In Need Of Assistance

[Saturn]

Good day, fellow security enthusiasts!

I seem to have found myself in a bit of a pickle...

I just updated to the most recent version (1.3), and I noticed that my bunny had renamed itself. Odd...

I nervously double clicked on the drive and was greeted by this assortment of characters.

So, my steps.

1.) I downloaded the most recent firmware from the wiki.

2.) I placed it in the root directory of the bunny, blah blah, police lights, blue light, successful install! Or so I thought.

3.) After I saw the above result, I downloaded the bunnyupdater. When I attempted to run it, it said that it couldn't find the bunny version and exited. (the astute among you may notice that there is no version.txt. I assume that this caused the error.)

4.) I performed a recovery using the exact instructions from the wiki. To my horror, I was greeted by this same sight.

I have now stopped messing with it and come running to my peers. Hopefully this community of hackers, gurus and IT ninjas can get me up and running again.

[Sebkinne]

Upgrade to firmware 1.3, serial in, and execute "udisk reformat". That'll fix your issue. 

[Saturn]

Thank you for taking time out of your day to respond to me. It means a lot.

I have had a few more exciting developments since your response. Unfortunately, I have to go to work, so I will have to continue this when I return.

To those that are lurking: this is going to be a  fun one (if you enjoy problem solving as much as I do). Feel free to chip in once I post the most recent developments.

[Saturn]

Welcome back to the thread, all!

Picking up where we left off:

Following the standard installation instructions yields no results. The bunny still boots into arming mode just fine (considering), but never attempts to update. Possibly due to the junk files in the root directory, or maybe due to the gremlins that caused this to happen in the first place. And yes, I would love to just delete these files, but:

 The files and directories on the drive cannot be deleted.

So for the time being, I'm stuck in 1.0_167

**It was at this time that right clicking the device to safely eject started crashing explorer.exe**

Stumped, I opened up putty to see if I could serial in, and I could!

18 hours ago, Sebkinne said:

Upgrade to firmware 1.3, serial in, and execute "udisk reformat". That'll fix your issue. 

 

So I guess I have two questions:

1.) Do I need to apt-get install udisks? I've tried to set up ICS on my Windows box to no avail (RNDIS_ETHERNET payload doesn't run), so I may have to switch over to my ubuntu box and see if I can work some magic there.

2.) Would formatting the storage part of the bunny brick it? Could I try to wipe it clean and attempt an update with only the firmware in the root directory? *Just curious*

 

Thanks for taking the time to read my quibbles,

-Saturn

 

[Dave-ee Jones]

"udisk reformat" was introduced in the later firmwares so your Bunny won't support it. I can't remember 1.0's way of resetting the partition, I'll look around, see if I can find it.

EDIT: Try "reformat udisk". If that doesn't work, do what Sebkinne said here:

On 5/19/2017 at 8:14 AM, Sebkinne said:

Here is the udisk script:

#!/bin/bash

function print_usage() {
	echo "udisk [ mount | unmount | remount | reformat ]"
}

function get_confirmation() {
	read -r -p "[?] Are you sure you want to reformat udisk? All files will be removed [y/N] " confirm
	case "$confirm" in
	    [yY][eE][sS]|[yY])
	        return 0
	        ;;
	    *)
	        return 1
	        ;;
	esac
}

function mount_udisk() {
	mount -o sync /dev/nandf /root/udisk &> /dev/null
	return $?
}

function unmount_udisk() {
	[[ $(mount | grep /dev/nandf) == "" ]] || {
		sync
		umount /dev/nandf &> /dev/null
		return $?
	}
	return 0
}

function reformat_udisk() {
	dd if=/dev/zero of=/dev/nandf  bs=512  count=1 &> /dev/null
	mkfs.vfat -n "BashBunny" /dev/nandf &> /dev/null
}

function copy_files() {
	mkdir -p /root/udisk/loot
	mkdir -p /root/udisk/tools
	cp /root/version.txt  /root/udisk
	cp -rf /usr/local/bunny/udisk/* /root/udisk/ &> /dev/null
}

function do_format() {
	unmount_udisk && {
		reformat_udisk
		mount_udisk && copy_files
		echo "[*] Udisk formatted successfully. The system will now reboot."
	} || {
		echo "[!] Error: Udisk is busy"
	}
}

case $1 in
	"mount")
		mount_udisk && echo "[*] Udisk mounted to /root/udisk" || echo "[!] Error: Udisk could not be mounted"
		;;
	"unmount" | "umount")
		unmount_udisk && echo "[*] Udisk unmounted" || echo "[!] Error: Udisk is busy, could not unmount"
		;;
	"remount")
		unmount_udisk && (mount_udisk && echo "[*] Udisk re-mounted to /root/udisk") || {
			echo "[!] Error: Udisk is busy, could not unmount"
		}
		;;
	"reformat")
		get_confirmation && do_format && reboot
		;;
	*)
		print_usage
		;;
esac

 

You should be able to save that to a file and execute it on the Bash Bunny to restore the udisk partition.

Edited September 4, 2017 by Dave-ee Jones

[Saturn]

Thank you so very much for your response, Dav-ee! Running the script that you linked worked like a charm! You just saved me $100 US.

Let me explain the steps to take from here for the sake of completion. Hopefully this thread will help at least one other person.

1.) Serial into your bash bunny. Instructions for this can be found on the wiki. 

2.) Execute "nano sebscript.sh" (or whatever name you would like.)

3.) Paste the code that Dav-ee linked into the file you have just created, and save the file.

4.) Execute "chmod a+x sebscript.sh"

5.) Execute "./sebscript.sh reformat"

6.) sebscript.sh will then ask if you are sure that you want to reformat. If you do, execute "y"

7.)  Your bunny will then reboot, and you should be good to go!

Pics or it didn't happen:

 

Thanks again to seb and dav-ee. I owe you guys a beer.

 

[Dave-ee Jones]

Haha, glad to hear (or see) that it worked out for you! Enjoy your newly-reformed Bash Bunny

[Sebkinne]

Glad this worked for you. Just make sure to upgrade to 1.3 again, and always make sure to safely eject the BB.