Saryon Posted March 30, 2017 Share Posted March 30, 2017 Hi, I just received my Bash Bunny a few days ago and I've been tinkering around with it. It seems, to me, to be quite buggy: - Windows does not recognise the RNDIS interface at all. Not on Windows 7, not on Windows 10. - On MacOS, the ethernet interface *sometimes* works, sometimes it doesn't. When it does work, *sometimes* it is possible to connect to the Bunny using, quite often, SSH doesn't start up even though FTP and other services are running. This even after a few minutes waiting. - The serial interface often conflicts with having network & storage together, resulting in nothing happening or giving only access to storage. (I did this by adding "SERIAL" to the standard payloads already on the Bunny) - Using the manuals found online for network sharing (MacOS Internet sharing through 172.16.64.64), I cannot access the internet from the Bunny, so I cannot update it. On Windows, that's entirely out of the question as Windows does not even recognise the RNDIS network device. Windows gives the following message on the RNDIS driver: The drivers for this device are not installed. (Code 28) There are no compatible drivers for this device. To find a driver for this device, click Update Driver. Quote Link to comment Share on other sites More sharing options...
Kel Posted March 30, 2017 Share Posted March 30, 2017 did you follow this guide first ? https://forums.hak5.org/index.php?/topic/40358-initial-config-of-bash-bunny/#comment-288056 Quote Link to comment Share on other sites More sharing options...
Saryon Posted March 30, 2017 Author Share Posted March 30, 2017 Hi Kel, I followed as much as I could. But, because of the problems I'm experiencing, I cannot do step 5 & whatever comes after because Windows doesn't recognise the Bunny and MacOS does not allow forwarding from 172.16.64.1 over 172.16.64.64 it seems. Not even with factory default payload.txt's. But the steps have nothing to do with the steps mentioned there as it's a hardware recognition issue. Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted March 30, 2017 Share Posted March 30, 2017 Sayon, RNDIS and Serial isn't immediately recognised by Windows. You need to set it up first. On the USB there should be a windows config file, which allows you to update the USB's driver (Serial and RNDIS) and instead of choosing 'Check online for driver' or 'Check windows update for driver' select 'Manually choose a driver' and select the BashBunny USB. That'll fix most of your problems. Also, if you want to use SERIAL and STORAGE don't use a payload to do it, just use Arming mode, which is made for that sort of thing. Quote Link to comment Share on other sites More sharing options...
Saryon Posted March 31, 2017 Author Share Posted March 31, 2017 11 hours ago, Dave-ee Jones said: Sayon, RNDIS and Serial isn't immediately recognised by Windows. You need to set it up first. On the USB there should be a windows config file, which allows you to update the USB's driver (Serial and RNDIS) and instead of choosing 'Check online for driver' or 'Check windows update for driver' select 'Manually choose a driver' and select the BashBunny USB. That'll fix most of your problems. Also, if you want to use SERIAL and STORAGE don't use a payload to do it, just use Arming mode, which is made for that sort of thing. Thanks @Dave-ee Jones, for the response. Sadly, this means that the Bunny will not run out-of-the-box as an ethernet device. And, when attacking random systems, that means that the Bunny will not work as advertised and renders it essentially useless except as a Ducky-with-storage device. And the reason I had SERIAL, STORAGE and RNDIS_NETWORK configured was so I can debug why I could not get the networking part to work on MacOS. I didn't want to arm it (add extra functionality), I wanted it to work over the network and without serial, I couldn't connect to it as SSH didn't start up. Quote Link to comment Share on other sites More sharing options...
apogee Posted March 31, 2017 Share Posted March 31, 2017 Are you by chance using the short USB cable that came with the Bashbunny? I find it to intermittent at best with the cable. Plugged-in directly, the unit is solid. - John Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted April 1, 2017 Share Posted April 1, 2017 4 hours ago, apogee said: Are you by chance using the short USB cable that came with the Bashbunny? I find it to intermittent at best with the cable. Plugged-in directly, the unit is solid. - John I have that same issue. OTG cables seem fine most of the time, but are a bit fiddly too. Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted April 1, 2017 Share Posted April 1, 2017 16 hours ago, Saryon said: Thanks @Dave-ee Jones, for the response. Sadly, this means that the Bunny will not run out-of-the-box as an ethernet device. And, when attacking random systems, that means that the Bunny will not work as advertised and renders it essentially useless except as a Ducky-with-storage device. And the reason I had SERIAL, STORAGE and RNDIS_NETWORK configured was so I can debug why I could not get the networking part to work on MacOS. I didn't want to arm it (add extra functionality), I wanted it to work over the network and without serial, I couldn't connect to it as SSH didn't start up. Well, if that were the case, what would be the point of it having an Ethernet adapter attackmode? Think about it logically, it would be useless as a pentesting tool if it couldn't even auto configure it's drivers. I've found that it works fine on any other Windows computer after you have set the drivers on the first computer, probably because it sets up the driver on the USB and Windows reads it and goes, "Oh, you have drivers on you! Great! Lemme just install them.." You have to think logically, don't just go "pfft, this thing is useless if I have to set it up on every PC I use it on!" Yes, it would be, but guess what? It isn't! :D Quote Link to comment Share on other sites More sharing options...
Saryon Posted April 1, 2017 Author Share Posted April 1, 2017 8 hours ago, apogee said: Are you by chance using the short USB cable that came with the Bashbunny? I find it to intermittent at best with the cable. Plugged-in directly, the unit is solid. - John Hi Apogee, I have tried with and without the USB cable. No significant difference... 3 hours ago, Dave-ee Jones said: Well, if that were the case, what would be the point of it having an Ethernet adapter attackmode? Think about it logically, it would be useless as a pentesting tool if it couldn't even auto configure it's drivers. I've found that it works fine on any other Windows computer after you have set the drivers on the first computer, probably because it sets up the driver on the USB and Windows reads it and goes, "Oh, you have drivers on you! Great! Lemme just install them.." You have to think logically, don't just go "pfft, this thing is useless if I have to set it up on every PC I use it on!" Yes, it would be, but guess what? It isn't! :D I have tried it on a third Windows machine now, again, the same: the RNDIS driver is not installed. I have manually installed the SERIAL drivers from the USB drive (for each switch-setting, I had to install the drivers again) but the RNDIS driver I cannot install because it does not have the driver on the USB and searching for it online causes Windows to say that it cannot find the drivers. So yeah, I am thinking logically. I am just hitting dead-ends because of lack of driver support. Quote Link to comment Share on other sites More sharing options...
Mr.Pupp3T Posted April 1, 2017 Share Posted April 1, 2017 Personally, boss, I prefer to use the BB on Kali Linux or any Linux box for that matter. So just install kali on an USB stick and boot from it, and everything should be okay from there on out. Quote Link to comment Share on other sites More sharing options...
Saryon Posted April 1, 2017 Author Share Posted April 1, 2017 ok......i really don't understand the replies...one says 'install the drivers on one pc and it will work on all' where installing on one pc is already the problem and it's not logical that the bunny will then run on all others after this. and the next says to use the bunny on kali when 99.99% of the attack surface is windows... guys, how can i get the bunny to run on Windows if Windows (2x 7, 1x 10, fully updated) both don't support the ethernet rndis driver? the whole idea is that i don't need a driver to run the bunny because most of the time to do that, (at least local) admin rights are needed and i have yet to see any company using local admin for all users. Quote Link to comment Share on other sites More sharing options...
bored369 Posted April 1, 2017 Share Posted April 1, 2017 The Bash Bunny is essentially a highly configurable linux system on a USB stick with a couple switches to perform pre-defined operation at boot. Almost every USB device I've ever plugged has required a driver to be installed, most of the Windows systems out there are set to automatically search Windows Updates and install a driver. Unless the USB device has already been installed on the system. This process does not require administrative rights and will even install at a Windows Lock Screen (didn't test if it would work at the login screen (where no users are currently signed in), but it probably will). I just tested those on a blank Windows 10 system logged in as a standard user. The driver install popped up and recognized the Ethernet device and installed the driver as expected. Let's say it doesn't work that way for you (each system is different), from that point you would need to perform more setup and configuration based off your research of the target in question. This is where the Bash Bunny really shines IMO. Since it is a highly configurable linux system, there's very little that you can't change about it to suit your intended purpose. Like changing the VID/PID of the device to a known already installed usb ethernet device or trying a different attack vector. You need to know things like are the users running as administrator or which ones do specifically (those normally would be your focus the majority of the time anyway i would assume), what security features are enabled (things like disabling usb or the recent usb canary tool out there, firewalls and how they are configured, or static IPs/domain names/dns stuff). In the end though like all tools of any trade you have to know more than just how to plug it in and turn it on to use it efficiently and wisely. Your not going to be able to just pick a payload and then expect it work in all the situations out there. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.