In this project I have used the Bash Bunny "Getting Started With Bash Bunny" and used one of hak 5's payload to show a simple password grabber and how it works.
Author : Sampreeth.Nataraj
Creds : Hak5Darren, AlessandroZ, TeCHemically, dragmus13, RazerBlade, Jdebetaz
Firmware support : 1.1 and higher
Target version : Windows 7 and higher
Grabs password from chrome, internet explorer, firefox, filezilla and more... This payload makes use of AleZssandroZ awesome LaZagne password recovery tool.
- Download the latest lazagne zip file from https://github.com/AlessandroZ/LaZagne/releases .
- Turn off the antivirus and malware detection .
- Unzip the zip file and place the exe file in the tools folder.
- Place the payload.ps1 and payload.txt files along with the lazagne folder in the preferred payload switch eg: switch1 or switch2.
- Plug in the bash bunny (placed in the switch mode which contains the payload) in the windows machine and enjoy
- The passwords grabbed will be placed in the passwords.txt file of the tools folder.