Credz-Plz

Credz-Plz
Download Copy
Title: Credz-Plz
Author: I am Jakoby

A script used to prompt the target to enter their creds to later be exfiltrated with dropbox. A pop up box will let the target know "Unusual sign-in. Please authenticate your Microsoft Account" This will be followed by a fake authentication ui prompt. If the target tried to "X" out, hit "CANCEL" or while the password box is empty hit "OK" the prompt will continuously re pop up Once the target enters their credentials their information will be uploaded to your dropbox for collection.

Credential harvesting is the method of obtaining credentials — think usernames and passwords. Many techniques are used to obtain credentials, from keylogging to credential dumping. With a set of credentials in hand, red teamers may access systems and make lateral movement across the network, as well as creating their own credentials which may be difficult to detect in a breach. See all credential payloads.

This payload is for OMG — a platform built for covert field-use with features that enhance remote execution, stealth and forensics evasion, all while being able to quickly change your tooling on the fly.

Submit your own payload, or browse more featured OMG Payloads.

 

 

Related Payloads

Minimalistic web intercept
Minimalistic web intercept
Replace HTTP with Squirrels.
Read More
DNS Sinkhole
DNS Sinkhole
Demonstrate sinkholing a DNS domain
Read More
Proxquirrel
Proxquirrel
Proxquirrel is a payload designed for the Packet Squirrel MK II in combination with a HTTP proxy, like BurpSuite. This p
Read More