Dave-ee Jones Posted May 15, 2017 Share Posted May 15, 2017 On 5/14/2017 at 0:30 AM, TeCHemically said: Do I need to reinstall ducktoolkit after a firmware upgrade? the only payloads that my BB have ever been able to run are ducky payloads; and now even they aren't working anymore. Attempting to run the duckinstall payload fails just like literally every other payload now... Not everyone has time to update their payloads every day to suit the new firmware. DuckyInstall shouldn't be needed either. I don't use it and all my ducky scripts work fine. I think your making things too complicated for yourself. All you have to do is install the new firmware (1.3) and install Impacket/Responder if you want them (some payloads require them, but you decide if you think it's worth it or not). You should read the changelogs to see what they have done to some commands as well. Not sure what would have gone wrong with your ducky scripts, as nothing major has changed there.. Link to comment Share on other sites More sharing options...
johnjohnsp1 Posted May 15, 2017 Share Posted May 15, 2017 Update on QuickCreds run, did those following steps: -mounted bunny on windows machine (arming mode) -deleted all the files -copied and installed the new firmware 1.3 -copied and overwrited all the files with https://github.com/hak5/bashbunny-payloads -installed the tools impacket & responder with "DEB" package provided here: -putty client to configure em both ovr the bunny -mount -o sync /dev/nandf udisk/ -cp *.deb /tools -dpkg --install impacket.deb -dpkg --install responder.deb -from windows copied the QuickCreds payload.txt over switch1 folder -unplugged safely -switch1 -re plugged in -completed successfully /cheers - Link to comment Share on other sites More sharing options...
Marcussen Posted May 18, 2017 Share Posted May 18, 2017 On 13/5/2017 at 4:30 PM, TeCHemically said: Do I need to reinstall ducktoolkit after a firmware upgrade? the only payloads that my BB have ever been able to run are ducky payloads; and now even they aren't working anymore. Attempting to run the duckinstall payload fails just like literally every other payload now... Got the same issue. Upgraded from 1.0 to 1.3 and now I can't get the Bunny to quack. - Thomas Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted May 18, 2017 Share Posted May 18, 2017 1 minute ago, Marcussen said: Got the same issue. Upgraded from 1.0 to 1.3 and now I can't get the Bunny to quack. - Thomas Weird. Not sure why people are having this issue - mine is working fine...You guys are setting ATTACKMODE HID right? What I would do is make sure the drivers are correctly installed (Device Manager) and check the Human Interface Devices and USB Devices - and also Unknown Devices. If it's unknown, try manually updating the driver software like so: Set attackmode to HID and STORAGE, then manually update the drivers via Browse my Computer for Software and select the Bunny's drive (mines the D:\). Let it do its thing and see how that goes. I usually use the HID attackmode with another attackmode (RNDIS_ETHERNET usually) so it could be that when @Sebkinne fixed the HID/RNDIS_ETHERNET compatibility it broke HID on its lonesome. Have a play! Link to comment Share on other sites More sharing options...
Irvine-J Posted May 21, 2017 Share Posted May 21, 2017 I am a newbie here... I updated my BB to 1.3 fine. Copied both responder.deb and impacket.deb to the /tools directory. Safely eject and replugged in. In Arming mode using Putty, I can see both impacket and responder under /tools. Copied QuickCreds payload with ATTACKMODE set to HID. I also tried ATTACKMODE RNDIS_ETHERNET. Both modes result in blinking red light. Also tried MrRobot payload, result was a blinking white. I see the MrRobot directory created under /loot. Nothing else inside. Anyone else having better luck? Perhaps, go back to firmware v1.2? Link to comment Share on other sites More sharing options...
Irvine-J Posted May 21, 2017 Share Posted May 21, 2017 1 minute ago, Irvine-J said: 14 minutes ago, Irvine-J said: I am a newbie here... I updated my BB to 1.3 fine. Copied both responder.deb and impacket.deb to the /tools directory. Safely eject and replugged in. In Arming mode using Putty, I can see both impacket and responder under /tools. Copied QuickCreds payload with ATTACKMODE set to HID. I also tried ATTACKMODE RNDIS_ETHERNET. Both modes result in blinking red light. Also tried MrRobot payload, result was a blinking white. I see the MrRobot directory created under /loot. Nothing else inside. Anyone else having better luck? Perhaps, go back to firmware v1.2? A positive update here! I went back and set ATTACKMODE back to RNDIS_ETHERNET. However, I had to edit part of the payload below from "cd /tools/Responder" to this "cd /tools/responder". Used a lowercase "responder" instead of uppercase "Responder". This apparently fixed the issue with QuickCreds. Still on firmware 1.3. # Set LED yellow, run attack LED ATTACK cd /tools/responder Link to comment Share on other sites More sharing options...
Fang_Shadow Posted June 8, 2017 Share Posted June 8, 2017 Really quick note of something I noticed with flashing bashbunny from 1.0 to 1.3, It was in a wall to usb adapter/cube and got stuck at a solid red (no idea what it means possibly failed or error) unplugged it and plugged it back in and it seems to be working properly again. Just for others that might experience the same issue. Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted June 25, 2017 Share Posted June 25, 2017 Hey Seb, you might want to add to the upgrade wiki and bright note letting folks know they will need to reinstall their tools and even their payloads after updating the firmware. I see that question being asked a lot on the forums by new users who firmware update. Link to comment Share on other sites More sharing options...
enc1pher Posted June 25, 2017 Share Posted June 25, 2017 In case this can help others: If your browser (e.g. Safari) "opens" the .tar.gz file after it finishes downloading it, it will gunzip, leaving a .tar file in its wake. Re-gzipping the .tar before copying it to the root of the bunny's hdd was a simple fix :) Link to comment Share on other sites More sharing options...
b0N3z Posted June 25, 2017 Share Posted June 25, 2017 1 hour ago, enc1pher said: In case this can help others: If your browser (e.g. Safari) "opens" the .tar.gz file after it finishes downloading it, it will gunzip, leaving a .tar file in its wake. Re-gzipping the .tar before copying it to the root of the bunny's hdd was a simple fix :) you should just be able to download it and go to finder and move the .tar.gz to the root of the bunny which is the directory in which loot, tools, and libary is in. Link to comment Share on other sites More sharing options...
enc1pher Posted June 25, 2017 Share Posted June 25, 2017 6 minutes ago, b0N3z said: you should just be able to download it and go to finder and move the .tar.gz to the root of the bunny which is the directory in which loot, tools, and libary is in. True, however if Safari has 'Open "safe" files after downloading' enabled (as is the default when you add a new user), then Safari will gunzip the tar file automatically :) My fix is to a) Untick the box to disable this functionality in 'Preferences', or b) gzip the .tar file, if this happens. Link to comment Share on other sites More sharing options...
r0see Posted July 11, 2017 Share Posted July 11, 2017 Flashed with no problems Link to comment Share on other sites More sharing options...
nokia1556 Posted July 31, 2017 Share Posted July 31, 2017 On 15/5/2017 at 4:51 PM, johnjohnsp1 said: Update on QuickCreds run, did those following steps: -mounted bunny on windows machine (arming mode) -deleted all the files -copied and installed the new firmware 1.3 -copied and overwrited all the files with https://github.com/hak5/bashbunny-payloads -installed the tools impacket & responder with "DEB" package provided here: -putty client to configure em both ovr the bunny -mount -o sync /dev/nandf udisk/ -cp *.deb /tools -dpkg --install impacket.deb -dpkg --install responder.deb -from windows copied the QuickCreds payload.txt over switch1 folder -unplugged safely -switch1 -re plugged in -completed successfully /cheers - Hi, I have the same problem than you. Could you sort it out? Could you please help me? I would love to have a skype conversation with you, as I need help with the QUICKCREDS. I do not mind paying for the help, but please help me. Thanks Maria Link to comment Share on other sites More sharing options...
Marshall Posted September 8, 2017 Share Posted September 8, 2017 I followed Darren's Bunny Primer youtube video and used the bashbunny updater to go from 1.0-1.3. In the video it says that all you'll need to do to update the payloads in the future is to run the bunnyupdater, so figured i must be all ready to go. Not so. Currently the payloads don't update (or didn't for me) and I was left with all the old payloads which took me a couple of hours to realise why my QuickCreds had stopped working. I manually downloaded all payloads from github, deleted docs, lang and payloads directories and copied over the new ones and all was good. Am guessing the bunnyupdater will be updated to include a git pull in the future? Cheers guys. Link to comment Share on other sites More sharing options...
Sebkinne Posted September 8, 2017 Author Share Posted September 8, 2017 58 minutes ago, Marshall said: I followed Darren's Bunny Primer youtube video and used the bashbunny updater to go from 1.0-1.3. In the video it says that all you'll need to do to update the payloads in the future is to run the bunnyupdater, so figured i must be all ready to go. Not so. Currently the payloads don't update (or didn't for me) and I was left with all the old payloads which took me a couple of hours to realise why my QuickCreds had stopped working. I manually downloaded all payloads from github, deleted docs, lang and payloads directories and copied over the new ones and all was good. Am guessing the bunnyupdater will be updated to include a git pull in the future? Cheers guys. You have to run the Bash Bunny updater twice. Once to upgrade the firmware, and again to update the payloads. The reason for this is that the upgrade changes the udisk, so pulling down payloads before the upgrade is completed doesn't make sense. Link to comment Share on other sites More sharing options...
Bob123 Posted September 9, 2017 Share Posted September 9, 2017 Hey just wondering but once updated to 1.3 is there a file structure somewhere so I can compare mine to what is supposed to be there? I ran updater twice and it grabbed everything and stuck it in a .payload_repo folder. Inside that folder is a payloads folder structured the same as the payloads folder on the root of the flash drive portion of the BB. Should I delete the old payloads folder and use the new one? Should I keep the new one where it's at or move it to the root? Also my installed-tools text file states that I have impacket and responder installed already, do I need to reinstall those now that I have updated to 1.3? I was at 1.0 prior to this. Thanks everyone! Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted September 11, 2017 Share Posted September 11, 2017 On 9/9/2017 at 10:28 AM, Bob123 said: Hey just wondering but once updated to 1.3 is there a file structure somewhere so I can compare mine to what is supposed to be there? I ran updater twice and it grabbed everything and stuck it in a .payload_repo folder. Inside that folder is a payloads folder structured the same as the payloads folder on the root of the flash drive portion of the BB. Should I delete the old payloads folder and use the new one? Should I keep the new one where it's at or move it to the root? Also my installed-tools text file states that I have impacket and responder installed already, do I need to reinstall those now that I have updated to 1.3? I was at 1.0 prior to this. Thanks everyone! Confused. Can you take a screenshot of your Bunny's storage partition, NOT the root partition? It should look something like what I've attached. Yes, you will need to re-install Impacket and Responder. You can find them pinned to the Bash Bunny subforum. Link to comment Share on other sites More sharing options...
Bob123 Posted September 11, 2017 Share Posted September 11, 2017 Thanks Mr Jones for getting back with me. I misspoke when I said root, I meant root of the storage not of the device. So the first folder I have is a repo folder that got created when I ran the updater the second time. But it does look like everything in that folder has been moved to the proper folders as well. And that's where my initial concern came in. I wasn't sure if I had to move the new payloads to the current payloads folder but it looks like it just added the new ones automatically. And then my second circled file is the installed tools where it already tells me responder and impacket are already installed. But I'll install them again. I'm safe to just grab the .deb file and put it in the tools folder? I don't need to uninstall the older programs first? Thanks for your help! Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted September 11, 2017 Share Posted September 11, 2017 11 hours ago, Bob123 said: Thanks Mr Jones for getting back with me. I misspoke when I said root, I meant root of the storage not of the device. So the first folder I have is a repo folder that got created when I ran the updater the second time. But it does look like everything in that folder has been moved to the proper folders as well. And that's where my initial concern came in. I wasn't sure if I had to move the new payloads to the current payloads folder but it looks like it just added the new ones automatically. And then my second circled file is the installed tools where it already tells me responder and impacket are already installed. But I'll install them again. I'm safe to just grab the .deb file and put it in the tools folder? I don't need to uninstall the older programs first? Thanks for your help! Okay, what I would do in this situation (just to be on the safe side) is: Recover my Bunny Plug the Bunny in with the switch on arming mode Wait for the LED to turn green and then unplug the Bunny Repeat 2-3 more times Upgrade the firmware the 'normal' way Link to downloads page Make sure the hashes are the same Drop it on your Bash Bunny's storage while it's in arming mode Safely eject the Bunny and unplug it Plug it back in again That should HOPEFULLY fix your problems and get you a nice, working Bunny. :) Link to comment Share on other sites More sharing options...
DangerousAltoid Posted September 16, 2017 Share Posted September 16, 2017 On 5/15/2017 at 8:51 AM, johnjohnsp1 said: Update on QuickCreds run, did those following steps: -mounted bunny on windows machine (arming mode) -deleted all the files -copied and installed the new firmware 1.3 -copied and overwrited all the files with https://github.com/hak5/bashbunny-payloads -installed the tools impacket & responder with "DEB" package provided here: -putty client to configure em both ovr the bunny -mount -o sync /dev/nandf udisk/ -cp *.deb /tools -dpkg --install impacket.deb -dpkg --install responder.deb -from windows copied the QuickCreds payload.txt over switch1 folder -unplugged safely -switch1 -re plugged in -completed successfully /cheers - Thanks! I wish Hak5 would have some straight and clear instructions. All over the place. I literally had to search for this for an hour. It's like each firmware upgrade had different things with it and names. Just everywhere. Love Hak5 tools but wow, they need to improve with documentation and consistency. Link to comment Share on other sites More sharing options...
spacecowboy Posted September 16, 2017 Share Posted September 16, 2017 I am curious any plans to allow updating through apt-get instead? seems like it would be a lot faster to just download and update packages as needed instead of a whole os file. Link to comment Share on other sites More sharing options...
InfoSecREDD Posted October 23, 2017 Share Posted October 23, 2017 Any news on this "1.4" Firmware that was supposed to be released? Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted October 23, 2017 Share Posted October 23, 2017 3 hours ago, Ar1k88 said: Any news on this "1.4" Firmware that was supposed to be released? Hint Quite funny though, as I just literally reset my Bunny to v1.0 because it was acting up. Haha! Link to comment Share on other sites More sharing options...
InfoSecREDD Posted October 23, 2017 Share Posted October 23, 2017 7 minutes ago, Dave-ee Jones said: Hint Quite funny though, as I just literally reset my Bunny to v1.0 because it was acting up. Haha! Well as a celebration I'll release another script.. ? Link to comment Share on other sites More sharing options...
Irukandji Posted October 23, 2017 Share Posted October 23, 2017 Newer firmware is here. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.