Tasty

This is one of the wonderful things with bashbunny. You have the full power of bash, so conditional statement away. Here is some references, if I have time later ill update with some code about your specific ask, but at a high level im thinking NMAP -> file, then cat the file through grep and find the SSH then do a conditional based on the "open/block" state of it. http://tldp.org/HOWTO/Bash-Prog-Intro-HOWTO-6.html http://stackoverflow.com/questions/28739456/parse-nmap-result-bash https://nmap.org/book/output-formats-grepable-output.html Cheers!

Hey! Its important to remember that the payloads appear to be running in the context of a bash terminal on the bashbunny (hence the name) So! Something I have run into is bash terminal enterprising QUACK or Q statements, such as / or cd ~/ or even quotations A really easy way to get around this is to place all the "DuckyScript" into txt file such as part1.txt and use QUACK switch2/part1.txt Example payload.txt: #!/bin/bash LED R 500 ATTACKMODE HID STORAGE QUACK switch2/kickOff.txt LED G Example kickOff.txt: GUI r DELAY 500 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 500 ALT y DELAY 100 STRING HelloWorld! ENTER Let me know if i can help anymore!

If I knew how to edit my last post I would not be making so many... I went ahead and used gparted to reformat the mounted drive at a FAT32, and recopied the file system from the github. So far so good. I tried the captive portal payload, and all is working well. I fear the original problem has to with the tool installation, Ill work on that next. [ 1622.922681] usb 1-1.2: USB disconnect, device number 9 [ 1622.923271] sd 6:0:0:0: [sdb] Synchronizing SCSI cache [ 1622.923315] sd 6:0:0:0: [sdb] Synchronize Cache(10) failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 1635.945581] usb 1-1.2: new high-speed USB device number 10 using ehci-pci [ 1636.055063] usb 1-1.2: New USB device found, idVendor=f000, idProduct=fff0 [ 1636.055067] usb 1-1.2: New USB device strings: Mfr=2, Product=3, SerialNumber=7 [ 1636.055069] usb 1-1.2: Product: RNDIS/Ethernet Gadget [ 1636.055070] usb 1-1.2: Manufacturer: Linux 3.4.39 with sunxi_usb_udc [ 1636.055072] usb 1-1.2: SerialNumber: ch000001 [ 1636.055846] cdc_acm 1-1.2:2.0: ttyACM0: USB ACM device [ 1636.056528] usb-storage 1-1.2:2.2: USB Mass Storage device detected [ 1636.056627] scsi host6: usb-storage 1-1.2:2.2 [ 1637.086224] scsi 6:0:0:0: Direct-Access 0000 PQ: 0 ANSI: 2 [ 1637.086584] sd 6:0:0:0: Attached scsi generic sg1 type 0 [ 1637.089188] sd 6:0:0:0: [sdb] 4194304 512-byte logical blocks: (2.15 GB/2.00 GiB) [ 1637.089812] sd 6:0:0:0: [sdb] Write Protect is off [ 1637.089815] sd 6:0:0:0: [sdb] Mode Sense: 0f 00 00 00 [ 1637.090434] sd 6:0:0:0: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA [ 1637.094435] sdb: [ 1637.097463] sd 6:0:0:0: [sdb] Attached SCSI removable disk

Went ahead with a fschk, results are as follows: XXXXX@XXXXX:/media/XXXXX$ fsck /dev/sdb fsck from util-linux 2.27.1 e2fsck 1.42.13 (17-May-2015) fsck.ext2: Permission denied while trying to open /dev/sdb You must have r/w access to the filesystem or be root XXXXX@XXXXX:/media/XXXXX$ sudo fsck /dev/sdb fsck from util-linux 2.27.1 fsck.fat 3.0.28 (2015-05-16) 0x41: Dirty bit is set. Fs was not properly unmounted and some data may be corrupt. 1) Remove dirty bit 2) No action ? 1 /.Trash-1000 Contains a free cluster (5496). Assuming EOF. /payloads/switch2/tools_to_install Contains a free cluster (5502). Assuming EOF. Reclaimed 1770 unused clusters (7249920 bytes). Free cluster summary wrong (517773 vs. really 519543) 1) Correct 2) Don't correct ? 1 Perform changes ? (y/n) y /dev/sdb: 365 files, 3719/523262 clusters Did not seem to resolve it. Still loads in error. Help! [ 1172.215581] usb-storage 1-1.2:2.2: USB Mass Storage device detected [ 1172.216043] scsi host6: usb-storage 1-1.2:2.2 [ 1173.236511] scsi 6:0:0:0: Direct-Access 0000 PQ: 0 ANSI: 2 [ 1173.236894] sd 6:0:0:0: Attached scsi generic sg1 type 0 [ 1173.238118] sd 6:0:0:0: [sdb] 4194304 512-byte logical blocks: (2.15 GB/2.00 GiB) [ 1173.238738] sd 6:0:0:0: [sdb] Write Protect is off [ 1173.238741] sd 6:0:0:0: [sdb] Mode Sense: 0f 00 00 00 [ 1173.242207] sd 6:0:0:0: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA [ 1173.245486] sdb: [ 1173.248364] sd 6:0:0:0: [sdb] Attached SCSI removable disk [ 1173.587666] FAT-fs (sdb): error, corrupted directory (invalid entries) [ 1173.587677] FAT-fs (sdb): Filesystem has been set read-only [ 1177.635276] FAT-fs (sdb): error, corrupted directory (invalid entries) [ 1182.373958] FAT-fs (sdb): error, corrupted directory (invalid entries) [ 1185.926335] FAT-fs (sdb): error, corrupted directory (invalid entries)

Hello, I would like to add to this issue. Love the tool so far, very cool. Can't wait until we work out all the bugs. I also encountered a readonly file system, the bash bunny is plugged in on the arming mode, blue LED flashing. dmesg reveals the following when booting up: [ 388.651445] usb-storage 1-1.2:2.2: USB Mass Storage device detected [ 388.651568] scsi host6: usb-storage 1-1.2:2.2 [ 389.662606] scsi 6:0:0:0: Direct-Access 0000 PQ: 0 ANSI: 2 [ 389.663253] sd 6:0:0:0: Attached scsi generic sg1 type 0 [ 389.664576] sd 6:0:0:0: [sdb] 4194304 512-byte logical blocks: (2.15 GB/2.00 GiB) [ 389.665328] sd 6:0:0:0: [sdb] Write Protect is off [ 389.665331] sd 6:0:0:0: [sdb] Mode Sense: 0f 00 00 00 [ 389.666048] sd 6:0:0:0: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA [ 389.669499] sdb: [ 389.672453] sd 6:0:0:0: [sdb] Attached SCSI removable disk [ 430.781517] FAT-fs (sdb): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 430.785750] FAT-fs (sdb): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 430.785757] FAT-fs (sdb): Filesystem has been set read-only [ 430.945538] FAT-fs (sdb): error, fat_get_cluster: invalid cluster chain (i_pos 0) I am able to use the serial connection, and have attempted to force a recovery. Is it safe to run fchk/disk or gparted on this partition while in arming mode? Formating it may resolve the issue, but I do not undertand the full implications of doing so. Anyone who can offer advice it would be appreciated.