Credz-Plz

Credz-Plz
Download Copy
Title: Credz-Plz
Author: I am Jakoby

A script used to prompt the target to enter their creds to later be exfiltrated with dropbox. A pop up box will let the target know "Unusual sign-in. Please authenticate your Microsoft Account" This will be followed by a fake authentication ui prompt. If the target tried to "X" out, hit "CANCEL" or while the password box is empty hit "OK" the prompt will continuously re pop up Once the target enters their credentials their information will be uploaded to your dropbox for collection.

Credential harvesting is the method of obtaining credentials — think usernames and passwords. Many techniques are used to obtain credentials, from keylogging to credential dumping. With a set of credentials in hand, red teamers may access systems and make lateral movement across the network, as well as creating their own credentials which may be difficult to detect in a breach. See all credential payloads.

This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.

Submit your own payload, or browse more featured Bash Bunny Payloads.

 

 

Related Payloads

Cookie Monster
Cookie Monster
Recreates the 1969 program from Brown University. This version types messages asking for a cookie. Until the user type c
Read More
FileHunter
FileHunter
Crawls all drives of the target system for a specific file or file type, to then compress and exfiltrate them to the Duc
Read More
Silent File Exfiltrator
Silent File Exfiltrator
This DS1 payload executes a stealthy script that silently collects and exfiltrates specific file types through Discord w
Read More