InfiniteBSOD
-
Posts
11 -
Joined
-
Last visited
Posts posted by InfiniteBSOD
-
-
1 hour ago, dark_pyrro said:
This is most likely due to the fact that Python 3 was installed using apt before you built Python3 from source. I would recommend purging the version installed using apt, or simply do a factory reset to start with a clean slate and not install Python 3 using apt, but only build the relevant version for Responder.
If my memory is correct the 'apt'-version of Python3 was automatically installed as a dependency for one of these deb-packages:
build-essential libgdbm-dev libnss3-dev libffi-dev gcc
I just tried to download the old / deprecated "responder.deb", moved it to the mounted "tools"-directory with the BB MK II in "arming"-mode and then put the "QuickCreds" "payload.txt" into "Switch1" and it works.
So I thank you for all your help and will close this for now, it works as intended and I'll revisit this in the future.
-
26 minutes ago, dark_pyrro said:
To really make sure netifaces is installed and available for Python 3, then enter the Python 3 prompt, by running:
python3Enter:
import netifacesThere should be no error message(s) if netifaces is installed correctly for Python 3
Just to test it further, list available interfaces:
netifaces.interfaces()root@bunny:~# python --version Python 3.11.2 root@bunny:~# python3 --version Python 3.4.2
so I'm unsure why python3 leads to 3.4.2 and not 3.11.2 and python leads to 3.11.2.
I guess python should lead to python2 and python3 should lead to 3.11.2 although:root@bunny:~# which python /root/build-dir/Python-3.11.2/python root@bunny:~# which python3 /usr/bin/python3 root@bunny:~# which python2 /usr/bin/python2
root@bunny:~# python Python 3.11.2 (main, Mar 19 2023, 19:58:51) [GCC 4.9.2] on linux Type "help", "copyright", "credits" or "license" for more information. >>> help('modules') Please wait a moment while I gather a list of all available modules... test_sqlite3: testing with version '2.6.0', sqlite_version '3.8.7.1' /home/build-dir/Python-3.11.2_compiled/lib/python3.11/site-packages/_distutils_hack/__init__.py:33: UserWarning: Setuptools is replacing distutils. warnings.warn("Setuptools is replacing distutils.") __future__ _thread graphlib select __hello__ _threading_local grp selectors __phello__ _tokenize gzip setuptools _abc _tracemalloc hashlib shelve _aix_support _typing heapq shlex _ast _warnings hmac shutil _asyncio _weakref html signal _bisect _weakrefset http site _blake2 _xxsubinterpreters idlelib smtpd _bootsubprocess _xxtestfuzz imaplib smtplib _codecs _zoneinfo imghdr sndhdr _codecs_cn abc imp socket _codecs_hk aifc importlib socketserver _codecs_iso2022 antigravity inspect spwd _codecs_jp argparse io sqlite3 _codecs_kr array ipaddress sre_compile _codecs_tw ast itertools sre_constants _collections asynchat json sre_parse _collections_abc asyncio keyword ssl _compat_pickle asyncore lib2to3 stat _compression atexit linecache statistics _contextvars audioop locale string _crypt base64 logging stringprep _csv bdb lzma struct _ctypes binascii mailbox subprocess _ctypes_test bisect mailcap sunau _datetime builtins marshal symtable _dbm bz2 math sys _decimal cProfile mimetypes sysconfig _distutils_hack calendar mmap syslog _elementtree cgi modulefinder tabnanny _functools cgitb msilib tarfile _gdbm chunk multiprocessing telnetlib _hashlib cmath netifaces tempfile _heapq cmd netrc termios _imp code nis test _io codecs nntplib textwrap _json codeop ntpath this _locale collections nturl2path threading _lsprof colorsys numbers time _markupbase compileall opcode timeit _md5 concurrent operator tkinter _multibytecodec configparser optparse token _multiprocessing contextlib os tokenize _opcode contextvars ossaudiodev tomllib _operator copy pathlib trace _osx_support copyreg pdb traceback _pickle crypt pickle tracemalloc _posixshmem csv pickletools tty _posixsubprocess ctypes pip turtle _py_abc curses pipes turtledemo _pydecimal dataclasses pkg_resources types _pyio datetime pkgutil typing _queue dbm platform unicodedata _random decimal plistlib unittest _sha1 difflib poplib urllib _sha256 dis posix uu _sha3 distutils posixpath uuid _sha512 doctest pprint venv _signal email profile warnings _sitebuiltins encodings pstats wave _socket ensurepip pty weakref _sqlite3 enum pwd webbrowser _sre errno py_compile wsgiref _ssl faulthandler pyclbr xdrlib _stat fcntl pydoc xml _statistics filecmp pydoc_data xmlrpc _string fileinput pyexpat xxlimited _strptime fnmatch queue xxlimited_35 _struct fractions quopri xxsubtype _symtable ftplib random zipapp _sysconfigdata__linux_arm-linux-gnueabihf functools re zipfile _testbuffer gc reprlib zipimport _testcapi genericpath resource zlib _testclinic getopt rlcompleter zoneinfo _testimportmultiple getpass runpy _testinternalcapi gettext sched _testmultiphase glob secrets Enter any module name to get more help. Or, type "modules spam" to search for modules whose name or summary contain the string "spam". >>> netifaces.interfaces() Traceback (most recent call last): File "<stdin>", line 1, in <module> NameError: name 'netifaces' is not defined >>> import netifaces >>> netifaces.interfaces() ['lo', 'eth0', 'tunl0', 'gre0', 'sit0', 'ip6tnl0', 'usb0']'netifaces' should be installed for python (a.k.a. 3.11.2)
-
32 minutes ago, dark_pyrro said:
The LED sequence seems a bit odd. It shouldn't do it that way if either succeeding or failing (failing not equal to "LED FAIL" as per the payload script, but failing to get loot). I guess that Responder fails due to the fact that the payload is using a Responder command line option that is deprecated if I remember it correctly ==> "-r". If you run Responder manually and include the option "-r", it will abort. That could be the reason why the loot directory is created (since that is happening before Responder is executed), but nothing else happens. If Responder was successful in running the payload, it would blink yellow until it got some loot (i.e. some file named something including "NTLM").
Tried executing Responder.py manually:
root@bunny:/tools/responder# python Responder.py -I usb0 -w -d -P -v
returns:
<some-omitted-stuff>[!] Error starting SSL server on port 5986, check permissions or other servers running. [!] Error starting SSL server on port 443, check permissions or other servers running.
while looking which services that use "5986" or "443":
root@bunny:/tools/responder# netstat -lnpt Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 430/sshd tcp6 0 0 :::22 :::* LISTEN 430/sshd
it seems no services are.
In regards to "-r" being deprecated that seems to be the case:
root@bunny:/tools/responder# python Responder.py -I usb0 -w -d -r -P -v __ .----.-----.-----.-----.-----.-----.--| |.-----.----. | _| -__|__ --| _ | _ | | _ || -__| _| |__| |_____|_____| __|_____|__|__|_____||_____|__| |__| NBT-NS, LLMNR & MDNS Responder 3.1.3.0 To support this project: Patreon -> https://www.patreon.com/PythonResponder Paypal -> https://paypal.me/PythonResponder Author: Laurent Gaffie (laurent.gaffie@gmail.com) To kill this script hit CTRL-C Usage: python Responder.py -I eth0 -w -d or: python Responder.py -I eth0 -wd Responder.py: error: no such option: -r
removed -r references · lgandx/Responder@03fa9a7 (github.com)
-
21 hours ago, dark_pyrro said:
Not quite sure what you mean by that. You let the Bunny run whatever payload is available in the switch position you select. If you select switch position 1, it will run the payload in the switch1 payload directory. And the same logic for switch2.
If you haven't purged Python 2 (or created some symlink that starts Python 3 when typing "python"), you should start Responder with python3 specifically, otherwise Responder will start with Python 2.
I think I am nearly there!
I renamed the "Responder-3.1.3.0" folder to "responder" and moved it to the "/tools/" when accessing the BB MK II through SSH and put the "payload.txt" for "QuickCreds" in the "Switch1" folder.I also SSH:ed into the BB MK II and ran "chmod a+x ./responder.py" while in the "/tools/responder/"-directory.
I set the network adapter for the BB MK II to "Automatic" instead of the static IP I used (172.16.64.64/24) to be able to SSH into it.Here is what I see when inserting the BB MK II using "Switch1":
Solid green
Solid magenta ("purple") [Row 27 below]
Blinking green [Row ??]Even after ~ 5min its still blinking green.
According to the code for "QuickCreds" here:
bashbunny-payloads/payload.txt at master · hak5/bashbunny-payloads (github.com)
and the legend for LEDs for BB here:
LED - Bash Bunny (hak5.org)Row 27 - "# Setup attack" = LED SETUP = Magenta solid
Row 56 - "# Set LED yellow, run attack" = LED ATTACK = Yellow single blink
Row 80 = "# Light turns green - trap is clean." = LED FINISH = Green very fast blink followed by solid greenWhen setting the BB MK II into "arming mode" and checking the mounted "<driveletter>\loot\quickcreds\" I can see a subfolder with the hostname of my host but no files in it.
Any idea?
Feels that I'm really close now, thanks to your help 🙂Update:
Row 63 =python Responder.py -I usb0 $RESPONDER_OPTIONS &
if I SSH and try to run "Responder.py":
root@bunny:/tools/responder# ./Responder.py You need to install python-netifaces or run Responder with python3... Try "apt-get install python-netifaces" or "pip install netifaces"
OK not specifying "python" makes it default to "python2" instead of "python3" however running:
root@bunny:/tools/responder# python ./Responder.py
returns:
__ .----.-----.-----.-----.-----.-----.--| |.-----.----. | _| -__|__ --| _ | _ | | _ || -__| _| |__| |_____|_____| __|_____|__|__|_____||_____|__| |__| NBT-NS, LLMNR & MDNS Responder 3.1.3.0 To support this project: Patreon -> https://www.patreon.com/PythonResponder Paypal -> https://paypal.me/PythonResponder Author: Laurent Gaffie (laurent.gaffie@gmail.com) To kill this script hit CTRL-C Error: -I <if> mandatory option is missing
So just like row 63 in "QuickCreds" it should start "responder" w. Python3?
-
On 3/15/2023 at 10:48 PM, dark_pyrro said:
It should work, I know since I've done it several times. Time may change things though, so what was working a bit back in time may not work now.
The apt stuff is most likely because of the fact that Jessie is old nowadays and it's not strange that such errors would occur. Getting a more recent debian-archive-keyring package could solve it and/or edit the sources.list file. Or, use apt-key to import keys from a key server (if available).
Thank you for your help and your guide, helped me a lot!
I reset my BB MK II:
Factory Reset - Bash Bunny (hak5.org)then did this:
///
1) Set your BashBunny MK II (w. mSDHC-slot) to share your computers internet connection:
https://docs.hak5.org/bash-bunny/internet-connectivity/sharing-an-internet-connection-from-windows2) SSH into the BB MK II by using an SSH-terminal (ex. Bitvise SSH Client) and connect to:
172.16.64.1
User: root
Password: hak5bunny** All commands below are in the SSH-terminal **
3) Set time and date (and timezone).
Execute:
timedatectl set-time 'YYYY-MM-DD HH:MM:SS'
in my case:
timedatectl set-time '2023-03-19 18:14:00'
Execute:
timedatectl list-timezones | grep 'continent'
in my case:
timedatectl list-timezones | grep 'Europe'
Execute:
timedatectl set-timezone <current-timzone>
in my case:
timedatectl set-timezone Europe/Stockholm
4) Install necessary build-packages.
Execute:
apt update apt install build-essential libgdbm-dev libnss3-dev libffi-dev gcc
5) Create a directory for all the files which will be downloaded and built and enter it.
Execute:
mkdir /root/build-dir cd /root/build-dir
6) Download, untar and remove the zip for OpenSSL (latest version as per this post 2023-03-18 is '3.1.0').
Execute:
wget https://www.openssl.org/source/openssl-3.1.0.tar.gz tar -xvf openssl-3.1.0.tar.gz rm openssl-3.1.0.tar.gz mkdir openssl-3.1.0_compiled cd openssl-3.1.0
7) Build and install OpenSSL 3.1.0.
Source:
https://docs.python.org/3.11/using/unix.html#custom-opensslLocate current OpenSSL.
Execute:
find /etc/ -name openssl.cnf -printf "%h\n"
in my case it was "/etc/ssl" which concerns the directory I enter for "--openssldir=".
Execute:
./config \ --prefix=/home/build-dir/openssl-3.1.0_compiled \ --libdir=lib \ --openssldir=/etc/ssl
should return:
Configuring OpenSSL version 3.1.0 for target linux-armv4 Using os-specific seed configuration Created configdata.pm Running configdata.pm Created Makefile.in Created Makefile Created include/openssl/configuration.h ********************************************************************** *** *** *** OpenSSL has been successfully configured *** *** *** *** If you encounter a problem while building, please open an *** *** issue on GitHub <https://github.com/openssl/openssl/issues> *** *** and include the output from the following command: *** *** *** *** perl configdata.pm --dump *** *** *** *** (If you are new to OpenSSL, you might want to consult the *** *** 'Troubleshooting' section in the INSTALL.md file first) *** *** *** **********************************************************************
Execute (official documentation suggest "-j1" which is 1 core, BB MK II have 4 cores therefore "-j4"):
make -j4 depend
Execute (official documentation suggest "-j8" which is 1 core, BB MK II have 4 cores therefore "-j4"):
make -j4
should end with:
make[1]: Leaving directory '/root/build-dir/openssl-3.1.0'
Execute:
make install_sw
😎 Download, untar and remove the zip for Python3 (latest version as per this post 2023-03-18 is '3.11.2').
Execute:
wget https://www.python.org/ftp/python/3.11.2/Python-3.11.2.tgz tar -xvf Python-3.11.2.tgz rm Python-3.11.2.tgz mkdir Python-3.11.2_compiled cd Python-3.11.2
9) Build and install Python 3.11.2.
Source: https://docs.python.org/3.11/using/unix.html#custom-opensslExecute:
./configure -C \ --with-openssl=/home/build-dir/openssl-3.1.0_compiled \ --with-openssl-rpath=auto \ --prefix=/home/build-dir/Python-3.11.2_compiled
Execute (official documentation suggest "-j8" which is 1 core, BB MK II have 4 cores therefore "-j4"):
make -j4
Execute:
make altinstall
Add directory to path:
cd ~ nano .bashrc export PATH=/home/build-dir/Python-3.11.2:$PATH . .bashrc
10) Download and install 'netifaces' (requirement for Responder) through pip.
Execute:
python -m pip install netifaces
11) Upgrade 'pip'.
pip3.11 install --upgrade pip
12) Download, untar and remove the zip for Responder (latest version as per this post 2023-03-18 is '3.1.3.0').
Execute:
wget https://github.com/lgandx/Responder/archive/refs/tags/v3.1.3.0.tar.gz tar -xvf v3.1.3.0.tar.gz rm v3.1.3.0.tar.gz
13) Launch Responder.
cd /root/build-dir/Responder-3.1.3.0 python ./Python.py
should return:
__ .----.-----.-----.-----.-----.-----.--| |.-----.----. | _| -__|__ --| _ | _ | | _ || -__| _| |__| |_____|_____| __|_____|__|__|_____||_____|__| |__| NBT-NS, LLMNR & MDNS Responder 3.1.3.0 To support this project: Patreon -> https://www.patreon.com/PythonResponder Paypal -> https://paypal.me/PythonResponder Author: Laurent Gaffie (laurent.gaffie@gmail.com) To kill this script hit CTRL-C Error: -I <if> mandatory option is missing
launching 'DumpHash.py' with:
python ./DumpHash.py
returns:
Dumping NTLMV2 hashes: Traceback (most recent call last): File "/root/build-dir/Responder-3.1.3.0/./DumpHash.py", line 43, in <module> v2 = GetResponderCompleteNTLMv2Hash(cursor) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/root/build-dir/Responder-3.1.3.0/./DumpHash.py", line 28, in GetResponderCompleteNTLMv2Hash res = cursor.execute("SELECT fullhash FROM Responder WHERE type LIKE '%v2%' AND UPPER(user) in (SELECT DISTINCT UPPER(user) FROM Responder)") ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ sqlite3.OperationalError: no such table: Responder///
So I guess that a payload should be in 'Switch Position 1' which invokes 'DumpHash.py' and then 'QuickCreds' should be in 'Switch Position 2'?
-
On 3/14/2023 at 8:49 PM, InfiniteBSOD said:
I love you.
I will try this tomorrow and report back.Tried it!
apt-get clean apt update
returns:
W: GPG error: http://httpredir.debian.org jessie Release: The following signatures were invalid: KEYEXPIRED 1668891673 W: GPG error: http://archive.debian.org jessie-backports InRelease: The following signatures were invalid: KEYEXPIRED 1587841717 KEYEXPIRED 1668891673 W: There is no public key available for the following key IDs: 648ACFD622F3D138 NO_PUBKEY 0E98404D386FA1D9
apt install build-essential
returns:
WARNING: The following packages cannot be authenticated! libasan1 libatomic1 libisl10 libcloog-isl4 libgomp1 libmpfr4 libubsan0 libmpc3 bzip2 patch cpp-4.9 cpp libgcc-4.9-dev gcc-4.9 gcc libstdc++-4.9-dev g++-4.9 g++ libtimedate-perl libdpkg-perl dpkg-dev build-essential libfakeroot fakeroot libalgorithm-diff-perl libalgorithm-diff-xs-perl libalgorithm-merge-perl libfile-fcntllock-perl
apt install libgdbm-dev
returns:
WARNING: The following packages cannot be authenticated! libgdbm-dev
apt install libnss3-dev
returns:
WARNING: The following packages cannot be authenticated! libnspr4 libnss3 libnspr4-dev libnss3-dev
apt install libffi-dev
returns:
WARNING: The following packages cannot be authenticated! libffi-dev
apt install gcc
cd /root mkdir python3 cd python3 wget https://www.python.org/ftp/python/3.7.9/Python-3.7.9.tar.xz tar -xvf Python-3.7.9.tar.xz rm Python-3.7.9.tar.xz cd Python-3.7.9 ls
pwd returns:
/root/python3/Python-3.7.9
mkdir /root/python3/openssl_compiled cd .. pwd returns: /root/python3 wget --no-check-certificates https://www.openssl.org/source/openssl-3.0.0.tar.gz tar -xvf openssl-3.0.0.tar.gz rm openssl-3.0.0.tar.gz cd openssl-3.0.0
timedatectl set-time 'YYYY-MM-DD HH:MM:SS'
in my case:
timedatectl set-time '2023-03-15 19:44:00'
timedatectl list-timezones | grep 'continent'
in my case:
timedatectl list-timezones | grep 'Europe'
timedatectl set-timezone <current-timzone>
in my case:
timedatectl set-timezone Europe/Stockholm
pwd returns:
/root/python3/openssl-3.0.0
./config --prefix=/root/python3/openssl_compiled --openssldir=/root/python3/openssl_compiled -Wl,-Bsymbolic-functions -fPIC shared
returns:
Configuring OpenSSL version 3.0.0 for target linux-armv4 Using os-specific seed configuration Creating configdata.pm Running configdata.pm Creating Makefile.in Creating Makefile ********************************************************************** *** *** *** OpenSSL has been successfully configured *** *** *** *** If you encounter a problem while building, please open an *** *** issue on GitHub <https://github.com/openssl/openssl/issues> *** *** and include the output from the following command: *** *** *** *** perl configdata.pm --dump *** *** *** *** (If you are new to OpenSSL, you might want to consult the *** *** 'Troubleshooting' section in the INSTALL.md file first) *** *** *** **********************************************************************
make
returns:
<too-much-output> but ends with:make[1]: Leaving directory '/root/python3/openssl-3.0.0'
make test
returns:
Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 30 Failed: 1) Failed test: 12 Non-zero exit status: 1 Files=241, Tests=3273, 3751 wallclock secs (63.34 usr 2.77 sys + 3374.59 cusr 241.08 csys = 3681.78 CPU) Result: FAIL
More verbose:
80-test_ssl_new.t .................. 11/? # ERROR: (int) 'result->result == test_ctx->expected_result' failed @ test/ssl_test.c:36 # [2] compared to [0] # INFO: # ExpectedResult mismatch: expected Success, got ClientFail. # 0070F1B6:error:0A000415:SSL routines:(unknown function):sslv3 alert certificate expired:ssl/record/rec_layer_s3.c:1584:SSL alert number 45 # OPENSSL_TEST_RAND_ORDER=1678941550 not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # ERROR: (int) 'result->result == test_ctx->expected_result' failed @ test/ssl_test.c:36 # [2] compared to [0] # INFO: # ExpectedResult mismatch: expected Success, got ClientFail. # 0070F1B6:error:0A000415:SSL routines:(unknown function):sslv3 alert certificate expired:ssl/record/rec_layer_s3.c:1584:SSL alert number 45 # OPENSSL_TEST_RAND_ORDER=1678941550 not ok 4 - iteration 4 # ------------------------------------------------------------------------------ # ERROR: (int) 'result->result == test_ctx->expected_result' failed @ test/ssl_test.c:36 # [4] compared to [0] # INFO: # ExpectedResult mismatch: expected Success, got FirstHandshakeFailed. # 0070F1B6:error:0A000415:SSL routines:(unknown function):sslv3 alert certificate expired:ssl/record/rec_layer_s3.c:1584:SSL alert number 45 # OPENSSL_TEST_RAND_ORDER=1678941550 not ok 5 - iteration 5 # ------------------------------------------------------------------------------ # ERROR: (int) 'result->result == test_ctx->expected_result' failed @ test/ssl_test.c:36 # [4] compared to [0] # INFO: # ExpectedResult mismatch: expected Success, got FirstHandshakeFailed. # 0070F1B6:error:0A000415:SSL routines:(unknown function):sslv3 alert certificate expired:ssl/record/rec_layer_s3.c:1584:SSL alert number 45 # OPENSSL_TEST_RAND_ORDER=1678941550 not ok 6 - iteration 6 # ------------------------------------------------------------------------------ # OPENSSL_TEST_RAND_ORDER=1678941550 not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 12-ct.cnf.none none => 1 not ok 3 - running ssl_test 12-ct.cnf # ------------------------------------------------------------------------------ # ERROR: (int) 'result->result == test_ctx->expected_result' failed @ test/ssl_test.c:36 # [2] compared to [0] # INFO: # ExpectedResult mismatch: expected Success, got ClientFail. # 0020F6B6:error:0A000415:SSL routines:(unknown function):sslv3 alert certificate expired:ssl/record/rec_layer_s3.c:1584:SSL alert number 45 # OPENSSL_TEST_RAND_ORDER=1678941552 not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # ERROR: (int) 'result->result == test_ctx->expected_result' failed @ test/ssl_test.c:36 # [2] compared to [0] # INFO: # ExpectedResult mismatch: expected Success, got ClientFail. # 0020F6B6:error:0A000415:SSL routines:(unknown function):sslv3 alert certificate expired:ssl/record/rec_layer_s3.c:1584:SSL alert number 45 # OPENSSL_TEST_RAND_ORDER=1678941552 not ok 4 - iteration 4 # ------------------------------------------------------------------------------ # ERROR: (int) 'result->result == test_ctx->expected_result' failed @ test/ssl_test.c:36 # [4] compared to [0] # INFO: # ExpectedResult mismatch: expected Success, got FirstHandshakeFailed. # 0020F6B6:error:0A000415:SSL routines:(unknown function):sslv3 alert certificate expired:ssl/record/rec_layer_s3.c:1584:SSL alert number 45 # OPENSSL_TEST_RAND_ORDER=1678941552 not ok 5 - iteration 5 # ------------------------------------------------------------------------------ # ERROR: (int) 'result->result == test_ctx->expected_result' failed @ test/ssl_test.c:36 # [4] compared to [0] # INFO: # ExpectedResult mismatch: expected Success, got FirstHandshakeFailed. # 0020F6B6:error:0A000415:SSL routines:(unknown function):sslv3 alert certificate expired:ssl/record/rec_layer_s3.c:1584:SSL alert number 45 # OPENSSL_TEST_RAND_ORDER=1678941552 not ok 6 - iteration 6 # ------------------------------------------------------------------------------ # OPENSSL_TEST_RAND_ORDER=1678941552 not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 12-ct.cnf.default default => 1 not ok 6 - running ssl_test 12-ct.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 12-ct.cnf' # at test/recipes/80-test_ssl_new.t line 171. # Looks like you failed 2 tests of 6.
Will troubleshoot this tomorrow
-
2 minutes ago, dark_pyrro said:
You can follow the instructions on building Python3 on the Bunny that I have documented in my Codeberg repo
https://codeberg.org/dark_pyrro/BB2-Impacket/wiki/Setting-the-Bunny-up-for-Impacket
I love you.
I will try this tomorrow and report back. -
Gah.
I can't edit my post above."libtinfo5" seems to already be at its most current version.
apt --fix-missing update apt update apt install -f apt autoremove -y apt upgrade -y
does nothing.
-
On 3/5/2023 at 10:12 PM, dark_pyrro said:
1) It's the latest Responder deb file made available for the Bunny (I'm just referring to the one from Hak5, not deb files from any other unknown source). However, it's really old and not the latest Responder available from the official repo on GitHub. Things have happened since 2017, so in order to be successful it's important to use the latest release possible.
2) This method should work and it seems as if it does, but, if you can't see any directory in /tools (that is the "real" /tools in the root of the internal Bunny file system, not on the udisk that is mounted to the target in arming mode) then something isn't working as it should for some reason. In any way, what you will get when using that deb file is just an old version of Responder that will most likely not work that well for you. The latest combo that has worked for me (and still works) is using Python 3.7.9 and Responder 3.0.7.0 along with the Quickcreds payload.
3) Not that much to comment here
Comment on the Bunny you are using; it's not a Mark 1 Bunny if it has a Micro SD card slot. Only the Mark 2 Bunny has that feature.
Also use the latest documentation as reference, the one you are linking is old and deprecated (even though most of it is the same, at least for the Mark 1 Bunny).
https://docs.hak5.org/bash-bunny/Thank you for your reply and sorry for my late reply.
(Before the more simplified process below I did a reset of the BashBunny MK II as per here) and ran:
apt-get update apt-get upgrade
however no packages were updated and my language pack is still on the BashBunny but my previously created folders ("/home/downloads/xyz" etc.) are gone.
I've been trying to get this sorted and I guess I've gone about it way to complicated then it has to be:
1) Downloaded the latest version of Responder (3.1.3.0):
wget https://github.com/lgandx/Responder/archive/refs/tags/v3.1.3.0.tar.gz tar -xvzf v3.1.3.0.tar.gz rm v3.1.3.0.tar.gz
2) While in the extracted folder for "Responder-3.1.3.0":
./Responder.py /usr/bin/env: python3: No such file or directory
Ok so
python --version
returns:
Python 2.7.9
Ok I need to install Python 3:
Following this post:
python 3.7.3 install on debian jessie - Constantly Outdated (kitabi.eu)
fails on step 1 (install dependencies):apt-get install libreadline-gplv2-dev libncursesw5-dev libssl-dev libsqlite3-dev tk-dev libgdbm-dev libc6-dev libbz2-dev
with:
Reading package lists... Done Building dependency tree Reading state information... Done libc6-dev is already the newest version. libc6-dev set to manually installed. libssl-dev is already the newest version. libsqlite3-dev is already the newest version. Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: libncursesw5-dev : Depends: libtinfo5 (= 5.9+20140913-1+deb8u3) but 6.0+20161126-1+deb9u2 is to be installed Depends: libncursesw5 (= 5.9+20140913-1+deb8u3) but 6.0+20161126-1+deb9u2 is to be installed Depends: libtinfo-dev (= 5.9+20140913-1+deb8u3) but it is not going to be installed libreadline-gplv2-dev : Depends: libtinfo-dev but it is not going to be installed E: Unable to correct problems, you have held broken packagesOk so "libtinfo-dev" seems to hold up the dependencies.
"libtinfo-dev" in turn seems to have a dependency of:
"libtinfo5" -
Hello,
First off:
Yes I've read the "Tools" instructions here:
Bash Bunny by Hak51) Is the "Responder" deb-file mentioned here (post from May 10th 2017) :
or here (uploaded on GitHub on April 6th 2017):
the latest one?
I'm running what I guess is "BashBunny MK I" (a gift from a friend, EAN printed on back is "811342030040") since the "version.txt" reads:
1.7_332
and according to the firmware guide here:
Updating the Bash Bunny Firmware - Bash Bunny (hak5.org)"MK II" ships with F/W "1.7" so I gather the device is a "MK II"; a black unbranded plastic cover with a mSDHC-slot.
3) Now I've:
* Used the instructions here to share my computers (Windows) internet connection with the BashBunny:
Sharing an Internet connection from Windows - Bash Bunny (hak5.org)
and ran:apt-get update; apt-get upgrade
* Cloned this repo and replaced the files on the BashBunny with the extracted files, replacing the originals:
GitHub - hak5/bashbunny-payloads: The Official Bash Bunny Payload Repository2) Regardless of which ".deb"-file I download in my 1st question I proceed to:
* Put BashBunny in "arming"-mode
* Drag'n'drop the ".deb"-file to <driveletter>\tools (ex. D:\tools)
* Eject BashBunny
* Re-insert BashBunny > LED flashes magenta > "deb"-file is gone from <driveletter>\tools and that directory is empty
* Even if I use "Putty" and connect to the BashBunny using serial (instructions below) the directory:/tools
is empty.
Link to connecting using "Putty" while in "arming"-mode on Windows:
Bash Bunny by Hak5What am I missing?
Best Regards
Installing "Responder" on BashBunny (MK II?) w. F/W 1.7_332
in Bash Bunny
Posted · Edited by InfiniteBSOD
You are right, I had to have gotten Python3 as a dependency for something else:
Using Responder 2.3.3.6 (the "deb"-version) on:
Windows 11 Pro Ver 22H2 (OS Build: 22621.1413)
Windows 10 Home Ver 22H2 (OS Build: 19045.2006)
returns an NTLMv2-hash and the other log-files in "/loot/quickcreds/<hostname>/"