[Issue with Bash Bunny Mark 2 not being recognized on Kali Linux]

14 hours ago, Intelkush said:

After testing a payload on Windows 10, the Bash Bunny Mark 2 stopped being recognized on Kali Linux.

Can you tell us which one ?

[Github Information Exfiltration]

Just to mark the topic as solved

[Github Information Exfiltration]

Description : Exfiltrate github username and email

Target : OSX

Download : Github

[Payload Security]

6 hours ago, dark_pyrro said:

that won't happen to my knowledge, either you do it using umount/mount or udisk unmount/udisk mount

not sure though if you mean that the unmount/mount should be executed from the target or on the Bunny itself

and, assuming you mean mount operations of the udisk (either internal nandf or Micro SD card if present)

whatever the way, the goal is to trigger payload run after downloading the new one

[Discord exfiltration]

Just to mark it as solved

[Payload Security]

2 hours ago, dark_pyrro said:

When unmount -> mount it is does the same for the bb than remove it -> plugin

My bad, typing too fast, and my english not as good as i want ^^
If in command line bb is unmounted and mounted does it trigger the run of the payload like if you unplug the bb and plug it again ?

[Payload Security]

The best idea i have for you at the moment is to create a generic payload that download  from an anonymous link like we transfer or whatever the real payload, store it on the BB storage, open a terminal on the host, unmount the bb and mount it. After your attack use the host terminal to delete your payload. If you set your dl link to one time use there will remain nothing "public" of your malicious payload

This idea need to be tested, not sure for the mount unmount

@dark_pyrro When unmount -> mount it is the same for the bb than remove it -> plug it in
 

[Bash Bunny Manager]

and if custom protocol don't work, local agent running a web server do the work

OR a regular desktop app or shell script

[Bash Bunny Manager]

yes

Edit: After some check seems possible without server, just register the custom protocol and do thing, will make a test after my work day

[Bash Bunny Manager]

Need a local server to make hack5 payload "store" communicate with the bashbuny

So that we can have an install button on for example (or in payload studio)

[Bash Bunny Manager]

2 hours ago, dark_pyrro said:

There might be inhouse plans since the new Mk2 Packet Squirrel comes with a web UI in the same design (more or less) as the WiFi Pineapple. Not sure if it will reach the Bunny though

Need a staff info, don't know who know the roadmap
 

2 hours ago, dark_pyrro said:

The idea is good, but there's one "obstacle"; the Bunny doesn't naturally do networking

More simple, just use arming mode and use the OS mount point to transfer file for ex on osx /Vollumes/Bashbunny

[Bash Bunny Manager]

It's a still a need ? Can work on it.

My idea is : 

• A node js local agent or a local app (as you want)
• Add on the website install button that post to an url like bashbunny://payload/install , this king of button could be added to payload studio

 

[Sell hak5 products]

1 hour ago, fjhh said:

fuck you,Here's my number. Have we traded? What did I lie to you about? You can show proof.

Please be respectful, i just mention that your contact information are strange an sounds like a scam.
Btw goodbye

[Sell hak5 products]

Is this a scam ? Phone number (which is a bit weird) and discord (which is not a valid one) are the same

[Discord exfiltration]

Description : Exfiltrate file or string through discord webhook

Download : Github

[User wait response]

13 hours ago, dark_pyrro said:

you mean that the switch would run something else by just changing its position during runtime (i.e. starting on SW1 and then flipping it over to SW2) won't work from what I know when it comes to the bunny_framework

My bad , There is the wait.sh extension that block the payload until switch change. Will resolve the use case too. Input serial nuber, change switch that trigger next steps

[Function default parameter]

5 minutes ago, dark_pyrro said:

Good, I'll wait for the GitHub PR

Discord exfiltration still have some issue, variable scope, escaping. Even with Korben explaination , i'm still a bit lost. What a hell ^^

But the basic usage, exfiltrate text and file works, just want to finish cosmetics with discord embed message feature

[User wait response]

Hi,

On 5/11/2023 at 5:29 PM, RebootUrMom said:

1. Going to bios and turning on ufei/ca

yes if it just need some predefined keyboard input. But if , like on lot of computer your need "perfect" timing to go in bios it will be difficult 

On 5/11/2023 at 5:29 PM, RebootUrMom said:

can I does it support a wait for user response

As far as i know, no, But Bashbunny have a switch and if i remember well (need validation from other people of the community), you can detect the change, and it can be the trigger of the next steps after entering your computer id

[Function default parameter]

nop it's just an improvment, it works with empty var but it not so powerfull than default value

And i have 2 extension at 99%, a discord exfiltration , and a osx extension with lot of system features

[Function default parameter]

I did not ask on discord for this issue but i can. But i don't want to ask more than 20 question a day on discord XD

[Q STRING command issue]

What is the process to send this issue to support ? Issue on github ?

[Function default parameter]

it's part of an extension, i want, when $5 argument not set to replace it by a default value

[Function default parameter]

Hi,

In my extension i am trying to set default parameters, i try this but doesn't work

"MYFUNC")

  if [ -z $5]; then
  	$5=${1:-"foo"}
  fi

  # HERE DO SOMETHING COOL

;;

But it don't work, I'm sure it's possible but i'm not very familiar with bash, i'm a backend developer not an admin sys ^^

[Q STRING command issue]

7 minutes ago, dark_pyrro said:

What happens if you use

QUACK STRING <

As expected the same thing as Q STRING <, get stuck with my LED ATTACK

[Q STRING command issue]

Hi,

According to the documentation the Q STRING command argument don't require quotes. During my work on an OSX layout for bb i discover this strange behavior :
 

LED SETUP
ATTACKMODE STORAGE HID
LED ATTACK

# Line 5-12 are just test to check if the command works well with and without quote
# and that this behavior are the same on the short QUACK command

QUACK STRING Hello World
Q ENTER
QUACK STRING "Hello World"
Q ENTER
Q STRING Hello World
Q ENTER
Q STRING "Hello World"
Q ENTER
Q STRING "<"
Q ENTER
Q STRING <
Q ENTER

LED FINISH

Produce :
 

Hello World
Hello World
Hello World
Hello World
<

I expected

Hello World
Hello World
Hello World
Hello World
<
<
<

The bashbunny get stuck on line 15 (line 14 has been executed), my led stay in LED ATTACK forever. Seems that using the STRING command with symbol without quote make the bunny sick (i have made the test with others symbols).

 

When trying to press the [<] key it the same it's stuck

LED SETUP
ATTACKMODE STORAGE HID
LED ATTACK

QUACK STRING Hello World
Q ENTER
QUACK STRING "Hello World"
Q ENTER
Q STRING Hello World
Q ENTER
Q STRING "Hello World"
Q ENTER
Q STRING "a"
Q ENTER
Q a
Q ENTER
Q STRING "<"
Q ENTER
Q <
Q ENTER

LED FINISH

Is there something i miss understood or it's an issue ?