SessionBunny

SessionBunny
Download Copy
Title: SessionBunny
Author: 0i41E

This payload will run the famous SessionGopher script, which was only slightly modified. Searches for PuTTY, WinSCP, and Remote Desktop saved sessions, decrypts saved passwords for WinSCP, Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords. After you recieve the information, save the items you are interested in simply on your BashBunny.

Credential harvesting is the method of obtaining credentials — think usernames and passwords. Many techniques are used to obtain credentials, from keylogging to credential dumping. With a set of credentials in hand, red teamers may access systems and make lateral movement across the network, as well as creating their own credentials which may be difficult to detect in a breach. See all credential payloads.

This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.

Submit your own payload, or browse more featured Bash Bunny Payloads.

 

 

Related Payloads

Exfiltrate NTLM Hash To SD
Exfiltrate NTLM Hash To SD
This payload exfiltrates NTLM hash files to the Rubber Ducky's SD card for further analysis.
Read More
Same File Name Prank
Same File Name Prank
This payload renames files and folders to all have a similar name.
Read More
Exfiltrate NTLM Hash
Exfiltrate NTLM Hash
A payload used to exfiltrate the NTLM hash on a Windows machine.
Read More