Jump to content

WiFi-boosted Bunny


Dave-ee Jones
 Share

Recommended Posts

So, I know we've talked about combining the power of the Bunny with the Pineapple before, but I wanted to bring to attention I have talked about before, but have now realised how easy it is to do (...kind of).

So, we know we can host SMB servers, web servers, and lots of different kinds of servers (including a DNS server :D) on the Bunny, so I was thinking it would be pretty good if you could program an AP to WiFi-boost the Bunny's network configuration. I thought this could be done with a Windows 7/8/8.1/10 PC with the hotspot functionality but it isn't that simple, as the hotspot function automatically uses either the Ethernet or WiFi adapters as the base and boosts it with a hotspot. I so far haven't found a way to change it to use the Bunny's network adapter. However, I did think about plugging the Bunny into an AP/Pineapple while the AP/Pineapple is in AP mode (you know, plug an Ethernet cable into it's port to make a wired connection wireless?). To do this you would need to convert the Bunny's USB to an Ethernet cable (something like this) and plug it into the AP and then ta-dah, you have a portable hacking machine. Now, while you can't directly shoot payloads to a PC through a USB port, you still hold the PCs that are connected to the Bunny in your network. This means you could be Network Administrator, which means you could almost do anything to a PC. Almost..

Also, to get this working to it's full potential the Bunny's DHCP server will need to be..upgraded. Currently it only supports 3 PCs (172.16.64.10, *.11, *.12 I think..), but you might want to make it serve a few more.

Anyway, I'll leave the idea there for people to think about. I did prefer the PC hotspot idea, as you could walk away and pass commands to the PC remotely (plug BB into PC, walk away and pull out your phone, log into the Bunny's now-boosted-WiFi-provided-by-the-PC and start launching payloads and commands remotely - WabbitWeb does this to local PCs, imagine if it could remotely?), but, oh well, the AP should work fine.

Feel free to let me know what you think below :D

Link to comment
Share on other sites

  • 2 weeks later...

So I realise that because the Bunny has 2 payloads it can do (2 switches..) you could configure a PC to automatically log into the AP's SSID (once it appears) and waits for the Bunny's network, then accesses an SMB server and downloads an executable script that it runs.

While the PC is waiting with the script in RAM, you can unplug the Bunny and walk away, plugging the Bunny into your AP which then broadcasts the SSID - the PC sees it and logs in and the Bunny starts the SMB server, allowing the PC to download the file and BOOM - something happens. Reverse shell, virus, information gotten (uploads data to the SMB server) or something.

Pretty naaz. Theoretically naaz.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...