seamus Posted March 18, 2017 Posted March 18, 2017 First off, thank you for creating such a remarkable device! I haven't stopped playing with this since it arrived yesterday afternoon. :) I have a USB keylogger from KeeLog.com and I either forgot the password or else there is something wrong with the unit. It's been a few years since I last played with it so I don't know what its issue is wrt the keyboard sequence. The way it works is that it passes though your keyboard to the host computer while logging the input. If you simultaneously press the secret keys, it will register the keylogger as a storage device. By default the secret keyboard sequence is KBS. Now these keys need to be pressed simultaneously and not one after the other. Therefore "QUACK STRING KBS" wont' work. I copied a snippit of the Ducky script for my purposes to being able to send raw keyboard sequences. Here is a script I named "K" to send these raw sequences: #!/usr/bin/env python import sys def hidg_write(elements): values = bytearray(elements) not_hold = bytearray([0, 0, 0, 0, 0, 0, 0, 0]) hidg = open("/dev/hidg0", "wb") hidg.write(values) hidg.write(not_hold) hidg.close() elements = sys.argv[1:] elements = [int(i, 16) for i in elements] hidg_write(elements) I then created the following NodeJS application to return every keyboard combination/ The output is a valid payload.txt. The "Combinatorics.bigCombination" returns a sequence that doesn't repeat. Therefore there would only be a entry for "KBS" and not for "SBK" or "KSB", etc. var Combinatorics = require('js-combinatorics'); console.log("source bunny_helpers.sh"); console.log("ATTACKMODE HID"); console.log("LED R"); console.log("QUACK DELAY 5000"); console.log("LED B 200"); var cmb, a; cmb = Combinatorics.bigCombination(["04", "05", "06", "07", "08", "09", "0a", "0b", "0c", "0d", "0e", "0f", "10", "11", "12", "13", "14", "15", "16", "17", "18", "19", "1a", "1b", "1c", "1d"], 3); while(a = cmb.next()) { console.log("K 00 00 " + a.join(" ") + " 00 00 00"); console.log("Q DELAY 500"); console.log("Q ENTER"); } console.log("LED G"); Connected to my keylogger, powered up the BashBunny to my attack switch, opened up a text editor to collect all of the key sequences... and while it went through each combination and correctly typed it into my editor... it didn't unlock the keylogger. :( While I'll continue with inserting additional delays, random keys, etc... I'm throwing this out here in hopes that someone may be able to see why this won't open up my keylogger. Thanks! Quote
Darren Kitchen Posted March 18, 2017 Posted March 18, 2017 Very cool! I don't have one of my own to test with, just wanted to say this sounds really neat :) Quote
Freibuis Posted April 3, 2017 Posted April 3, 2017 @Darren Kitchen whats the chances of adding a usb/HID passthrough to the bash bunny so it could also do key keyboard key logging ? I think this would be perfect to add this option in to make it multipurpose Quote
quack Posted April 3, 2017 Posted April 3, 2017 a second usb (host) port would be great for sure Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.