-
Posts
239 -
Joined
-
Last visited
-
Days Won
4
Posts posted by WatskeBart
-
-
On 7/6/2019 at 1:26 PM, Mr.miYagi said:
And because i was bored and already experimenting, i tried to flash the newest Nano 2.5.4 img...
Aaaaand its boots up. Im stuck now at the setup screen, it ask to push the reset button to continue, wich i dont have.
I tried already with a few DIP switch combination, but it didn't work. I try now:
- More DIP switch combinations
- Try to find out if some GPIO pins triggers it
- Try ro find out, how i cuould skip this part of the setup
Edit: Reset on Nano seems on gpio12, no DIP switches are 12 on mkv
Here are the MK5 GPIO's
LED or DIP GPIO MK5_DIP_01 1 MK5_DIP_02 13 MK5_DIP_03 15 MK5_DIP_04 16 MK5_DIP_05 11 MK5_SD_01 23 MK5_GPIO_LED_01 27 MK5_GPIO_LED_02 14 MK5_GPIO_LED_03 17 MK5_GPIO_LED_POWER 0
-
6 hours ago, Allegria said:
I found my notes from the installation of that firmware file.
I tried this first
sysupgrade -n /tmp/lede-17.01.5-ar71xx-generic-tl-mr3040-v2-squashfs-factory.bin
It threw an error. So,
mtd -r write /tmp/lede-17.01.5-ar71xx-generic-tl-mr3040-v2-squashfs-factory.bin linux
This worked for me. My previous post left out the "-r" after mtd.
If anyone else tries the image, then let us know what you did with your reclaimed Mark V.
I'll check this out later. Thanks for the info 👍
-
On 6/4/2019 at 7:56 PM, Allegria said:
For those interested...
This OpenWRT firmware works great on the Mark V:Information on the TP-Link device it is designed for.
https://openwrt.org/toh/tp-link/tl-mr3040
I have OpenVPN working on it now. Both radios are recognized.
Enjoy.
How did you flash the OpenWRT firmware? Because sysupgrade will throw a error when you try flashing anything other than a "official" firmware. Did you modify the MR3040 firmware or did you build from source?
-
7 minutes ago, W4X7 said:
its so mutch work.... no one else with more time to create one for me ? ^_^'
If you do want to start making your own de.json, look at this thread from @elkentaro
-
4 minutes ago, W4X7 said:
Nice. i was waiting for the DUCKY_LANG option, but there is still only us.json . :(
i need de.json
root@bunny:~# find / -name "*.json" /usr/local/go/src/cmd/vendor/vendor.json /usr/local/go/misc/chrome/gophertool/manifest.json /usr/local/bunny/lib/languages/us.json /usr/lib/python2.7/dist-packages/wheel/test/pydist-schema.json
Create your own and place in languages folder ;)
-
-
You could try ATTACKMODE STORAGE as well. I should show up as a USB disk drive.
Also have you tried another machine as well?
-
Try creating a payload on switch 1 or 2 with the following text:
ATTACKMODE SERIAL
Then check if Windows assigns a COM port to the bunny. You can check with the device manager or with the following command in the command prompt:
mode
-
1 hour ago, haso said:
Bash Bunny seems not to work with Windows 8.1 missing drivers or something else, Device Manager not showing COM port / Serial, only shows it as other device CDC Serial tried update driver to bash bunny and does not find drivers.
Which switch position are you talking about?
-
@chairman glad it worked out. Interesting though why it wouldn't work on Win10 work laptop and if so which policy is preventing this.
-
33 minutes ago, chairman said:
Anyone get this going on Windows 10?
I can setup my Windows 7 laptop the same as the Windows 10 PC, Connection refused when I SSH from the 10 to the BashBunny. & no out to the Internet
Same Bunny & Setup on Windows 7, no problem SSH in or Apt-get out.
I figure its Windows 10 Firewall but I turned off the firewall and still no joy
- Is your payload.txt containing: ATTACKMODE RNDIS_ETHERNET?
- Is the BashBunny recognized as a IBM USB Remote NDIS network device?
- If so, does it get a IP e.g. 172.16.64.10 (use ipconfig /all you should see IBM USB Remote NDIS Network Device in the description)?
Then you should be able to SSH into 172.16.64.1 and connect to the BashBunny
This works for me, and i'm using a firewall as well.
-
49 minutes ago, kaiserninja said:
What format are the hashes created in the loot folder? Do I need to convert them to another format for cracking? I lifted my hashes from my windows machine and am trying to use John the ripper to crack it and it says no "passwd hashes loaded".
Look what @Cpt.Pickles posted here. This site tells it all.
-
To get apt working, just follow this part on the wiki and then SSH into the BashBunny using PuTTy or KiTTy with IP 172.16.64.1
Works for me, as you can see:
root@bunny:~# ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=45 time=18.4 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=45 time=14.9 ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=45 time=18.2 ms ^C --- 8.8.8.8 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms rtt min/avg/max/mdev = 14.949/17.190/18.419/1.587 ms root@bunny:~# apt-get update Ign http://httpredir.debian.org jessie InRelease Hit http://httpredir.debian.org jessie Release.gpg Hit http://httpredir.debian.org jessie Release Hit http://httpredir.debian.org jessie/main armhf Packages Hit http://httpredir.debian.org jessie/main Translation-en Reading package lists... Done root@bunny:~#
-
What kind of attacks are you thinking about?
The device when powered runs a full debain distro, so it don't see any problem running things when powered by a battery.
- 1
-
When the ATTACKMODE is set as STORAGE RNDIS_ETHERNET
Windows will recognize it as a composite device.
Try setting it to RNDIS_ETHERNET and it will work. Device installs with a IBM Corporation RNDIS driver.
Darren Kitchen already posted something about this, search the forum for it. (i'm currently on mobile sorry)
- 1
-
silly me, rookie mistake. Wrong IP indeed.
- 1
-
Quote
EDIT: To SSH into the BashBunny use IP: 172.16.64.1
When running the following payload:
LED G ATTACKMODE RNDIS_ETHERNET
And try to SSH into the bunny (172.16.64.10) with Putty. As root I always get 'Access Denied'
I've change the default password using attackmode serial but that password is not working for SSH. I even set it back to the default hak5bunny password, but still no joy.
What am I missing here?
- 1
-
49 minutes ago, TTommy said:
Sadness. Bricked.
Regardless of switch position. Green light comes on. Blue light comes on. Multiple insertions and sometimes I get a red light. Red persists for greater than 15 minutes.
Sadness.
See this post from Darren Kitchen
-
6 hours ago, MrSnowMonster said:
I found out that if you try to use the QUACK mode in the bunny it dosnt support keyboards that have any other languages than english... any fix for this yet?
See this thread
-
Hoping for fast shipping
- 1
-
1 hour ago, big-brother said:
I have been away for a while.
upon my return I have dusted off my box of equipment and found my pineapple mark v.
i remember setting it up back in 2014/15 but as i say, i have been away for a while and I would like to use it again.
it has no micro sd card but i have couple of blank ones.
any ideas how I can completely reset the pineapple and flash with the latest firmware?
any help would be great.
thanks
In before:
-
17 hours ago, manth1s said:
Hi, I wanted to know if the firmware is open source or not. I would love to port the interface to Raspbian so Raspberry Pi users could use the great new 3.0 interface. By the way, any update to the beta soon?
You could check out http://www.fruitywifi.com/ for your RPi
-
Same ting happend here ! The cable to the battery inside had a bad solder connection and made no connection. Resolder and it takes charge. Do not be afraid to open the case , use plastic tools , on mine there was no glue holding the battery.
Good luck!
Same thing here as well. Was it the solder on the battery or on the PCB?
Sending it back isn't a option for me, mailing would cost me more than buying another powerpack. (I live across the pond)
-
Will do soon !Fixed in 1.9
[RELEASE] Bash Bunny Firmware 1.6
in Bash Bunny
Posted
How clear does it need to be?
Source: https://wiki.bashbunny.com/#!downloads.md