Jump to content

nicthejack

Active Members
  • Posts

    7
  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

nicthejack's Achievements

Newbie

Newbie (1/14)

  1. Same. Some interesting thoughts in this thread. How to fix not sure yet. Its getting stuck and is never getting out of the following 'while loop'. To fix we have to find out why. --------------- LED B 100 # Wait until files are done copying. while ! [ -f /loot/smb/EXFILTRATION_COMPLETE ]; do sleep 1; done --------------- Is this because the ps script has not run?, or SMB server is not running? something else?
  2. Hi Guys. So i got Internet on the Bunny but big credit to dbum for his help. Thank you dbum. What fixed it: Basically I retraced all the steps from first playing to where I currently was and I realised that having been following some the suggestions on here the only thing I hadn't done was install impacket and responder. The reason I hadn't was because I didn't have internet on the BB to 'git them down.' . Therefore, I concentrated on fixing the internet problem rather than downloading, copying and installing the impacket and responder tools. so, what I did was... Download the 'deb' files of the tools to the local drive of the laptop from the links provided by Sebkinne in his post I then, in arming mode copied the deb files, one at a time into tools folder, unplugged, and then re inserted in arming mode again for auto installation. Repeated for next tool. Then checked and stripped my RNDIS payload in switch 2 to the basics... Set to switch 2, plugged in and BOOM!!! Internet, pinging to my hearts content. Ha! The installation of the tools was the only thing that I had not done so I can only assume this was the fix but of course, horses for courses and all that. For those of you struggling to get the internet if you have not installed them tools give it a try, you never know. If, not perhaps its something else. So, testing the nmapper. Thanks to dbum for helping out here. Due to the settings of the BB and the BB adapter on the windows end a couple of fixes needed to get it going. Basically, the problem was the adapter was manually set to 172.16.64.64 but the DHCP range on the BB side was .10-.12. It looks like what was happening was the nmapper payload is that $TARGET_IP is the IP that was given via DHCP as the BB most likely looks up it's DHCP tables (/etc/network/interfaces.d/usb0 ). As I had a static address in the BB Windows Interface (172.16.64.64) it obviously never would request a DHCP lease. So, taking dbums tip, I changed the Gateway of the BB to 172.16.64.10 and put my Windows interface back in DHCP mode (get IP automatically). The gateway edit is done to the usb0 file located /etc/network/interfaces.d/ and the relevant code section will look like this when done (in bold)... ----------- iface usb0 inet static address 172.16.64.1 netmask 255.255.255.0 gateway 172.16.64.10 dns-nameserver 8.8.8.8 dns-nameserver 8.8.4.4 ----------- From here Internet working, nmapper working and a very productive evening. A beer was in order! Observations: A couple of things I noticed. Even with internet working on the BB if I inspected the status of the adapter on the windows side, yes I had an IP but the status window showed it as No internet connection and No network connection, even though I had one. So, the proof has to be by pinging from SSH on the BB side. I think that perhaps the DHCP edits above should be made anyway to save messing about later. When testing some scripts on the newer firmware don't take it for granted it wil just work. read the change log, ask questions and make the necessary edits to the scripts as in some cases they will need that. For me, this is work in progress. Hope this helps some of you guys out and maybe Sebkinne or one of the other mods could combine this into the other threads on the subject?
  3. Ok. So... One thing I noticed in your steps as opposed to mine is "Plugged in / Selected yes for discoverable network (private)" . That doesn't happen here. But I am guessing its because the drivers are already installed. I have tried a couple of times to reinstall them. I wonder is there a setting in Windows I am missing here. The fact that I can see the BB from windows when I ping it and the same from BB to .64 IP of the adapter on the Windows side. SSH is fine. Putty in ARM mode is ok. all of that side is fine. Network Connections (Windows) Sraring Windows BB Adapter status Connection-specific DNS Suffix: Description: IBM USB Remote NDIS Network Device Physical Address: ‎00-11-22-33-44-55 DHCP Enabled: No IPv4 Address: 172.16.64.64 IPv4 Subnet Mask: 255.255.255.0 IPv4 Default Gateway: IPv4 DNS Server: IPv4 WINS Server: NetBIOS over Tcpip Enabled: Yes PING From windows ping 172.16.64.1 Pinging 172.16.64.1 with 32 bytes of data: Reply from 172.16.64.1: bytes=32 time<1ms TTL=64 Reply from 172.16.64.1: bytes=32 time<1ms TTL=64 Reply from 172.16.64.1: bytes=32 time<1ms TTL=64 Reply from 172.16.64.1: bytes=32 time<1ms TTL=64 Ping statistics for 172.16.64.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms Ifconfig from BB whilst SSH root@bunny:~# ifconfig lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:8 errors:0 dropped:0 overruns:0 frame:0 TX packets:8 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:520 (520.0 B) TX bytes:520 (520.0 B) usb0 Link encap:Ethernet HWaddr 5a:00:00:5a:5a:00 inet addr:172.16.64.1 Bcast:172.16.64.255 Mask:255.255.255.0 inet6 addr: fe80::5800:ff:fe5a:5a00/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5308 errors:0 dropped:0 overruns:0 frame:0 TX packets:1021 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:812893 (793.8 KiB) TX bytes:144853 (141.4 KiB) Ping from BB SSH in. root@bunny:~# ping 172.16.64.64 PING 172.16.64.64 (172.16.64.64) 56(84) bytes of data. 64 bytes from 172.16.64.64: icmp_seq=1 ttl=128 time=0.714 ms 64 bytes from 172.16.64.64: icmp_seq=2 ttl=128 time=0.725 ms 64 bytes from 172.16.64.64: icmp_seq=3 ttl=128 time=0.725 ms 64 bytes from 172.16.64.64: icmp_seq=4 ttl=128 time=0.742 ms 64 bytes from 172.16.64.64: icmp_seq=5 ttl=128 time=0.728 ms ^C --- 172.16.64.64 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4005ms rtt min/avg/max/mdev = 0.714/0.726/0.742/0.035 ms root@bunny:~# Any insight or help will be greatly received.
  4. Ive tried on Win 7 with the same outcome. Ive just ran an nmap against .64 (first 200 ports) and got results. This has to be the Windows side.
  5. Thanks dbum, for taking the time to reply. Yeah, my settings exactly the same and have repeated it all again several times, no luck so far. Ive disabled I/Fs and then renabled... I can ping from SSH BB (172.16.64.1) to 172.16.64.64 and get a positive response. I can ping from windows to both .1 and same, get responses. obviously i am ssh ing via Putty. all settings as above the same. I did also set the IP of the BB on the windows side to .10 and then i do get a network showing up in the status. But with it set to .64 its shows in Windows Network Connections as an Unidentified network . However, its the same with .10 and .64 no internet. Seen a few similar posts and Windows 10 seems to be common. What version are you using?
  6. Hi All, I know this one seems to have been done to death on the forum but I am not sure what else to do. I have read all the posts that I can find on trying to get an internet connection on the BB. I have set, reset the different permutations with regards to RNDIS device, IPs, Drivers etc and get the same results. No internet. Ive tried on Windows 10, 8 and 7 and its the same. Ive tried deploying the payload to the different switches. Ive tried sharing the WiFi and Ethernet connections on the laptop. Okay, so I have updated the firmware to the latest. Storage and HID are fine. The payload is the simple ATTACKMODE RNDIS_ETHERNET. internet sharing is set on the laptop, IP address of BB is 172.16.64.1. IP address of windows side is 172.16.64.10 (have also tried 64). I have also tried disabling and enabling the lan devices as per some of the advice. I can Putty in both serial (arming mode) or SSL in on either the attack switches. When running ifconfig on the BB side, i get the expected 172.16.64.1 IP so all seems ok there. Ive set some LEDs to track the payload going through its motions but i get a red LED and no internet. Its the same for every configuration of the BB on all windows machines. This must be something so silly thats staring me in the face but for all the trees in the woods, i just cannot see it. Any help will be greatly appreciated.
×
×
  • Create New...