Jump to content

trumpet7347

Members
 View Profile  See their activity

  • Posts

    4

  • Joined

  • Last visited

 Content Type 

Posts posted by trumpet7347

    $SWITCH_POSITION

    in Bash Bunny

    Posted

    54 minutes ago, GermanNoob said:

    That's really weird as I tested your first payload on my BashBunny & Computer and it works just fine...

    Have you tested the bunny_helpers.sh "offline" meaning without using in a payload?

    1. Just connect your Bunny and connect to it with screen or ssh
    2. Mount the payload drive to /root/udisk with  
    
mount -o sync /dev/nandf /root/udisk

    3. goto /root/udisk/payloads/library

    4. type "source bunny_helpers.sh"

    5. type "echo $SWITCH_POSITION"

    That should work and tests your bunny_helpers.sh

     

    Just tried this and it helped me figure out that the file was DOS encoded, not Unix. Changed the encoding and everything works fine now. Thanks for the help!

     

    $SWITCH_POSITION

    in Bash Bunny

    Posted

    23 minutes ago, GermanNoob said:

    Sorry, @trumpet7347!

    Obviously I didn't read your post correctly... Having a look again to your code the problem is the brackets: ${SWITCH_POSITION}

    just try this: 

    
QUACK STRING Testing Switch Position, Switch Position is $SWITCH_POSITION

     

    Its ok @GermanNoob, thanks for the help, but unfortunatly I still get the same result.

    I have been doing some more testing and it defenetly seems to be something with my bunny_helpers.sh file. Here is the new payload I was trying out 

    ATTACKMODE HID RNDIS_ETHERNET

source bunny_helpers.sh

QUACK DELAY 1000
QUACK STRING Testing Switch Position, Switch Position is $SWITCH_POSITION
QUACK ENTER

QUACK STRING Testing Target IP, IP is $TARGET_IP
QUACK ENTER

ATTACKMODE RNDIS_ETHERNET

source bunny_helpers.sh

echo "Target Ip is " >> /root/udisk/test.txt
echo $TARGET_IP >> /root/udisk/test.txt
sync

    Here I am trying to see if I can access the $TARGET_IP variable that is also located in the bunny helper file. Unfortunatly I can not, below is the output of the HID section. 

    Testing Switch Position, Switch Position is
Testing Target IP, IP is

    You can also see that I also just tried to see if it was some issue with using HID and Ethernet attacks together, so I made a seperate ATTACKMODE section just using ethernet, and just tried to echo the IP out to a file, which unfortunatly also failed. Here is the contents of the test.txt file 

    Target Ip is

    So it looks like those variables just are not getting populate for some reason, and I am really not sure why.

    $SWITCH_POSITION

    in Bash Bunny

    Posted

    On 3/21/2017 at 2:27 PM, GermanNoob said:

    You need to escape the special characters... look at the examples here:

     

     

    That would actually print out "$SWITCH_POSITION" to the run command though wouldn't it, what I am wanting it for it to print out either "switch1" or "switch2" from the bunny_helpers.sh variable

    $SWITCH_POSITION

    in Bash Bunny

    Posted

    I am having this issue as well, and the SWITCH_POSITION variable is just not working in any of the payloads I try.

    Here is an example payload.txt I have setup 

    ATTACKMODE HID

source bunny_helpers.sh

QUACK GUI r
QUACK DELAY 100
QUACK STRING Testing Switch Position, Switch Position is ${SWITCH_POSITION}

    And this is the output I get

    XnvIW82.png

    And this is the contents of the bunny_helper.sh that is present under payloads/library on the bunny itself 

    #!/bin/bash

################################################################################
# Get target ip address and hostname from dhcp lease.
# This is for the attack mode of ETHERNET specified.
# Without ETHERNET specified, below environment variables will be empty.
#
# How this works?
# 1) ATTACKMODE waits until:
#    a) target ip address is negotiated by dhcp
#    b) time out
# 2) After ATTACKMODE, we can get target ip address and hostname.
################################################################################
leasefile="/var/lib/dhcp/dhcpd.leases"
export TARGET_IP=$(cat $leasefile | grep ^lease | awk '{ print $2 }' | sort | uniq)
export TARGET_HOSTNAME=$(cat $leasefile | grep hostname | awk '{print $2 }' \
		| sort | uniq | tail -n1 | sed "s/^[ \t]*//" | sed 's/\"//g' | sed 's/;//')
export HOST_IP=$(cat /etc/network/interfaces.d/usb0 | grep address | awk {'print $2'})

################################################################################
# Get switch position
# Taken from bash_bunny.sh
################################################################################

check_switch() {
	switch1=`cat /sys/class/gpio_sw/PA8/data`
	switch2=`cat /sys/class/gpio_sw/PL4/data`
	switch3=`cat /sys/class/gpio_sw/PL3/data`
	echo "--- switch1 = $switch1, switch2 = $switch2, switch3 = $switch3"
	if [ "x$switch1" = "x0" ] && [ "x$switch2" = "x1" ] && [ "x$switch3" = "x1" ]; then
		SWITCH_POSITION="switch1"
	elif [ "x$switch1" = "x1" ] && [ "x$switch2" = "x0" ] && [ "x$switch3" = "x1" ]; then
		SWITCH_POSITION="switch2"
	elif [ "x$switch1" = "x1" ] && [ "x$switch2" = "x1" ] && [ "x$switch3" = "x0" ]; then
		SWITCH_POSITION="switch3"
	else
		SWITCH_POSITION="invalid"
	fi
}

check_switch
export SWITCH_POSITION

    Not really sure what I am doing wrong, and any help would be greatly appreciated.

×
×
  • Create New...