Jump to content

[SOLVED] SSH into RNDIS_ETHERNET


WatskeBart

Recommended Posts

Quote

EDIT: To SSH into the BashBunny use IP: 172.16.64.1

 

When running the following payload:

LED G
ATTACKMODE RNDIS_ETHERNET

And try to SSH into the bunny (172.16.64.10) with Putty. As root I always get 'Access Denied'

I've change the default password using attackmode serial but that password is not working for SSH. I even set it back to the default hak5bunny password, but still no joy.

What am I missing here?

 

Edited by WatskeBart
  • Upvote 1
Link to comment
Share on other sites

Did anyone of you get a working internet connection?

I am trying to apt-get update, but it just continue to connect to httpredir.debian.com...


root@bunny:/pentest/impacket/examples# apt-get update
0% [Connecting to httpredir.debian.org (140.211.166.202)]

 

I think I need to update because every time I try to run rdp_check.py I get The error under:
root@bunny:/pentest/impacket/examples# rdp_check.py
CRITICAL:root:pyOpenSSL is not installed, can't continue
 

 

 

Link to comment
Share on other sites

1 hour ago, WatskeBart said:

When running the following payload:


LED G
ATTACKMODE RNDIS_ETHERNET

And try to SSH into the bunny (172.16.64.10) with Putty. As root I always get 'Access Denied'

I've change the default password using attackmode serial but that password is not working for SSH. I even set it back to the default hak5bunny password, but still no joy.

What am I missing here?

 

172.16.64.10 will be the IP address your host machine has been assigned. The IP address of the bunny will be 172.16.64.1

Default values from the wiki are:

Username: root
Password: hak5bunny
IP Address: 172.16.64.1
DHCP Range: 172.16.64.10-12

 

  • Upvote 2
Link to comment
Share on other sites

I followed the Ethernet sharing instructions but Instead of configuring an IP of "172.16.64.64" to the IP4. I just checked "Obtain an IP address automatically"

I downloaded NetPing

http://netping.codeplex.com/downloads/get/11024

and had it scan 172.16.64.1 to 172.16.64.255

it found

172.16.64.1 --> BashBunny

172.16.64.10 --> my Windows 10 PC

Only took me about 3 hours to find this simple solution :lol:

I can now SSH to the BashBunny

Link to comment
Share on other sites

Anyone get this going on Windows 10?

I can setup my Windows 7 laptop the same as the Windows 10 PC, Connection refused when I  SSH from the 10 to the BashBunny. & no out to the Internet

Same Bunny & Setup on Windows 7, no problem SSH in or Apt-get out.

 

I figure its Windows 10 Firewall but I turned off the firewall and still no joy :huh:

Link to comment
Share on other sites

33 minutes ago, chairman said:

Anyone get this going on Windows 10?

I can setup my Windows 7 laptop the same as the Windows 10 PC, Connection refused when I  SSH from the 10 to the BashBunny. & no out to the Internet

Same Bunny & Setup on Windows 7, no problem SSH in or Apt-get out.

 

I figure its Windows 10 Firewall but I turned off the firewall and still no joy :huh:

  1. Is your payload.txt containing: ATTACKMODE RNDIS_ETHERNET?
  2. Is the BashBunny recognized as a IBM USB Remote NDIS network device?
  3. If so, does it get a IP e.g. 172.16.64.10 (use ipconfig /all you should see IBM USB Remote NDIS Network Device in the description)?

Then you should be able to SSH into 172.16.64.1 and connect to the BashBunny

This works for me, and i'm using a firewall as well.

Edited by WatskeBart
Link to comment
Share on other sites

  • 1 month later...

I am having the same issues on my windows 10 laptop as well. I tried disabling firewalls and such. It seems that as soon as you enable internet connection sharing it turns Ethernet 2 into an unknown network, which shuts down/blocks the ssh into bash bunny. If anyone figures this out it would be much appreciated.

Link to comment
Share on other sites

What happens if you remove the bunny and the remove the drivers etc ?

Start command prompt as administrator

use the following command : set_devmgr_show_nonpresent_devices=1

then (in the same session) :start compmgmt.msc

 

select devices and in the menu bar 'show hidden devices'

use 'del' to remove all greyed out devices.

 

---

 

set the bb to arming mode and plug it in.

the 'new' ethernet controller should be recognised and get a new identifier. Set up the ics then

 

Link to comment
Share on other sites

  • 4 months later...

Hi Dice.

I followed this to the letter and there are now no greyed out devices. Unfortunately as soon as I select network sharing the bunny interface reverts back to unidentified network. While I can then connect via Putty I cannot ping anything and do not appear to have network connectivity.

Any other suggestions on how to stop the interface reverting to "unknown" or why it does it?

 

Cheers

 

David

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...