Jump to content

Bash Bunny Manager

quentin_lamamy

By quentin_lamamy
in Bash Bunny

 Share
Go to solution Solved by dark_pyrro,

Recommended Posts

quentin_lamamy Apprentice

quentin_lamamy

Posted
Posted (edited)

Hi,

It seems that lot of bb user are noob and don't succeed in using it. I am working on a tool based on node js with a terminal ui to manage the BB.

The actual feature are :

  • Browse available payload from git
  • Install / Remove payload
  • Update firmware
  • Browse available tool from git
  • Install / Remove payload

Is there some other feature that can be usefull ?

Message for the moderator : Is this possible to stick this post to let people work on it without scrolling in forum history ?

Edited by quentin.lamamy
Link to comment
Share on other sites
Dave-ee Jones Newbie

Dave-ee Jones

Posted
Posted

Sounds interesting, but the new BB Updater solves the problem of downloading payloads and updates. And there are a few payloads that can help you manage or swap out your payloads while your payload is running (e.g. my WabbitWeb or BBTPS, there are a few others but can't remember them off the top of my head).

Browsing payloads/tools from Github and downloading specific ones could be useful but I don't see how downloading the whole repo is a bad idea, as it's small anyway.

However it sounds interesting and could be nice to use. Though it sounds like we're going to need JavaScript to use it..does that mean it's based on a webserver?

Link to comment
Share on other sites
quentin_lamamy Apprentice

quentin_lamamy

Posted
  • Author
Posted
5 minutes ago, Dave-ee Jones said:

Sounds interesting, but the new BB Updater solves the problem of downloading payloads and updates.

I don't know what is bb updater, sorry for the duplicate idea :/

6 minutes ago, Dave-ee Jones said:

Browsing payloads/tools from Github and downloading specific ones could be useful but I don't see how downloading the whole repo is a bad idea, as it's small anyway.

Nop there is two choice, a third party api i host on my server to get info about the git or just parse the github

11 minutes ago, Dave-ee Jones said:

However it sounds interesting and could be nice to use. Though it sounds like we're going to need JavaScript to use it..does that mean it's based on a webserver?

It's a node js app, so just need a node js. It can be use as a classic payload that run the tool, or in the bashbunny filesystem with a custom command binded to the tool. Like setup or something like that.

Link to comment
Share on other sites
Dave-ee Jones Newbie

Dave-ee Jones

Posted
Posted (edited)
46 minutes ago, Sebkinne said:

It's one of the things on my to-do list too. A nice webinterface to manage and configure payloads.

:O Has NO ONE seen WabbitWeb...

2 hours ago, quentin.lamamy said:

I don't know what is bb updater, sorry for the duplicate idea :/

This is Sebkinne's Updater:

 

Edited by Dave-ee Jones
  • Like 1
Link to comment
Share on other sites
Sebkinne Grand Master

Sebkinne

Posted
Posted
32 minutes ago, quentin.lamamy said:

maybe i can help you on this point, i'm a full stack web dev. You already know what you want ? Which techno  etc ?

Thanks, that's appreciated! I'll post more information once I get some time for the Bunny again.

 

3 minutes ago, Dave-ee Jones said:

Has NO ONE seen WabbitWeb...

I have seen it, but what we have planned will translate to other products as well in the future. Saying that, one does not negate the other.

  • Like 1
Link to comment
Share on other sites
  • 4 weeks later...
quentin_lamamy Apprentice

quentin_lamamy

Posted
  • Author
Posted (edited)

@Sebkinne I continue my work and make a test making a packaged node js app installed on the user computer. Because i like terminal based ui i make this :

 

  • 1) the doc, the changelog, the status of the software (up to date or not) , the author  and contrinbutor. (look at the attached file)
  • 2) allow you to paire your bb with the software (manage payload and extension profiles  and maybe more)
  • 3) manage payload, browse repository, display payload description ,install , uninstal, check update  and maybe more.
  • 4) the same for the extension
  • 5) Help, maybe faq

Any other idea ?

 

 

bash Bunny Manager.tiff

Edited by quentin.lamamy
  • Like 1
Link to comment
Share on other sites
PoSHMagiC0de Rookie

PoSHMagiC0de

Posted
Posted

I think a web manager is on everyone list haha.  It is on my list eventually for bbtps.  I think Davee is the only one to beat us to the punch with some kind of web manager.  Bbtps is nodejs (with express, soon to remove express for vanilla http module), the server that runs on the bunny is.  I use powershell as the agent and payload preference.

 

Link to comment
Share on other sites
Dave-ee Jones Newbie

Dave-ee Jones

Posted
Posted
On 9/16/2017 at 6:44 AM, PoSHMagiC0de said:

I think a web manager is on everyone list haha.  It is on my list eventually for bbtps.  I think Davee is the only one to beat us to the punch with some kind of web manager.  Bbtps is nodejs (with express, soon to remove express for vanilla http module), the server that runs on the bunny is.  I use powershell as the agent and payload preference.

 

Actually I think even I was beaten to the punch. It was a while ago (as was WabbitWeb), but BrowserBunny was a thing.

Link to comment
Share on other sites
  • 5 years later...
quentin_lamamy Apprentice

quentin_lamamy

Posted
  • Author
Posted (edited)

It's a still a need ? Can work on it.

My idea is : 

  • A node js local agent or a local app (as you want)
  • Add on the website install button that post to an url like bashbunny://payload/install , this king of button could be added to payload studio

 

Edited by quentin_lamamy
Link to comment
Share on other sites
  • Solution
dark_pyrro Grand Master

dark_pyrro

Posted
  • Solution
Posted (edited)

There might be inhouse plans since the new Mk2 Packet Squirrel comes with a web UI in the same design (more or less) as the WiFi Pineapple. Not sure if it will reach the Bunny though. The idea is good, but there's one "obstacle"; the Bunny doesn't naturally do networking. Arming mode is serial and storage and you have to craft a payload to get networking up and running and that also depends on the target OS (RNDIS or ECM). Most beginners are probably using Windows, so RNDIS would perhaps be the most common. Mac is however also a "beginner option" and that requires ECM (AUTO_ETHERNET can be used though). My guess is that if this is going to be the beginner friendly option there needs to be some changes to how the Bunny operates out of the box to make it really smooth. Networking support is key to get this working. Perhaps a new fw release with new option(s) to the config file where you can set "WEB_UI ENABLED" (or such). Another thing to consider developing some kind of support for is to get the Bunny online via ICS in the simplest way possible (and without making the "proxy machine" being internet-less in the process which happens in a lot of the cases).

Edited by dark_pyrro
Link to comment
Share on other sites
quentin_lamamy Apprentice

quentin_lamamy

Posted
  • Author
Posted (edited)
2 hours ago, dark_pyrro said:

There might be inhouse plans since the new Mk2 Packet Squirrel comes with a web UI in the same design (more or less) as the WiFi Pineapple. Not sure if it will reach the Bunny though

Need a staff info, don't know who know the roadmap
 

2 hours ago, dark_pyrro said:

The idea is good, but there's one "obstacle"; the Bunny doesn't naturally do networking

More simple, just use arming mode and use the OS mount point to transfer file for ex on osx /Vollumes/Bashbunny

Edited by quentin_lamamy
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...