Exfiltration/Version%2001

Payload Setup

setup as described

Problem Description

when i run the script everything goes fine and i get the file on drop box but when i open it i can only se the address for the login and the username, there are no passwords

Troubleshooting steps

i tried to run it in powershell and deleted the leave command but it only comes up with 2 small problems. both that are irrelevant Screenshot 2023-07-30 215558

Suspected Cause

No response

Screenshots or additional information

No response

Checklist ✅ - READ CAREFULLY

[X] I checked and didn't find a similar issue already reported
[X] I am using PayloadStudio to encode this payload
[X] I made sure to redact any private information in the details shared above
[X] I have read and followed the documentation provided by the original payload author and configured the payload (if required)
[X] I have confirmed I am deploying this payload with the correct device intended by the original author (Original USB Rubber Ducky vs New USB Rubber Ducky)
[X] I have confirmed I am deploying this payload on the correct target host intended by the original author (Windows, Mac, Linux, etc)
[X] I have confirmed the payload is compiled in the correct keyboard language for the target host I'm trying to deploy it on (US, DE, etc)
[ ] I have actually read the above checkboxes before checking them, including this one, which I have intentionally left unchecked as confirmation of this statement

Agreement

[X] I believe this is an issue with the actual payload itself. I acknowledge this form is not a request for help following instructions.
[X] I have carefully read and filled out every section of this issue form to the best of my ability. I acknowledge by providing insufficient information I cannot receieve adequate assistance.

dallaswinger commented 1 year ago

why did you check this box? I have actually read the above checkboxes before checking them, including this one, which I have intentionally left unchecked as confirmation of this statement

dallaswinger commented 1 year ago

why is it you think that the errors you're seeing are irrelevant?

hvidlog commented 1 year ago

because the first is that it cant find the path to chrome.exe for it to start it

and the other is that it can't clear the powershell history

both of them have nothing to do with reatriving or dencrypting the passwords

dallaswinger commented 1 year ago

considering the code is to Obtain the credentials from the Chrome browsers User Data folder not finding chrome sounds relevant to me lol Anyways I will pass this off to the payload author;

@DIYSpy any ideas?

hvidlog commented 1 year ago

when it says that it cant find chrome is only the chrome.exe which it cant find but, it only uses that when it has to start chrome again after extracting information.

dallaswinger commented 10 months ago

closing due to inactivity but also because the suspected usecase does not appear particularly ethical.

hak5 / usbrubberducky-payloads