Issues with 1.3

[couchTornado]

I purchased the BB and I think that it came with 1.2 on it. (something older than 1.3)

I posted about issues with NMAP related to it requiring sudo in order to do OS fingerprinting. It ran, created the loot subdirectory, created the file and wrote the opening NMAP stanza to it.

I upgraded to 1.3 and decided I would play with other OSX payloads. None of them would work. As I was thinking about writing this post it occurred to me that none of the scripts were even getting to the point of creating their respective loot subdirectories, but that the NMAP script was at least able to do that. I loaded the NMAP script up again, and, sure enough, no loot subdir.

I also tried to log into the BB over serial so I could tail the log and see what was failing. When I tried to do that there weren't any appropriate /dev/tty files, and when I ran sudo dmesg | grep tty I got nothing.

It also occurred to me that having a logging facility for payload development would be great. I'll probably just create a log file and write to it from the scripts, but it would be great to see any script related issues too.

I thought that I would just downgrade to 1.2 and when I started looking around for images and instructions similar to using DD to write the OS for RaspberryPi to the SMS but instead came across the thread about bricking the BB.

Then I thought WTF?... and saw that there was a thread with the same Title... and after reading it realized that they symptoms I'm experiencing are the same. When I try to use any of the payloads in switch1 or switch2 positions I get a solid green then dark then a slowly blinking blue LED.

There is either something wrong with 1.3 and Mac, or I messed up the upgrade somehow leaving me in a partially functional state.

Does anyone have any suggestions about how to restore the BB to a previous firmware version? I'll probably use the method described in the wiki, but it doesn't say what version it returns it to so I didn't want to go back so far that it required multiple upgrades to get to 1.2.

As soon as I get an earlier version of the firmware installed I'll report back as to whether I have more success with Mac payloads with 1.2.

I'm running MacOS 10.12.6

 

 

[couchTornado]

Just used the Firmware restore method in the wiki and am now at 1.0_167. I just tried both serial connection and the nmap payload. The serial connection works now! No luck on the nmap payload writing to the loot directory.

[Opticon]

Great work @couchTornado! I hope you received my message. Also, @WiFiJuice posted a great keyboard map for the Swedish layout, and like so many others confirmed that the one being downloaded is incorrect and or corrupt. Good luck with this firmware issue- I refuse to go to 1.3 because it renders all Mac payloads useless.

[couchTornado]

When in arming mode, and connect via serial console I can see that the mass storage part of the BB is not being mounted in Debian at /root/udisk so it is not possible to write back to that part of BB with things such as loot. It was looking for the right place to put in something like mount  /dev/nandf /root/udisk in one of the /etc/init.d files. Anyone know where this functionality is supposed to live?

[Dave-ee Jones]

On 9/11/2017 at 1:59 AM, couchTornado said:

When in arming mode, and connect via serial console I can see that the mass storage part of the BB is not being mounted in Debian at /root/udisk so it is not possible to write back to that part of BB with things such as loot. It was looking for the right place to put in something like mount  /dev/nandf /root/udisk in one of the /etc/init.d files. Anyone know where this functionality is supposed to live?

Literally just posted in another thread about this issue. See here.

Might be best to have a look around for answers rather than asking the same question about 10 others have :P

[couchTornado]

Point taken. I could swear I read the man page for udisk.