How to Get USB_Exfiltration Payload Using the Bash Bunny
This is a super quick write-up on the first very useful payload we tested and confirmed as 100% reliable on all Windows systems (XP-SP3+) with PowerShell enabled.
Bash Bunny Wiki: http://wiki.bashbunny.com/#!index.md
Payload: https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/usb_exfiltrator
The most important piece is an understanding of the exceptionally simple switch positioning and directory structure.
We downloaded the entirety of the current payloads from the Bunny’s git here: https://github.com/hak5/bashbunny-payloads
The only edits we made to the USB_Exfil payload before copying it over to the switch1 directory was to remove the .PDF reference. This allowed us to pull sub-directories inside the user’s documents directory.
Be very careful! Depending on the size of your target’s Documents directory, you can fill the Bash Bunny’s storage at just under 2GB.
Lastly, in testing this one out, the system has to be unlocked… :/
Regardless, have fun!
Want to learn more mad skills from the person who wrote this blog?
Check out this class from Kent and Jordan:
Available live/virtual and on-demand!