Jump to content

Windows Internet (metric, not sharing)


unixnerd777

Recommended Posts

When I connect the Bash Bunny with 

ATTACKMODE RNDIS_ETHERNET

it sets itself as a default network interface, which is desired in most cases. However, I would like it to show up as a secondary interface as part of my payload requires actual internet. Since the Bash Bunny doesn't have internet itself, it can't provide internet to the windows box. It would be nice if I could configure the Bash Bunny to show up as a non-default interface.

 

It is possible to change the metric in powershell, so if my payload uses powershell, I can do this to change it:

Get-NetAdapter | Where-Object -FilterScript {$_.LinkSpeed -Eq "2 Gbps"} | Set-NetIPInterface -InterfaceMetric 100

 

Link to comment
Share on other sites

I'm not sure what the question is?  If your Powershell script works, then why couldn't you use that?  If a high throughput is not needed on the network adapter, you can just use 

ATTACKMODE RNDIS_ETHERNET RNDIS_SPEED_10000

**you will need fw 1.3

This will connect the bb @ 10Mb and will most likely not be your "default" device.  I do like the PS command!  Thanks!

  • Upvote 1
Link to comment
Share on other sites

'dbum's method is correct. Using the RNDIS_SPEED_10000 it limits the Bunny's network speed to 10Mbps (according to the PC), making anything faster than that the primary network interface (e.g. WiFi or Ethernet). This argument was made for the purpose of keeping the victim PC's internet access while the Bunny was plugged in.

Pretty neat.

Link to comment
Share on other sites

On 6/30/2017 at 4:22 PM, dbum said:

I'm not sure what the question is?  If your Powershell script works, then why couldn't you use that?  If a high throughput is not needed on the network adapter, you can just use 

ATTACKMODE RNDIS_ETHERNET RNDIS_SPEED_10000

**you will need fw 1.3

This will connect the bb @ 10Mb and will most likely not be your "default" device.  I do like the PS command!  Thanks!

That is exactly what I was looking for, thanks. Yes, the powershell works and I'm using powershell with this payload, but if I wasn't the RNDIS_SPEED will do what I want w/out needing to use powershell.

I wonder if RNDIS_SPEED_10000 could be added to https://wiki.bashbunny.com/#!payload_development.md, that way others who are developing for the Bunny would know about it too. I wonder what other flags it supports that aren't (yet) on the wiki...

Link to comment
Share on other sites

12 hours ago, unixnerd777 said:

That is exactly what I was looking for, thanks. Yes, the powershell works and I'm using powershell with this payload, but if I wasn't the RNDIS_SPEED will do what I want w/out needing to use powershell.

I wonder if RNDIS_SPEED_10000 could be added to https://wiki.bashbunny.com/#!payload_development.md, that way others who are developing for the Bunny would know about it too. I wonder what other flags it supports that aren't (yet) on the wiki...

All known flags by the community are in the changelog. Sebkinne updates our knowledge as he updates the Bunny :)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...