JBNZ Posted March 23, 2017 Share Posted March 23, 2017 I note from reading ATTACKMODE that the serialnumber the device presents is defined there, with a comment noting that changing the serialnumber requires reinstalling the RNDIS driver on Windows. Beyond this note, are there any technical limitations preventing a scripted approach to configuring the serialnumber? This would be useful as some USB whitelisting frameworks, such as USBGuard use a combination of name, serial, VID and PID to whitelist devices. It would be handy to preempt this method of blocking the Bash Bunny by having programatic access to these parameters. I'm keen to dig into it myself, but wanted to put feelers out as to whether anyone was aware of technical hurdles I may hit in the process 1 Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted March 23, 2017 Share Posted March 23, 2017 Will add this to the framework wish list 2 Quote Link to comment Share on other sites More sharing options...
JBNZ Posted March 30, 2017 Author Share Posted March 30, 2017 If anyone was wanting to experiment with this, just had a quick look and early indications are that this is fairly trivially achievable by modifying ATTACKMODE. I used the same format used for idProduct and idVendor to modify iSerialNumber and added SN_*) into the case statement which parses arguments. Now giving argument SN_DEADBEEF as argument to ATTACKMODE changes my device's serialnumber to that. Will report back if I run into failure cases on this. 1 Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted March 30, 2017 Share Posted March 30, 2017 34 minutes ago, JBNZ said: If anyone was wanting to experiment with this, just had a quick look and early indications are that this is fairly trivially achievable by modifying ATTACKMODE. I used the same format used for idProduct and idVendor to modify iSerialNumber and added SN_*) into the case statement which parses arguments. Now giving argument SN_DEADBEEF as argument to ATTACKMODE changes my device's serialnumber to that. Will report back if I run into failure cases on this. Neatly done. Although, people are rarely going to whitelist SN_DEADBEEF :P 1 Quote Link to comment Share on other sites More sharing options...
JBNZ Posted April 4, 2017 Author Share Posted April 4, 2017 (edited) After an embarrassing number of times breaking the insertion of the kernel module, resulting in losing serial access and having to force reset... I'm setting the manufacturer name with a line similar to the following in ATTACKMODE. I was getting thrown by nested quotes, but it seems like all of these are required to successfully pass an argument containing spaces to the module: mod_params="$mod_params iManufacturer='\"Test Words\"'" I think in future, I will surround any experimental code with a check for arming mode to ensure I don't break arming behaviour again. Edited April 4, 2017 by JBNZ Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted April 4, 2017 Share Posted April 4, 2017 I might still be able to roll this into the next firmware release, I'll see what I can do! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.