InfoSecREDD Posted September 19, 2017 Share Posted September 19, 2017 I copied "PasswordGrabber" to switch1, ejected the BashBunny, plugged it back in... And now the LED turns Green for 2 seconds.. then goes right back into recovery mode. Have tried for hours to see if it recovers. Ar1k88 Quote Link to comment Share on other sites More sharing options...
InfoSecREDD Posted September 19, 2017 Author Share Posted September 19, 2017 Lesson for new BashBunny owners, if you have any data stored on the BashBunny itself. Do Backups! Hopefully support will help replace this. Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted September 19, 2017 Share Posted September 19, 2017 I don't know why there are so many people with this weird error. I've never had it..Maybe those payloads you be using are trying to do things that break the Bunny.. Quote Link to comment Share on other sites More sharing options...
InfoSecREDD Posted September 19, 2017 Author Share Posted September 19, 2017 2 minutes ago, Dave-ee Jones said: I don't know why there are so many people with this weird error. I've never had it..Maybe those payloads you be using are trying to do things that break the Bunny.. Yeah I don't know what caused it. I did nothing out of the ordinary. Also am running 1.3 with Responder and Impacket. If that helps anyone. Quote Link to comment Share on other sites More sharing options...
InfoSecREDD Posted September 19, 2017 Author Share Posted September 19, 2017 UPDATE: If left plugged in, it gets super hot. Like almost too hot to hold. Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted September 19, 2017 Share Posted September 19, 2017 (edited) 16 minutes ago, Ar1k88 said: UPDATE: If left plugged in, it gets super hot. Like almost too hot to hold. Ah yes, heard that one before. I think I wrote a tutorial on that not too long ago..I'll find it. EDIT: Yeah, I did write one but the people who had that issue could still access the serial/ssh. :( There's also this guy who had the same issue: Edited September 19, 2017 by Dave-ee Jones 1 Quote Link to comment Share on other sites More sharing options...
InfoSecREDD Posted September 19, 2017 Author Share Posted September 19, 2017 Yeah I think it's bricked unless there's another way to flash the initial OS on to the BashBunny via opening it up. BUT I would rather have @support replace it. Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted September 19, 2017 Share Posted September 19, 2017 30 minutes ago, Ar1k88 said: Yeah I think it's bricked unless there's another way to flash the initial OS on to the BashBunny via opening it up. BUT I would rather have @support replace it. Yeah, would be nice if we could flash the initial OS with an OS file they supplied, but then what's to stop people making third-party Bunnies and flashing the OS on those. I guess it would be like the Pineapple; "It's our install files - ONLY to be installed on the Pineapple". Quote Link to comment Share on other sites More sharing options...
InfoSecREDD Posted September 19, 2017 Author Share Posted September 19, 2017 (edited) 10 minutes ago, Dave-ee Jones said: Yeah, would be nice if we could flash the initial OS with an OS file they supplied, but then what's to stop people making third-party Bunnies and flashing the OS on those. I guess it would be like the Pineapple; "It's our install files - ONLY to be installed on the Pineapple". Yeah, also stops people like me from finding out where the bug actually is.. Cause can't replicate the bug without waiting for replacement BashBunny's.. and I'm pretty sure Hak5 won't just keep letting me bricking Bunnies.. lol. ? Edited September 19, 2017 by Ar1k88 Quote Link to comment Share on other sites More sharing options...
InfoSecREDD Posted September 19, 2017 Author Share Posted September 19, 2017 I'm just hoping they will replace it. Otherwise I got a novelty "Old School Looking" USB. Quote Link to comment Share on other sites More sharing options...
quentin_lamamy Posted September 19, 2017 Share Posted September 19, 2017 It's very strange the multiple bb crashing since 2 month, maybe a specific payload make it crash... @Ar1k88 which payload was load on your BB when it crash ? Quote Link to comment Share on other sites More sharing options...
InfoSecREDD Posted September 19, 2017 Author Share Posted September 19, 2017 Just now, quentin.lamamy said: It's very strange the multiple bb crashing since 2 month, maybe a specific payload make it crash... @Ar1k88 which payload was load on your BB when it crash ? I used "PasswordGrabber" to Switch1. Thats why It made no sense, I use that all the time to demo the BashBunny.. Quote Link to comment Share on other sites More sharing options...
quentin_lamamy Posted September 19, 2017 Share Posted September 19, 2017 Ok, i will keep this in mind and try to know which payload was running for other bricked bb by user Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted September 19, 2017 Share Posted September 19, 2017 (edited) 24 minutes ago, Ar1k88 said: I used "PasswordGrabber" to Switch1. Thats why It made no sense, I use that all the time to demo the BashBunny.. I think it was the same payload that got a few others as well. I'll look into that payload, see if there's anything odd in the code that could cause the Bunny to break it's own boot partition.. So the only thing in that payload I could find that MAY break the Bunny is the 'RUN WIN' line, which makes use of the 'run.sh' extension, but I can't see how that would break it, really. It's the only thing I could see there that might. Edited September 19, 2017 by Dave-ee Jones Quote Link to comment Share on other sites More sharing options...
RazerBlade Posted September 19, 2017 Share Posted September 19, 2017 The password grabber is Darrens USB EXFiltrator but a .exe runs instead of copying files. Nothing strange with the code Quote Link to comment Share on other sites More sharing options...
UnLo Posted September 19, 2017 Share Posted September 19, 2017 13 hours ago, Dave-ee Jones said: Yeah, would be nice if we could flash the initial OS with an OS file they supplied, but then what's to stop people making third-party Bunnies and flashing the OS on those. I guess it would be like the Pineapple; "It's our install files - ONLY to be installed on the Pineapple". And yet it's been ported to devices with similar hardware. Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted September 19, 2017 Share Posted September 19, 2017 5 hours ago, UnLo said: And yet it's been ported to devices with similar hardware. That's what I was getting at. It's their responsibility if they do install it on other hardware, and they can be convicted for that if caught. Hak5 said that we aren't allowed to, therefore people shouldn't do it, but they do. Quote Link to comment Share on other sites More sharing options...
InfoSecREDD Posted September 19, 2017 Author Share Posted September 19, 2017 Yeah still no answer back from Support. :( Quote Link to comment Share on other sites More sharing options...
quentin_lamamy Posted September 20, 2017 Share Posted September 20, 2017 52 minutes ago, Ar1k88 said: Yeah still no answer back from Support. :( Be patient, and don't worries they will answer Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.