Jump to content

Modding Bash Bunny Possible?


Recommended Posts

Now you mentioned BLE. I'm doing some tests against my "Smart bulb". The setup:


P4wnP1 connected to external SSH server using local WiFi and AutoSSH. Shell access to P4wnP1 from a place several kilometres away through same Internet facing SSH server. From remote connection P4wnP1's Bluetooth module is used to write characterostics to the bulb (which is nearby to P4wnP1) and read back results.


So I'm fuzzing a BLE bulb over Internet with P4wnP1 running on a device which is cheaper than the bulb.


Unfortunately I'm still not sure where to place my BashBunny in this setup :-(

Link to comment
Share on other sites

  • 1 month later...

I like the idea of BLE (with HC-05 or HC-06 module)  or a Webpage access type setup (with the ESP8266 12E). Almost like its the natural next step or evolution (being we are going the route of IoT of everything and we have cellphones and smart watches).. 
Makes it so you are able to be more flexible on a pentest or when just testing your own stuff.  For those times when sh*t happens, lol..
Or just plain ole flexibility.  You could pick through your ready made scripts or make one on the fly to better suit your needs at any given moment..

Imagine being on a pentest or want to mess with a friend and you get them to plug this in and you seem to be playing on your watch, but you have a Tizen App to push the scripts from your Gear S3 smart watch..lol

Link to comment
Share on other sites

  • 2 weeks later...

It might be fun but here is the problem - it would look weird and it might not fit innocuously into your pocket.  One could build (and people have) devices similar in purpose to Hak5 products starting with such things as arduinos, raspberry pi's and other things of that ilk.  One would have to create some software or pull something out of open source to do it.  Of course if you modded a Hak5 product, you would also have to improve or add to the Hak5 software to get the mod to be useful.  

So we have the look weird problem either way.   I have thought of burying devices within entertaining consumer products such as laser light shows, mechanical toys, flower pot moisture monitors etc.  The mod would be to give these entertaining things Ethernet or wireless functions.  Their entertainment value would be increased because people could make the mechanical toy do something from their computer or find out how the company plants were doing for water.   Their hack value is whatever you wished to stick in the thing.  The Pen-test lesson is to beware of tech entertainment in a business environment or ... trust your fellow employees but at least to think it through.

Link to comment
Share on other sites

  • 1 year later...
On 10/3/2017 at 1:22 AM, Darren Kitchen said:

Would void your warranty, but there are plenty of pins across the right side of the board including a USB host.

Sorry to bring up an old thread, but could you please describe the pinout for the USB host on the board? I know it will void my warranty but I REALLY want to add WiFi to the Bash Bunny.



Link to comment
Share on other sites

  • 4 weeks later...

Check here to find more info about the SoC on the BashBunny aka CherryPi v1.0.6 (Allwinner H3 SoC).
You can find datasheets about the SoC and all available pins (doesn't mean all pins are connected on the BashBunny PCB though).

In my picture I already clarified some pins (I haven't tested any of the pins!).



Please feel free to add and/or correct any pinout info. And as @Darren Kitchen already said, modifications will void your warranty!

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...