Bash Bunny in UK

[faulkie]

Hello,

 

I'm wondering if anyone from the UK has been testing the bash bunny in the UK?  I have found a large portion of the example payloads to fail. If I start to dig they seem to fall around any PowerShell command or ducky script involving slashes.  As a ducky owner I did find that compiling with GB parameters did solve that problem, but moving forward on the bunny do we have a more general solution?  Of course I'm making a guess that this is localized to the UK based on no one else mentioning. I've not added samples or examples at this point unless ask as the issue seems to widespread.

[CyberML]

Hi. I have the same problem in austria.

 

[jjd]

possibly the same issue in Canada? although my pc language is set to US

is this what you guys are experiencing?

[Blix]

 

Possible problem: since the HID mode emulates a physical keyboard with 101 keys (US ANSI standard) and many other countries have the 102 keys ISO standard, it is not only a matter of changing the keyboard mapping. 

This may be a global problem, Hak5 can you respond with advice?

It may be unsolvable?

/Blix

[Sebkinne]

It is solvable by selecting a different language. Please search these forums, there are already guides on how to do this. In the next firmware upgrade, we will make this process a lot easier.

[Blix]

I am a client of yours, thank you for this support.

But these guides you are referring to collectively say that certain characters (that are always needed  in the scripts) can not be generated for non US target systems. 

Have I misunderstood this? 

The only partial solution I have seen works only for windows and that takes time and involves setting the target system language to US and then back. There is no solution for OS X, and the one for windows is not optimal.

Can you confirm what you are stating above that we can just change language and these new maps can generate all characters? 

/Blix

[Sebkinne]

56 minutes ago, Blix said:

I am a client of yours, thank you for this support.

But these guides you are referring to collectively say that certain characters (that are always needed  in the scripts) can not be generated for non US target systems. 

Have I misunderstood this? 

The only partial solution I have seen works only for windows and that takes time and involves setting the target system language to US and then back. There is no solution for OS X, and the one for windows is not optimal.

Can you confirm what you are stating above that we can just change language and these new maps can generate all characters? 

/Blix

Yes, you can remap the language files. We'll let you know more in the next couple of days.

[Xuneneko]

looking forward to this. For some reason i simply cant get the bunny to work with german keyboards layout

[Blix]

We really need a fast and good solution to the language and keyboards compatibility problem.

[Blix]

On ‎2017‎-‎03‎-‎29 at 8:05 AM, Sebkinne said:

Yes, you can remap the language files. We'll let you know more in the next couple of days.

Hi, is there an ETA on the new language support mentioned here? What will become more clear on a few Days?

[faulkie]

I see some language bunny updates have been added;-). I did have a temp fix that I put in replacing the us.json so ill take a look at these tonight and have a play ;-)

[Razor303.jc]

Hi, I've just got my bash bunny (Delivered 02-07-2019 ish....) been messing around with the little 👾 on and off  for a few days now, not online yet but can ssh in, updated the firmware to  16 beta having great fun with HID on my Linux box using i3wm automating stuff...

Now on a mission to get bash bunny's internet working so I can apt update, apt install, knock out code & git clone my little head off...

Any help getting bash bunny up and running much appreciated  

🤔 What to do next......

root@bunny:~# ping -q -c 1 -W 1 8.8.8.8             
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.

--- 8.8.8.8 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

root@bunny:~# ping -q -c 1 -W 1 google.com
ping: unknown host google.com


root@bunny:~# case "$(curl -s --max-time 2 -I http://google.com | sed 's/^[^ ]*  *\([0-9]\).*/\1/; 1q')" in
>   [23]) echo "HTTP connectivity is up";;
>   5) echo "The web proxy won't let us through";;
>   *) echo "The network is down or very slow";;
> esac
The network is down or very slow

root@bunny:~# ip -s link show usb0
7: usb0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 5a:00:00:5a:5a:00 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    63771      790      0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    64700      687      0       0       0       0 
    
 root@bunny:~# ifconfig
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:156 errors:0 dropped:0 overruns:0 frame:0
          TX packets:156 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:14488 (14.1 KiB)  TX bytes:14488 (14.1 KiB)

usb0      Link encap:Ethernet  HWaddr 5a:00:00:5a:5a:00  
          inet addr:172.16.64.1  Bcast:172.16.64.255  Mask:255.255.255.0
          inet6 addr: fe80::5800:ff:fe5a:5a00/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:823 errors:0 dropped:0 overruns:0 frame:0
          TX packets:717 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:65931 (64.3 KiB)  TX bytes:67638 (66.0 KiB)
   

[GuitarGuy]

On 7/6/2019 at 11:26 AM, Razor303.jc said:

Hi, I've just got my bash bunny (Delivered 02-07-2019 ish....) been messing around with the little 👾 on and off  for a few days now, not online yet but can ssh in, updated the firmware to  16 beta having great fun with HID on my Linux box using i3wm automating stuff...

Now on a mission to get bash bunny's internet working so I can apt update, apt install, knock out code & git clone my little head off...

Any help getting bash bunny up and running much appreciated  

🤔 What to do next......

root@bunny:~# ping -q -c 1 -W 1 8.8.8.8             
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.

--- 8.8.8.8 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

root@bunny:~# ping -q -c 1 -W 1 google.com
ping: unknown host google.com


root@bunny:~# case "$(curl -s --max-time 2 -I http://google.com | sed 's/^[^ ]*  *\([0-9]\).*/\1/; 1q')" in
>   [23]) echo "HTTP connectivity is up";;
>   5) echo "The web proxy won't let us through";;
>   *) echo "The network is down or very slow";;
> esac
The network is down or very slow

root@bunny:~# ip -s link show usb0
7: usb0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 5a:00:00:5a:5a:00 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    63771      790      0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    64700      687      0       0       0       0 
    
 root@bunny:~# ifconfig
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:156 errors:0 dropped:0 overruns:0 frame:0
          TX packets:156 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:14488 (14.1 KiB)  TX bytes:14488 (14.1 KiB)

usb0      Link encap:Ethernet  HWaddr 5a:00:00:5a:5a:00  
          inet addr:172.16.64.1  Bcast:172.16.64.255  Mask:255.255.255.0
          inet6 addr: fe80::5800:ff:fe5a:5a00/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:823 errors:0 dropped:0 overruns:0 frame:0
          TX packets:717 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:65931 (64.3 KiB)  TX bytes:67638 (66.0 KiB)
   

 

Im having this exact same issue! Hak5 PLEASE help. i also posted a github help request in bashbunny-payloads

[Irukandji]

1 hour ago, GuitarGuy said:

Im having this exact same issue! Hak5 PLEASE help. i also posted a github help request in bashbunny-payloads

I don't know if it's the same issue...

https://github.com/hak5/bashbunny-payloads/issues/425

I don't know if they where running kali linux...

[chrizree]

GuitarGuy has written both posts (here and GitHub)

[chrizree]

This works for me...

With no Bash Bunny plugged in, run bb.sh
sudo bash ./bb.sh or just sudo ./bb.sh 
(sudo not needed on Kali if you run as "in the old days", i.e. default to use root all the time)

Run the setup if it hasn't been run on the particular PC before
[G]uided setup (recommended)

Plug in the Bash Bunny in step 3

After the setup is done, unplug the Bunny and run bb.sh again

Then select (this is most likely the step that you have missed doing)
[C]onnect using saved settings

Plug the Bunny in

You will get the "Cloud>PC>Bunny" Ascii art after a short while which tells that you are ready to go

Now ssh into the Bunny

Try to ping (1.1.1.1 or www.google.com), networking/internet access from the Bunny should now work

---

Note that the bb.sh script "messes up" your iptables rules that most likely makes it impossible to access the internet (or network) from the PC after the Bash Bunny session has ended. BE SURE that you know what you are doing if you have other "non default" iptables rules configured! The rules that are added is viewable in the bb.sh script. Just search for iptables in the script file and you will find them all.

To mitigate this, you need to delete the iptables rules that bb.sh has added. A reboot of the PC should do the job as well, but perhaps you want to use the PC without rebooting after the Bunny session has finished.

Run the following to get the rule line number (you may need to disable networking)
sudo iptables -L FORWARD --line-numbers

Identify the line number for the rule that is about to be deleted and then delete the rule, for example, use the below command if the rule has number 1
sudo iptables -D FORWARD 1
(do the above twice since bb.sh adds 2 forwarding rules)

Also delete the postrouting nat rule that bb.sh adds
sudo iptables -t nat -v -L POSTROUTING -n --line-number
sudo iptables -t nat -D POSTROUTING <rule number>
 

[GuitarGuy]

3 hours ago, chrizree said:

This works for me...

With no Bash Bunny plugged in, run bb.sh
sudo bash ./bb.sh or just sudo ./bb.sh 
(sudo not needed on Kali if you run as "in the old days", i.e. default to use root all the time)

Run the setup if it hasn't been run on the particular PC before
[G]uided setup (recommended)

Plug in the Bash Bunny in step 3

After the setup is done, unplug the Bunny and run bb.sh again

Then select (this is most likely the step that you have missed doing)
[C]onnect using saved settings

Plug the Bunny in

You will get the "Cloud>PC>Bunny" Ascii art after a short while which tells that you are ready to go

Now ssh into the Bunny

Try to ping (1.1.1.1 or www.google.com), networking/internet access from the Bunny should now work

---

Note that the bb.sh script "messes up" your iptables rules that most likely makes it impossible to access the internet (or network) from the PC after the Bash Bunny session has ended. BE SURE that you know what you are doing if you have other "non default" iptables rules configured! The rules that are added is viewable in the bb.sh script. Just search for iptables in the script file and you will find them all.

To mitigate this, you need to delete the iptables rules that bb.sh has added. A reboot of the PC should do the job as well, but perhaps you want to use the PC without rebooting after the Bunny session has finished.

Run the following to get the rule line number (you may need to disable networking)
sudo iptables -L FORWARD --line-numbers

Identify the line number for the rule that is about to be deleted and then delete the rule, for example, use the below command if the rule has number 1
sudo iptables -D FORWARD 1
(do the above twice since bb.sh adds 2 forwarding rules)

Also delete the postrouting nat rule that bb.sh adds
sudo iptables -t nat -v -L POSTROUTING -n --line-number
sudo iptables -t nat -D POSTROUTING <rule number>
 

okay so i deleted all the rules added by the bb.sh script, i do have docker running however in iptables... tried the bb.sh script again... essentially regenerated the iptable rules. ssh'd into bash bunny, ping 1.1.1.1 and www.google.com and STILL nothing! and yes i did use the (C)onnect flag in the bb.sh both before and after... im genuinely baffled??

[GuitarGuy]

1 hour ago, GuitarGuy said:

okay so i deleted all the rules added by the bb.sh script, i do have docker running however in iptables... tried the bb.sh script again... essentially regenerated the iptable rules. ssh'd into bash bunny, ping 1.1.1.1 and www.google.com and STILL nothing! and yes i did use the (C)onnect flag in the bb.sh both before and after... im genuinely baffled??

heres a photo of the advanced network config

 

[chrizree]

If possible, I would suggest that you verify it all in a "clean" environment. I.e. in an OS installed in an ordinary fashion, no Docker container or virtual environment. Just to rule out the fact that there might be some problem with the Bunny itself. If that works, I would then start to hunt down issues in the Docker implementation.

[GuitarGuy]

6 hours ago, chrizree said:

If possible, I would suggest that you verify it all in a "clean" environment. I.e. in an OS installed in an ordinary fashion, no Docker container or virtual environment. Just to rule out the fact that there might be some problem with the Bunny itself. If that works, I would then start to hunt down issues in the Docker implementation.

i mean i really dont want to have to reinstall kali and all my other usermade tools again?!

[GuitarGuy]

i have another problem...yaaaay

i dual booted into windows and got an internet connection... trying to install the metasploit dependancies and get this ...

 

root@bunny:~# apt -y install screen autoconf bison build-essential curl git-core libapr1 libaprutil1 libcurl4-openssl-dev libgmp3-dev libpcap-dev libpq-dev libreadline6-dev libsqlite3-dev libssl-dev libsvn1 libtool libxml2 libxml2-dev libxslt-dev libyaml-dev locate ncurses-dev openssl wget xsel zlib1g zlib1g-dev ruby-dev
Reading package lists... Done
Building dependency tree
Reading state information... Done
Note, selecting 'libxslt1-dev' instead of 'libxslt-dev'
Note, selecting 'libncurses5-dev' instead of 'ncurses-dev'
curl is already the newest version.
libpcap-dev is already the newest version.
libxml2 is already the newest version.
libssl-dev is already the newest version.
libpq-dev is already the newest version.
screen is already the newest version.
libsqlite3-dev is already the newest version.
wget is already the newest version.
zlib1g is already the newest version.
zlib1g-dev is already the newest version.
ruby-dev is already the newest version.
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 libgmp3-dev : Depends: libgmp-dev (= 2:6.0.0+dfsg-6) but 2:6.1.2+dfsg-1 is to be installed
 libncurses5-dev : Depends: libtinfo5 (= 5.9+20140913-1+deb8u3) but 6.0+20161126-1+deb9u2 is to be installed
                   Depends: libncurses5 (= 5.9+20140913-1+deb8u3) but 6.0+20161126-1+deb9u2 is to be installed
                   Depends: libtinfo-dev (= 5.9+20140913-1+deb8u3) but it is not going to be installed
 libreadline6-dev : Depends: libtinfo-dev but it is not going to be installed
 libyaml-dev : Depends: libyaml-0-2 (= 0.1.6-3) but 0.1.7-2 is to be installed
E: Unable to correct problems, you have held broken packages.

[GuitarGuy]

nvm solved my problems

[kuyaya]

On 10/6/2020 at 12:56 AM, GuitarGuy said:

nvm solved my problems

great to hear 🎉