[RELEASE] Bash Bunny Firmware v1.5

[Dave-ee Jones]

8 hours ago, schwasskin said:

Just tried to reflash same results. I have done a reset by plugging it in 3 times ,etc ,etc

and my console output when connecting to serial.. when I finally get it is like this:

Password:

Login incorrect

bunny login:
Login timed out after 60 seconds.
Debian GNU/Linux 8 bunny ttyGS0

Looks like Ubuntu/Linux isn't taking it very well. I've had no problems with PuTTY. Maybe try installing PuTTY (code below) and using that instead?

sudo apt install putty
putty # Run PuTTY

You probably don't need the tools but if you do here's the download for it:

sudo apt install putty-tools

PuTTY is GUI-based so it should work fine on Ubuntu.

Also, if this doesn't work you may just have to use SSH for now, until @Sebkinne sorts it out. :)

[Sebkinne]

On linux, minicom or screen work great to access the serial interface.

If you are greeted by a password promt, hit enter, and when it states "bunny login:" enter "root". The default password is "hak5bunny".

[Just_a_User]

been a while, so reset and upgraded to 1.5. all went smooth, then i tried to apt update && apt upgrade. It borked but i wasnt sure what package did it so worked through them and seem to have narrowed it down to one or more of these

The following packages will be upgraded:
  ca-certificates krb5-locales procps tzdata

most likely procps?

[Dave-ee Jones]

Pretty sure someone mentioned earlier that doing an apt-update/upgrade breaks the Bunny..

[Just_a_User]

Nice of you to confirm, thanks. Do you remember if they mention if it was procps or just "upgrade broke it?" i had a quick scroll back but dont see it, although didnt spend much time im afraid. Might be handy to pin down the actual package that's causing it.

EDIT - confirmed its procps that borks it. All other packages can be upgraded without effecting operation. I guess procps will need updating in a firmware?

[mka]

same here.. is there a solution?

[Just_a_User]

14 minutes ago, mka said:

same here.. is there a solution?

For now I just reset the BB and updated it again then ran the following which as of today only excluded procps.

apt install base-files cpp-4.9 curl file g++-4.9 gcc-4.9 gcc-4.9-base git git-man gnupg gpgv isc-dhcp-client isc-dhcp-common isc-dhcp-server krb5-locales ldap-utils libasan1 libatomic1 libcups2 libcurl3 libcurl3-gnutls libdb5.3 libdns-export100 libgcc-4.9-dev libgcc1 libgcrypt20 libgfortran3 libgomp1 libgssapi-krb5-2 libicu52 libirs-export91 libisc-export95 libisccfg-export90 libk5crypto3 libkrb5-3 libkrb5support0 libldap-2.4-2 libmagic1 libncurses5 libncursesw5 libpq5 libprocps3 libruby2.1 libssl1.0.0 libstdc++-4.9-dev libstdc++6 libtinfo5 libubsan0 libx11-6 libx11-data libx11-xcb1 libxfixes3 libxi6 libxml2 libxrandr2 libxtst6 libxv1 linux-libc-dev ncurses-base ncurses-bin ncurses-term openssh-client openssh-server openssh-sftp-server openssl patch perl perl-base perl-modules postgresql-9.4 postgresql-client-9.4 rsync ruby2.1 sensible-utils tzdata wget ca-certificates

 

[0ri0n]

Quote

Hello TechnoLushes... I recently received my Bash bunny. thank you hak5! I've updated and flashed the firmware successfully using the firmware updater and via the tar.gz way. i'm new to this and not really very good at programming but i really enjoy learning. The thing doing the stuff is so fun to do. anyway. i have several questions, maybe someone could help.

Quote

1.) after doing firmware via the updater.exe i noticed my bb loads the udisk on the storage side no matter which switch position its in. 

My resolve was to turn to the forum as no one around me even knows this exists... i found a thread with similar issues and now i can't find it. I flashed the firmware with v1.5.298 which did fix the tools folder not taking the deb tools and transferring them over to the Linux side. but still opens the udisk in attack positions. some help on that regard would be great!!

 

2.) i attacked myself several times and am curious if password grabber is even safe? i got a txt document in the /root/udisk/loot/Password Grabber  folder with nothing in the file. 

Help plz? i actually have some passwords i've forgotten and this would be useful to do on myself. 

3.) some attacks make the folder in loot folder and contain no loot. again i am new to this only had my bb for a few days. 

 

and finally 

4.) i have a concept of using an excel type document with all the attacks in a grid pattern. then want to make a python program that works with a payload to use multiple attacks by creating a virtual switch and referencing the excel type grid. for example. A1 : B5 = attacks fireytv + passdumb. i dont know coding good but maybe someone who does would be interested in making a one two three punch kinda combo attack payload with me. would be super fun to learn and do this stuff. thank you !

 

 

 

[m40295]

Ori0n for question 1   I've noticed that when you update the bash bunny it writes default payload files to all the switches so it's best to go into your switches and modify the payload files even if it's just switching it with a rem command

 

For question 2  save to /root/loot/

Not udisk

For 3   try setting permission on the folder r/w

 

No answer for 4 

 

Hope that guided you to the right answers

 

 

[Light02]

guys i need help, my bash bunny can not update to 1.5, im stack for hours waiting for the blue colour blick to appear but until now nothing is happening no colour is showing and it been like this for hours, pls help

 

[MidKni9ht]

24 minutes ago, Light02 said:

guys i need help, my bash bunny can not update to 1.5, im stack for hours waiting for the blue colour blick to appear but until now nothing is happening no colour is showing and it been like this for hours, pls help

 

I am in the same situation, I left plugged my BashBunny all night long, in doubt, to notice in the morning that the "police patern" was still there. I tested some payloads, which work, but I'm still not in version 1.5.

 

[Light02]

Just now, MidKni9ht said:

I am in the same situation, I left plugged my BashBunny all night long, in doubt, to notice in the morning that the "police patern" was still there. I tested some payloads, which work, but I'm still not in version 1.5.

 

in my case is i cant even access to it it is a nightmire 

 

[zup]

If you have issues with upgrading the Bash Bunny because of "procps", here is a fix for you that I found on the forums

On 8/26/2018 at 7:03 PM, OluMMelegi said:

Hi,

 

Here is the solution;

 

The problem is there is a file missing because of that procps service cannoty be started, here is how to fix it;

 

cp /lib/systemd/system/bak/systemd-sysctl.service /lib/systemd/system
ln -s /lib/systemd/system/procps.service /etc/systemd/system/procps.service

 

Now you are good to go...

 

[zup]

However I have noticed that even apt-get update does not work properly on a freshly installed bash bunny.. It seems like it is using Debian Jessie (Which already is pretty old) and the sources.list seems to include addresses that dont exist.

deb http://httpredir.debian.org/debian jessie-updates main contrib non-free
deb-src http://httpredir.debian.org/debian jessie-updates main contrib non-free

Seems to be my problem.
 

W: Failed to fetch http://httpredir.debian.org/debian/dists/jessie-updates/InRelease  Unable to find expected entry 'main/source/Sources' in Release file (Wrong sources.list entry or malformed file)

E: Some index files failed to download. They have been ignored, or old ones used instead.

Also, the urls are deprecated (httpredir.debian.org just redirects to deb.debian.org, since the GeoMirror is deprecated)

[Foxtrot]

On 4/7/2019 at 3:44 AM, zup said:

However I have noticed that even apt-get update does not work properly on a freshly installed bash bunny.. It seems like it is using Debian Jessie (Which already is pretty old) and the sources.list seems to include addresses that dont exist.

deb http://httpredir.debian.org/debian jessie-updates main contrib non-free
deb-src http://httpredir.debian.org/debian jessie-updates main contrib non-free

Seems to be my problem.
 

W: Failed to fetch http://httpredir.debian.org/debian/dists/jessie-updates/InRelease  Unable to find expected entry 'main/source/Sources' in Release file (Wrong sources.list entry or malformed file)

E: Some index files failed to download. They have been ignored, or old ones used instead.

Also, the urls are deprecated (httpredir.debian.org just redirects to deb.debian.org, since the GeoMirror is deprecated)

Thanks for pointing this issue out, Debian deprecating those URLs slipped by us. We'll be releasing an update shortly with updated apt sources.

In the meantime, you can use the following sources.list file:

deb http://cdn-fastly.deb.debian.org/debian/ jessie main contrib non-free
deb-src http://cdn-fastly.deb.debian.org/debian/ jessie main contrib non-free

deb http://security.debian.org/ jessie/updates main contrib non-free
deb-src http://security.debian.org/ jessie/updates main contrib non-free

deb http://archive.debian.org/debian jessie-backports main contrib non-free
deb-src http://archive.debian.org/debian jessie-backports main contrib non-free

and create the file "/etc/apt/apt.conf.d/71aptconf" with the following content inside it:

Acquire::Check-Valid-Until "false";