Jump to content

Annnnnddd... It's Dead..


InfoSecREDD

Recommended Posts

I copied "PasswordGrabber" to switch1, ejected the BashBunny, plugged it back in...

And now the LED turns Green for 2 seconds.. then goes right back into recovery mode. 

Have tried for hours to see if it recovers.

 

Ar1k88

 

Link to comment
Share on other sites

Lesson for new BashBunny owners, if you have any data stored on the BashBunny itself. Do Backups!

 

Hopefully support will help replace this.

Link to comment
Share on other sites

2 minutes ago, Dave-ee Jones said:

I don't know why there are so many people with this weird error. I've never had it..Maybe those payloads you be using are trying to do things that break the Bunny..

Yeah I don't know what caused it. I did nothing out of the ordinary. Also am running 1.3 with Responder and Impacket. If that helps anyone.

Link to comment
Share on other sites

16 minutes ago, Ar1k88 said:

UPDATE: If left plugged in, it gets super hot. Like almost too hot to hold.

Ah yes, heard that one before. I think I wrote a tutorial on that not too long ago..I'll find it.

EDIT: Yeah, I did write one but the people who had that issue could still access the serial/ssh. :(

There's also this guy who had the same issue:

 

Edited by Dave-ee Jones
  • Like 1
Link to comment
Share on other sites

Yeah I think it's bricked unless there's another way to flash the initial OS on to the BashBunny via opening it up. BUT I would rather have @support  replace it.

Link to comment
Share on other sites

30 minutes ago, Ar1k88 said:

Yeah I think it's bricked unless there's another way to flash the initial OS on to the BashBunny via opening it up. BUT I would rather have @support  replace it.

Yeah, would be nice if we could flash the initial OS with an OS file they supplied, but then what's to stop people making third-party Bunnies and flashing the OS on those. I guess it would be like the Pineapple; "It's our install files - ONLY to be installed on the Pineapple".

Link to comment
Share on other sites

10 minutes ago, Dave-ee Jones said:

Yeah, would be nice if we could flash the initial OS with an OS file they supplied, but then what's to stop people making third-party Bunnies and flashing the OS on those. I guess it would be like the Pineapple; "It's our install files - ONLY to be installed on the Pineapple".

Yeah, also stops people like me from finding out where the bug actually is.. Cause can't replicate the bug without waiting for replacement BashBunny's.. and I'm pretty sure Hak5 won't just keep letting me bricking Bunnies.. lol. ?

Edited by Ar1k88
Link to comment
Share on other sites

Just now, quentin.lamamy said:

It's very strange the multiple bb crashing since 2 month, maybe a specific payload make it crash...

@Ar1k88 which payload was load on your BB when it crash ?

I used "PasswordGrabber" to Switch1. Thats why It made no sense, I use that all the time to demo the BashBunny..

Link to comment
Share on other sites

24 minutes ago, Ar1k88 said:

I used "PasswordGrabber" to Switch1. Thats why It made no sense, I use that all the time to demo the BashBunny..

I think it was the same payload that got a few others as well. I'll look into that payload, see if there's anything odd in the code that could cause the Bunny to break it's own boot partition..

So the only thing in that payload I could find that MAY break the Bunny is the 'RUN WIN' line, which makes use of the 'run.sh' extension, but I can't see how that would break it, really. It's the only thing I could see there that might.

Edited by Dave-ee Jones
Link to comment
Share on other sites

13 hours ago, Dave-ee Jones said:

Yeah, would be nice if we could flash the initial OS with an OS file they supplied, but then what's to stop people making third-party Bunnies and flashing the OS on those. I guess it would be like the Pineapple; "It's our install files - ONLY to be installed on the Pineapple".

And yet it's been ported to devices with similar hardware. 

Link to comment
Share on other sites

5 hours ago, UnLo said:

And yet it's been ported to devices with similar hardware. 

That's what I was getting at. It's their responsibility if they do install it on other hardware, and they can be convicted for that if caught. Hak5 said that we aren't allowed to, therefore people shouldn't do it, but they do.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...