Search the Community
Showing results for tags 'ideas'.
Found 4 results
So I was thinking about making a "smarter" RFID cloner. Every time you cloned and RFID tag it would store it on a local database that could be accessed by a web interface. You could then select an RFID tag that you have snagged, and it would automatically switch the RFID card to that tag. You could store different tag groups, and select favorite tags, and the coolest part is if you don't know which tag goes to what "lock" you can set the card to cycle, and it would go through and try all the stored tags until it got to the right one. This would be super useful for someone like me who carries around 15 different RFID enabled cards. I could only carry around one and it would be much easier for me to get around. Does anyone have any ideas to add or input? (It needs a cool name, "RFID Narwhal" is the only suggestion I've gotten...
Hey! I have had some pretty interesting ideas floating around in my head for a while. Some of them I don't have the know-how to write them and others I just get side-tracked or just have too many ideas in my head. Not to mention there are some ideas you just forget about because it leads you on to another idea which goes on to another and another and you just lose control over all your ideas. So I thought, well, we should have a pinned forum post for these ideas/concepts/theories. I think it would be a good idea to have a more community-based look at payload theories and concepts, as all parties can benefit from it a lot more than just one party going "Ah, this would never work.." and giving up on it after trying for an hour or two (I've done this and come back to it a few months later realising it was entirely possible, I just didn't have the know-how). So, why not create a pinned forum post for Payload Theories and Concepts? I reckon it would be good. :) @Sebkinne @Darren Kitchen
With the HID drivers in the Bash Bunny, is there any way to read the status of the caps lock, num lock, and scroll lock keys? I ask because with a Teensy 3.2, the status of these keys can be read and it has some nice benefits for the type of HID attacks that can also be done with the Bunny. As in, I've programmed a Teensy to wait until the drivers are loaded before starting an HID attack. It does this by pressing num lock until it registers a status change. Another nice feature is that I have a way to send the Teensy feedback from Metasploit when a shell has been successfully created for the computer that is being attacked so that the Teensy will flash its LED. This would be a nice addition to the Bash Bunny. If anyone knows if these key statuses are accessible, let me know. I'm happy to try to get it working. I'll do some digging around myself as well. Link to my Teensy code is below. https://github.com/sn0wfa11/HID-Attacks - sn0wfa11, OSCP
HI Guys, This topic is not about a problem in bash bunny or something more than discussing future ideas to make the bash bunny more malicious. 1. What about installing Metasploit framework on the bunny and automatically launch it with aux/browser_autopwn with a proper payload and combining this scenario with captive_portal bunny payload, plug the bunny to a locked machine, the machine automatically launch the captive_portal which in fact is the browser_autopwn aux module link and take over the machine and the best part is "MACHINE IS LOCKED"! 2. If time is not relevant because this requires time, then we can NMAP the $Target_IP, Get all the opened ports, Pass it to metasploit for auto pwning per service/opened port. Just an ideas, Let me hear yours and Happy Bash Bunning....