Sebkinne Posted May 1, 2017 Share Posted May 1, 2017 We are excited to announce the Bash Bunny Firmware v1.2! With it we fixed a couple of big bugs (payloads getting cancelled after 1.5 minutes and RNDIS not working with other attackmodes), and added a new RO_STORAGE attackmode. We also added a new command to QUACK, and now allow some settings such as the ducky language to be set in a config.txt file. More features, fixes and experiences in the full changelog - so hop on over to BashBunny.com/downloads and nab version 1.2 today! 3 Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted May 1, 2017 Share Posted May 1, 2017 As an Aussie, I'm proud to see the Sydney Opera House as this version's 'image'. What's with the fork? Also, FIRST! Quote Link to comment Share on other sites More sharing options...
Irukandji Posted May 1, 2017 Share Posted May 1, 2017 (edited) 1 hour ago, Dave-ee Jones said: As an Aussie, I'm proud to see the Sydney Opera House as this version's 'image'. What's with the fork? Also, FIRST! it's not the FIRST! that the Sydney Opera House has been featured. Edited May 1, 2017 by Jtyle6 . Quote Link to comment Share on other sites More sharing options...
VincBreaker Posted May 1, 2017 Share Posted May 1, 2017 THIRD! The read-only mode can be really really useful (even though I'd prefer custom filter rules). Thanks a lot for implementing it :) Quote Link to comment Share on other sites More sharing options...
Just_a_User Posted May 1, 2017 Share Posted May 1, 2017 Great, thanks for update! Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted May 1, 2017 Share Posted May 1, 2017 2 hours ago, Jtyle6 said: it's not the FIRST! that the Sydney Opera House has been featured. First as in first two post ;) Also, FIFTH! :P Quote Link to comment Share on other sites More sharing options...
jafahulo Posted May 1, 2017 Share Posted May 1, 2017 Sixth! Quote Link to comment Share on other sites More sharing options...
RazerBlade Posted May 1, 2017 Share Posted May 1, 2017 No,you put the tar file in the root folder Quote Link to comment Share on other sites More sharing options...
b0N3z Posted May 1, 2017 Share Posted May 1, 2017 When you plug in the bunny in arming mode your file directory will have a text file labeled version or something like that and it should say 1.2-xxx Quote Link to comment Share on other sites More sharing options...
b0N3z Posted May 1, 2017 Share Posted May 1, 2017 So then what is the fork for? Quote Link to comment Share on other sites More sharing options...
Torrey Posted May 1, 2017 Share Posted May 1, 2017 33 minutes ago, b0N3z said: So then what is the fork for? The codename of this release was dinglehopper. A fork is a dinglehopper as mentioned in the Little Mermaid. I'd love to know why they chose that codename and the connection with the Little Mermaid. 1 Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted May 1, 2017 Author Share Posted May 1, 2017 3 minutes ago, Torrey said: I'd love to know why they chose that codename and the connection with the Little Mermaid. :) Quote Link to comment Share on other sites More sharing options...
b0N3z Posted May 1, 2017 Share Posted May 1, 2017 (edited) Maybe they were watching the little mermaid with there child and thinking what a good name. But on the other hand all the firmwares have a number after them 1.1-167, 1.2-xxx maybe all the firmware names are related to the little mermaid or maybe im crazy. both are possible. Maybe these firmware names are based on disney movies, just a thought, hey @Sebkinne not to get to personal but who at the shop watched little mermaid last lol. edit: I think im more intrigued with this firmware naming than the device today. Edited May 1, 2017 by b0N3z 1 Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted May 2, 2017 Author Share Posted May 2, 2017 5 hours ago, b0N3z said: Maybe they were watching the little mermaid with there child and thinking what a good name. But on the other hand all the firmwares have a number after them 1.1-167, 1.2-xxx maybe all the firmware names are related to the little mermaid or maybe im crazy. both are possible. We'll take the secret to our graves.. maybe. 5 hours ago, b0N3z said: who at the shop watched little mermaid last lol. Could very well be Darren, but my money is on Perin or Sara :D Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted May 2, 2017 Share Posted May 2, 2017 Yeah, I am not the first but updated the firmware last night. Bunny is up and running. Still have to test to see if the combos work now. :-) I was going to follow a theme with my projects too based off my github name (since it is a twist from the cartoon "Epic MagicSword".) It started to sound cheesy so decided not to. Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted May 2, 2017 Share Posted May 2, 2017 3 hours ago, PoSHMagiC0de said: Yeah, I am not the first but updated the firmware last night. Bunny is up and running. Still have to test to see if the combos work now. :-) I was going to follow a theme with my projects too based off my github name (since it is a twist from the cartoon "Epic MagicSword".) It started to sound cheesy so decided not to. Yeah, the ATTACKMODE combos work nicely now :) I know that because my payload used both attackmodes at once - and then I found what I was doing wasn't viable so I didn't need ATTACKMODE RNDIS_ETHERNET HID, just needed ATTACKMODE RNDIS_ETHERNET, lol. Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted May 3, 2017 Share Posted May 3, 2017 2 hours ago, Dave-ee Jones said: Yeah, the ATTACKMODE combos work nicely now :) I know that because my payload used both attackmodes at once - and then I found what I was doing wasn't viable so I didn't need ATTACKMODE RNDIS_ETHERNET HID, just needed ATTACKMODE RNDIS_ETHERNET, lol. Yeah, it is working...though. Anyone have the trick to keep the machine you plug the bunny into from trying to use the bunny as the primary internet connect so windowsupdate can install the drivers for it? Never figured out how to keep the bunny from dropping keeping the machine's NIC from going online when in NIC ethernet mode. Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted May 3, 2017 Share Posted May 3, 2017 3 hours ago, PoSHMagiC0de said: Yeah, it is working...though. Anyone have the trick to keep the machine you plug the bunny into from trying to use the bunny as the primary internet connect so windowsupdate can install the drivers for it? Never figured out how to keep the bunny from dropping keeping the machine's NIC from going online when in NIC ethernet mode. Mm, I've noticed that... Bridge the connections? :P Just kidding, don't do that. Why not point the drivers to the BB, as the BB has the drivers on it? E.g. when it is plugged in, go to Device Manager, find the unknown device (Bunny in disguise), manually install the drivers by pointing the folder at the BB. Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted May 3, 2017 Author Share Posted May 3, 2017 8 hours ago, PoSHMagiC0de said: Yeah, it is working...though. Anyone have the trick to keep the machine you plug the bunny into from trying to use the bunny as the primary internet connect so windowsupdate can install the drivers for it? Never figured out how to keep the bunny from dropping keeping the machine's NIC from going online when in NIC ethernet mode. Next firmware :) 1 Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted May 3, 2017 Share Posted May 3, 2017 3 hours ago, Sebkinne said: Next firmware :) Lol. It is totally cool. At least it is possible to get them both up. Yeah, when I tested the RNDIS device pulled its update from windowsupdate but then the HID wanted to too but got stuck because the machine was trying to get an internet connect through the BB instead of its NIC. If it loaded the HID first I would have never noticed this could happen hehe. Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted May 3, 2017 Share Posted May 3, 2017 8 hours ago, Dave-ee Jones said: Mm, I've noticed that... Bridge the connections? :P Just kidding, don't do that. Why not point the drivers to the BB, as the BB has the drivers on it? E.g. when it is plugged in, go to Device Manager, find the unknown device (Bunny in disguise), manually install the drivers by pointing the folder at the BB. Thought about that also, but then that would be an extra pre-attack combo. HID STORAGE first to Q install the drivers and then switch to HID RNDIS_ETHERNET for the normal attack. Still a two stage attack mode except one is used to load drivers. Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted May 3, 2017 Share Posted May 3, 2017 (edited) 11 hours ago, PoSHMagiC0de said: Thought about that also, but then that would be an extra pre-attack combo. HID STORAGE first to Q install the drivers and then switch to HID RNDIS_ETHERNET for the normal attack. Still a two stage attack mode except one is used to load drivers. Python server, bud. :) Or PHP... Or SMB... Or FTP... EDIT: @Sebkinne Also got a major problem. ATTACKMODE HID RNDIS_ETHERNET is not working again, deciding only to act as an HID. Why you do dis... EDIT2: Found the reason why; it is looking for drivers on the Bunny's flashdrive - however, obviously, they cannot be found because it isn't in STORAGE mode for the device manager to access it... How is one meant to fix that when 1. You don't have internet to download the drivers (plus, you would have to wait for it to finish anyway and the payload doesn't know that) 2. The only other way to fix it is to be in RNDIS mode and install the driver from a webserver - but that requires you to be in HID and RNDIS_ETHERNET mode... Edited May 4, 2017 by Dave-ee Jones Quote Link to comment Share on other sites More sharing options...
pmurton Posted May 4, 2017 Share Posted May 4, 2017 Updated this morning with no problems. One suggestion though. Maybe the Step by Step instructions should add a note that any previously installed tools (i.e. impacket and Responder) need to be re-installed after the update, and maybe a note to recommend editing config.txt to change the DUCKY_LANG setting. Just for newbies like me (although it didn't take me long to figure it out). 1 Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted May 4, 2017 Share Posted May 4, 2017 2 hours ago, pmurton said: Updated this morning with no problems. One suggestion though. Maybe the Step by Step instructions should add a note that any previously installed tools (i.e. impacket and Responder) need to be re-installed after the update, and maybe a note to recommend editing config.txt to change the DUCKY_LANG setting. Just for newbies like me (although it didn't take me long to figure it out). Agreed. Didn't realise I had to reinstall impacket until my SMB server stopped working lol. Quote Link to comment Share on other sites More sharing options...
will burch Posted July 29, 2017 Share Posted July 29, 2017 Maybe it's just me not understanding but I cant find the root file to put the tar file in, can someone actually give me step by step instructions for updating my bash bunny Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.