Jump to content

[TUTORIAL]Flash/upgrade and install languages / tools


Skiddie

Recommended Posts

UPGRADE TO THE LATEST FIRMWARE

  1. Download the latest version of the Bash Bunny firmware from https://bashbunny.com/downloads
  2. Verify that the SHA256 checksum of the downloaded firmware files matches the checksum listed at bashbunny.com
  3. Slide the Bash Bunny switch into Arming Mode (closest to the USB plug) and plug the Bash Bunny into your computer
  4. Copy the firmware upgrade file downloaded in step 1 to the root of the Bash Bunny flash drive.
  5. Safely eject the Bash Bunny flash drive (IMPORTANT)
  6. With the switch still in Arming Mode, plug the Bash Bunny back into your computer and wait 10 minutes.
  7. When the bunny is done flashing, it will pop up as an storage device.

INSTALLING LANGUAGES 

i have opened a pull request on the official repo to add the languages to the /languages folder 

(.json provided/made by ducktoolkit.com)

But for now you will have to manually add them (Atleast from what i understand since i cannot get the ducktoolkit install payload to work)  

  1. Download the Ducktoolkit compressed file-> https://github.com/hak5/bashbunny-payloads/raw/53a9e7fb69677b0480b2005a590471f4feacd180/payloads/library/DuckyInstall/DuckToolkit-1.0.1.tar.gz
  2. Unzip all the .json language files from "\DuckToolkit-1.0.1\ducktoolkit\languages" inside the .tar.gz file to\languages on the BashBunny (Connected while in arming mode)
  3. Remove and re-attach the bash bunny, you can now use different keyboard languages 

INSTALLING "IMPACKET" AND OTHER DEPENDENCIES 

There are 2 tools folders on the bash bunny itself, one lives in /tools on the Linux file-system which you can see and access using SSH/ Serial access.The other one lives in the mounted drive which you see every-time you connected the bunny as an storage device. What we effectively are going to do is to download the latest impacket source from github, place it on the bash bunny flash-mounted tools folder. re-attach and re-boot the bunny , this will copy the folder into the linux file-system tools folder, where we will install the module. 

  1. Clone or download -> https://github.com/CoreSecurity/impacket as an .zip file. 
  2. Unzip the "impacket-master" folder inside the .zip file into the /tools folder while the bash bunny is connected as an storage device (in arm mode) 
  3. Rename the "impacket-master" folder to "impacket" (
  4. remove and re-attach /reboot the bash bunny on the system. If you go to the same /tools folder now, the "impacket" folder should be gone. 
  5. Serial/SSH into the bunny so you get a shell. and execute the following commands, in this order  "cd" |  "cd .."  | " cd /tools/impacket/" | "python setup.py install"

  ( "|" separate each command, dont type the " quotes) 

remove and re-attach the bash bunny, and you are all good ! :) 

Link to comment
Share on other sites

Hello,

 

Thank you for your tutorial :)
I've got the langage file from your Github account and it seems work ... partially !

Firstable, i'm French. (and sorry for my bad english btw) and i'm on a MAC (I know ... :p).
For my tests, i've tried to use the payload called sMacAndGrab.
I've add the DUCKY_LANG fr sequence on the top of the payload and when I put my BB in SW1, the paylods starts and type the word "Terminal" in the search field, it's exactly what's expected.

But the problem is about special chars. In french we have some characters like é è à etc... but they doesn't exist on your json file.
And in the same way, on Mac Os X we don't have the same keymap for specials chars like quotes, slashs, underscore etc.
So, when the terminal is open the commands fails because they can't type correctly the paths or commands.

Do you have a way to explore, or a documentation about mapping the keys for mac os x because i'm stuck with my BB and i don't find any information about that specific case o internet?

Thank you so much for your help and again, excuse me for my bad english ;)

Regards, Tewfik

 

Link to comment
Share on other sites

On 20.4.2017 at 11:34 PM, Tewfik said:

Hello,

 

Thank you for your tutorial :)
I've got the langage file from your Github account and it seems work ... partially !

Firstable, i'm French. (and sorry for my bad english btw) and i'm on a MAC (I know ... :p).
For my tests, i've tried to use the payload called sMacAndGrab.
I've add the DUCKY_LANG fr sequence on the top of the payload and when I put my BB in SW1, the paylods starts and type the word "Terminal" in the search field, it's exactly what's expected.

But the problem is about special chars. In french we have some characters like é è à etc... but they doesn't exist on your json file.
And in the same way, on Mac Os X we don't have the same keymap for specials chars like quotes, slashs, underscore etc.
So, when the terminal is open the commands fails because they can't type correctly the paths or commands.

Do you have a way to explore, or a documentation about mapping the keys for mac os x because i'm stuck with my BB and i don't find any information about that specific case o internet?

Thank you so much for your help and again, excuse me for my bad english ;)

Regards, Tewfik

 

The keyboard mapping files are not mine and not made by me. they are sourced from ducktoolkit.com. I have no idea how to do the key mapping my self, however they seems to be some comments/intructions in the .json files themself. Take a look! :) 

Link to comment
Share on other sites

Quick question:

When I Serial/SSH into the bunny and "cd" |  "cd .." there is no tools folder?  I updated the firmware and even reflashed the bunny.  Any help would be greatly appreciated; I am using a Win7 64 box with putty. 

 

 


Debian GNU/Linux 8 bunny ttyGS0

bunny login: root
Password:
Linux bunny 3.4.39 #68 SMP PREEMPT Thu Apr 6 00:46:27 PDT 2017 armv7l
           _____  _____  _____  _____     _____  _____  _____  _____  __ __
 (\___/)  | __  ||  _  ||   __||  |  |   | __  ||  |  ||   | ||   | ||  |  |
 (='.'=)  | __ -||     ||__   ||     |   | __ -||  |  || | | || | | ||_   _|
 (")_(")  |_____||__|__||_____||__|__|   |_____||_____||_|___||_|___|  |_|
 Bash Bunny by Hak5     USB Attack/Automation Platform


root@bunny:~# ls
udisk  version.txt
root@bunny:~# ls
udisk  version.txt
root@bunny:~# cd udisk
root@bunny:~/udisk# ls
root@bunny:~/udisk# pwd
/root/udisk
root@bunny:~/udisk# cd
root@bunny:/# ls
root@bunny:/mnt# cd ..
root@bunny:/# ls
bin   dev  home  lost+found  mnt  proc  run   srv  tmp    usr
boot  etc  lib   media       opt  root  sbin  sys  tools  var
root@bunny:/# cd tools
root@bunny:/tools# ls
impacket




 

Link to comment
Share on other sites

17 hours ago, VFMA83 said:

Quick question:

When I Serial/SSH into the bunny and "cd" |  "cd .." there is no tools folder?  I updated the firmware and even reflashed the bunny.  Any help would be greatly appreciated; I am using a Win7 64 box with putty. 

 

 


Debian GNU/Linux 8 bunny ttyGS0

bunny login: root
Password:
Linux bunny 3.4.39 #68 SMP PREEMPT Thu Apr 6 00:46:27 PDT 2017 armv7l
           _____  _____  _____  _____     _____  _____  _____  _____  __ __
 (\___/)  | __  ||  _  ||   __||  |  |   | __  ||  |  ||   | ||   | ||  |  |
 (='.'=)  | __ -||     ||__   ||     |   | __ -||  |  || | | || | | ||_   _|
 (")_(")  |_____||__|__||_____||__|__|   |_____||_____||_|___||_|___|  |_|
 Bash Bunny by Hak5     USB Attack/Automation Platform


root@bunny:~# ls
udisk  version.txt
root@bunny:~# ls
udisk  version.txt
root@bunny:~# cd udisk
root@bunny:~/udisk# ls
root@bunny:~/udisk# pwd
/root/udisk
root@bunny:~/udisk# cd
root@bunny:/# ls
root@bunny:/mnt# cd ..
root@bunny:/# ls
bin   dev  home  lost+found  mnt  proc  run   srv  tmp    usr
boot  etc  lib   media       opt  root  sbin  sys  tools  var
root@bunny:/# cd tools
root@bunny:/tools# ls
impacket

 

Search for tools folder with:
find / -iname "tools"

Hope it helps!

Link to comment
Share on other sites

On 4/24/2017 at 3:34 PM, VFMA83 said:

Quick question:

When I Serial/SSH into the bunny and "cd" |  "cd .." there is no tools folder?  I updated the firmware and even reflashed the bunny.  Any help would be greatly appreciated; I am using a Win7 64 box with putty. 

 

 


Debian GNU/Linux 8 bunny ttyGS0

bunny login: root
Password:
Linux bunny 3.4.39 #68 SMP PREEMPT Thu Apr 6 00:46:27 PDT 2017 armv7l
           _____  _____  _____  _____     _____  _____  _____  _____  __ __
 (\___/)  | __  ||  _  ||   __||  |  |   | __  ||  |  ||   | ||   | ||  |  |
 (='.'=)  | __ -||     ||__   ||     |   | __ -||  |  || | | || | | ||_   _|
 (")_(")  |_____||__|__||_____||__|__|   |_____||_____||_|___||_|___|  |_|
 Bash Bunny by Hak5     USB Attack/Automation Platform


root@bunny:~# ls
udisk  version.txt
root@bunny:~# ls
udisk  version.txt
root@bunny:~# cd udisk
root@bunny:~/udisk# ls
root@bunny:~/udisk# pwd
/root/udisk
root@bunny:~/udisk# cd
root@bunny:/# ls
root@bunny:/mnt# cd ..
root@bunny:/# ls
bin   dev  home  lost+found  mnt  proc  run   srv  tmp    usr
boot  etc  lib   media       opt  root  sbin  sys  tools  var
root@bunny:/# cd tools
root@bunny:/tools# ls
impacket




 

root@bunny:/tools# that is the correct tools folder for running the impacket installer

The other tools folder is only via USB storage, not the terminal

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...