jjd Posted April 7, 2017 Share Posted April 7, 2017 I have tried on two systems both mac's and since 1.1 using ATTACKMODE ECM_ETHERNET the target does not get a dhcp ip it ends up with a self assigned. seems to work fine on windows systems with NRDIS. Can anyone else test and see if they get the same thing? Quote Link to comment Share on other sites More sharing options...
DavidDoherty Posted October 12, 2017 Share Posted October 12, 2017 Hi jjd Bit late to reply to this but I have been hunting issues with empty loot folders, so I have started utilising looger entries to see what is going on. When I run a payload such as quickcreds, which uses ATACKMODE RNDIS_ETHERNET, and look at the relevant syslog entries i see this: ay 7 22:00:34 bunny systemd[1]: Starting LSB: DHCP server... May 7 22:00:34 bunny dhcpd: Internet Systems Consortium DHCP Server 4.3.1 May 7 22:00:34 bunny dhcpd: Copyright 2004-2014 Internet Systems Consortium. May 7 22:00:34 bunny dhcpd: All rights reserved. May 7 22:00:34 bunny dhcpd: For info, please visit https://www.isc.org/software/dhcp/ May 7 22:00:34 bunny dhcpd: Internet Systems Consortium DHCP Server 4.3.1 May 7 22:00:34 bunny dhcpd: Copyright 2004-2014 Internet Systems Consortium. May 7 22:00:34 bunny dhcpd: All rights reserved. May 7 22:00:34 bunny dhcpd: For info, please visit https://www.isc.org/software/dhcp/ May 7 22:00:34 bunny dhcpd: Wrote 0 leases to leases file. May 7 22:00:34 bunny dhcpd: Server starting service. May 7 22:00:35 bunny kernel: [ 9.410145] CPU Budget: Temperature: 68 Limit state:0 item[1200000,4,-1,0 0] May 7 22:00:35 bunny kernel: [ 9.410187] [ddrfreq] temperature=68 C, ddr freq up May 7 22:00:37 bunny isc-dhcp-server[768]: Starting ISC DHCP server: dhcpd. May 7 22:00:37 bunny systemd[1]: Started LSB: DHCP server. May 7 22:00:37 bunny bunny_framework[225]: Starting isc-dhcp-server (via systemctl): isc-dhcp-server.service. May 7 22:00:43 bunny kernel: [ 18.040058] usb0: no IPv6 routers present May 7 22:00:58 bunny bunny_framework[225]: TARGET_IP = , TARGET_HOSTNAME = , HOST_IP = May 7 22:00:58 bunny logger: #################### end attackmode ####################################### Target IP, target host and host ip are all empty, therefore the check target ip, etc fails. Interesting to see the line: May 7 22:00:34 bunny dhcpd: Wrote 0 leases to leases file. It seems to me that the isc DHCP service isn't quite working. To be clear, this is a run from a reset bunny, updated with latest 1.3 firmware, with the tools installed. Any help would be greatly appreciated. regards David Quote Link to comment Share on other sites More sharing options...
DavidDoherty Posted October 12, 2017 Share Posted October 12, 2017 To follow up my own query above, it might be useful for me to confirm the contents of the following files: /etc/dhcp/dhcpd.conf subnet 172.16.64.0 netmask 255.255.255.0 { range 172.16.64.10 172.16.64.12; option routers 172.16.64.1; option domain-name-servers 172.16.64.1; option local-proxy-config "http://172.16.64.1/wpad.dat"; } Quote Link to comment Share on other sites More sharing options...
DavidDoherty Posted October 12, 2017 Share Posted October 12, 2017 And the only entry in the /etc/defaults/isc-dhcp-server file which is not commented out is: INTERFACES="usb0" I also promise to not keep pressing te wrong keys here and breaking up these queries into multiple entries. Quote Link to comment Share on other sites More sharing options...
redm0squit0 Posted October 14, 2017 Share Posted October 14, 2017 On 4/7/2017 at 2:11 PM, jjd said: I have tried on two systems both mac's and since 1.1 using ATTACKMODE ECM_ETHERNET the target does not get a dhcp ip it ends up with a self assigned. seems to work fine on windows systems with NRDIS. Can anyone else test and see if they get the same thing? Hey man, simple fix for windows. i scratched my head for a good week trying to figure this out but just reset you network adapters. It is ridiculous, and you will have to do it quite often because for some reason windows is f'd up, but that solved the issue for me at least with ssh or ATTACKMODE_RNDIS_ETHERNET. Serial mode internet connecting wants to install another adapter that wants to fight for the default address 172.16.64.64, and when you let it, and try to ssh again with internet sharing forget about it. Plain and simple, just reset your adapters. It has something to do with automatic ip configuration with Windows ICS. Hope this helps Quote Link to comment Share on other sites More sharing options...
sneakypoke Posted November 17, 2022 Share Posted November 17, 2022 Hey, was this ever resolved on a MAC? Im having the same issue. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.