Jump to content
Hak5 Forums


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


1 Follower

About bg-wa

  • Rank
    Hak5 Fan ++

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. @anao00 Yes, you are correct DNS is a fragile system (in more ways than this example). Regardless of where you intercept, it can be difficult to detect. One thing not mentioned is SSL... you can use this method to host https://amazon.com at https://my-custom domain.com or http://amazon.com, but you wont have the right cert on your middleware machine to host https://amazon.com. Its subtle, but browsers are doing a better job of pointing out non-secure sites lately.
  2. I made this a few weeks ago. https://github.com/bg-wa/rails_in_the_middle Set up the app and point your DNS to it, point the app to the site you want to modify, and inject whatever code you want before it's sent to the user (also works the other direction, sending data to the original server). *Also not sure how practical this is, but its possible.
  3. bg-wa

    Hak5 C2 Community AWS EC2 AMI

    *** UPDATE *** I've copied this AMI to all US Regions
  4. bg-wa

    Hak5 C2 Community AWS EC2 AMI

    @criticalmass Nope, I can see it from multiple AWS accounts when I search "hak5" and filter by "Community AMIs"
  5. I put together a basic EC2 instance for C2 Community Edition based on Ubuntu 18.04 HAK5-C2-Community - ami-075cd8edc70aeda3f 1. Search hak5 in EC2 community AMIs 2. Launch a new instance with 22, 80, 443 and 2022 open in your security group. 3. Configure your domain in DNS for certbot. 4. Connect and run: sudo ./c2_community-linux-64 -hostname "YOUR-DOMAIN" -https 4. Visit your domain and finish setup with supplied Setup Token and License Key
  6. bg-wa

    Hak5 Cloud C2

    I don't see a github page... can we contribute? I wrote BB Studio back in march and would be stoked to share what I learned.
  7. bg-wa

    rails, web browser development interface.

    Kinda late, so maybe you already got this working, but I use codemirror a lot: https://github.com/fixlr/codemirror-rails Working example with file access here: https://github.com/bg-wa/bash-bunny-studio
  8. I started this quick POC, which uses Rails as a web-content proxy to allow intercepting and modifying html pages. [End User Request > My Bad URL > Actual server > My Bad URL > Nokogiri (modify response) > End User Response] It's pretty bare bones and allows you to browse any website at your own URL, modifying the response in the middle. https://github.com/bg-wa/rails_in_the_middle Seems like an interesting loophole. Even with CORs set up properly, assets could be stored and re-served to the end user.
  9. bg-wa

    [MOD] Custom Bunny Switch

    Customize your Bash Bunny with this 3D Printed switch! Lose or break your switch? Print a new one! Do you have a bunny infestation? Organize them by colors instead of tape! Get it here: https://github.com/bg-wa/bash-bunny-switch The switch surface area is large enough to draw/print a single character for further customization. Enjoy!
  10. I also tried this, without much luck. I was trying to touch a new file at either [/Volumes/.../mac.txt] or [/meadi/.../linux.txt] etc. in a loop, then check for that file on the bunny side. It sort of worked, but wasn't great. HID only TARGET OS would be great, but I haven't put much time into researching 2-way HID communication possibilities with standard drivers.
  11. bg-wa

    The Bunny Cage

    I present: The Bunny Cage The Bunny Cage is a CHIP single board computer, with battery, broadcasting its own AP and running Bash Bunny Studio With this device, you can program your Bash Bunny wirelessly from your phone or tablet, then let it out of the cage when your payload is ready! STL Files Here: https://github.com/bg-wa/bash-bunny-cage This is a really simple project that can be run on any SBC, with wifi and Rails installed. Enjoy!
  12. bg-wa

    Bash Bunny Studio

    Alright, I reworked almost the entire app... The UI is now built on Foundation, is mobile friendly and is much easier to maintain. I'll be finishing up some small features shortly, but I don't foresee any more major framework overhauls at this point. @Dave-ee Jones Feel free to submit a PR with whatever additional UI changes you want to see! If anyone else wants to contribute, or test (especially on Windows) please jump right in!
  13. bg-wa

    Bash Bunny Studio

    Bash Bunny Studio can now: - Edit multiple files in your payload folders. - Run Git commands - Glow in the dark ENJOY!
  14. bg-wa

    Bash Bunny Studio

    I just put this on a CHIP (w/ battery, hosting an AP), and I can now manage/edit payloads, from my phone over wifi!! This is cool because I can now use one BB, and load/edit any payload I want, in the field on the fly! If I want to change the OS, target_dir, or ETH adapter, I don't even need a laptop! Pretty stoked about this! @C1PH3R you are correct. For now, you can only edit the payload.txt on each switch, I'll probably add some recursive editors to each payload tab, but I'll need some logic to determine syntax hilighting for different file types... I should probably add a tab to access loot data as well... and a BB updater... Lots of fun stuff ahead, but the core is here. @Sebkinne Let me know if there are any other features you had in mind for this project. This is quickly becoming my main development workflow, so I'm sure I'll be adding it quite a bit over the next few weeks.
  15. bg-wa

    Bash Bunny Studio

    Here is a little tool I wrote today to manage most bash bunny functions from the web browser. I was tired of copying files all over the place in a file manager, so this lets me do 90% of my development from one screen. This tool lets you mount/unmount the bunny, clone a BB github repo, one-click copy payloads to either switch, in-browser edit payloads, manage extensions, and view debug logs. Feel free to fork and add to it! https://github.com/bg-wa/bash-bunny-studio