Dave-ee Jones
-
Posts
1,488 -
Joined
-
Last visited
-
Days Won
40
Posts posted by Dave-ee Jones
-
-
1 hour ago, qdba said:
yes, that's what I said.
The only way for me to get rid of the timeout problem at the moment was set the Timeoutsec variable as I described in the first post of these thread. But it is only for experienced linux users who knows what they do. For others waiting for FW 1.2
Mmm. I'm a Windows guy. Never really played around with Linux until I got my BB...
-
I use LastPass atm. Works very well. Not sure about this Citrix stuff your talking about though, that's news to me.
-
1
-
-
On 4/11/2017 at 5:27 PM, qdba said:
while [ $(ping -c 1 -W 1 172.16.64.10 >/dev/null ; echo $?) -ne 0 ] ; do
sleep 1
doneThankin' yo'.
-
On 4/11/2017 at 5:38 PM, qdba said:
Look here
Yes, that was what I was suspecting.
Please, 1.2, come soon bb...
-
On 4/12/2017 at 8:18 AM, jafahulo said:
Hey all, In the interest of my bash bunny not overheating again, I'm looking to print a new case for it. Does anybody have any cad models of an alternate case for the bb? If not, a cad model of the bare bone bb (no case)?
If nobody has one, then I'm planning on either:
- drilling holes in the case
- Having my uncle (who designs these things for a living) design a new case that allows airflow.
Thanks!
I've thought about 3D printing my own case numerous times, but to design one basically means trial and error about 30 times (30 different prints that each go for anywhere between an hour to a day) to get the sizes and nicks just right. That is a lot of plastic...
-
I've left mine in for a while day in Arming mode, and once for a few hours while serving a webserver for my work. Hasn't overheated. Gets warm but doesn't melt.
Mind you, since the 1.1 update the payloads have a timeout and therefore since they do not do anything they cannot overheat...
-
9 hours ago, qdba said:
hi sebkinne
I changed the bunny_framework and changed the hop command at the last line to hop &
Payload does not work and when I boot in arming mode the blue Led stop blinking and goes off after a few seconds. I can login in serial mode.
can you confirm?
I will so some more investigation and give you some logs.
Question: How did you get into the bunny_framework and change the hop command?
-
What he is saying is you need to manually install the drivers.
Go to Device Manager and locate the Unknown Serial Device or similar. Then, update the drivers (selecting the Manual/I will find the drivers option) and when it asks where you want to update them from select the BashBunny file system (D:\ drive or something like that) and then select Okay/Apply/Confirm or whatever. It should automatically start updating and shouldn't take too long.
Then you can use PuTTy (or similar) to serial into the Bunny (make sure you use the correct settings - read the readme.txt file in the docs folder on the BB).
-
Hi guys,
Once again, Dave-ee Jones comin' at you with another question!
How would one loop forever until an IP address (172.16.64.10-12), via DHCP, has been given to the client?
Looking for something like this...while cannot_see_client { sleep 1 } # Continue with rest of code -
21 minutes ago, Bryfi said:
I have re-coded all the possible LED conflicts and fixed the lighting issue but the payload still wouldn't run. Said payloads either didn't source bunny_helpers.sh at all or were already coded for environmental variables.
EDIT: Had to keep bunny_helpers.sh for some payloads to work(WiPassDump). It's existence should not bother other payloads that don't source it.
Uhuh.
Recovering your BB does reset your version, by the way. As I said above :)
-
1
-
-
12 minutes ago, Bryfi said:
This update has not been a productive one and I am wondering if there is a safe way to revert back to 1.0. This update has broken a couple payloads for me that were working before 1.1.
Should I factory reset the BB? The said payloads (BunnyTap, Quickcreds mainly) are apparently working for others but I cannot seem to get it to work.
Maybe try removing the line 'source bunny_helpers.sh' from the payloads. Since that line is irrelevant and the bunny_helpers.sh doesn't exist anymore, all variables being made environmental.
Also, some LED calls might not work anymore either, as that method was redone.
EDIT: Recovering my BB right now because I forgot my login, but I'll let you know if it reverts to BB version 1.0 (I will probably keep 1.0 until 1.2 comes out, as 1.1 is very buggy).
UPDATE: Recovering my BB did indeed set the version back down to 1.0_167.
-
14 hours ago, oXis said:
I've been also working with a HTTP Python server with firmware 1.1 of the Bunny and I discovered that sometimes, when you reach the end of the payload, the server stop working. But it doesn't happen all the time, it's like the bunny kills the payload. If it happens, you can see the LED switched off.
Put a "sleep 60" a the end of the payload and see if this is the same error.
Yes, I noticed other people had issues with their payloads stopping. Apparently the bug came out with 1.1.
Just confirming, you did say you would fix that in 1.2 correct, @Sebkinne?
EDIT: Also, for some reason whenever my BB is in the RNDIS_ETHERNET attackmode, any requests I make to the internet (e.g. trying to access Google) fail. Meaning, the BB is apparently overriding everything, which means I cannot share internet between BB and computer. Waddaya think?
-
1 hour ago, Sebkinne said:
Without seeing what python code you are running, we can't really help you :)
Generic HTTPServer script (this is my SimpleHTTPServer version, CGI was basically the same except I added a cgi_directory).
import etc, etc, etc. rootdir = os.getcwd() global bRunning bRunning = True class http_handler(SimpleHTTPServer.SimpleHTTPRequestHandler): def do_GET(self): found_type = '' if self.path.endswith('/'): self.path = '/index.html' found_type = 'text/html' try: if self.path.endswith('.html'): found_type = 'text/html' if self.path.endswith('.css'): found_type = 'text/css' if self.path.endswith('.js'): found_type = 'application/javascript' if self.path.endswith('.php') or self.path.endswith('.txt') or self.path.endswith('.md'): found_type = 'text/plain' if found_type != '': self.send_response(200) self.send_header('Content-type',found_type) self.end_headers() f = open(rootdir + self.path,'r') self.wfile.write(f.read()) f.close() if found_type == 'text/html' and self.path.endswith('exit.html'): global bRunning bRunning = False return except IOError: self.send_error(404,'File not found: %s' % (rootdir + self.path)) def run(): httpd = SocketServer.TCPServer(('0.0.0.0',8080),http_handler) while bRunning: httpd.handle_request() run()
Also, just to let you know, I'm playing around with PHP's in-built server and it isn't serving me well either (pun intended).
-
Hey all,
I've got a problem with my python server. The Bash Bunny doesn't want to handle it forever, so it seems to stop handling after about 5 seconds (or shutting it down, can't tell which). The exact same code works locally on my computer (python script that runs a simple SocketServer), and it runs forever (using httpd.serve_forever()), however the BB doesn't want to run it forever.
Any ideas why the BB stops handling?
EDIT: Just for those that are interested, the browser error says "Site cannot be reached; connection was reset (ERR_CONNECTION_RESET)".
-
So all it does is stay in recovery mode for eons? It doesn't boot into flash drive mode at all? I wonder if you can ask for an image and format the USB and load the image onto it. Might work...
-
On 08/04/2017 at 8:03 AM, ok4r said:
Thanks! That worked
...
You realise there is only like 6 steps there that are very easy to follow
...
Not sure how you found that hard but when he said it like that you found it easy...? :P
-
5 hours ago, K00B404 said:
Any idea why it fails when i do?
ATTACKMODE STORAGE RNDIS_ETHERNET
Windows 10 has problems with STORAGE and ETHERNET modes. Not sure why, but Windows 7 works fine.
-
1
-
-
Mine works fine.
You probably need to setup the ethernet adapter. Make sure your BB is in Ethernet mode while it is plugged in and then go to your Device Manager (just type it in Start menu/Cortana).
Then go down to either Unidentified Devices or Adapters (Ethernet ofc). Right click on the Serial device or Unidentified Device (should come up as one of those) and update the driver MANUALLY by selecting the drive that the BashBunny is hosted by (e.g. D:\ drive) and update it via that (just select the drive, not anything in it). It should automatically install the driver after that.
This is all assuming you have the problem where the adapter isn't recognised with Windows 10...
-
1
-
-
7 hours ago, Hectortxz said:
So When I Go To The IPV4 Properties I Set The IP To 172.16.64.10 ?
It should automatically get that IP via the DHCP server on the BB, so you don't need to set a static IP.
This is what your payloads thing should look like:
ATTACKMODE RNDIS_ETHERNET <your code here>
The BB can only act as an ethernet adapter if you tell it to (via ATTACKMODE).
If you use a *nix machine or Mac then use:
ATTACKMODE ECM_ETHERNET -
The BB gives IPs.
However, it can only give/get an IP if it is in an ethernet attackmode (e.g. RNDIS_ETHERNET).
Default IP is 172.16.64.1 for the BB, 172.16.64.10 for the connected computer.
-
1 hour ago, Sebkinne said:
It'll be available when Darren and I finish our final checks. A forum post will be created letting you know all the details
The firmware is "Ready to ship". No new hardware, don't worry.
Yeah, that's what I had thought and hoped, was just making sure it wasn't another Pineapple thing (no offense, but I would hate to be constantly missing out on new hardware).
I am assuming there will be a changelog of what you've changed/added?
-
Sounds like he didn't research the BB before he bought it...
Rookie mistake :P
-
1 hour ago, Decoy said:
So after the latest episode of Hak5, you mentioned 1.1 was ready to ship. When will this be available, and is there a new feature list?? You guys are awesome for pumping this out so quickly. I'm super excited.
Ready to ship? Are you saying that the BashBunny is getting a hardware upgrade?
I don't want to constantly keep buying BashBunnys though...
-
13 minutes ago, Seczilla said:
Thanks @Decoy. The Wiki was the first read I had.
I know I don't have to do them all at the same time but I don't like switching between HID and Ethernet for example. The reason is that it creates delays every time I switch.
Take this example:
LED R B #ATTACKMODE HID RNDIS_ETHERNET ATTACKMODE RNDIS_ETHERNET ATTACKMODE HID LED G Q GUI Q DELAY 500 Q STRING cmd.exe Q DELAY 100 Q ENTER Q DELAY 500 Q STRING ping -t 172.16.64.1 Q ENTER
At first it creates the Ethernet interface just fine. Then it switches to HID and the Ethernet goes away (as expected). ATTACKMODE HID RNDIS_ETHERNET does not work either. It will fail to create the Ethernet interface and after that starts typing.
At https://forums.hak5.org/index.php?/topic/40246-windows-10-support/ it looks like I am not the only one having this issue. @Darren Kitchen said:
So the only way I found it was working on Windows is using HID first to create a loop and wait for the Ethernet connection to come to life. Not a sexy solution - more like a workaround. Technically it should be possible to have the BB register as HID AND Ethernet at the same time.
Why are you instantly changing attackmode? You can change it halfway through your code.
Doing this
ATTACKMODE RNDIS_ETHERNET ATTACKMODE HIDdoes not make it do both at the same time...It only swaps our the mode. E.g. will end up in HID mode.
Decoy meant something like this:
ATTACKMODE HID Q GUI r Q DELAY 200 Q STRING cmd Q ENTER Q DELAY 500 Q STRING echo You numpty Q ENTER ATTACKMODE RNDIS_ETHERNET python -m SimpleHTTPServer 8080This starts up a CMD prompt, says something in it and then starts up a python server afterwards.
-
1
-
[Payload] FTP Exfiltrator
in Payloads
Posted
Couldn't you ping the website? If that fails then you can make a log file that says 'Couldn't ping FTP' and once the script is done the payload continues, which means you can do a file read in the payload that reads the log file and if it gets returned the string 'Couldn't ping FPT' then you can set the LED to red or something.
Just an idea.