phlakvest

Am I incorrect in thinking I should be able to run GET TARGET_IP from the shell?

I'm not sure if I'm on to something, or going about it completely wrong. From the shell if I run, find / -name get.sh the file comes back in /usr/local/bunny/udisk/payloads/library/extensions/ after a clean flash this directory has the same files as if I browse to the mass storage disk in /payloads/library/extensions. If I create a "new.sh" file in that directory from the USB drive, eject, and plug the bash bunny back in, the file is still there if I browse through mass storage. However if I browse to that directory from the shell, the new.sh file I created isn't there. Running find / -name new.sh doesn't find anything either. If I create a file in that directory from the shell then the file is there after an eject/replug, but the file isn't there if I browse the mass storage? Should this not be the same location with the same files?

I am running 1.1 I have tried reflashing for good measure, and I have also tried the latest version of the quick creds script. If I replace the GET portion of the script, with the execute lines out of get.sh I can get quickcreds to work, so I'm able to make any of the scripts that are using that variable work. Its just kind of annoying to have to do that to every script. When I do a little more digging, it doesn't look like any of the functions declared in the extensions directory are valid commands. My linux skills are a little rusty, could somebody explain how the extensions are loaded on startup, is there an rc.d script that is supposed to run them?

Are you running ADFS to integrate your users with Active Directory? If so you can restrict access to the ADFS proxy to restrict authentication to lock down all O365 external access. To only restrict Sharepoint Online to a subset of IPs you can try the Set-SPOTenant Cmdlet. https://technet.microsoft.com/en-us/library/dn917455.aspx I haven't tested it but based off the article, it will work.

JHack, Here is what I did to get responder to work on BB 1.1 1. Download the responder repo to a zip file. https://github.com/lgandx/Responder/ 2. Extract the zip file, Rename Responder-master to responder. 3. Copy that responder to /tools/ on the USB drive while in arming mode. 4. Safely Eject. 5. Plug the bunny back in, it will flash purple briefly then go blue. 6. Connect via Serial, or SSH and verify you have a /tools/responder folder. I would think impacket would work the same way since like responder its a collection of python scripts. https://github.com/CoreSecurity/impacket

Is the GET command working for other people? I'm trying to get quickcreds working on 1.1, In the changelog it mentions the GET command will re-export the system variables, but if I replace the source line in the quickcreds script it still flashes a red light. Running GET from bash gives me command not found. If I manually export the environment variables each time it works, but that's not the most elegant solution. export HOST_IP=$(cat /etc/network/interfaces.d/usb0 | grep address | awk {'print $2'})