Credz-Plz

Credz-Plz
Download Copy
Title: Credz-Plz
Author: I am Jakoby

A script used to prompt the target to enter their creds to later be exfiltrated with dropbox. A pop up box will let the target know "Unusual sign-in. Please authenticate your Microsoft Account" This will be followed by a fake authentication ui prompt. If the target tried to "X" out, hit "CANCEL" or while the password box is empty hit "OK" the prompt will continuously re pop up Once the target enters their credentials their information will be uploaded to your dropbox for collection.

Credential harvesting is the method of obtaining credentials — think usernames and passwords. Many techniques are used to obtain credentials, from keylogging to credential dumping. With a set of credentials in hand, red teamers may access systems and make lateral movement across the network, as well as creating their own credentials which may be difficult to detect in a breach. See all credential payloads.

This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.

Submit your own payload, or browse more featured Bash Bunny Payloads.

 

 

Related Payloads

SignalFence
SignalFence
Track any wireless device — AP, client, or MAC-randomizing phone — and get alerted the moment it enters a configurable s
Read More
Doppelganger
Doppelganger
Spoof your targets hostname and MAC address to appear less suspicious to the target network.
Read More
Jelly Sentinel
Jelly Sentinel
Jelly Sentinel is a native network security assessment tool built for the WiFi Pineapple Pager. Drop it on a network,
Read More