Jump to content
Sebkinne

[RELEASE] Bash Bunny Firmware v1.5

Recommended Posts

Hey everyone,

I just wanted to post a quick update to let you know that we have launched firmware version 1.5 for the Bash Bunny.

This firmware comes packaged with exciting new features such as a new ATTACKMODE called AUTO_ETHERNET, and a way to send ALT codes using the QUACK command.

Find all the fixes and features in the changelog and bounce on by to BashBunny.com/downloads for your devious device download (\_/).

  • Like 4

Share this post


Link to post
Share on other sites

installed.... Worked... :grin:

Share this post


Link to post
Share on other sites

Installed... worked.    What would be great is an alternate partition for ATTACKMODE STORAGE.   If this partition were write only, with some fake files, it would hide exfiltration from the target user. 

Share this post


Link to post
Share on other sites

For AUTO_ETHERNET, it would be great if there was a result or environmental variable which told us which type it selected.  That would be a hint on which operating system.

Share this post


Link to post
Share on other sites
8 hours ago, Struthian said:

For AUTO_ETHERNET, it would be great if there was a result or environmental variable which told us which type it selected.  That would be a hint on which operating system.

Uhm..What? Are you throwing the BB across the room hoping it will land in some random USB port, not knowing what the OS is?

Since the BB only really works when a computer is logged in, you'll know which OS it is before you even put the BB in it. AUTO_ETHERNET is just so you're payload can work with other OS' rather than just 2 (or in the case of Windows, 1), saving the annoyance of having 2 payload switches for the 1 payload for 2 different OS'.

Share this post


Link to post
Share on other sites

I upgraded to 1.5 but had not loaded any tools before then.

When I drop any .deb files in the tools folder, then reinsert in arming mode, the tool boots up in arming mode but doesn't load the tool.

Has this function changed????

Share this post


Link to post
Share on other sites
2 minutes ago, DeepDavid said:

I upgraded to 1.5 but had not loaded any tools before then.

When I drop any .deb files in the tools folder, then reinsert in arming mode, the tool boots up in arming mode but doesn't load the tool.

Has this function changed????

Strange. Are the tools still in the /tools folder or have the disappeared? If they're still there it probably didn't work - if not it probably worked.

What version were you on previously?

Share this post


Link to post
Share on other sites
4 hours ago, Dave-ee Jones said:

Uhm..What? Are you throwing the BB across the room hoping it will land in some random USB port, not knowing what the OS is?

Since the BB only really works when a computer is logged in, you'll know which OS it is before you even put the BB in it. AUTO_ETHERNET is just so you're payload can work with other OS' rather than just 2 (or in the case of Windows, 1), saving the annoyance of having 2 payload switches for the 1 payload for 2 different OS'.

No, not doing that.   I am doing something far more interesting.  A payload that does the same thing in different OS environments is quite desirable and would be easy with the features I requested. Actually in dedicated or kiosk set ups, you don't know what the OS beneath is all the time.   I also can't imagine they would be hard to add.

Share this post


Link to post
Share on other sites
On 12/7/2017 at 2:24 PM, Dave-ee Jones said:

Uhm..What? Are you throwing the BB across the room hoping it will land in some random USB port, not knowing what the OS is?

Since the BB only really works when a computer is logged in, you'll know which OS it is before you even put the BB in it. AUTO_ETHERNET is just so you're payload can work with other OS' rather than just 2 (or in the case of Windows, 1), saving the annoyance of having 2 payload switches for the 1 payload for 2 different OS'.

Correction: BB does work when a computer is logged off and/or locked, just some attack modes are more useful than others in those states.

I agree it would be nice to know what Ethernet type was selected. We'll see about exposing that somehow.

This is my quick and dirty OS detection payload scaffolding.

LED SETUP
ATTACKMODE AUTO_ETHERNET
LED ATTACK
GET TARGET_OS
case "$TARGET_OS" in
	WINDOWS)
		# Windows payload goes here
		LED R
		;;
	MACOS)
		# Mac OS payload goes here
		LED G
		;;
	LINUX)
		# Linux payload goes here
		LED B
		;;
esac

 

  • Like 3

Share this post


Link to post
Share on other sites

In your scaffolding, AUTO_ETHERNET could be only for OS determination.  After GET TARGET_OS - one could execute another ATTACKMODE to be used in common with all OS's. 

Geoff

Share this post


Link to post
Share on other sites
On 12/12/2017 at 4:35 AM, Darren Kitchen said:

Correction: BB does work when a computer is logged off and/or locked, just some attack modes are more useful than others in those states.

I agree it would be nice to know what Ethernet type was selected. We'll see about exposing that somehow.

This is my quick and dirty OS detection payload scaffolding.

-snip-

I apologise - I wasn't being clear. I meant it is most effective on unlocked machines. There's a limited amount of things you can do with a locked machine.

Share this post


Link to post
Share on other sites
On 12/11/2017 at 9:35 AM, Darren Kitchen said:

Correction: BB does work when a computer is logged off and/or locked, just some attack modes are more useful than others in those states.

I agree it would be nice to know what Ethernet type was selected. We'll see about exposing that somehow.

This is my quick and dirty OS detection payload scaffolding.


LED SETUP
ATTACKMODE AUTO_ETHERNET
LED ATTACK
GET TARGET_OS
case "$TARGET_OS" in
	WINDOWS)
		# Windows payload goes here
		LED R
		;;
	MACOS)
		# Mac OS payload goes here
		LED G
		;;
	LINUX)
		# Linux payload goes here
		LED B
		;;
esac

 

not sure what I'm doing wrong , used the code with lates firmware , it dose not detect OS , tried on windows 10,7 and MAC OS.

Share this post


Link to post
Share on other sites
9 hours ago, C1PH3R said:

After last update commands like RUN WIN Powershell do not work anymore! 

 

Ducky language does work kinda things like:

Q GUI r

Q STRING notepad

Q ENTER

do work. But other things do not.

 

ROLLBACK NEEDED! (or bugfix!)

Just out of curiosity, what language is the PS typing in, do you know? It should be 'us' by default.

Share this post


Link to post
Share on other sites
14 hours ago, C1PH3R said:

Yes it is US, and the language on my computer is also US, I've not changed anything since last update but now my payloads won't work.

Please explain exactly what doesn't work and any symptoms, as I can't help you when you just say "it's not working", unfortunately.

Share this post


Link to post
Share on other sites
20 hours ago, Dave-ee Jones said:

Please explain exactly what doesn't work and any symptoms, as I can't help you when you just say "it's not working", unfortunately.

It is fixed, the problem was that the bunnyupdater did not actually updated, but after a manual update it worked, so no problem here anymore

 

  • Upvote 1

Share this post


Link to post
Share on other sites

Just did another factory revert (3 quick pullouts) ran the updater a few times, everything is showing updated to 1.5_298 now but with the new firmware I'm not seeing tools being installed from the tools directory when booting in arming mode. A few have mention the same issue, has anyone probed into it more or are you just installing them manually now?

 

 

Share this post


Link to post
Share on other sites
On 1/28/2018 at 12:13 PM, Cau5tic said:

Just did another factory revert (3 quick pullouts) ran the updater a few times, everything is showing updated to 1.5_298 now but with the new firmware I'm not seeing tools being installed from the tools directory when booting in arming mode. A few have mention the same issue, has anyone probed into it more or are you just installing them manually now?

You won't notice the tools have installed unless you SSH/Serial into the Bunny and look in the root "tools" folder. The tools folder in the root USB directory is emptied every restart, but if you put tools in there they are still installed.

Share this post


Link to post
Share on other sites

Oh man this is the first time i had issues with updating the firmware. Had no issues with 1.2, 1.3, and 1.4. It was stuck in green skittles mode for over an hour. I just pulled it out and did the bricking mode steps. Then it finally executed the firmware skittle code.... Green, ..., Red/Blue, ..., Blue/Blue, ..., Auto Reboot, ..., Violet, ..., Blue/Blue, ..., Taste the Bunny rainbow!!!

Not sure if it hung up the first time because i always use the Bash Bunny with the usb extension cable that came with the field kit. Some of the PC's I connect too have molding around the USB port that is hard for the Bunny to connect up too because of its thick love handles. Any how back to bash scripting so my bash bunny can get its skittles on!

Keep up the good work Hak5 team!

Share this post


Link to post
Share on other sites

Yeah, you're not the only one to complain about the new 1.5 firmware. It has it's problems, but hopefully Sebkinne's working it out.

  • Like 1

Share this post


Link to post
Share on other sites
On 10/02/2018 at 6:10 PM, 93K_Test_Junkie said:

Some of the PC's I connect too have molding around the USB port that is hard for the Bunny to connect up too because of its thick love handles.

Sorry. I have Giggle about that one. Gets a little annoying around Raspberry Pi's 

  • Like 1

Share this post


Link to post
Share on other sites
20 hours ago, Jtyle6 said:

Sorry. I have Giggle about that one. Gets a little annoying around Raspberry Pi's 

Worst is when power leads have a port that has wings, and you're trying to plug it into a powerboard and you have to use up to 3 ports on a powerboard just for the extra room.

An angle grinder or drop-saw fixes that most of the time though.

Share this post


Link to post
Share on other sites

I updated to this firmware and now my serial connection is very slow and reports "login incorrect" every time I try to authenticate as root over serial. Im on ubuntu connecting with "sudo screen /dev/tty/ACM0"

 

Thanks

Share this post


Link to post
Share on other sites
43 minutes ago, schwasskin said:

I updated to this firmware and now my serial connection is very slow and reports "login incorrect" every time I try to authenticate as root over serial. Im on ubuntu connecting with "sudo screen /dev/tty/ACM0"

 

Thanks

Just tried to reflash same results. I have done a reset by plugging it in 3 times ,etc ,etc

 

and my console output when connecting to serial.. when I finally get it is like this:

 

 

 


                                                Password:

 

                                                          Login incorrect

                                                                         bunny login:

      Login timed out after 60 seconds.

 


                                       Debian GNU/Linux 8 bunny ttyGS0

 

 

Edited by schwasskin
new info

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...