Problex Posted March 9, 2017 Share Posted March 9, 2017 I plan to connect a battery to my bash bunny when I receive it. Hoping that this will keep the bash bunny running before plugging the device into a target to speed up attacks. Any reason why this wouldn't work? Quote Link to comment Share on other sites More sharing options...
WatskeBart Posted March 9, 2017 Share Posted March 9, 2017 What kind of attacks are you thinking about? The device when powered runs a full debain distro, so it don't see any problem running things when powered by a battery. 1 Quote Link to comment Share on other sites More sharing options...
moumoutaru Posted March 9, 2017 Share Posted March 9, 2017 @Problex Darren mentioned the possibility and desire to work on the boot time. 1 Quote Link to comment Share on other sites More sharing options...
rynojvr Posted March 9, 2017 Share Posted March 9, 2017 Having played with the Bash Bunny, I can say that the boot-up time is SERIOUSLY impressive. It's also worth considering that when you specify "ATTACKMODE RNDIS_ETHERNET", and the like, "ATTACKMODE" is kept as an executable on the BB itself, and IIRC is just a bash script itself. Part of what it does when you select one of the ETHERNET modes is create an authoritative DHCP server, register as the specified device, and wait to ensure the target successfully takes out a lease. I'll attempt to verify what happens if the statement times out (Can't remember if the payload errors, or if it just times out no-worries-mate-I-got-ya-style and keeps going). In situations like this, there may be some additional care to be taken. However, if you could start a payload on the BB using a battery, and if there were some directive like "WAIT_FOR_INSERT"... You might be able to offload the startup of a larger attack/server/payload/db/whathaveyou. Definitely interested to see what you come up with. Who knows, might be a selling feature in BB2.0 :) 1 Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted March 9, 2017 Share Posted March 9, 2017 Wow. That's some innovative thinking. I take it your idea is about "priming" the Bash Bunny with juice to boot so that when it's finally inserted into the target - it's already alive and kicking - ready to take names... Yeah - that seems pretty wicked. I could imagine a USB Y cable and a payload which monitors "dmesg" before launching. 1 Quote Link to comment Share on other sites More sharing options...
incendiarySolution Posted March 9, 2017 Share Posted March 9, 2017 Sounds like a good use for a supercap or a microlipo. 3 Quote Link to comment Share on other sites More sharing options...
CuppaTea Posted March 9, 2017 Share Posted March 9, 2017 17 minutes ago, incendiarySolution said: Sounds like a good use for a supercap or a microlipo. And a small USB Micro charge/run socket would also be helpful. I'm still waiting for my Bunnies to arrive; does anyone know how hackable the hardware is? Quote Link to comment Share on other sites More sharing options...
incendiarySolution Posted March 9, 2017 Share Posted March 9, 2017 Aside from the warranty and whatever, there are test pins rather than pinouts. It might be a little more pricey to build using pogo pins, or ugly to solder, but there's definately some potential there. Quote Link to comment Share on other sites More sharing options...
Problex Posted March 9, 2017 Author Share Posted March 9, 2017 Having the device already booted up was what I was getting at, just as Darren said. @incendiarySolution yes a small lipo like the ones you get in the micro quadcopters would be enough to just power it up when your getting close to the target pc. Maybe even attach the bash bunny to the quadcopter for ranged attacks! Quote Link to comment Share on other sites More sharing options...
Graph-X Posted March 10, 2017 Share Posted March 10, 2017 How big (thick) is the board itself? If it's thin enough, it might be able to attach to say an e-cigarette battery. With some creative soldering, a box mod could be converted into a stealth bunny. I originally had the idea to do this with a pi0 with poison tap, but the bunny seems like an excellent candidate as well. Quote Link to comment Share on other sites More sharing options...
rynojvr Posted March 10, 2017 Share Posted March 10, 2017 As a side-note, the battery should be able to charged from the target's machine. :) Then some sort of external switch to turn the BB "on" when needed so as to preserve that oh-so-precious charge. 1 Quote Link to comment Share on other sites More sharing options...
CuppaTea Posted March 10, 2017 Share Posted March 10, 2017 I've been reading a few manufacturer's data sheets and it seems that this could be done very easily with a USB keylogger style box with a USB plug on one end, a USB socket on the other and a battery pack input. Depending on how you wired the battery connection, you could have it charged from the host you're attacking, but you may hit the USB current supply limit (without drivers) so using an external power pack (such as a Juice) may make more sense. Quote Link to comment Share on other sites More sharing options...
anode Posted March 10, 2017 Share Posted March 10, 2017 This was one of my first thoughts. I was thinking just a coin cell battery to boot it, then plug in/attack. Doesn't need to run it for long. But for v2.0, how about a usb port out the back for battery, wifi, ethernet, etc? And the battery could/should be pass through. Quote Link to comment Share on other sites More sharing options...
CuppaTea Posted March 10, 2017 Share Posted March 10, 2017 To use the battery as a failover device, and charge it when not in use, you just need a couple of diode and resister. A voltage regulator is also a good idea. The only concern I'd have with a small battery is finding one which can provide the required power but if it's possible to find one which could be built in without making the case bigger, it would allow the Bunny to be used in plenty of other attack scenarios. Quote Link to comment Share on other sites More sharing options...
whizdumb Posted March 11, 2017 Share Posted March 11, 2017 (edited) I had this exact thought about running off a battery.. I coin it the Energizer Bunny! I had also thought that maybe there were some sort of Scripts that could run in standalone, post-exfiltration. Things like running hashes against smaller wordlists or something to speed up credential hacking. Don't really know if the BB is powerful enough for that but it's worth looking into. Edited March 11, 2017 by whizdumb 2 Quote Link to comment Share on other sites More sharing options...
anode Posted March 11, 2017 Share Posted March 11, 2017 18 hours ago, CuppaTea said: To use the battery as a failover device, and charge it when not in use, you just need a couple of diode and resister. A voltage regulator is also a good idea. The only concern I'd have with a small battery is finding one which can provide the required power but if it's possible to find one which could be built in without making the case bigger, it would allow the Bunny to be used in plenty of other attack scenarios. Not if lipo. They need special charging. Plenty of chips out there that do it. Quote Link to comment Share on other sites More sharing options...
PurifierPhoenix Posted March 12, 2017 Share Posted March 12, 2017 great minds think alike :D I justed posted on yt. Wish I had several of them lol :) Quote Purifier Phoenix The Mecca6 days ago dude! could we possibly solder sometype of battery that holds its charge for like 5 minutes as to have the thing pre-booted when we connect it? hmmmmmmmmmm I wish I had a disposable as I would make that shit a possibility. Quote Link to comment Share on other sites More sharing options...
ziplock Posted March 12, 2017 Share Posted March 12, 2017 I'm making a usb splitter cable, bunny plugs into the female side. One male side has wires 2 and 3 (data, white and green) to plug into target, another male side has wires 1 and 4 (power, red and black) going to my Anker battery. Clumsy but workable, idea could also be adapted for other external battery types.... Quote Link to comment Share on other sites More sharing options...
snowc Posted March 13, 2017 Share Posted March 13, 2017 (edited) Here's the easy way to do this, no cable mods required Parts: - Micro USB Host OTG Cable with USB Power - Adapter for target device - USB battery pack (or just your phone if it can output enough juice ~500 mA) Edit: This is kind of cool too: https://www.amazon.com/PLAY-STORE-Charge-Durable-Material-Standsrd-Android-White/dp/B017X2BOWA/ Edited March 15, 2017 by snowc Pic 1 Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted March 13, 2017 Share Posted March 13, 2017 28 minutes ago, snowc said: Here's the easy way to do this, no cable mods required Parts: - Micro USB Host OTG Cable with USB Power - Adapter for target device - USB battery pack Edit: This is kind of cool too: https://www.amazon.com/PLAY-STORE-Charge-Durable-Material-Standsrd-Android-White/dp/B017X2BOWA/. A phone/tablet won't be enough to power the Bash Bunny over OTG but plugged into a battery, definitely This is what I have tried and so far find is the best solution. My phone (Nexus 6p) does however provide enough power to the Bunny, so I do not need to include a battery. 1 Quote Link to comment Share on other sites More sharing options...
snowc Posted March 13, 2017 Share Posted March 13, 2017 3 minutes ago, Sebkinne said: This is what I have tried and so far find is the best solution. My phone (Nexus 6p) does however provide enough power to the Bunny, so I do not need to include a battery. So with just a phone and this cable you can have a pre-powered bunny. Pretty slick... Quote Link to comment Share on other sites More sharing options...
ziplock Posted March 15, 2017 Share Posted March 15, 2017 Has anyone actually tested this with success? I now have this cable and can power up the BB with it, but the payloads fail. If I use the cable without connecting the power supply it boots from the target-provided power and everything works, just as if I didn't use the cable at all. Quote Link to comment Share on other sites More sharing options...
ziplock Posted March 15, 2017 Share Posted March 15, 2017 perhaps it's a pebkac issue, further testing in progress Quote Link to comment Share on other sites More sharing options...
snowc Posted March 15, 2017 Share Posted March 15, 2017 55 minutes ago, zippy said: Has anyone actually tested this with success? I now have this cable and can power up the BB with it, but the payloads fail. If I use the cable without connecting the power supply it boots from the target-provided power and everything works, just as if I didn't use the cable at all. Many battery packs have smart functionality built in like QuickCharge, which I'm guessing uses the data pins. My guess is those data pins are being engaged and not available to the host when you plug in. Might try a cheapo cable that only does power... or snip the data lines from the battery. Uncharted territory... Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted March 15, 2017 Share Posted March 15, 2017 52 minutes ago, snowc said: Many battery packs have smart functionality built in like QuickCharge, which I'm guessing uses the data pins. My guess is those data pins are being engaged and not available to the host when you plug in. Might try a cheapo cable that only does power... or snip the data lines from the battery. Uncharted territory... I use a cable that simply has the data lines snipped on the power end. That end I can plug into a battery or my phone (with an otg adapter) and the other into a machine. Works great, as long as the payload isn't hid. Then you'd need to trigger it somehow first. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.