Jump to content

Mohamed A. Baset

Active Members
  • Content Count

    33
  • Joined

  • Last visited

  • Days Won

    2

About Mohamed A. Baset

  • Rank
    Hak5 Fan +

Recent Profile Visitors

500 profile views
  1. Here is another refined version: https://github.com/hak5/bashbunny-payloads/pull/383 Waiting for merging the PR. Cheers!
  2. You can watch the video i did, Unfortunately it takes like 3 minutes minimum and with "CUCUMBER PLAID" too, check here: https://github.com/hak5/bashbunny-payloads/blob/master/payloads/library/exploitation/Metasploit-Autopwn/payload.txt
  3. @Darren Kitchen and @CatatonicPrime The problem is that Metasploit Framework takes forever to load on the humble specifications of BashBunny, I have done this like two years ago:
  4. YW Man, I'm so excited to dig on your scenario this weekend, the idea of deauthing, probing and beaconing to get all the clients connected to the tetra then attack them with the bunny seems very interesting!
  5. 1. Installed ruby via "rbenv" (2.4.1 armhf is preferred) 2. Cloned Rapid7's metasploit repo inside /tools/ 3. cd to /tools/metasploit-framework/ 4. gem install bundler 5. bundle install 7. Bingo!
  6. And finally i did the PR: https://github.com/hak5/bashbunny-payloads/pull/242 Waiting for approval!
  7. @Sebkinne @Darren Kitchen This must be configured in the next bunny update to add "postgres" user in the network user group usermod -a -G netdev,systemd-network,net_raw postgres What do you think?
  8. Glad to hear that, I suffered too to finally figure out the real problem. Now we have lots of attack possibilities, Share with me the good stuff you're thinking about tho :) I'm planning to release my Metasploit Autopwn bashbunny payload very soon.
  9. As i mentioned before this might be a 99% an issue with the user priveleges because "postgres" user is not added to the user groups where it can access network, Try: usermod -a -G netdev,systemd-network,net_raw postgres Then tell me if it works or not + the exact problem if exist!
  10. I don't know if you are familiar with other Hak5 products or not but LanTurtle would be more reliable in the attack scenario you are describing here!
  11. Sorry my bad, my screen resolution is so high. Yes only running the module not the installation process. But what problems are you facing? Installing postgresql is super easy, just the normal installation process but after finishing the setup there is a trick to add the "postgres" user to the network group so it will be able to listen on the port and access the socket. (This is the trick that costed me lots of time) + i did a lot of "sleep"s to avoid the memory issues because of the limitations on the Bunny.
  12. Hi Guys, I started this thread to have more discussion about automating similar attacks, in this video i managed (after lots of work and fight) to first get ruby run properly then Metasploit framework installed and running + connected it to Postgresql database + db_autopwn running properly on my BashBunny, scanning the bunny IP range 172.16.64.0/24 with db_nmap, then pass the scan results to metasploit exploitation module and bingo, we can exploit a fully locked devices which running vulnerable OSes/Services. Warning: The video is super long (you are free to escape some minutes) because of the humble specifications of the BashBunny device (i wish we can get an upgraded BashBunny 2.0 with at least 1 or 2 GB of memory and more faster processor for these kind of heavy stuff) Any questions i'm ready to answer! Enjoy watching https://youtu.be/b6U_t8HPKNk
  13. https://github.com/elkentaro/bashbunny-payloads/blob/master/library/extensions/runpower.sh
  14. Safer ways: 1. Put cement in USB ports 2. Remove USB ports/pins from board :D
×
×
  • Create New...