Dave-ee Jones

I've thought about 3D printing my own case numerous times, but to design one basically means trial and error about 30 times (30 different prints that each go for anywhere between an hour to a day) to get the sizes and nicks just right. That is a lot of plastic...

I've left mine in for a while day in Arming mode, and once for a few hours while serving a webserver for my work. Hasn't overheated. Gets warm but doesn't melt. Mind you, since the 1.1 update the payloads have a timeout and therefore since they do not do anything they cannot overheat...

Question: How did you get into the bunny_framework and change the hop command?

What he is saying is you need to manually install the drivers. Go to Device Manager and locate the Unknown Serial Device or similar. Then, update the drivers (selecting the Manual/I will find the drivers option) and when it asks where you want to update them from select the BashBunny file system (D:\ drive or something like that) and then select Okay/Apply/Confirm or whatever. It should automatically start updating and shouldn't take too long. Then you can use PuTTy (or similar) to serial into the Bunny (make sure you use the correct settings - read the readme.txt file in the docs folder on the BB).

Hi guys, Once again, Dave-ee Jones comin' at you with another question! How would one loop forever until an IP address (172.16.64.10-12), via DHCP, has been given to the client? Looking for something like this... while cannot_see_client { sleep 1 } # Continue with rest of code

Uhuh. Recovering your BB does reset your version, by the way. As I said above :)

Maybe try removing the line 'source bunny_helpers.sh' from the payloads. Since that line is irrelevant and the bunny_helpers.sh doesn't exist anymore, all variables being made environmental. Also, some LED calls might not work anymore either, as that method was redone. EDIT: Recovering my BB right now because I forgot my login, but I'll let you know if it reverts to BB version 1.0 (I will probably keep 1.0 until 1.2 comes out, as 1.1 is very buggy). UPDATE: Recovering my BB did indeed set the version back down to 1.0_167.

Yes, I noticed other people had issues with their payloads stopping. Apparently the bug came out with 1.1. Just confirming, you did say you would fix that in 1.2 correct, @Sebkinne? EDIT: Also, for some reason whenever my BB is in the RNDIS_ETHERNET attackmode, any requests I make to the internet (e.g. trying to access Google) fail. Meaning, the BB is apparently overriding everything, which means I cannot share internet between BB and computer. Waddaya think?

Generic HTTPServer script (this is my SimpleHTTPServer version, CGI was basically the same except I added a cgi_directory). import etc, etc, etc. rootdir = os.getcwd() global bRunning bRunning = True class http_handler(SimpleHTTPServer.SimpleHTTPRequestHandler): def do_GET(self): found_type = '' if self.path.endswith('/'): self.path = '/index.html' found_type = 'text/html' try: if self.path.endswith('.html'): found_type = 'text/html' if self.path.endswith('.css'): found_type = 'text/css' if self.path.endswith('.js'): found_type = 'application/javascript' if self.path.endswith('.php') or self.path.endswith('.txt') or self.path.endswith('.md'): found_type = 'text/plain' if found_type != '': self.send_response(200) self.send_header('Content-type',found_type) self.end_headers() f = open(rootdir + self.path,'r') self.wfile.write(f.read()) f.close() if found_type == 'text/html' and self.path.endswith('exit.html'): global bRunning bRunning = False return except IOError: self.send_error(404,'File not found: %s' % (rootdir + self.path)) def run(): httpd = SocketServer.TCPServer(('0.0.0.0',8080),http_handler) while bRunning: httpd.handle_request() run() Also, just to let you know, I'm playing around with PHP's in-built server and it isn't serving me well either (pun intended).

Hey all, I've got a problem with my python server. The Bash Bunny doesn't want to handle it forever, so it seems to stop handling after about 5 seconds (or shutting it down, can't tell which). The exact same code works locally on my computer (python script that runs a simple SocketServer), and it runs forever (using httpd.serve_forever()), however the BB doesn't want to run it forever. Any ideas why the BB stops handling? EDIT: Just for those that are interested, the browser error says "Site cannot be reached; connection was reset (ERR_CONNECTION_RESET)".

So all it does is stay in recovery mode for eons? It doesn't boot into flash drive mode at all? I wonder if you can ask for an image and format the USB and load the image onto it. Might work...

... You realise there is only like 6 steps there that are very easy to follow ... Not sure how you found that hard but when he said it like that you found it easy...? :P

Windows 10 has problems with STORAGE and ETHERNET modes. Not sure why, but Windows 7 works fine.

Mine works fine. You probably need to setup the ethernet adapter. Make sure your BB is in Ethernet mode while it is plugged in and then go to your Device Manager (just type it in Start menu/Cortana). Then go down to either Unidentified Devices or Adapters (Ethernet ofc). Right click on the Serial device or Unidentified Device (should come up as one of those) and update the driver MANUALLY by selecting the drive that the BashBunny is hosted by (e.g. D:\ drive) and update it via that (just select the drive, not anything in it). It should automatically install the driver after that. This is all assuming you have the problem where the adapter isn't recognised with Windows 10...

It should automatically get that IP via the DHCP server on the BB, so you don't need to set a static IP. This is what your payloads thing should look like: ATTACKMODE RNDIS_ETHERNET <your code here> The BB can only act as an ethernet adapter if you tell it to (via ATTACKMODE). If you use a *nix machine or Mac then use: ATTACKMODE ECM_ETHERNET

The BB gives IPs. However, it can only give/get an IP if it is in an ethernet attackmode (e.g. RNDIS_ETHERNET). Default IP is 172.16.64.1 for the BB, 172.16.64.10 for the connected computer.

Yeah, that's what I had thought and hoped, was just making sure it wasn't another Pineapple thing (no offense, but I would hate to be constantly missing out on new hardware). I am assuming there will be a changelog of what you've changed/added?

Sounds like he didn't research the BB before he bought it... Rookie mistake :P

Ready to ship? Are you saying that the BashBunny is getting a hardware upgrade? I don't want to constantly keep buying BashBunnys though...

Why are you instantly changing attackmode? You can change it halfway through your code. Doing this ATTACKMODE RNDIS_ETHERNET ATTACKMODE HID does not make it do both at the same time...It only swaps our the mode. E.g. will end up in HID mode. Decoy meant something like this: ATTACKMODE HID Q GUI r Q DELAY 200 Q STRING cmd Q ENTER Q DELAY 500 Q STRING echo You numpty Q ENTER ATTACKMODE RNDIS_ETHERNET python -m SimpleHTTPServer 8080 This starts up a CMD prompt, says something in it and then starts up a python server afterwards.

Heyo! I am trying to mount a directory into another directory, like so: /root/udisk/payloads to payloads (where payloads is in the same directory as the payload running this command) I want to be able to access any files in 'payloads' how I would as if I was in '/root/udisk/payloads'. Should I use a symlink or mount? What are the advantages/disadvantages? If I used symlink (ln) would I use hard links or symbolic links?

Yeah, I noticed that, so I got a bit confused when he asked how to serial into it but then start asking how to fix giving the BB internet...

Should work fine I believe.

Me too, except with my BB.

Device Manager. Assuming you're using Windows, you can open up Device Manager and check your COM ports, USB ports and Ethernet ports.