Jump to content

VNC+Xfce on bunny (WIP)


Vert

Recommended Posts

So after installing xfce & vnc from apt-get and running vncserver from console the result is access to desktop for about 5 mins then it locks up still not sure exactly why. I would note there are many posts from people with the same issue on many other platforms its not an issue limited to this platform.

xcfe bunny.png

Edited by Vert
Link to comment
Share on other sites

37 minutes ago, Sebkinne said:

I hate to put something like this in a post with cool stuff, but..

Disclaimer:

Using the Bash Bunny like this may void your warranty, as it could cause unforeseen effects on the underlying system.

just installing packages from apt-get can void the warranty O.o use of any of the tools should do the same then as there not even part of the repo.  fairly sure i voided the warranty anyway who can resist not cracking things open to see whats under the hood.

Warning these 2 commands apparently void your warranty.....

------------------------------------------------------------------------------------------------------------------------------------------------------------------

apt-get install xfce4 tightvncserver

vncserver

 

Edited by Vert
Link to comment
Share on other sites

1 hour ago, Vert said:

just installing packages from apt-get can void the warranty O.o use of any of the tools should do the same then as there not even part of the repo.  fairly sure i voided the warranty anyway who can resist not cracking things open to see whats under the hood.

Warning these 2 commands apparently void your warranty.....

------------------------------------------------------------------------------------------------------------------------------------------------------------------

apt-get install xfce4 tightvncserver

vncserver

 

Did you read the card that came with the Bash Bunny? It basically tells you that it never came with a 'warranty' and that anything you do with it is entirely your responsibility. It also tells you that Hak5 reserves a few rights..

Also, on the Bash Bunny Wiki it also states:

WARNING: Community payloads come with absolutely no warranty. You are solely responsible for the outcome of their execution.

And don't be rude and sarcastic just because Sebkinne warned everyone that this is not the way the Bunny was meant to be used. It isn't the way it is meant to be used and it can potentially ruin your Bunny, so he was simply warning them. No need to be rude about it.

Edited by Dave-ee Jones
  • Upvote 1
Link to comment
Share on other sites

Ive installed several other desktop environments on the bunny also and all but xfce break the normal function of the bunny. (Gnome/KDE/matchbox/cinnamon)

Its a simple fix drop the firmware file on the bunny and flash it again makes it like new again.

Link to comment
Share on other sites

4 hours ago, Vert said:

Ive installed several other desktop environments on the bunny also and all but xfce break the normal function of the bunny. (Gnome/KDE/matchbox/cinnamon)

Its a simple fix drop the firmware file on the bunny and flash it again makes it like new again.

That's not the issue. We all know you can drop firmware on the Bunny..But what if the recovery partition on the Bunny is broken or deleted? It won't know what to do with that firmware file. The problem with some desktop environments on the Bunny is they might try and install their own files or mess around with existing ones.

Not only that, the hardware isn't made specifically to support a complete desktop environment.

But, as we said before, it is your Bunny and your responsibility.

  • Upvote 1
Link to comment
Share on other sites

2 hours ago, Dave-ee Jones said:

That's not the issue. We all know you can drop firmware on the Bunny..But what if the recovery partition on the Bunny is broken or deleted? It won't know what to do with that firmware file. The problem with some desktop environments on the Bunny is they might try and install their own files or mess around with existing ones.

Not only that, the hardware isn't made specifically to support a complete desktop environment.

But, as we said before, it is your Bunny and your responsibility.

i personally installed Gnome/KDE/matchbox/cinnamon/xfce as i did not see any others in the repo and not one of them had any effect on reflashing several simply didnt work properly. i had intended to post screen shots of all the working GUIs but xfce is the only one that works mind you after 5 mins all connections are terminated likely due to a configuration not being where it should (common issue). not sure why the subject bothers you so much did you not state there never was a warranty anyways but i would note this is not a nooby friendly idea but then again i have 15 years+ experience with the linux platform and i never even consider these things.

i find the outrage laughable this is nothing id hate to see the reaction to the cooling system & sdcard reader and a few other mods would be lol.

is it hard to breath inside the box? o no i did unintended things with something i own maybe ill brush my teeth with it later who knows.

Edited by Vert
Link to comment
Share on other sites

I think these post have gotten a little out of hand and the fact the Vert did this is cool, weather he voids the warranty on a device that has little warranty on it already. As it stands we are all here to push the limits on what we can do with this device.  We all read the card that came with it and know what we were getting into.  Different people will do different things with this device.  I think if you can do it and aren't worried about a warranty then have at it.  :) remember "Drink all the Booze, Hack all the things"  #DualCore

Edited by b0N3z
  • Upvote 1
Link to comment
Share on other sites

hak5 is literally inviting people in there videos to do this kind of stuff and share it with the community and i did.

Link to comment
Share on other sites

Hey yall - I'll chime in with some clarity regarding the warranty stuff.

The Hak5 limited warranty covers defects in material or workmanship of new Hak5 products. What that means is we cover hardware faults, and guarantee our official software releases. While we can't possibly guarantee 3rd party modules/payloads/modifications - we do make a best effort to ensure that software contributions accepted into our repositories are of acceptable quality.

I must say we have a great sense of pride building these easy to use penetration testing platforms -- and as platforms we encourage the community to contribute. We don't limit your access, and in fact go as far as to make access as convenient as possible. For example, the dedicated serial console from the Bash Bunny arming mode, the unlocked DFU bootloader of the Rubber Ducky, the onboard UART of the WiFi Pineapple TETRA.

But as hacker hardware, there are certain risks associated with being root that we cannot guarantee. Knowing this we make a best effort to ensure that recovering is as easy as possible, should something go terribly wrong. Though even our best efforts can be thwarted by the wrong DD command.

When you say "Its a simple fix drop the firmware file on the bunny and flash it again makes it like new again." that tells us we're doing our jobs right - making it easy to recover. But we don't want to give the impression that it's infallible. 

The Bash Bunny relies on a recovery partition, bootloader and other elements so that dropping a firmware file on it "makes it like new again". We're rightfully wary of things that could disrupt the recovery, because we don't want you to get locked out of your device. It's never fun.

I'm not saying don't tinker - and I think it's great that you have 15+ years of experience with Linux. I'm sure that if you really get locked out you won't be the type opposed to soldering on UART jumpers to the pads on the PCB -- but that's not "normal use case" and something we can't guarantee. 

We just don't want to give the wrong impression to a newcomer that's a complete Linux beginner, because unlike a full fledged PC - the Bash Bunny isn't as easy for everyone to fix should it get completely bricked. Hell, I'm no Linux noob and even I can hose a system with DD. (note to self, IF= input file, OF= output file) ;-)

In short, with root comes responsibility, and, in this case - if you brick it, you bought it.

PS: The Bash Bunny has not been certified by the ADA as an adequate dental hygiene instrument.
 

  • Upvote 4
Link to comment
Share on other sites

On 5/16/2017 at 2:43 AM, Darren Kitchen said:

Hell, I'm no Linux noob and even I can hose a system with DD. (note to self, IF= input file, OF= output file) ;-)

In short, with root comes responsibility, and, in this case - if you brick it, you bought it.

PS: The Bash Bunny has not been certified by the ADA as an adequate dental hygiene instrument.
 

hahahaha thats great. Ive done the same with DD lol.  

@Darren Kitchen funny joke.  "Whats red and bad for your teeth?"  A failed Bunny Payload lol.    ( a brick is technically the right answer but probably not the answer Alex Trebek is looking for on this one lol. )

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...