Credz-Plz

Credz-Plz
Download Copy
Title: Credz-Plz
Author: I am Jakoby

A script used to prompt the target to enter their creds to later be exfiltrated with dropbox. A pop up box will let the target know "Unusual sign-in. Please authenticate your Microsoft Account" This will be followed by a fake authentication ui prompt. If the target tried to "X" out, hit "CANCEL" or while the password box is empty hit "OK" the prompt will continuously re pop up Once the target enters their credentials their information will be uploaded to your dropbox for collection.

Credential harvesting is the method of obtaining credentials — think usernames and passwords. Many techniques are used to obtain credentials, from keylogging to credential dumping. With a set of credentials in hand, red teamers may access systems and make lateral movement across the network, as well as creating their own credentials which may be difficult to detect in a breach. See all credential payloads.

This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.

Submit your own payload, or browse more featured Bash Bunny Payloads.

 

 

Related Payloads

Simplex
Simplex
This payload utilizes 2 KeyCrocs + netcat to send keystrokes from one croc to another.
Read More
ExfilWindowsCreds
ExfilWindowsCreds
This collection of payloads dumps Windows Credentials using mimikatz and features multiple exfiltration methods.
Read More
Randomizing User-Agent
Randomizing User-Agent
This DuckyScript payload automates the process of modifying the Google Chrome user-agent dynamically by integrating a ra
Read More