unixnerd777 Posted June 30, 2017 Share Posted June 30, 2017 When I connect the Bash Bunny with ATTACKMODE RNDIS_ETHERNET it sets itself as a default network interface, which is desired in most cases. However, I would like it to show up as a secondary interface as part of my payload requires actual internet. Since the Bash Bunny doesn't have internet itself, it can't provide internet to the windows box. It would be nice if I could configure the Bash Bunny to show up as a non-default interface. It is possible to change the metric in powershell, so if my payload uses powershell, I can do this to change it: Get-NetAdapter | Where-Object -FilterScript {$_.LinkSpeed -Eq "2 Gbps"} | Set-NetIPInterface -InterfaceMetric 100 Quote Link to comment Share on other sites More sharing options...
dbum Posted June 30, 2017 Share Posted June 30, 2017 I'm not sure what the question is? If your Powershell script works, then why couldn't you use that? If a high throughput is not needed on the network adapter, you can just use ATTACKMODE RNDIS_ETHERNET RNDIS_SPEED_10000 **you will need fw 1.3 This will connect the bb @ 10Mb and will most likely not be your "default" device. I do like the PS command! Thanks! 1 Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted July 3, 2017 Share Posted July 3, 2017 'dbum's method is correct. Using the RNDIS_SPEED_10000 it limits the Bunny's network speed to 10Mbps (according to the PC), making anything faster than that the primary network interface (e.g. WiFi or Ethernet). This argument was made for the purpose of keeping the victim PC's internet access while the Bunny was plugged in. Pretty neat. Quote Link to comment Share on other sites More sharing options...
unixnerd777 Posted July 3, 2017 Author Share Posted July 3, 2017 On 6/30/2017 at 4:22 PM, dbum said: I'm not sure what the question is? If your Powershell script works, then why couldn't you use that? If a high throughput is not needed on the network adapter, you can just use ATTACKMODE RNDIS_ETHERNET RNDIS_SPEED_10000 **you will need fw 1.3 This will connect the bb @ 10Mb and will most likely not be your "default" device. I do like the PS command! Thanks! That is exactly what I was looking for, thanks. Yes, the powershell works and I'm using powershell with this payload, but if I wasn't the RNDIS_SPEED will do what I want w/out needing to use powershell. I wonder if RNDIS_SPEED_10000 could be added to https://wiki.bashbunny.com/#!payload_development.md, that way others who are developing for the Bunny would know about it too. I wonder what other flags it supports that aren't (yet) on the wiki... Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted July 4, 2017 Share Posted July 4, 2017 12 hours ago, unixnerd777 said: That is exactly what I was looking for, thanks. Yes, the powershell works and I'm using powershell with this payload, but if I wasn't the RNDIS_SPEED will do what I want w/out needing to use powershell. I wonder if RNDIS_SPEED_10000 could be added to https://wiki.bashbunny.com/#!payload_development.md, that way others who are developing for the Bunny would know about it too. I wonder what other flags it supports that aren't (yet) on the wiki... All known flags by the community are in the changelog. Sebkinne updates our knowledge as he updates the Bunny :) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.