Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

About LGee

  • Rank

Recent Profile Visitors

515 profile views
  1. Oh I thought this was about a different topic. But is there a way to setup reverse SSH towards a cloud IP to get in, instead of using VPN?
  2. My prime interest in the squirrel was to implement a air-gap exfiltrator, by attaching a 4G USB modem to the USB port. I hope there will be some workaround some day that could include a driver, even if I have to use extra USB storage somehow or anything else...
  3. I am using Norwegian keyboard conf. So, that explains the æææ's. But it does not explain why the powershell command shows up when I don't have any powershell commands in my script. Also, I've tried the bunny under linux, and ATTACKMODE seemed to work correctly, whereas when I tried to plug it in under Win7 (tried two different win machines) it always turns up as storage, accessible. No matter what switch position or payload I use.
  4. sorry for the bad formatting. here it goes: powershell .))gwmi win32?volume +f ælabel\ææBashBunnyæææ=.Name`æpayloads'switch2'd.cmdæ= so, the error is, I am not getting any of the expected behavior per my ducky script above. instead, when I insert the bunny with switch in pos. 1., I only get this powershell-like line in the Run window and an ENTER after. nothing else happens. really cannot see where this line is coming from. not to mention why my actual commands are not executing... BTW, I also struggle with the ATTACKMODE setting. no matter what payload I use
  5. I have recently started playing around with my new bashbunny, and payloads. Can't figure out what I see when running my first basic payloads on Win7. Take this for example...: Here is a payload I wrote, where I am trying to use ducky script commands and at the same time use the storage on the bunny, e.g. to store stuff on it later while running ducky commands. Here is my payload for switch1: #!/bin/bash # Set LED Red while setting up attack LED R ATTACKMODE HID STORAGE Q DELAY 10000 LED R G Q GUI r Q DELAY 2000 Q STRING cmd Q DELAY 4000 Q ENTER Q DELAY 5000
  6. Some feedback on clomac. This is a really great module I heavily depend on, as in the test environment I have deployed my turtle to, strict port security is used and I can easily get the switch port I am connecting to shut down if something is not right. However, I am not getting the correct MAC cloned from the laptop I am using, which is an HP, with Intel 82577LM Gigabit. So, I am expecting to see an HP MAC on eth1 of the turtle. Instead I am getting a realtek semiconductor MAC. Any ideas how to debug this would be really appreciated. :-)
  • Create New...