Draxiom

Also, if it doesn't start right away, you can blow (on) it:

caffeine helps

Have you tried this payload? The main function is swapping out payloads and no zips are necessary. Also, I did incorporate GitBunnyGit, because I wrote that payload too... thanks for the plug ;). Using php and ajax calls, BrowserBunny copies each payload from the library folder, to the available switch directory. So the first step clones the repository on the bunny so all payloads are stored locally. The second step uses a command like: exec("cp -r /root/udisk/payloads/library/BunnyTap/* /root/udisk/payloads/switch2/."); Isn't that what you are describing?

Are you messing with me? Cause that is the other only functionality of this payload. The console will git clone directly to the device, and the payloads page helps you swap out the payloads from the git repository.

Yes the web server is hosted on the bb and is on port 80. Not sure if a 3 way usb port would route the traffic though. LMK if you get that working.

No worries. I thought I was missing something from your explanation. The web server is hosted on the bb, and requires you to share the internet connection with the host computer. You won't be able to access the site from any other devices, because they are not also sharing their internet (no route to that ip address). As for the commands section, the web server is already running as root, so it has full privs to do anything. I am actually a php dev by day, and that was the quickest way (for me) to get this project done. In php there is an exec() function an I am essentially just passing raw strings (from the user) to that function, to execute commands. However, a future enhancement that I want to make, would be to incorporate a full terminal emulator like GateOne, to have the full set of commands and features in the browser. For now, it is just simple commands sent to exec() and the response parroted back to the browser.

I am confused. That is exactly what my payload does. The web GUI runs on the bb and you can swap out payloads or run commands. How is different from what you want to make?

Interesting. The web server I set up, should be able to run on arming mode, but you only get an ip if you share the internet with a host computer. Perhaps one could pipe the webpages through serial to lynx on the host.

Yea. Hacking runs in the family.

Thanks @Dave-ee Jones. I agree that it would be best if you could run this payload from any computer, and not have to have internet sharing set up. However, I don't see a way of making it work in arming mode :/ Any suggestions? If you are in arming mode, you could probably just swap out payloads with the standard file browser, the normal way. It does indeed work by copying payloads out of the library folder. I use git to clone the payloads directly to the mass storage, and then simple cp commands to move them to the available switch directory.

Thanks dad.

I am working on a new payload that will act as a web gui for standard BashBunny functions. The idea is that you keep this payload in one switch folder, and run it from a non-target. The BB will spin up a php server, and serve a local website at http://172.16.64.1 With the gui up, you can execute daisy chained shell commands in the 'console', or quickly swap out payloads found in the git repo, to the other switch folder. The repository url can easily be swapped out for your own fork, so you can quickly pull down changes, and make debugging payloads easier. Check out the repository and tell me what you think. To do (I might submit the pull request before these tasks are done, and make them a future enhancement): Write help page (or leave it as is) integrate existing terminal emulator in place of custom 'console' https://github.com/mathew-fleisch/bashbunny-payloads/tree/master/payloads/library/BrowserBunny

@b0N3z, what should the default dns be on the mac? I'm running pi-hole at home and I think it is conflicting with whatever the dns is supposed to be.

perdy

Considering you couldn't figure out how to attach a screenshot to this thread, I have little faith in your ability to use the device for anything other than a toy.

Seriously... @hipcrime if you aren't clever enough or too lazy to get it working, perhaps you can give it to somebody that cannot afford one, and doesn't give up so easily.

Psh. lame. It's only useless if you don't use it.

@hipcrime, have you tried the vm method?

I remember you saying that. I just thought it might be related, since it is the only thing I can see that is different between my setup and both of yours. Grasping at straws I suppose...

Hey @Torrey and @graythang, I really appreciate you guys figuring this out. Unfortunately I have not been able to reproduce your results and I'm not sure where I am going wrong. I did notice that you both have different ips for the "SharingNetworkNumberStart" value (172.16.64.10 vs 172.16.64.64), but neither worked for me. Another missing piece for me that is in both of your instructions, but not present in my setup is the "USB 10/100 LAN" as a device to share the internet with; I only see the "RNDIS/Ethernet Gadget" in the list to check. I see all of the proper ip addresses in your list gray, but when I try to ping google, it fails. Not sure what else to try, but I am accepting suggestions. I'm running an old macbook pro 2.6ghz with an i7 from 2012 (osx 10.12). Note: I have been successfully sharing my internet connection through a linux vm as described here:

You have to enable internet sharing first. I wrote the instructions on the readme for linux, but the process should be the same. Check the wiki to set up internet sharing, and then give my payload another try. It sounds like the payload was running, but couldn't get out to the internet. http://wiki.bashbunny.com/#!index.md

np. Out of curiosity, how did the payload fail?

The back-up/original version of bunny_helpers.sh does not include the switch_position variable. You'll have to pull the latest version from the repo (or add it yourself manually) to be able to use that variable. To make updating the payloads easier, I have created a payload (with @audibleblink) that will clone the repo directly to the bunny. Check it out: https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/GitBunnyGit

Hey guys, I was talking with Seb on irc and he tells me that you cannot directly share the connection on a mac, as of now. However, it does work if you use a linux vm (I am using ubuntu in virtualbox) on top. The sequence is a little tricky and took me a while to figure out; so I'll describe how I got my bunny connected to the internet on my mac: With you vm turned off and the bunny unplugged, go to Settings > Ports > USB and enable usb 3.0 Switch the bunny to state 1; plug it in and wait for it to load completely Add a usb filter (plus icon) and add the device (mine says "Linux 3.4.39 with sunxi_usb_udc RNDIS/Ethernet Gadget [0333]") Eject the bunny Flip the switch to states 2 & 3 and repeat steps 2-4 Turn on your vm and keep the bunny unplugged wget the bb.sh script in the vm Run `sudo bash bb.sh` and follow the guided setup With the bunny NOT in arm mode (position 3) plug the bunny in after the third step/question If you did it right, the script will "detect" the bunny at this stage The last step is to press "C" once you see the main menu again to "connect" using the settings you just set up You should now be able to ssh in and test the connection with ping Hope this helps somebody.