Fang_Shadow

no i am saying to choose one or the other, but only with one attack mode (ethernet OR storage; not both)

On the bashbunny itself or the host computer the bashbunny is plugged into, please note that not all computers come with the jre installed and would likely not work because of this.

Remember that linux uses both RNDIS_ETHERNET and ECM_ETHERNET, since it wants to be compatible with both windows and unix(mac). Has the usage of both storage and another attack mode work at the same time before on linux, or could be something different.

Try LED M (magenta aka purple)

Responder deb file can be found here https://github.com/F9Alejandro/packages just place it in your tools folder when in arming mode and then just unplug and plug back in while still set to arming mode to install

I will test it when I get home then will edit this post once I have confrimed anything EDIT: So I tested QuickCreds on my computer, but can't seem to get anything from it (don't know if a windows 10 patch fixed this exploit or not), it doesn't obtain anything and just sits at the white double flash stage, nothing further. As for the red blinking, did you look up what FAIL 1 looks like vs FAIL 2. FAIL 1 is because of dependencies and is a slow red pulse, FAIL 2 is a double pulse and means it can't get an ip address for the target machine (allow the device to give dns automatically network adapters -> IBM RDNIS -> IPv4 -> DNS Auto) EDIT 2: NVM found out the issue with mine, had to use a bogus network dir for it to spoof and get the hash

I have a dev file for responder on my github and dev has posted a link for impacket on one of the other threads https://github.com/F9Alejandro/packages

The extensions is bunny_helper.sh you don't need that file as they are already end variables like, GET TARGET_IP or GET TARGET_HOSTNAME, REQUIRETOOL impacket. These are working by default in the extensions folder of the payload library.

Udisk isn't mounted when storage is used as an attack mode, if it was HID or Ethernet it would from what I've seen. To mount Udisk type the following: mount -o sync /dev/nandf /root/udisk Then you should see what is in your udisk. Your tools installed should be under /tools/ not under /root/udisk/

I dont think it needs to go inorder as it is just aditions and changes from what I've seen. Then again this will be the second firmware update so I dont know what changes are made or persist.

You could have bricked your device from completely booting/running the files to allow use. Possibly from incomplete download of firmware, did you check the hash against the download to see if it was a match?

the device is being mounted as read-only, find the device name unmount then remount with '-o rw' (-o is option and rw is read-write)

DFU is recovery mode, and the green light turns off after a few seconds right before the next stage which is the load what ever switch you are on.

I made some changes to the payload, instead of cmd calling powershell to open another cmd, i have it opening a powershell as admin (more tools). And I have made another section which closes all open cmd and powershell just in case one lingers for what ever reason, oh and of course clearing the run dialog.

Is the device getting enough power, sometime if the device is connected to the computer instead of a powerblock like the iphone wall based usb block, sometimes the device doesn't get enough or faulty power and causes it to do a sort of loop to try and fix itself. Instead of letting do this loop, why not force the BB into DFU mode from plug in to the block after the green light goes off, unplug do this 3 more times then just leave it. it should go through the flash process correctly. I have never had this issue as of yet, but this is just a theory of what is going on with your devices.