FollinaBunny

FollinaBunny
Download Copy
Title: FollinaBunny
Author: PanicAcid

Executes code leveraging CVE-2022-30190 aka Follina using a malicious html file hosted on the Bunny itself. Whilst this exploit can be called via a malicious word document, a simple wget via PowerShell will also execute the malicious code.. Tweak and well you get the picture. This WILL flag on Defender if you're up to date, however the PoC here isn't that you can just run this code, it's that you can self serve this malicious html file via the BashBunny and you can tweak it to your hearts content.

🏆   Recognized with a Payload Award in September 2023

 

Execution is the method of either remotely or locally running code — malicious or otherwise — on a target computer. Execution is typically coupled with other techniques to carry out more complex tasks, like performing reconnaissance, exfiltration or credential harvesting. Execution may be ephemeral, or coupled with persistence techniques used to maintain remote access or continued code execution. See all execution payloads.

This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.

Submit your own payload, or browse more featured Bash Bunny Payloads.

 

 

Related Payloads

Blind OS Command Injection using Serial Number
Blind OS Command Injection using Serial Number
This payload allows a remote attacker to execute commands on a Linux system using the serial number as a vector to pass
Read More
Exfiltrate NTLM Hash To SD
Exfiltrate NTLM Hash To SD
This payload exfiltrates NTLM hash files to the Rubber Ducky's SD card for further analysis.
Read More
Same File Name Prank
Same File Name Prank
This payload renames files and folders to all have a similar name.
Read More