Jump to content


Dedicated Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by chrizree

  1. What formatting process are you using?
  2. Then it's not an ACM but an AC. I would suggest to get one with a supported/preferred chipset (such as the ACM).
  3. No drivers should be needed. What's the output of lsusb? Is the ACM listed when it's attached?
  4. chrizree

    1.74 GB?

    As I said in the other post, is udisk mounted? Doesn't seem like that, which is correct behavior for the Mk2. Quoting the Docs: "By default in all switch positions the udisk is not mounted on the host (the Bash Bunny itself)." "The /root/udisk directory will appear blank unless `udisk mount` has been executed." It's all explained in the Docs https://docs.hak5.org/hc/en-us/articles/4402980129179-Bash-Bunny-Mark-II-Considerations
  5. chrizree

    1.74 GB?

    What's the output of df or df -h ? Is the udisk mounted? And, post Bunny questions in the Bunny section of the forum.
  6. Try it then. This is about the USB Rubber Ducky, not the Malduino W
  7. The scenario is still too vague. Can't help you sadly.
  8. Wow, did you already manage to get hold of a used Mk2 Bunny?! That's quite impressive since the first customers that ordered them just recently got hold of their brand new devices. However... to make your "systems" safe, you need to specify what your "systems" are. It's rather difficult to give any advise if it's a black box.
  9. If your customers doesn't have an infrastructure that is stuck in the stone age, they are already protected to attacks such as SSLStrip using modern browsers with HSTS implemented. Instead of targeting general web based traffic, I would probably go for assets such as production systems (or such). Such systems are more valuable to businesses and also probably less protected. It depends on the type of client of course. And, as always, make sure to have written permissions to conduct this kind of work.
  10. As an alternative to a USB "modem", it's possible to use a mobile USB router. I use my Huawei E5377 with the Mk7 connected via USB. If I remember correctly, the following packages are needed for that specific scenario: usb-modeswitch kmod-usb-net kmod-usb-net-cdc-ether However, it's easier to use the AP of the mobile router (or use the hotspot of my phone) instead of connecting cables.
  11. Method? OK, here's the "method"... 1) Visit https://shop.hak5.org/ 2) Scroll down to the bottom of the start page 3) Click "Contact" and a support form will open 4) Fill in the form 5) Submit the form 6) Support ticket is created Done!
  12. Not that I know of, but give it a try. I can't see why it wouldn't work considering that both the Bunny and the Turtle can use responder. Haven't seen one for the Squirrel though (if I remember it correctly), but that would probably work as well. I guess the "battle" will perhaps be around available storage on the Shark and get all the things on it that is needed.
  13. Don't open it, that will void any warranty. There's nothing to add in the case. I'd suggest opening a ticket at Hak5 support.
  14. You should plug the Bunny in a total of 4 times, but you say that you unplugged it 3 times which should be the same as long as you plug it in again after unplugging it the 3rd time. Not sure what your problem might be.
  15. I answered in the other thread you created
  16. In what way isn't the instruction working for the Mk2? It should be the same process as Mk1.
  17. I'd suggest you reset the Bunny and start over fresh. Then follow the instructions to the point to get the correct and intended versions of any dependency.
  18. In what way did you get Impacket onto the Bunny? Downloaded from Github as per the instructions in the post from the 4th of July or installed using deb package? Your log indicates an older version (0.9.16-dev) than the payload script expects (0.9.19).
  19. You could access the Croc using ssh without an internet connection available as long as you have a device that offers a LAN (including an AP to connect the Croc to). For example a Raspberry Pi with hostapd/dnsmasq. Small home routers like the GL.Inet "Mango" (or such) would of course work and are "mobile"/portable. Or a Pineapple if limiting the scope to Hak5 devices. The Croc runs Debian so at least in theory it could be possible to set up an AP, but I wouldn't put too much time into it to try to get it running. It's easier to just set up something that the Croc connects to instead using already existing functionality.
  20. I would suggest to use the product as intended. Connecting it to a mobile hotspot can be a good idea. Also using a Cloud C2 instance to interact with the Croc via a web interface and of course ssh as well, either locally or in C2.
  21. According to the docs it's the udisk (either internal or SD depending on what's used) that is presented to the "victim" device when using that specific mode. Why not try to get access to anything else from the "victim" side. It should be pretty obvious what's possible or not.
  22. Very good that someone remembered the password, if they just had been a bit quicker you would have saved yourself the work of creating a forum post about it
  23. That sounds kinda sus to me, like that dude/dudess a while ago that wanted to bypass corporate restrictions just to be able to work from some alternative place other than the one that he/she was allowed to work from... can't help you
  24. And you can't install software on that PC? Why is that?
  25. What OS is running on the computer?
  • Create New...