"Microsoft Windows 10" Fake Logon Screen

Download Copy
Title: "Microsoft Windows 10" Fake Logon Screen
Author: TW-D

Change "monitor-timeout (AC and DC)" at NEVER with "powercfg" utility. Change "standby-timeout (AC and DC)" at NEVER with "powercfg" utility. Retrieve the current username. Full-screen opening of the phishing HTML page using the default web browser with a random wallpaper. The "Bash Bunny" can be removed because the files are cached in the web browser. The password will be sent by HTTP POST to the URL specified in the "DROP_URL" constant.

 

🏆   Recognized with a Payload Award in September 2023

 

 

 

Phishing is a popular technique for gaining access to a target. Generally, phishing is a digitally delivered social engineering method. Phishing techniques may use a wide net, or specifically target one role or individual — known as spearphishing. Many phishing campaigns involve tricking a target into divulging confidential information, such as by mimicking a known-trusted source — be it a website or person. See all phishing payloads.

This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.

Submit your own payload, or browse more featured Bash Bunny Payloads.

 

 

Related Payloads

Linux Blind Serial Command Injection
Linux Blind Serial Command Injection
Allows a remote attacker to execute commands on a Linux system via a serial connection, without receiving feedback on th
Read More
Lazagne Exfil
Lazagne Exfil
This payload downloads and runs Lazagne, stores all info to .txt file, sends file to telegram bot.
Read More
Google Exfil
Google Exfil
This payload runs Powershell script that zips google user data, uses gofile.io api to upload it, and then sends a downlo
Read More