Jump to content

Recommended Posts

Posted

On the bashbunny itself or the host computer the bashbunny is plugged into, please note that not all computers come with the jre installed and would likely not work because of this.

Posted (edited)

Well you could have the JRE/JDK/JDE on your Bunny, and then compile Java with that. But because not every PC has Java all the scripts would have to be run on your Bunny (unless of course the PC has Java in which case you can run it on there, yes). Also keep in mind that even though some PCs have Java, they are not always up to date (quite the opposite), so running a Java script in a CMD prompt you have to call on Java and then use the file as a parameter, but how do you know what version they have and therefore how do you know where Java is?

You might have to select it by doing something like: (For Windows)

cd C:\Program Files\Java\jdk* # the '*' saying "look for a folder with 'jdk' as the start
cd jre
<call on Java exe here>

Also, sometimes Java sets up a PATH environmental variable.

Edited by Dave-ee Jones
  • Upvote 1
Posted
6 hours ago, Fang_Shadow said:

On the bashbunny itself or the host computer the bashbunny is plugged into, please note that not all computers come with the jre installed and would likely not work because of this.

 

3 hours ago, Dave-ee Jones said:

Well you could have the JRE/JDK/JDE on your Bunny, and then compile Java with that. But because not every PC has Java all the scripts would have to be run on your Bunny (unless of course the PC has Java in which case you can run it on there, yes). Also keep in mind that even though some PCs have Java, they are not always up to date (quite the opposite), so running a Java script in a CMD prompt you have to call on Java and then use the file as a parameter, but how do you know what version they have and therefore how do you know where Java is?

You might have to select it by doing something like: (For Windows)


cd C:\Program Files\Java\jdk* # the '*' saying "look for a folder with 'jdk' as the start
cd jre
<call on Java exe here>

Also, sometimes Java sets up a PATH environmental variable.

I know the computers I'm going to use it on have the latest version installed. I just need a payload that can run a file in the same folder as the payload despite the drive the bunny is plugged into and which switch the payload is on.

Posted

Here is one that I modified (original credit to RalphyZ).  This is mad to run "ms.bat" stored in the payloads dir.  I think this what you're looking for?

# Magenta solid
LED SETUP

# Set the attack mode
ATTACKMODE HID STORAGE

# Get the switch position
GET SWITCH_POSITION

 Check if ms.bat is present
 if [ ! -f "/root/udisk/payloads/${SWITCH_POSITION}/ms.bat" ] ; then
    LED FAIL
    exit 1
fi

# Start the attack - yellow single blink
LED ATTACK

# Run the Batch File
QUACK GUI r
QUACK DELAY 100
QUACK STRING powershell -WindowStyle Hidden ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\${SWITCH_POSITION}\\ms.bat') -e cmd.exe"
QUACK ENTER


# Green 1000ms VERYFAST blink followed by SOLID
LED FINISH
exit 0

Posted

Hmm, so you want to run jar files.  Well, if you know the java command line here is how you can always get the path to the java executable.  it seems it is installed in programdata but to make sure you can do this.

$javapath = $env:Path -split ";" | where {$_ -match "Oracle" -and $_ -match "java"}
if([string]::IsNullOrEmpty($javapath))
{
	Write-Error "Java JRE seems to not be installed on this system"
	exit;
}
else
{
	$javaapp = $javapath + "\\java.exe"
}

$null = Start-Process $javaapp -WindowStyle "<You can hide the window or completely leave WindowStyle Parameter out.>" -ArgumentList "<Your java arguments go here>"

If you did not run the script as admin and want to run the jar as admin then you will need to add the parameter:

-verb "runas"

to run java as admin but it will prompt.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...