[Question] Would you find this tool useful?

[Sebkinne]

Hey everyone,

I wanted to see what the Bash Bunny community thinks about a tool (Win, MacOS, Linux) that would automatically update your payload repository on the Bash Bunny's mass storage partition.

It would be run from your computer when the Bash Bunny is plugged in and automatically download the latest payloads, extensions, and languages.

As a bonus, it could automatically download firmware upgrades to the mass storage partition to ensure the Bash Bunny is always up-to-date and that the updates are performed correctly.

What do you currently do to update your payloads? Git clone + copy? Git clone directly to the partition? Download a .Zip of the repository? How regularly do you do this?

 

Edit: Just to clear some things up:
The tool would not run automatically when the Bash Bunny is plugged in, but would have to explicitly be launched by the user. The tool would be downloaded, placed on the root of the mass storage partition and executed from there.

[CynicalHeck]

For me I just usually copy the payloads I download from github onto my BB while its in arming mode, I regularly check to see if there are any new payloads and download them. Having a tool that can do that for me would be amazing, hopefully it will happen. :)

[Dave-ee Jones]

Are you joking @Sebkinne?!

I was trying so hard to do this with my WabbitWeb payload! I even made a forum post of how to download a specific folder in a Github repo so I could make an 'Updates' page that could automatically update the payloads library and WabbitWeb..Now I can! :D

DO ITTTT!

WabbitWeb - Pocket Knife edition here we come!

Edited May 5, 2017 by Dave-ee Jones

[PoSHMagiC0de]

I git clone to my linux machine and pull over what I plan on using the most.  Since I been working on the BBTPS I have been slowly converting those payloads to BunnyAgent compliant payloads and lining them up as job queues for different types of attack series to see what makes sense and what needs more tweaking.

[b0N3z]

Usually just download the .zip when I notice a couple payloads have been updated and then trim down the payloads that I dont use and copy the library to the bunny.

[hermanbreden]

usefull

[RazerBlade]

Just do it. DO IT!

[Niceday]

I download the zip sporadically as I try different ideas and each idea may use  different tools (pineapple, VPS, VPN, BB, turtle, etc.) individually or in conjunction.

So I find it easy to miss updates if not concentrating on BB.

Auto download and manual implement is perfect, especially with firmware updates that may break some scripts.

[Torrey]

Since I'm the only one that voted 'no', I'll admit it. I didn't think the idea brings enough value to spend time on it. There's already several ways to do what's being proposed, including a payload or two from the community.

On the other hand if you're getting a ton of support requests from people breaking their bunny or being generally confused on how to update it may be worth the time investment.

Edited May 6, 2017 by Torrey

[Dave-ee Jones]

54 minutes ago, Torrey said:

Since I'm the only one that voted 'no', I'll admit it. I didn't think the idea brings enough value to spend time on it. There's already several ways to do what's being proposed, including a payload or two from the community.

On the other hand if you're getting a ton of support requests from people breaking their bunny or being generally confused on how to update it may be worth the time investment.

We're posting on a forum that specialises in theoretical hacks. Not enough time for it either I guess...