Jump to content
ju663rn4u7

Loot folder won't delete

Recommended Posts

Ran the BlackBackup payload and I might have pulled the BB while it was doing stuff. I think the loot folder got corrupted and now nothing will delete from the directory. Any help would be greatly appreciated.

Share this post


Link to post
Share on other sites

This needs to be in the wiki.


Restore the Bash Bunny from the recovery partition:

  1. Set the Bash Bunny switch to position 3 (arming mode)
  2. Plug the Bash Bunny into a USB power source. The LED will momentarily light green. As soon as the LED goes off, unplug the Bash Bunny.
  3. Repeat the previous step twice more (for a total of 3 times)
  4. Plug the Bash Bunny into a USB power source and leave for 4 minutes. The LED will light RED to indicate recovery. When the light returns to BLUE blinking, the Bash Bunny has recovered.

Share this post


Link to post
Share on other sites
On 8/19/2017 at 7:33 AM, ju663rn4u7 said:

This needs to be in the wiki.


Restore the Bash Bunny from the recovery partition:

  1. Set the Bash Bunny switch to position 3 (arming mode)
  2. Plug the Bash Bunny into a USB power source. The LED will momentarily light green. As soon as the LED goes off, unplug the Bash Bunny.
  3. Repeat the previous step twice more (for a total of 3 times)
  4. Plug the Bash Bunny into a USB power source and leave for 4 minutes. The LED will light RED to indicate recovery. When the light returns to BLUE blinking, the Bash Bunny has recovered.

That is in the wiki XD

Share this post


Link to post
Share on other sites

No, it's not. This is:

Firmware Recovery

If the Bash Bunny fails to boot more than 3 times, it will automatically enter recovery mode. The LED will blink red while the file system is replaced by the backup partition. DO NOT UNPLUG THE BASH BUNNY DURING RECOVERY

This process takes about 3 minutes. When complete, the Bash Bunny will reboot as indicated by the blinking green LED.

Share this post


Link to post
Share on other sites

So wondering if someone can help on this same topic. I'm new to the BB.

First day I got it. I ran the USB_Exfiltration on my home system (win7). It worked after a couple of tries. But now I do not have any write or delete permissions to the BB. I can't delete the loot folder or anything inside it. I put it in my kali system and was able to delete the folders. Reinserted into my windows box and a .Trash-0 folder now shows up with all the looted directories and files which cannot be deleted. I tried to perform the recovery. It goes through the process according to the LED's and when completed and blinking blue all the directories are still in tack to include the loot directory and I still do not have access to the BB. I tried to copy of the updater in windows and in Linux both will not run and give me an error that the BB is write protected. Any help would be great. I hope I did not brick this thing.

Share this post


Link to post
Share on other sites

Ok I wanted to give an update on this. Maybe it can help some?? I was working on my BB at work, our system drives are encrypted and USB disabled via group policy. The bunny was able to be seen in the system as a drive for our systems. Which is normal. But if you use a normal usb drive you will not be able to access it. I was able to access the BB partition and write to it. But that's where the problem started. Once it was written too the drive became write protected and nothing could be added, removed or renamed. I took the drive home and was able to add, remove, rename anything I wanted to a certain extent. I did move the drive while at work to a kali box which allowed me to remove some files and folders. But once I plugged it back into a windows box I now had a .Trash-0 folder of which I can not remove on a windows system. It does not show up on a linux system. But at least I was able to figure out the BB is not a brick.

Share this post


Link to post
Share on other sites

This worked for me I simply opened the drive on deleting checking debug info you would see an error with the following reference 🙂 0x80004005; So This error requires you to simply repair disk so right click on the bunny->properties->tools->Error Cheking->Check; when complete you should be able to delete. 🙂

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...