Sebkinne

I'm not the right person to ask for this to be honest, as I don't deal with shipping. Saying that, none of our products are export controlled, and we have never had an issue shipping to one of the counties we officially service. If you use a shipping service like myus and ship to a country not on our list, we cannot guarantee that it meets that countries requirements. For further questions, please contact the hakshop at https://hakshop.com/contact

Sorry, I have just been getting a lot of USPS complaints. I guess this was more of a PSA :) Saying that, if it did get the good old NSA implant, I'd love to take a peak ;)

Unfortunately USPS First Class is a terrible option if you want your package fast. When you get the email with the tracking number, the Hakshop has given the package to the carrier. From that point, it's out of their hands and we can do very little. After 30 days you can file a claim with USPS (iirc). I wish there was something else we could do. Other carriers (ups and DHL) are available but that of course comes with a higher shipping cost. Fast or cheap, choose one :( Edit: I should add, USPS is also notoriously bad at scanning the packages. Often times it says they haven't picked it up until it's been delivered. This is frustrating for our customers and our shop.

I should clarify again, sorry. The portal most likely pops up, but you cannot interact with it. You could execute Javascript, download a file, etc, but no other interaction. I thought the question was if it popped up visibly when locked. This also depends on OS.

Hi, I'm sorry you are frustrated with our service. We are an extremely small team, and simply cannot keep up with the load right now. I can guarantee though, we will reply to every request we get. If the support ticket is hardware or software related it goes to me to answer. Unfortunately I am completely swamped with development at the moment, so tickets have been taking longer to answer. My apologies. Now about the shipping: If you chose USPS first class, it can take more than a month (usually doesn't of course) - this is out of our hands, as we simply ship with your chosen preferences. If there is another issue, I apologize, and I'm sure we can make this right. We just had a few people complain about USPS first class recently (it's rather the opposite of first class), so that's my assumption. Best regards, Seb

I'm working on something cross platform, but if you wanted to wait for the drivers to be installed, you can always have a loop that tries to ping the machine you are plugged into. Once the ping succeeds, you can continue with your script. That's the great advantage that the BB has over the Turtle or Ducky -- it's attacks are much more flexible and can be scripted to your hearts content.

Hi everyone, The actual setting is called MIPS_FPU_EMULATOR. It can be found by executing make kernel_menuconfig under kernel type -> MIP FPU Emulator. Simply press the y button, save the config, and build the kernel (make sure to make clean the kernel first). Hope this helps!

I got a bit sidetracked while creating a fix, so bear with me on this payload. Sorry, this does not work to my knowledge.

Actually, scratch that. I just saw there was a PR that broke the payload completely. I'm about to push a fix for it.

Hi Onus, Odd that the page opened is the user's homepage. That kind of sounds like default routes messing it up on the user's machine. Have you tried a different one? I have tested that the correct page is served on Windows, MacOS, and a couple of variants of Linux. Something I don't currently do correctly is dropping ALL network traffic apart from redirecting port 80 to our IP:8080. I wanted to, but this was more of a PoC and I was rushed for time. As a result I didn't take the time to figure out the order of IPTables rules. You are welcome to submit a PR for this on Github -- the changes should be made in the setupNetworking function.

I use a cable that simply has the data lines snipped on the power end. That end I can plug into a battery or my phone (with an otg adapter) and the other into a machine. Works great, as long as the payload isn't hid. Then you'd need to trigger it somehow first.

Hi Zippy, While I too am not Darren, I am a forum Admin and work for Hak5. Feel free to send me a PM about any issue you have.

Just a heads-up for anyone facing the same issue that missed the discussion on IRC: When the Bash Bunny does not have an internet connection, binding to 0.0.0.0 will be slow as this will usually result in lookups expecting an internet connection. The 'fix' for this is simply binding to the Bash Bunny's IP address directly (172.16.64.1). That way, there is no delay in languages / frameworks that do the actual interface binding under the hood.

Works fine for me (C, Python, and Go) via SSH, a payload, or serial. The bind is pretty much instantaneous.

The above specifically applies to the WiFi Pineapple (any generation so far). The same however does apply to the Ducky, Turtle, and Bunny.

I actually started working on a program you can execute on a target machine (that does not require root/admin) that will be able to automatically share internet connection to the Bash Bunny. It's not a priority, yet, but it shouldn't take too many evenings to implement.

This is what I have tried and so far find is the best solution. My phone (Nexus 6p) does however provide enough power to the Bunny, so I do not need to include a battery.

Yeah, I have had the same issue - simply sending a few ENTER characters should show output. If that's not the case, follow our firmware recovery instructions.

You should be able to detect the device by MAC, so no need to change the IP address.

I agree. I'm not sure of what exactly the organization should be, but I'm welcoming suggestions. Maybe OS -> Type of payload or Type -> OS?

Hi word2yamutha, I know this sounds silly, but have you pressed enter? You should be greeted with a login prompt.

Hi everyone, Let me quickly start off my saying that we cannot take responsibility for shipments that are being forwarded. We can only guarantee delivery to the forwarding agency. There is a reason why we do not ship to certain countries, so please be aware of this. That said, the WiFi Pineapple ECCN is 5A992. See below for legal stuff:

Can you check your browser's Javascript console?

You can simply poll the following GPIOs: /sys/class/gpio_sw/PA8/data /sys/class/gpio_sw/PL4/data /sys/class/gpio_sw/PL3/data The value returned will be either 0 (on) or 1 (off). Edit: You'd have to keep track of executing the payloads, as you wouldn't want the switch changing to run a payload if one is still running.

We'll make the recovery process easier in the future, bear with us while we get post launch development geared up.