Jump to content

[RELEASE] Bash Bunny Firmware v1.3


Sebkinne
 Share

Recommended Posts

On 5/14/2017 at 0:30 AM, TeCHemically said:

Do I need to reinstall ducktoolkit after a firmware upgrade? the only payloads that my BB have ever been able to run are ducky payloads; and now even they aren't working anymore. Attempting to run the duckinstall payload fails just like literally every other payload now...:angry:

Not everyone has time to update their payloads every day to suit the new firmware.

DuckyInstall shouldn't be needed either. I don't use it and all my ducky scripts work fine. I think your making things too complicated for yourself. All you have to do is install the new firmware (1.3) and install Impacket/Responder if you want them (some payloads require them, but you decide if you think it's worth it or not).

You should read the changelogs to see what they have done to some commands as well. Not sure what would have gone wrong with your ducky scripts, as nothing major has changed there..

Link to comment
Share on other sites

Update on QuickCreds run, did those following steps:

-mounted bunny on windows machine (arming mode)

-deleted all the files

-copied and installed the new firmware 1.3

-copied and overwrited all the files with https://github.com/hak5/bashbunny-payloads

-installed the tools impacket & responder with "DEB" package provided here:

-putty client to configure em both ovr the bunny

-mount -o sync /dev/nandf udisk/

-cp *.deb /tools

-dpkg --install impacket.deb

-dpkg --install responder.deb

-from windows copied the QuickCreds payload.txt over switch1 folder

-unplugged safely

-switch1

-re plugged in

-completed successfully

 

/cheers

-

Link to comment
Share on other sites

On 13/5/2017 at 4:30 PM, TeCHemically said:

Do I need to reinstall ducktoolkit after a firmware upgrade? the only payloads that my BB have ever been able to run are ducky payloads; and now even they aren't working anymore. Attempting to run the duckinstall payload fails just like literally every other payload now...:angry:

Got the same issue. Upgraded from 1.0 to 1.3 and now I can't get the Bunny to quack.

- Thomas

Link to comment
Share on other sites

1 minute ago, Marcussen said:

Got the same issue. Upgraded from 1.0 to 1.3 and now I can't get the Bunny to quack.

- Thomas

Weird. Not sure why people are having this issue - mine is working fine...You guys are setting ATTACKMODE HID right?

What I would do is make sure the drivers are correctly installed (Device Manager) and check the Human Interface Devices and USB Devices - and also Unknown Devices.

If it's unknown, try manually updating the driver software like so:
Set attackmode to HID and STORAGE, then manually update the drivers via Browse my Computer for Software and select the Bunny's drive (mines the D:\). Let it do its thing and see how that goes.

I usually use the HID attackmode with another attackmode (RNDIS_ETHERNET usually) so it could be that when @Sebkinne fixed the HID/RNDIS_ETHERNET compatibility it broke HID on its lonesome.

Have a play!

Link to comment
Share on other sites

I am a newbie here...  I updated my BB to 1.3 fine.  Copied both responder.deb and impacket.deb to the /tools directory.  Safely eject and replugged in.  In Arming mode using Putty, I can see both impacket and responder under /tools.  Copied QuickCreds payload with ATTACKMODE set to HID.  I also tried ATTACKMODE RNDIS_ETHERNET.  Both modes result in blinking red light.   

Also tried MrRobot payload, result was a blinking white.  I see the MrRobot directory created under /loot.  Nothing else inside.

Anyone else having better luck?  Perhaps, go back to firmware v1.2?

Link to comment
Share on other sites

1 minute ago, Irvine-J said:
14 minutes ago, Irvine-J said:

I am a newbie here...  I updated my BB to 1.3 fine.  Copied both responder.deb and impacket.deb to the /tools directory.  Safely eject and replugged in.  In Arming mode using Putty, I can see both impacket and responder under /tools.  Copied QuickCreds payload with ATTACKMODE set to HID.  I also tried ATTACKMODE RNDIS_ETHERNET.  Both modes result in blinking red light.   

Also tried MrRobot payload, result was a blinking white.  I see the MrRobot directory created under /loot.  Nothing else inside.

Anyone else having better luck?  Perhaps, go back to firmware v1.2?

A positive update here!  I went back and set ATTACKMODE back to RNDIS_ETHERNET.  However, I had to edit part of the payload below from "cd /tools/Responder" to this "cd /tools/responder".  Used a lowercase "responder" instead of uppercase "Responder".   This apparently fixed the issue with QuickCreds.  Still on firmware 1.3.

# Set LED yellow, run attack
LED ATTACK
cd /tools/responder

 

Link to comment
Share on other sites

  • 3 weeks later...

Really quick note of something I noticed with flashing bashbunny from 1.0 to 1.3, It was in a wall to usb adapter/cube and got stuck at a solid red (no idea what it means possibly failed or error) unplugged it and plugged it back in and it seems to be working properly again. Just for others that might experience the same issue.

Link to comment
Share on other sites

  • 3 weeks later...

Hey Seb, you might want to add to the upgrade wiki and bright note letting folks know they will need to reinstall their tools and even their payloads after updating the firmware.  I see that question being asked a lot on the forums by new users who firmware update.

Link to comment
Share on other sites

In case this can help others:

If your browser (e.g. Safari) "opens" the .tar.gz file after it finishes downloading it, it will gunzip, leaving a .tar file in its wake.

Re-gzipping the .tar before copying it to the root of the bunny's hdd was a simple fix  :)

Link to comment
Share on other sites

 

1 hour ago, enc1pher said:

In case this can help others:

If your browser (e.g. Safari) "opens" the .tar.gz file after it finishes downloading it, it will gunzip, leaving a .tar file in its wake.

Re-gzipping the .tar before copying it to the root of the bunny's hdd was a simple fix  :)

you should just be able to download it and go to finder and move the .tar.gz to the root of the bunny which is the directory in which loot, tools, and libary is in.

Link to comment
Share on other sites

6 minutes ago, b0N3z said:

 

you should just be able to download it and go to finder and move the .tar.gz to the root of the bunny which is the directory in which loot, tools, and libary is in.

True, however if Safari has 'Open "safe" files after downloading' enabled (as is the default when you add a new user), then Safari will gunzip the tar file automatically :)

My fix is to a) Untick the box to disable this functionality in 'Preferences', or b) gzip the .tar file, if this happens.

safari-disable-automatic-opening-of-file

  • Upvote 1
Link to comment
Share on other sites

  • 3 weeks later...
  • 3 weeks later...
On 15/5/2017 at 4:51 PM, johnjohnsp1 said:

Update on QuickCreds run, did those following steps:

-mounted bunny on windows machine (arming mode)

-deleted all the files

-copied and installed the new firmware 1.3

-copied and overwrited all the files with https://github.com/hak5/bashbunny-payloads

-installed the tools impacket & responder with "DEB" package provided here:

-putty client to configure em both ovr the bunny

-mount -o sync /dev/nandf udisk/

-cp *.deb /tools

-dpkg --install impacket.deb

-dpkg --install responder.deb

-from windows copied the QuickCreds payload.txt over switch1 folder

-unplugged safely

-switch1

-re plugged in

-completed successfully

 

/cheers

-

Hi,

I have the same problem than you.

Could you sort it out?

Could you please help me?

I would love to have a skype conversation with you, as I need help with the QUICKCREDS. I do not mind paying for the help, but please help me.

Thanks

Maria

Link to comment
Share on other sites

  • 1 month later...

I followed Darren's Bunny Primer youtube video and used the bashbunny updater to go from 1.0-1.3. In the video it says that all you'll need to do to update the payloads in the future is to run the bunnyupdater, so figured i must be all ready to go. Not so. Currently the payloads don't update (or didn't for me) and I was left with all the old payloads which took me a couple of hours to realise why my QuickCreds had stopped working.  I manually downloaded all payloads from github, deleted docs, lang and payloads directories and copied over the new ones and all was good.  Am guessing the bunnyupdater will be updated to include a git pull in the future?  Cheers guys.

Link to comment
Share on other sites

58 minutes ago, Marshall said:

I followed Darren's Bunny Primer youtube video and used the bashbunny updater to go from 1.0-1.3. In the video it says that all you'll need to do to update the payloads in the future is to run the bunnyupdater, so figured i must be all ready to go. Not so. Currently the payloads don't update (or didn't for me) and I was left with all the old payloads which took me a couple of hours to realise why my QuickCreds had stopped working.  I manually downloaded all payloads from github, deleted docs, lang and payloads directories and copied over the new ones and all was good.  Am guessing the bunnyupdater will be updated to include a git pull in the future?  Cheers guys.

You have to run the Bash Bunny updater twice. Once to upgrade the firmware, and again to update the payloads.

The reason for this is that the upgrade changes the udisk, so pulling down payloads before the upgrade is completed doesn't make sense.

Link to comment
Share on other sites

Hey just wondering but once updated to 1.3 is there a file structure somewhere so I can compare mine to what is supposed to be there?  I ran updater twice and it grabbed everything and stuck it in a .payload_repo folder.  Inside that folder is a payloads folder structured the same as the payloads folder on the root of the flash drive portion of the BB.  Should I delete the old payloads folder and use the new one?  Should I keep the new one where it's at or move it to the root? 

Also my installed-tools text file states that I have impacket and responder installed already, do I need to reinstall those now that I have updated to 1.3?  I was at 1.0 prior to this.

Thanks everyone!

Link to comment
Share on other sites

On 9/9/2017 at 10:28 AM, Bob123 said:

Hey just wondering but once updated to 1.3 is there a file structure somewhere so I can compare mine to what is supposed to be there?  I ran updater twice and it grabbed everything and stuck it in a .payload_repo folder.  Inside that folder is a payloads folder structured the same as the payloads folder on the root of the flash drive portion of the BB.  Should I delete the old payloads folder and use the new one?  Should I keep the new one where it's at or move it to the root? 

Also my installed-tools text file states that I have impacket and responder installed already, do I need to reinstall those now that I have updated to 1.3?  I was at 1.0 prior to this.

Thanks everyone!

Confused. Can you take a screenshot of your Bunny's storage partition, NOT the root partition?

It should look something like what I've attached.

Yes, you will need to re-install Impacket and Responder. You can find them pinned to the Bash Bunny subforum.
 

Capture.JPG

Link to comment
Share on other sites

Thanks Mr Jones for getting back with me.  I misspoke when I said root, I meant root of the storage not of the device.  So the first folder I have is a repo folder that got created when I ran the updater the second time.  But it does look like everything in that folder has been moved to the proper folders as well.  And that's where my initial concern came in.  I wasn't sure if I had to move the new payloads to the current payloads folder but it looks like it just added the new ones automatically. 

And then my second circled file is the installed tools where it already tells me responder and impacket are already installed.  But I'll install them again.  I'm safe to just grab the .deb file and put it in the tools folder?  I don't need to uninstall the older programs first?
Thanks for your help!

Capture.PNG

Link to comment
Share on other sites

11 hours ago, Bob123 said:

Thanks Mr Jones for getting back with me.  I misspoke when I said root, I meant root of the storage not of the device.  So the first folder I have is a repo folder that got created when I ran the updater the second time.  But it does look like everything in that folder has been moved to the proper folders as well.  And that's where my initial concern came in.  I wasn't sure if I had to move the new payloads to the current payloads folder but it looks like it just added the new ones automatically. 

And then my second circled file is the installed tools where it already tells me responder and impacket are already installed.  But I'll install them again.  I'm safe to just grab the .deb file and put it in the tools folder?  I don't need to uninstall the older programs first?
Thanks for your help!

Capture.PNG

Okay, what I would do in this situation (just to be on the safe side) is:

  • Recover my Bunny
    • Plug the Bunny in with the switch on arming mode
    • Wait for the LED to turn green and then unplug the Bunny
    • Repeat 2-3 more times
  • Upgrade the firmware the 'normal' way
    • Link to downloads page
    • Make sure the hashes are the same
    • Drop it on your Bash Bunny's storage while it's in arming mode
    • Safely eject the Bunny and unplug it
    • Plug it back in again

That should HOPEFULLY fix your problems and get you a nice, working Bunny. :)

Link to comment
Share on other sites

On 5/15/2017 at 8:51 AM, johnjohnsp1 said:

Update on QuickCreds run, did those following steps:

-mounted bunny on windows machine (arming mode)

-deleted all the files

-copied and installed the new firmware 1.3

-copied and overwrited all the files with https://github.com/hak5/bashbunny-payloads

-installed the tools impacket & responder with "DEB" package provided here:

-putty client to configure em both ovr the bunny

-mount -o sync /dev/nandf udisk/

-cp *.deb /tools

-dpkg --install impacket.deb

-dpkg --install responder.deb

-from windows copied the QuickCreds payload.txt over switch1 folder

-unplugged safely

-switch1

-re plugged in

-completed successfully

 

/cheers

-

Thanks! I wish Hak5 would have some straight and clear instructions. All over the place. I literally had to search for this for an hour. It's like each firmware upgrade had different things with it and names. Just everywhere. Love Hak5 tools but wow, they need to improve with documentation and consistency. 

  • Upvote 1
Link to comment
Share on other sites

  • 1 month later...
7 minutes ago, Dave-ee Jones said:

Hint

Quite funny though, as I just literally reset my Bunny to v1.0 because it was acting up. Haha!

Well as a celebration I'll release another script.. ?

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...