lespacefish Posted March 14, 2017 Share Posted March 14, 2017 I don't have a bash bunny, and even if I did I don't know how to code for the various languages that may be needed, but I have an idea: You have what ever payload you want run as it does, but then afterwards you have the bunny force the machine to share its internet with it, so you can access the bash bunny on the network later (not taking it back after the payload executes). Obviously ssh wouldn't normally work since port forwarding wouldn't be set, but I am sure the creative and knowledgeable community you guys are know some tool (like teamviewer for terminal) to make an ssh like connection possible without port forwarding. This is just an idea, but looking at the possibilities that the bash bunny brings gives me hope for something like this to be possible. (If anyone can make this I would be very impressed). Quote Link to comment Share on other sites More sharing options...
GermanNoob Posted March 14, 2017 Share Posted March 14, 2017 @lespacefish To understand your Use Case: Why wouldn't you use a LanTurtle to get the shell? Quote Link to comment Share on other sites More sharing options...
lespacefish Posted March 14, 2017 Author Share Posted March 14, 2017 5 minutes ago, GermanNoob said: @lespacefish To understand your Use Case: Why wouldn't you use a LanTurtle to get the shell? That totally could be used, however I was thinking that this could all be done on one device. One less device to worry about getting found (of course if the cost is no issue). But yeah, this definitely is the job of the turtle, but was wondering if it could be done on the bunny. Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted March 14, 2017 Share Posted March 14, 2017 I actually started working on a program you can execute on a target machine (that does not require root/admin) that will be able to automatically share internet connection to the Bash Bunny. It's not a priority, yet, but it shouldn't take too many evenings to implement. 3 Quote Link to comment Share on other sites More sharing options...
lespacefish Posted March 14, 2017 Author Share Posted March 14, 2017 11 minutes ago, Sebkinne said: I actually started working on a program you can execute on a target machine (that does not require root/admin) that will be able to automatically share internet connection to the Bash Bunny. It's not a priority, yet, but it shouldn't take too many evenings to implement. That would be awesome! That functionality would definitely be something that would swing me in favor of getting a bash bunny. Running QUACK to use powershell to get the file and execute it would be a perfect way to get that (or maybe even storing it on the bunny itself, because we can do that now!). Quote Link to comment Share on other sites More sharing options...
theonewhoknocks Posted March 16, 2017 Share Posted March 16, 2017 On 3/14/2017 at 5:44 PM, Sebkinne said: I actually started working on a program you can execute on a target machine (that does not require root/admin) that will be able to automatically share internet connection to the Bash Bunny. It's not a priority, yet, but it shouldn't take too many evenings to implement. I was struggling with that same project. I found an ICS vbs script online, a netsh command for static IP, and threw together ducky script to bring up powershell for it all, but the frickin driver install messes it all up as it takes too long. No amount of pre-sleeping can help. I wanted it to work on virgin computers so I had to uninstall BB ether every time I try to run it. I can give you my script so far if you'd like to help. Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted March 16, 2017 Share Posted March 16, 2017 4 minutes ago, theonewhoknocks said: I was struggling with that same project. I found an ICS vbs script online, a netsh command for static IP, and threw together ducky script to bring up powershell for it all, but the frickin driver install messes it all up as it takes too long. No amount of pre-sleeping can help. I wanted it to work on virgin computers so I had to uninstall BB ether every time I try to run it. I can give you my script so far if you'd like to help. I'm working on something cross platform, but if you wanted to wait for the drivers to be installed, you can always have a loop that tries to ping the machine you are plugged into. Once the ping succeeds, you can continue with your script. That's the great advantage that the BB has over the Turtle or Ducky -- it's attacks are much more flexible and can be scripted to your hearts content. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.