Sebkinne Posted December 7, 2017 Share Posted December 7, 2017 Hey everyone, I just wanted to post a quick update to let you know that we have launched firmware version 1.5 for the Bash Bunny. This firmware comes packaged with exciting new features such as a new ATTACKMODE called AUTO_ETHERNET, and a way to send ALT codes using the QUACK command. Find all the fixes and features in the changelog and bounce on by to BashBunny.com/downloads for your devious device download (\_/). Link to comment Share on other sites More sharing options...
qdba Posted December 7, 2017 Share Posted December 7, 2017 installed.... Worked... Link to comment Share on other sites More sharing options...
Struthian Posted December 7, 2017 Share Posted December 7, 2017 Installed... worked. What would be great is an alternate partition for ATTACKMODE STORAGE. If this partition were write only, with some fake files, it would hide exfiltration from the target user. Link to comment Share on other sites More sharing options...
Struthian Posted December 7, 2017 Share Posted December 7, 2017 For AUTO_ETHERNET, it would be great if there was a result or environmental variable which told us which type it selected. That would be a hint on which operating system. Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted December 7, 2017 Share Posted December 7, 2017 8 hours ago, Struthian said: For AUTO_ETHERNET, it would be great if there was a result or environmental variable which told us which type it selected. That would be a hint on which operating system. Uhm..What? Are you throwing the BB across the room hoping it will land in some random USB port, not knowing what the OS is? Since the BB only really works when a computer is logged in, you'll know which OS it is before you even put the BB in it. AUTO_ETHERNET is just so you're payload can work with other OS' rather than just 2 (or in the case of Windows, 1), saving the annoyance of having 2 payload switches for the 1 payload for 2 different OS'. Link to comment Share on other sites More sharing options...
DeepDavid Posted December 8, 2017 Share Posted December 8, 2017 I upgraded to 1.5 but had not loaded any tools before then. When I drop any .deb files in the tools folder, then reinsert in arming mode, the tool boots up in arming mode but doesn't load the tool. Has this function changed???? Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted December 8, 2017 Share Posted December 8, 2017 2 minutes ago, DeepDavid said: I upgraded to 1.5 but had not loaded any tools before then. When I drop any .deb files in the tools folder, then reinsert in arming mode, the tool boots up in arming mode but doesn't load the tool. Has this function changed???? Strange. Are the tools still in the /tools folder or have the disappeared? If they're still there it probably didn't work - if not it probably worked. What version were you on previously? Link to comment Share on other sites More sharing options...
DeepDavid Posted December 8, 2017 Share Posted December 8, 2017 The tools are still there, after reboot. I tried Impacket Responder Gohttp all with no loading activity. I was on 1.4 but I never loaded any tools before now. I have do the recovery with no change in the operation. Link to comment Share on other sites More sharing options...
Struthian Posted December 8, 2017 Share Posted December 8, 2017 4 hours ago, Dave-ee Jones said: Uhm..What? Are you throwing the BB across the room hoping it will land in some random USB port, not knowing what the OS is? Since the BB only really works when a computer is logged in, you'll know which OS it is before you even put the BB in it. AUTO_ETHERNET is just so you're payload can work with other OS' rather than just 2 (or in the case of Windows, 1), saving the annoyance of having 2 payload switches for the 1 payload for 2 different OS'. No, not doing that. I am doing something far more interesting. A payload that does the same thing in different OS environments is quite desirable and would be easy with the features I requested. Actually in dedicated or kiosk set ups, you don't know what the OS beneath is all the time. I also can't imagine they would be hard to add. Link to comment Share on other sites More sharing options...
Darren Kitchen Posted December 11, 2017 Share Posted December 11, 2017 On 12/7/2017 at 2:24 PM, Dave-ee Jones said: Uhm..What? Are you throwing the BB across the room hoping it will land in some random USB port, not knowing what the OS is? Since the BB only really works when a computer is logged in, you'll know which OS it is before you even put the BB in it. AUTO_ETHERNET is just so you're payload can work with other OS' rather than just 2 (or in the case of Windows, 1), saving the annoyance of having 2 payload switches for the 1 payload for 2 different OS'. Correction: BB does work when a computer is logged off and/or locked, just some attack modes are more useful than others in those states. I agree it would be nice to know what Ethernet type was selected. We'll see about exposing that somehow. This is my quick and dirty OS detection payload scaffolding. LED SETUP ATTACKMODE AUTO_ETHERNET LED ATTACK GET TARGET_OS case "$TARGET_OS" in WINDOWS) # Windows payload goes here LED R ;; MACOS) # Mac OS payload goes here LED G ;; LINUX) # Linux payload goes here LED B ;; esac Link to comment Share on other sites More sharing options...
Struthian Posted December 11, 2017 Share Posted December 11, 2017 In your scaffolding, AUTO_ETHERNET could be only for OS determination. After GET TARGET_OS - one could execute another ATTACKMODE to be used in common with all OS's. Geoff Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted December 14, 2017 Share Posted December 14, 2017 On 12/12/2017 at 4:35 AM, Darren Kitchen said: Correction: BB does work when a computer is logged off and/or locked, just some attack modes are more useful than others in those states. I agree it would be nice to know what Ethernet type was selected. We'll see about exposing that somehow. This is my quick and dirty OS detection payload scaffolding. -snip- I apologise - I wasn't being clear. I meant it is most effective on unlocked machines. There's a limited amount of things you can do with a locked machine. Link to comment Share on other sites More sharing options...
DeepDavid Posted December 18, 2017 Share Posted December 18, 2017 Did anyone else have tool loading problem with this update? Link to comment Share on other sites More sharing options...
arash53@gmail.com Posted January 19, 2018 Share Posted January 19, 2018 On 12/11/2017 at 9:35 AM, Darren Kitchen said: Correction: BB does work when a computer is logged off and/or locked, just some attack modes are more useful than others in those states. I agree it would be nice to know what Ethernet type was selected. We'll see about exposing that somehow. This is my quick and dirty OS detection payload scaffolding. LED SETUP ATTACKMODE AUTO_ETHERNET LED ATTACK GET TARGET_OS case "$TARGET_OS" in WINDOWS) # Windows payload goes here LED R ;; MACOS) # Mac OS payload goes here LED G ;; LINUX) # Linux payload goes here LED B ;; esac not sure what I'm doing wrong , used the code with lates firmware , it dose not detect OS , tried on windows 10,7 and MAC OS. Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted January 23, 2018 Share Posted January 23, 2018 9 hours ago, C1PH3R said: After last update commands like RUN WIN Powershell do not work anymore! Ducky language does work kinda things like: Q GUI r Q STRING notepad Q ENTER do work. But other things do not. ROLLBACK NEEDED! (or bugfix!) Just out of curiosity, what language is the PS typing in, do you know? It should be 'us' by default. Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted January 24, 2018 Share Posted January 24, 2018 14 hours ago, C1PH3R said: Yes it is US, and the language on my computer is also US, I've not changed anything since last update but now my payloads won't work. Please explain exactly what doesn't work and any symptoms, as I can't help you when you just say "it's not working", unfortunately. Link to comment Share on other sites More sharing options...
C1PH3R Posted January 25, 2018 Share Posted January 25, 2018 20 hours ago, Dave-ee Jones said: Please explain exactly what doesn't work and any symptoms, as I can't help you when you just say "it's not working", unfortunately. It is fixed, the problem was that the bunnyupdater did not actually updated, but after a manual update it worked, so no problem here anymore Link to comment Share on other sites More sharing options...
Cau5tic Posted January 28, 2018 Share Posted January 28, 2018 Just did another factory revert (3 quick pullouts) ran the updater a few times, everything is showing updated to 1.5_298 now but with the new firmware I'm not seeing tools being installed from the tools directory when booting in arming mode. A few have mention the same issue, has anyone probed into it more or are you just installing them manually now? Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted January 29, 2018 Share Posted January 29, 2018 On 1/28/2018 at 12:13 PM, Cau5tic said: Just did another factory revert (3 quick pullouts) ran the updater a few times, everything is showing updated to 1.5_298 now but with the new firmware I'm not seeing tools being installed from the tools directory when booting in arming mode. A few have mention the same issue, has anyone probed into it more or are you just installing them manually now? You won't notice the tools have installed unless you SSH/Serial into the Bunny and look in the root "tools" folder. The tools folder in the root USB directory is emptied every restart, but if you put tools in there they are still installed. Link to comment Share on other sites More sharing options...
93K_Test_Junkie Posted February 10, 2018 Share Posted February 10, 2018 Oh man this is the first time i had issues with updating the firmware. Had no issues with 1.2, 1.3, and 1.4. It was stuck in green skittles mode for over an hour. I just pulled it out and did the bricking mode steps. Then it finally executed the firmware skittle code.... Green, ..., Red/Blue, ..., Blue/Blue, ..., Auto Reboot, ..., Violet, ..., Blue/Blue, ..., Taste the Bunny rainbow!!! Not sure if it hung up the first time because i always use the Bash Bunny with the usb extension cable that came with the field kit. Some of the PC's I connect too have molding around the USB port that is hard for the Bunny to connect up too because of its thick love handles. Any how back to bash scripting so my bash bunny can get its skittles on! Keep up the good work Hak5 team! Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted February 12, 2018 Share Posted February 12, 2018 Yeah, you're not the only one to complain about the new 1.5 firmware. It has it's problems, but hopefully Sebkinne's working it out. Link to comment Share on other sites More sharing options...
Irukandji Posted February 14, 2018 Share Posted February 14, 2018 On 10/02/2018 at 6:10 PM, 93K_Test_Junkie said: Some of the PC's I connect too have molding around the USB port that is hard for the Bunny to connect up too because of its thick love handles. Sorry. I have Giggle about that one. Gets a little annoying around Raspberry Pi's Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted February 15, 2018 Share Posted February 15, 2018 20 hours ago, Jtyle6 said: Sorry. I have Giggle about that one. Gets a little annoying around Raspberry Pi's Worst is when power leads have a port that has wings, and you're trying to plug it into a powerboard and you have to use up to 3 ports on a powerboard just for the extra room. An angle grinder or drop-saw fixes that most of the time though. Link to comment Share on other sites More sharing options...
schwasskin Posted March 1, 2018 Share Posted March 1, 2018 I updated to this firmware and now my serial connection is very slow and reports "login incorrect" every time I try to authenticate as root over serial. Im on ubuntu connecting with "sudo screen /dev/tty/ACM0" Thanks Link to comment Share on other sites More sharing options...
schwasskin Posted March 1, 2018 Share Posted March 1, 2018 43 minutes ago, schwasskin said: I updated to this firmware and now my serial connection is very slow and reports "login incorrect" every time I try to authenticate as root over serial. Im on ubuntu connecting with "sudo screen /dev/tty/ACM0" Thanks Just tried to reflash same results. I have done a reset by plugging it in 3 times ,etc ,etc and my console output when connecting to serial.. when I finally get it is like this: Password: Login incorrect bunny login: Login timed out after 60 seconds. Debian GNU/Linux 8 bunny ttyGS0 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.