datguy_dev Posted March 14, 2017 Share Posted March 14, 2017 Greetings, I just received the BashBunny in the mail, so please bare with me. I was just trying to get started, when I ran into problems trying to share an internet connection w/ Windows 10. If I use the default payload on switch 2, ATTACKMODE RNDIS_ETHERNET STORAGE, or vise versa, it refuses to pop up as an Ethernet device in Windows. Just RNDIS_ETHERNET works, but isn't that kind of a problem when it comes to saving loot? On a side note: " Many combinations of attack modes are possible, however some are not. For example, ATTACKMODE HID STORAGE ECM_ETHERNET is valid while ATTACKMODE RNDIS_ETHERNET ECM_ETHERNET STORAGE SERIAL is not." - http://wiki.bashbunny.com/#!index.md How do I know what is a proper attackmode combination? Quote Link to comment Share on other sites More sharing options...
datguy_dev Posted March 14, 2017 Author Share Posted March 14, 2017 Found: " Three of five attack modes may be executed simultaneously." and that doesn't work because RNDIS _ETHERNET & ECM_ETHERNET. Quote Link to comment Share on other sites More sharing options...
datguy_dev Posted March 15, 2017 Author Share Posted March 15, 2017 No one else has had this issue? Maybe I have the wrong idea, are you supposed to only use a single attackmode at a given time? Quote Link to comment Share on other sites More sharing options...
qdba Posted March 15, 2017 Share Posted March 15, 2017 At the moment if you have ATTACKMODE RNDIS_ETHERNET STORAGE or ATTACKMODE RNDIS_ETHERNET HID the RNDIS Driver must be installed manually in windows. So this Combination is not really easy useable for attack vectors. My idea is ATTACKMODE HID ....... ......start some scripts on windows >>>> windows script wait for comming up the IP 172.16.64.1 ........ ATTACKMODE RNDIS_ETHERNET ...... ....... Script on windows detect the upcoming interface and go on with work ....... Theoretcally it schoud work 1 Quote Link to comment Share on other sites More sharing options...
datguy_dev Posted March 15, 2017 Author Share Posted March 15, 2017 2 hours ago, qdba said: At the moment if you have ATTACKMODE RNDIS_ETHERNET STORAGE or ATTACKMODE RNDIS_ETHERNET HID the RNDIS Driver must be installed manually in windows. *snip tically it should work Thanks for your reply. I just found your thread about this issue and it answered a lot of questions. ... That sucks for the time being huh? I remember watching hak5's bash bunny introduction video and Darren was combining attackmodes like it was nothing. [face palm] Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.