Jump to content

Opticon

Active Members
  • Posts

    19
  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Opticon's Achievements

  1. Hello again @datguy_dev ! As @Dave-ee Jones suggested, you may be able to resolve it using my method. However, I am not daft nor ignorant, as you wrote; I'm truly sorry for your situation, as I have exhausted all options. Put in a word to Hak5 and see about an exchange.
  2. @datguy_dev Well guess what? Mine did the same thing. It was just as you wrote; "there is a duration of time of when the BB is left unplugged - that when plugged back into a power source - that produces different boot sequences for the BB." So, I'll tell you when this started becoming an issue, not to mention I lost the ability to use payloads in switch position 2. I was advised to update to firmware 1.3, as new features had been made available. I was running the out-of-box- 1.0 without incident. After writing and researching, I changed to a firmware that I hadn't used, as recovery mode would not work- contrary to what is in writing. Firmware 1.2 resolved it. Every single time I use it, it operates the same, with no random lights at boot or disconnection from my system, and I can leave it plugged in for hours. So contrary to any advice given on the board, I will not use 1.3 as it caused a myriad of problems including everything you wrote and more! -Cheers
  3. Opticon

    BB vs RP Zero

    I'm with you 100%, "easier said than done." I chose the Bash Bunny out of loyalty to Hak5, however, I'm wondering if I should have bought the USB Armory instead. Sure it's been discussed on here on separate threads ad nauseam. Still, with some payloads working and others not, I read this about an RP Zero and wonder how the other half lives. You probably have more granular abilities than I do with the BB. -Cheers
  4. Just a quick question, @Mrnoname. The Bunny is convenient and essentially useable as it is a USB device. Thus, any computer is vulnerable as long as they have USB ports- never seen one yet that doesn't. How practical would a device with an HDMI interface be in the world of pentesters? Better yet, can you name a single instance where this would be of use, and please don't write back Kodi. -Cheers
  5. Great work @couchTornado! I hope you received my message. Also, @WiFiJuice posted a great keyboard map for the Swedish layout, and like so many others confirmed that the one being downloaded is incorrect and or corrupt. Good luck with this firmware issue- I refuse to go to 1.3 because it renders all Mac payloads useless.
  6. Thank you @unixnerd777 and @couchTornado. When I am finished with the rewrite of the original, I'll be sure to add these details to the payload.
  7. @Dave-ee Jones @illwill Thank you for everything you provided. The code for PasswordGrabber is as follows: LED ATTACK ATTACKMODE HID STORAGE DUCKY_LANG se RUN WIN powershell ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\d.cmd')" LED FINISH Can I simply replace the d.cmd file with the one used in WifiCreds? Or do I need to retool the powershell code also? Thanks again!
  8. @illwillYou have placed so much effort into this, as has Sally Vendeven. Unfortunately, neither of these work on three Windows 10 boxes and four VMs. Sadly, running a.cmd does exactly what this payload proposes to do, but you must execute it manually. So, if I'm left with no other option, using several scenarios, how do I make a simple payload that calls upon a.cmd? Seriously! After months of coding and comparing, the Windows-based command works effortlessly. Let it do just that, and teach us all how to call upon that file in the beginning and leave it there. Please get back to me at your convenience, as I appreciate your time. -Opticon
  9. So, when using macinfograbber it doesn't work unless I comment out the following lines: QUACK STRING cat \~/Library/Application\\ Support/Google/Chrome/Default/Cookies \> /Volumes/BashBunny/$lootdir/chromecookies.db Upon further inspection, I located my Cookies file on all of my Macs. It's here: /Library/Application\\ Support/Google/Chrome/Profile\\ 3/Cookies Is there anything I can do to change this? Meaning, are all of my computers unique in some way, or is this normal Chrome file placement, and can code be added to look for all profile folders and the cookie files therein? Thanks in advance! -Cheers!
  10. Opticon

    Captive Portal

    @Mohamed A. Baset I can confirm that on an unlocked Windows box captive portal will automatically launch a browser and direct it to the "evil portal." I hope this helps you. As for Mac, it won't automatically launch a browser as it does in Windows. -Cheers!
  11. Opticon

    Captive Portal

    Thank you for getting back to me, SRG. After I read your reply, I immediately realized that I had not factored that into the equation. So, I went to twelve different sites, all with HTTP only. Sure enough none of them forwarded to the captive portal. I figured trying Chrome, Canary, Chromium, Safari and Firefox would help me in reducing the problem, but alas, nada. However, it runs great under Windows, which is exactly what I plan to exploit! It just bothers me that I can't figure it out- there's got to be more running under the hood that we can't access. Thank you SRG for all of your efforts and answering the second part of that question :-) -Cheers!
  12. Opticon

    Captive Portal

    Hello World! Ok. So here's the rub, even with the code provided by JBNZ and Sebkinne, it absolutely does not work on any browser on any of my 10.9, 10.10, and 10.11 Macs. You have to manually type the IP and port, and only sometimes will that actually work. However, on a Windows 10 computer, that I never use, it ran on it's first try- opened a browser, redirected to the Captive Portal, and recorded every failed attempt in a nice log file! Perhaps it helps that there's a nice EXE for Windows to use, but what about Apple's architecture? What's handling that? Final question- how is this practical? The Bash Bunny is meant to be inserted into the target computer that the "mark" will be using. So, how do we get it back? Please take mercy on my first post and I promise to read every response. Thank you all in advance :-)
×
×
  • Create New...