Dave-ee Jones
-
Posts
1,488 -
Joined
-
Last visited
-
Days Won
40
Posts posted by Dave-ee Jones
-
-
19 hours ago, JBNZ said:
You seem to be mixing up some instructions. You ask how to serial into the bash bunny, but the instructions in your second post are the wiki instructions for "Sharing an Internet Connection with the Bash Bunny from Windows". These are different tasks. Instead, follow these steps: http://wiki.bashbunny.com/#!./index.md#Connecting_to_to_the_Bash_Bunny_Serial_Console_from_Windows
Yeah, I noticed that, so I got a bit confused when he asked how to serial into it but then start asking how to fix giving the BB internet...
-
On 4/2/2017 at 1:08 AM, JustASkid said:
I connected to the BB by the serial console and I want to copy a file from there and add it to my computer. Will it be the same as cp and just giving it a path ok my computer?
Should work fine I believe.
-
On 4/2/2017 at 0:45 AM, Decoy said:
Yeah, I really didn't start playing around with or learning PowerShell until I got my Rubber Ducky. Easy to learn, and extremely effective.
Me too, except with my BB.
-
On 4/2/2017 at 4:06 AM, Hectortxz said:
How Do I Check That
How Do I Check That ?
Device Manager. Assuming you're using Windows, you can open up Device Manager and check your COM ports, USB ports and Ethernet ports.
-
On 4/1/2017 at 6:38 PM, JBNZ said:
A simple and terrible example would be a payload which contained simply:
ATTACKMODE ECM_ETHERNET python -m SimpleHTTPServerOnce this executes, the full bunny filesystem is exposed to the target on on http://172.16.64.1:8000/, which is the bunny's default IP and SimpleHTTPServer's default port. Options to SimpleHTTPServer would let you better specify a directory to serve from and an alternative port.
Ah so kind of like an FTP server but not...Interesting. I've been using Powershell's webserver capabilities which don't easily allow you to access the files...Can you set up HTML/CSS styles for the python server or no?
-
Yes well, congratulations :)
Lots of people are a bit too keen to use their BB instantly and they can get a bit excited, skipping out on some things if the BB does fail/drivers aren't installed properly, which can make things worse.
It just depends on how your computer takes the BB (does it install correct drivers, does it even check the BB for drivers etc.), if your BB is faulty or not and things like that.
Enjoy your new BB and learning how to pentest with it :)
-
Simple but effective.
Utilising simple powershell commands and functions is definitely one of the best things about Ducky script...
-
1
-
-
3 hours ago, JustASkid said:
I was moving payloads and got trigger happy
Rightio.
Fair enough...I guess?
-
4 hours ago, soup4you2 said:
You can also download putty, open device manager and see what COM port was added by the bunny (in ARMING mode). then tell putty to use serial over that COM port at speeds of 115200
That's the best way to go.
Also, make sure the Windows has set the correct drivers for the BB. If it comes up as Gadget Serial or something like that and not Unknown Serial USB it will work fine. If it is unknown, update the drivers manually and select the BB as the driver. It should fix it fine.
-
1
-
-
36 minutes ago, JustASkid said:
I put it into arming mode and tried recreating the files. now every time I place it in any switch it only runs the last payloads I used before I deleted the files.
Download the repo. Go to bashbunny.com and click on Payloads underneath the BB picture. Then download the whole repo and copy it raw to your BB's main directory. Should work fine.
Just a question: why would you delete everything?!
-
22 hours ago, Draxiom said:
Have you tried this payload? The main function is swapping out payloads and no zips are necessary. Also, I did incorporate GitBunnyGit, because I wrote that payload too... thanks for the plug ;). Using php and ajax calls, BrowserBunny copies each payload from the library folder, to the available switch directory. So the first step clones the repository on the bunny so all payloads are stored locally. The second step uses a command like:
exec("cp -r /root/udisk/payloads/library/BunnyTap/* /root/udisk/payloads/switch2/.");Isn't that what you are describing?
Yes that's all well and good..with PHP. JavaScript doesn't allow you to do half of that. Only way to really do it is run a powershell script from JS and do the copies that way.
What I might do is use your GitBunnyGit to update the repo.
-
17 hours ago, JBNZ said:
Presumably you'd want to expose the file to the target either as a USB storage device and address it that way, or by running a server on the BB and accessing the file over the network.
How would you access the file via a server on the BB? I'm interested to know as I'm making a webserver payload, and I want it to be able to access files on the BB and client.
-
16 hours ago, Saryon said:
Thanks @Dave-ee Jones, for the response. Sadly, this means that the Bunny will not run out-of-the-box as an ethernet device. And, when attacking random systems, that means that the Bunny will not work as advertised and renders it essentially useless except as a Ducky-with-storage device.
And the reason I had SERIAL, STORAGE and RNDIS_NETWORK configured was so I can debug why I could not get the networking part to work on MacOS. I didn't want to arm it (add extra functionality), I wanted it to work over the network and without serial, I couldn't connect to it as SSH didn't start up.Well, if that were the case, what would be the point of it having an Ethernet adapter attackmode? Think about it logically, it would be useless as a pentesting tool if it couldn't even auto configure it's drivers.
I've found that it works fine on any other Windows computer after you have set the drivers on the first computer, probably because it sets up the driver on the USB and Windows reads it and goes, "Oh, you have drivers on you! Great! Lemme just install them.."
You have to think logically, don't just go "pfft, this thing is useless if I have to set it up on every PC I use it on!" Yes, it would be, but guess what? It isn't! :D
-
4 hours ago, apogee said:
Are you by chance using the short USB cable that came with the Bashbunny? I find it to intermittent at best with the cable. Plugged-in directly, the unit is solid. - John
I have that same issue. OTG cables seem fine most of the time, but are a bit fiddly too.
-
2 minutes ago, Draxiom said:
Are you messing with me? Cause that is the other only functionality of this payload. The console will git clone directly to the device, and the payloads page helps you swap out the payloads from the git repository.
Pfft, messing with you, yeah why would I-why would-pfft-no.
Seriously though, it is a pretty big issue to get around. You more than likely incorporated your own GitBunnyGit which means you didn't do it the way I want to do it
I was hoping there was a way to do it all with JavaScript but atm all I have it do is download the repo and not do anything with it. Extracting a ZIP is far easier with PHP but then if you want to move files or anything like that you would need to use JavaScript or something else other than PHP.Easiest thing I can think of is make JavaScript run Powershell which can then do anything you need it to, but you have to make sure it is all client side and not run by the Bunny (otherwise it be like "What is this .zip you keep speaking of? I don't have anything like that!").
Swapping out Payloads is probably not going to happen with my webserver though, if that makes you feel any better...
-
Yo, it is quite neat and all, but what do you mean faster than HID strokes? Once you've opened powershell all you need to do is tell it to run a .ps1 script sitting right next to the payload and it'll do the rest without HID strokes.
How is it faster?
-
Powershell would probably be the best way. Maybe not the most efficient...
Create a powershell script that is run by the payload.txt that says something like:
Copy-Item -Path "/root/testing/test.txt" -Destination [Environment]::GetFolderPath("MyDocuments") -ForceNot sure if that will actually work as "/root/testing/text.txt" is a *nix path for the BB, you can't really access it from Windows Explorer...
-
1 hour ago, sungod88 said:
Would you mind giving me a few reasons for your preference, I would love some user examples and input.
Bunny can do everything a Ducky can AND have more functioning in terms of general programming. E.g. If statements, while loops, python, powershell etc.
Not to mention you can also turn it into an Ethernet Adapter and storage device (and all 3 in one...). It is far more useful as a pentesting tool.
-
1
-
-
Hey,
I am trying to download a folder (not a .zip) from a GitHub repository and save it the contents to a local folder from inside PHP/JavaScript.
The contents are other folders and text files.I know how to download specific files or zips from GitHub but downloading a folder that has other folders in it...Would be easier to just download the .zip of it but unfortunately it is a folder, not a .zip.
Any possible way anyone can think of to achieve this?
Would be great :) -
6 hours ago, Draxiom said:
Yes the web server is hosted on the bb and is on port 80. Not sure if a 3 way usb port would route the traffic though. LMK if you get that working.
I would try it but I don't have a spare 3-way USB port handy, let alone 3 devices...
Well, I guess I could use 2 Android phones connected on OTG...
Also, anyone got any ideas as to how I would download a GitHub repository of the payloads and replace the current library folder with the downloaded library folder inside the whole GitHub repo? Would be much simpler if Darren made the folders in the repo zips...
-
Sayon, RNDIS and Serial isn't immediately recognised by Windows. You need to set it up first.
On the USB there should be a windows config file, which allows you to update the USB's driver (Serial and RNDIS) and instead of choosing 'Check online for driver' or 'Check windows update for driver' select 'Manually choose a driver' and select the BashBunny USB. That'll fix most of your problems.
Also, if you want to use SERIAL and STORAGE don't use a payload to do it, just use Arming mode, which is made for that sort of thing.
-
Yeah, exec() seems to be the easiest way to go, and in some ways the nicest.
In regards to connecting to the BBs webserver, the computers that are being hosted by the BB can, right? As in, if you had a 3-way USB port from the BB to the computers (DHCP server giving them the 172.16.64.10-12) all of them could access it via 172.16.64.64:8080 (or whatever port you are using, I am assuming it's 80 or 8080) right?
-
I'm confused. Is it fixed or no?
-
I think the main reason for this is you would have no idea what holding down the key would actually do.
Say, if I held down a key on my PC for 5 seconds, it might make a whole wall of text in a single character. If I held down the key on a lower end PC (or even a phone), it might only do half as much. This means you have no idea how many times that button was actually inputted.
So therefore, even if you create a loop to press the button 100 times, you still know it attempted to press the button 100 times.
Very tempted to say 'speed is key' but I figured it wouldn't go down well as a pun...
Symlink or Mount?
in Bash Bunny
Posted · Edited by Dave-ee Jones
Heyo!
I am trying to mount a directory into another directory, like so:
/root/udisk/payloads
to
payloads
(where payloads is in the same directory as the payload running this command)
I want to be able to access any files in 'payloads' how I would as if I was in '/root/udisk/payloads'.
Should I use a symlink or mount? What are the advantages/disadvantages?
If I used symlink (ln) would I use hard links or symbolic links?