1N3 Posted October 2, 2017 Share Posted October 2, 2017 (edited) Testing the BashBunny for use on a physical pentest/red team engagement but noticing a huge problem with using this device for a real world assessment. Mainly, on a Windows 7 x64 desktop, the initial driver install process took over 2 minutes to install. After initial drivers are installed, my payload initializes and finishes within 10 seconds which is great if only I didn't have to install the drivers first... What makes this issue even worse is that the BashBunny doesn't wait until the drivers have been installed before executing the payload which means you need to unplug/re-plug the device in after waiting 2 minutes to execute the payload. Ideally, it would be nice to build some code into the BashBunny to automatically detect when the drivers are installed and then run the payload. Has anyone had any issues with this and is there any way to improve the speed here? 2 minutes is wayyy to long to wait around at an unlocked workstation. I would be better off typing out the payload by hand if it meant only taking 20-30 seconds max. Edited October 2, 2017 by 1N3 Quote Link to comment Share on other sites More sharing options...
JediMasterX Posted October 2, 2017 Share Posted October 2, 2017 maybe with the VID and CID combo to look for some Manufaturer who is inbuild into win7 for quicker results? JMX 1 Quote Link to comment Share on other sites More sharing options...
DavesNotHere Posted October 3, 2017 Share Posted October 3, 2017 JediMaster beat me to it. While my scancode problem went away on my Linux box by fixing the "Lang=us" declaration, I still have problems on the Surface Book so I decided to try VID CID. I haven't yet tried it on the Surface, but on my Linux box it looks like this: --------------------------------------- # System default payload ATTACKMODE HID VID_0X045e PID_0X005c SN_12345678 MAN_Microsoft LED R Q DELAY 3000 Q STRING echo running Q DELAY 300 Q ENTER Q DELAY 300 Q STRING lsusb Q ENTER Q DELAY 300 LED G Q DELAY 3000 shutdown 0 .......... lsusbBus 002 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 001 Device 005: ID 2109:0810 VIA Labs, Inc. VL81x HubBus 001 Device 012: ID 045e:005c Microsoft Corp. Office Keyboard (106/109)Bus 001 Device 004: ID 2109:0810 VIA Labs, Inc. VL81x Hub Bus 001 Device 007: ID 093a:2510 Pixart Imaging, Inc. Optical Mouse Bus 001 Device 006: ID 413c:2011 Dell Computer Corp. Multimedia Pro Keyboard Bus 001 Device 003: ID 413c:1005 Dell Computer Corp. Multimedia Pro Keyboard Hub Bus 001 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 004 Device 003: ID 2109:0810 VIA Labs, Inc. VL81x Hub Bus 004 Device 002: ID 2109:0810 VIA Labs, Inc. VL81x Hub Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Quote Link to comment Share on other sites More sharing options...
1N3 Posted October 4, 2017 Author Share Posted October 4, 2017 Thanks for the info! Using the drivers mentioned above, I was able to decrease the time to execute to ~20 seconds! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.