Jump to content

PoisonTap on the Bunny


jhaddix
 Share

Recommended Posts

I finally got it connected to the shared network, Installed dsniff manually . ( i dont know why, found it easier) and unplugged it and re plugged it in and its just flashing blue at a high rate of speed. I went to http://nfl.com ( not https ) and nothing happens. I checked poison tap log and it says that it started but no cookies are being stored... I then attempted to set up the back end on my dc vps and I got a error. Idk what I'm doing wrong? anyone have any ideas or any ways I can fix this?

I went to the bunny tap github page and it says that blue is the "the bunny tap running", but my led light is not static blue but blinking, Other LED definitions have blinking......

Link to comment
Share on other sites

  • 3 years later...

Can anyone confirm that BunnyTap from the hak5 Github repo still works? the install.sh was broken so I followed the thread and manually installed dsniff. I also configured the backend on a separate machine and debugged all issues thus far, which seems irrelevant because it appears that the payload isn't even running on the bash bunny as it doesn't produce the "poisontap.cookies.log" file. when I run bunnytap I do get two audible windows notifications and after a few seconds the BashBunny will rapidly flash blue indefinitely though I'm not sure what that means and can't actually find reference in the code to explain it.. What can I reasonably expect from this without rebuilding the payload from scratch? Anybody's experience might help. 

Link to comment
Share on other sites

It has been a long while since I used this payload but I knew the gist of how it functioned.  Didn't bunnytap point to http version of sites in a list?  Back then, that was a thing before HSTS.  With HSTS if you are trying to get session keys/cookies of https sites with HSTS, you will fail through http because the browser will say it is an https site and refuse.  If you do go https then you will need to get your own CA cert trusted on the victim or for that user.  Then you can have the api on the bunny respond to names with a signed cert for it signed by a trusted CA and then the secrets will be revealed.  That maybe the issue why Bunnytap is not working anymore.

Just an idea.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...