ChaoticSecurity Posted March 6, 2017 Posted March 6, 2017 Hey y'all, any suggestions on how to get device drivers to load on Windows 7 for the CDC Serial? I've tried re-scanning and keep getting the same result. I've verified that my Device Installation Settings are set to "Download Drivers from Windows Update if not found Locally". Quote
ChaoticSecurity Posted March 6, 2017 Author Posted March 6, 2017 Multiple Windows 7 64-bit systems ... all with similar results. BashBunny is in Arming Mode for all these tests and plugged into a USB2 port. Quote
Cpt.Pickles Posted March 6, 2017 Posted March 6, 2017 It almost looks like the same issue with Windows 10 not liking two attackmodes (ATTACKMODE STORAGE RNDIS_ETHERNET). Do you mind changing the payload in switch1 to just ATTACKMODE SERIAL? If the driver loads you can then ssh into the device and make changes by mounting the file path. Also in device manager what is the driver that is attempting to be loaded it should still show I believe. I will not be able to test with you as I do not have a Win7 host but this might confirm my suspicion. Quote
ChaoticSecurity Posted March 6, 2017 Author Posted March 6, 2017 Ok, updated the payload.txt in switch1 as follows: Detached the device and changed the switch from arming mode to switch1 then plugged it back in ... got the following error: Then opened the device manager and took this shot: Here is another panel from device manager ... I've clicked on "Driver Details": Quote
Cpt.Pickles Posted March 6, 2017 Posted March 6, 2017 it looks like its loading the wrong VIP/PID combo... was the switch moved? That is the VID/PID I would expect from Switch position 30xF000/0xFF11 <-- is the expected VID/PID combo... Quote
ChaoticSecurity Posted March 6, 2017 Author Posted March 6, 2017 Yep, your right ... I must have got my screenshots mixed up ... I walked through the steps again ... same results, except the VID/PID now shows the results you described: So all the screenshots in my previous post are valid, including the Device Driver screenshot, except for the Hardware IDs screenshot which is corrected above. I thought I'd try updating the device driver manually by clicking on the update driver button, but got similar results: Quote
Cpt.Pickles Posted March 6, 2017 Posted March 6, 2017 I might be reaching the limits of what I can help with, as this might be a Win7 item... But I think Win10 only displays one hardware ID when loading serial, I will double check and report back later. I know this is not the identified issue but have you attempted switch2 or just RNDIS_ETHERNET in the payload? If RNDIS driver loads properly, attempt to ssh via methods described on the wiki for validation. Just trying to narrow down the scope of the issue. I hope someone else with Win7 can identify possible differences in the screenshots you have to a working configuration. Quote
moumoutaru Posted March 7, 2017 Posted March 7, 2017 @Cpt.Pickles Open Device Manager Right click on CDC Serial under 'Other devices' Left click 'Update Driver Software...' Left click 'Browse my computer for driver software' Left click 'Browse...' and select the drive letter of your BashBunny Left click 'Next'. Left click 'Install this driver software anyway' (If you get a Windows Security popup). Click 'Close' Profit At this point you should see 'Gadget Serial (COM#)' under 'Ports (COM & LPT). Let me know if that helps. Cheers. 1 1 Quote
Cpt.Pickles Posted March 7, 2017 Posted March 7, 2017 @moumoutaru Thanks but I am not the one having an issue, ChaoticSecurity is, hope that was all that was needed however. I was also mistaken, I do have two hardware IDs listed. Quote
moumoutaru Posted March 7, 2017 Posted March 7, 2017 oops! @ChaoticSecurity That was meant for you. I was having the same CDC serial issue and this did the trick for me. 1 Quote
ChaoticSecurity Posted March 7, 2017 Author Posted March 7, 2017 That did the trick! I didn't notice the driver inf file on the storage device. Thanks. Quote
edirob Posted March 10, 2017 Posted March 10, 2017 My Windows 7 box does not accept the missing driver signature. I might be able to bypass this by fudging with DEP, but why? Is there a serial driver that doesn't kak on the signature? I'm trying to imagine if hacking from Serial makes sense given that for some boxes like mine at least the driver won't load just be setting the switch... Quote
Kel Posted March 24, 2017 Posted March 24, 2017 I was able to install this driver. ATTACKMODE SERIAL Open Device Manager Right click on CDC Serial under 'Other devices' Left click 'Update Driver Software...' search on computer for driver ... Choose from a list... in the list pick : Linux Developer Community / Gadget serial (should be present if you have already connected to your bashBunny in arming mode) profit 1 Quote
skibo187 Posted August 4, 2017 Posted August 4, 2017 (edited) Can anybody put those drivers up in google drive or dropbox? Update: I plugged it in to a win 10 system pulled the files and were needed, went back to win 7 and updated the drivers. Edited August 5, 2017 by skibo187 Update Quote
PoSHMagiC0de Posted August 5, 2017 Posted August 5, 2017 On 3/6/2017 at 9:06 AM, Cpt.Pickles said: It almost looks like the same issue with Windows 10 not liking two attackmodes (ATTACKMODE STORAGE RNDIS_ETHERNET). Windows 10 can handle 2 attack modes. I use HID RNDIS_ETHERNET all the time, I just append on RNDIS_SPEED_10000 so Windows 10 uses the REAL network connection to the internet to use Windows update to get the new drivers. May have to do the same with your combo to get drivers. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.