runnerinmask Posted April 19, 2017 Share Posted April 19, 2017 how does the bash bunny gain execution access in mass storage attack mode (in windows)? will it always work when windows autorun is disabled? i would love to get a detailed explanation of how it works Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted April 20, 2017 Share Posted April 20, 2017 Hi Runnerinmask, The Bash Bunny is usually used with a combination of attackmodes. One example would be HID and storage. You would not directly get execution on the target machine, but execute some code using the HID attack first, possibly launching code from the mass storage partition of the Bash Bunny. Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted April 20, 2017 Share Posted April 20, 2017 2 hours ago, Sebkinne said: Hi Runnerinmask, The Bash Bunny is usually used with a combination of attackmodes. One example would be HID and storage. You would not directly get execution on the target machine, but execute some code using the HID attack first, possibly launching code from the mass storage partition of the Bash Bunny. I think he is wondering how it executes in the first place. Autorun, referring to a pre-Windows XP feature that enabled USBs to run as soon as they were plugged in, was disabled automatically and there is no easy way to enable it for Windows XP, 7, 8, 8.1 and 10. So he is wondering how it executes even though autorun is disabled. All I really know is that the Bunny is basically a small computer on its own. Payloads run on the BB itself and therefore don't really act with the victim PC unless it is told to (executing HID attacks, as @Sebkinne said). In the case of the HID attack, the BB basically tells the victim "Hey, I'm a keyboard. Let me act like one!" and passes keyboard presses over to the victim. Basically speaking, the BashBunny doesn't interact with the PC like autorun did/does, it interacts with itself and passes things to the PC via scripts the user has made (e.g. a python script that copies files from the BashBunny to the victim), but that is all the BashBunny as the main PC and the victim as almost like a USB to the Bunny. Pretty clever. Quote Link to comment Share on other sites More sharing options...
runnerinmask Posted April 20, 2017 Author Share Posted April 20, 2017 Thats what i meant Thanks for the help! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.