Skiddie Posted April 20, 2017 Share Posted April 20, 2017 UPGRADE TO THE LATEST FIRMWARE Download the latest version of the Bash Bunny firmware from https://bashbunny.com/downloads Verify that the SHA256 checksum of the downloaded firmware files matches the checksum listed at bashbunny.com Slide the Bash Bunny switch into Arming Mode (closest to the USB plug) and plug the Bash Bunny into your computer Copy the firmware upgrade file downloaded in step 1 to the root of the Bash Bunny flash drive. Safely eject the Bash Bunny flash drive (IMPORTANT) With the switch still in Arming Mode, plug the Bash Bunny back into your computer and wait 10 minutes. When the bunny is done flashing, it will pop up as an storage device. INSTALLING LANGUAGES i have opened a pull request on the official repo to add the languages to the /languages folder (.json provided/made by ducktoolkit.com) But for now you will have to manually add them (Atleast from what i understand since i cannot get the ducktoolkit install payload to work) Download the Ducktoolkit compressed file-> https://github.com/hak5/bashbunny-payloads/raw/53a9e7fb69677b0480b2005a590471f4feacd180/payloads/library/DuckyInstall/DuckToolkit-1.0.1.tar.gz Unzip all the .json language files from "\DuckToolkit-1.0.1\ducktoolkit\languages" inside the .tar.gz file to\languages on the BashBunny (Connected while in arming mode) Remove and re-attach the bash bunny, you can now use different keyboard languages INSTALLING "IMPACKET" AND OTHER DEPENDENCIES There are 2 tools folders on the bash bunny itself, one lives in /tools on the Linux file-system which you can see and access using SSH/ Serial access.The other one lives in the mounted drive which you see every-time you connected the bunny as an storage device. What we effectively are going to do is to download the latest impacket source from github, place it on the bash bunny flash-mounted tools folder. re-attach and re-boot the bunny , this will copy the folder into the linux file-system tools folder, where we will install the module. Clone or download -> https://github.com/CoreSecurity/impacket as an .zip file. Unzip the "impacket-master" folder inside the .zip file into the /tools folder while the bash bunny is connected as an storage device (in arm mode) Rename the "impacket-master" folder to "impacket" ( remove and re-attach /reboot the bash bunny on the system. If you go to the same /tools folder now, the "impacket" folder should be gone. Serial/SSH into the bunny so you get a shell. and execute the following commands, in this order "cd" | "cd .." | " cd /tools/impacket/" | "python setup.py install" ( "|" separate each command, dont type the " quotes) remove and re-attach the bash bunny, and you are all good ! :) Quote Link to comment Share on other sites More sharing options...
Tewfik Posted April 20, 2017 Share Posted April 20, 2017 Hello, Thank you for your tutorial :) I've got the langage file from your Github account and it seems work ... partially ! Firstable, i'm French. (and sorry for my bad english btw) and i'm on a MAC (I know ... :p). For my tests, i've tried to use the payload called sMacAndGrab. I've add the DUCKY_LANG fr sequence on the top of the payload and when I put my BB in SW1, the paylods starts and type the word "Terminal" in the search field, it's exactly what's expected. But the problem is about special chars. In french we have some characters like é è à etc... but they doesn't exist on your json file. And in the same way, on Mac Os X we don't have the same keymap for specials chars like quotes, slashs, underscore etc. So, when the terminal is open the commands fails because they can't type correctly the paths or commands. Do you have a way to explore, or a documentation about mapping the keys for mac os x because i'm stuck with my BB and i don't find any information about that specific case o internet? Thank you so much for your help and again, excuse me for my bad english ;) Regards, Tewfik Quote Link to comment Share on other sites More sharing options...
Skiddie Posted April 22, 2017 Author Share Posted April 22, 2017 On 20.4.2017 at 11:34 PM, Tewfik said: Hello, Thank you for your tutorial :) I've got the langage file from your Github account and it seems work ... partially ! Firstable, i'm French. (and sorry for my bad english btw) and i'm on a MAC (I know ... :p). For my tests, i've tried to use the payload called sMacAndGrab. I've add the DUCKY_LANG fr sequence on the top of the payload and when I put my BB in SW1, the paylods starts and type the word "Terminal" in the search field, it's exactly what's expected. But the problem is about special chars. In french we have some characters like é è à etc... but they doesn't exist on your json file. And in the same way, on Mac Os X we don't have the same keymap for specials chars like quotes, slashs, underscore etc. So, when the terminal is open the commands fails because they can't type correctly the paths or commands. Do you have a way to explore, or a documentation about mapping the keys for mac os x because i'm stuck with my BB and i don't find any information about that specific case o internet? Thank you so much for your help and again, excuse me for my bad english ;) Regards, Tewfik The keyboard mapping files are not mine and not made by me. they are sourced from ducktoolkit.com. I have no idea how to do the key mapping my self, however they seems to be some comments/intructions in the .json files themself. Take a look! :) Quote Link to comment Share on other sites More sharing options...
VFMA83 Posted April 24, 2017 Share Posted April 24, 2017 Quick question: When I Serial/SSH into the bunny and "cd" | "cd .." there is no tools folder? I updated the firmware and even reflashed the bunny. Any help would be greatly appreciated; I am using a Win7 64 box with putty. Debian GNU/Linux 8 bunny ttyGS0 bunny login: root Password: Linux bunny 3.4.39 #68 SMP PREEMPT Thu Apr 6 00:46:27 PDT 2017 armv7l _____ _____ _____ _____ _____ _____ _____ _____ __ __ (\___/) | __ || _ || __|| | | | __ || | || | || | || | | (='.'=) | __ -|| ||__ || | | __ -|| | || | | || | | ||_ _| (")_(") |_____||__|__||_____||__|__| |_____||_____||_|___||_|___| |_| Bash Bunny by Hak5 USB Attack/Automation Platform root@bunny:~# ls udisk version.txt root@bunny:~# ls udisk version.txt root@bunny:~# cd udisk root@bunny:~/udisk# ls root@bunny:~/udisk# pwd /root/udisk root@bunny:~/udisk# cd root@bunny:/# ls root@bunny:/mnt# cd .. root@bunny:/# ls bin dev home lost+found mnt proc run srv tmp usr boot etc lib media opt root sbin sys tools var root@bunny:/# cd tools root@bunny:/tools# ls impacket Quote Link to comment Share on other sites More sharing options...
ST4LK3R Posted April 25, 2017 Share Posted April 25, 2017 17 hours ago, VFMA83 said: Quick question: When I Serial/SSH into the bunny and "cd" | "cd .." there is no tools folder? I updated the firmware and even reflashed the bunny. Any help would be greatly appreciated; I am using a Win7 64 box with putty. Debian GNU/Linux 8 bunny ttyGS0 bunny login: root Password: Linux bunny 3.4.39 #68 SMP PREEMPT Thu Apr 6 00:46:27 PDT 2017 armv7l _____ _____ _____ _____ _____ _____ _____ _____ __ __ (\___/) | __ || _ || __|| | | | __ || | || | || | || | | (='.'=) | __ -|| ||__ || | | __ -|| | || | | || | | ||_ _| (")_(") |_____||__|__||_____||__|__| |_____||_____||_|___||_|___| |_| Bash Bunny by Hak5 USB Attack/Automation Platform root@bunny:~# ls udisk version.txt root@bunny:~# ls udisk version.txt root@bunny:~# cd udisk root@bunny:~/udisk# ls root@bunny:~/udisk# pwd /root/udisk root@bunny:~/udisk# cd root@bunny:/# ls root@bunny:/mnt# cd .. root@bunny:/# ls bin dev home lost+found mnt proc run srv tmp usr boot etc lib media opt root sbin sys tools var root@bunny:/# cd tools root@bunny:/tools# ls impacket Search for tools folder with: find / -iname "tools" Hope it helps! Quote Link to comment Share on other sites More sharing options...
Skiddie Posted April 25, 2017 Author Share Posted April 25, 2017 On 4/24/2017 at 3:34 PM, VFMA83 said: Quick question: When I Serial/SSH into the bunny and "cd" | "cd .." there is no tools folder? I updated the firmware and even reflashed the bunny. Any help would be greatly appreciated; I am using a Win7 64 box with putty. Debian GNU/Linux 8 bunny ttyGS0 bunny login: root Password: Linux bunny 3.4.39 #68 SMP PREEMPT Thu Apr 6 00:46:27 PDT 2017 armv7l _____ _____ _____ _____ _____ _____ _____ _____ __ __ (\___/) | __ || _ || __|| | | | __ || | || | || | || | | (='.'=) | __ -|| ||__ || | | __ -|| | || | | || | | ||_ _| (")_(") |_____||__|__||_____||__|__| |_____||_____||_|___||_|___| |_| Bash Bunny by Hak5 USB Attack/Automation Platform root@bunny:~# ls udisk version.txt root@bunny:~# ls udisk version.txt root@bunny:~# cd udisk root@bunny:~/udisk# ls root@bunny:~/udisk# pwd /root/udisk root@bunny:~/udisk# cd root@bunny:/# ls root@bunny:/mnt# cd .. root@bunny:/# ls bin dev home lost+found mnt proc run srv tmp usr boot etc lib media opt root sbin sys tools var root@bunny:/# cd tools root@bunny:/tools# ls impacket root@bunny:/tools# that is the correct tools folder for running the impacket installer The other tools folder is only via USB storage, not the terminal Quote Link to comment Share on other sites More sharing options...
VFMA83 Posted April 26, 2017 Share Posted April 26, 2017 Thank you Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.