This payload will run the famous SessionGopher script, which was only slightly modified. Searches for PuTTY, WinSCP, and Remote Desktop saved sessions, decrypts saved passwords for WinSCP, Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords. After you recieve the information, save the items you are interested in simply on your BashBunny.
Credential harvesting is the method of obtaining credentials — think usernames and passwords. Many techniques are used to obtain credentials, from keylogging to credential dumping. With a set of credentials in hand, red teamers may access systems and make lateral movement across the network, as well as creating their own credentials which may be difficult to detect in a breach. See all credential payloads.
This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.