"Microsoft Windows 10" Fake Logon Screen

Download Copy
Title: "Microsoft Windows 10" Fake Logon Screen
Author: TW-D

Change "monitor-timeout (AC and DC)" at NEVER with "powercfg" utility. Change "standby-timeout (AC and DC)" at NEVER with "powercfg" utility. Retrieve the current username. Full-screen opening of the phishing HTML page using the default web browser with a random wallpaper. The "Bash Bunny" can be removed because the files are cached in the web browser. The password will be sent by HTTP POST to the URL specified in the "DROP_URL" constant.

 

🏆   Recognized with a Payload Award in September 2023

 

 

 

Phishing is a popular technique for gaining access to a target. Generally, phishing is a digitally delivered social engineering method. Phishing techniques may use a wide net, or specifically target one role or individual — known as spearphishing. Many phishing campaigns involve tricking a target into divulging confidential information, such as by mimicking a known-trusted source — be it a website or person. See all phishing payloads.

This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.

Submit your own payload, or browse more featured Bash Bunny Payloads.

 

 

Related Payloads

Simplex
Simplex
This payload utilizes 2 KeyCrocs + netcat to send keystrokes from one croc to another.
Read More
ExfilWindowsCreds
ExfilWindowsCreds
This collection of payloads dumps Windows Credentials using mimikatz and features multiple exfiltration methods.
Read More
Randomizing User-Agent
Randomizing User-Agent
This DuckyScript payload automates the process of modifying the Google Chrome user-agent dynamically by integrating a ra
Read More