Jump to content

bb.sh Internet sharing


JustJohn

Recommended Posts

Posted

Hi

Been around the forum and can't find any answer.

Trying to get the bash bunny online using the bb.sh sharing script.
I managed to get access to the bunny thru SSH, but it seams like, 
that the wlan0 interface shuts down and the new USB Ethernet eth1 takes over.

What do I miss here?


My Process


Guided setup
----------------------

Step 1 of 3: Select Default Gateway
Default gateway reported as 192.168.1.1
Use the above reported default gateway?             [Y/n]? y

Step 2 of 3: Select Internet Interface
Internet interface reported as wlan0
Use the above reported Internet interface?          [Y/n]? y

Step 3 of 3: Select Bash Bunny Interface
Please connect the Bash Bunny to this computer.
................[Checking]
Detected Bash Bunny on interface eth1
Use the above detected Bash Bunny interface?    [Y/n]? y

Settings saved.

Saved Settings: Share Internet connection from wlan0
to Bash Bunny at eth1 through default gateway 192.168.1.1

 

SSH Connection
----------------------------

$ssh root@172.16.64.1
root@172.16.64.1's password: 
           _____  _____  _____  _____     _____  _____  _____  _____  __ __ 
 (\___/)  | __  ||  _  ||   __||  |  |   | __  ||  |  ||   | ||   | ||  |  |
 (='.'=)  | __ -||     ||__   ||     |   | __ -||  |  || | | || | | ||_   _|
 (")_(")  |_____||__|__||_____||__|__|   |_____||_____||_|___||_|___|  |_|  
 Bash Bunny by Hak5     USB Attack/Automation Platform      

Last login: Sat Aug 26 00:09:43 2017 from 172.16.64.10
root@bunny:~# apt-get update
0% [Connecting to httpredir.debian.org]^C
root@bunny:~# 


iptables
---------------

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination 

 

ifconfig
--------------

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.16.64.10  netmask 255.255.255.0  broadcast 172.16.64.255


wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.131  netmask 255.255.255.0  broadcast 192.168.1.255

 

Best Regards

 

Claus

Posted

Hmm, can anyone chime in and correct me..been a but since I did internet sharing with BB..but when sharing in linux, should there be a masquerade rule in the iptables for outgoing stuff on the internet facing interface.

Posted
Hi PoSHMagiC0de

Would this could do it?

sudo iptables -A FORWARD --in-interface eth1 -j ACCEPT
sudo iptables --table nat -A POSTROUTING --out-interface wlan0 -j MASQUERADE

And then:
Enable IP forwarding

sudo sysctl -w net.ipv4.ip_forward=1

 

/Claus

Posted
1 minute ago, clauspauli said:

Hi PoSHMagiC0de

Would this could do it?

sudo iptables -A FORWARD --in-interface eth1 -j ACCEPT
sudo iptables --table nat -A POSTROUTING --out-interface wlan0 -j MASQUERADE

And then:
Enable IP forwarding

sudo sysctl -w net.ipv4.ip_forward=1

 

/Claus

And should it be in the bb script, or is it a manual thing to do after running the bb?

Posted

The BB takes over as the primary source because of its interface bandwidth. Windows (and Mac, I would imagine) treat it as the primary NIC because the NIC says it's a 2Gbps speed, so if your normal NIC is slower it gets ignored.

You can fix this by specifying the NIC speed (basically spoofs the speed) as shown below:

ATTACKMODE RNDIS_ETHERNET RNDIS_SPEED_10000

The above command limits the bandwidth to 10Mbps.

However, I don't know if you can do the same with ECM but you can try (see below).

ATTACKMODE ECM_ETHERNET ECM_SPEED_10000
# OR
ATTACKMODE ECM_ETHERNET RNDIS_SPEED_10000

 

Posted
6 hours ago, Dave-ee Jones said:

The BB takes over as the primary source because of its interface bandwidth. Windows (and Mac, I would imagine) treat it as the primary NIC because the NIC says it's a 2Gbps speed, so if your normal NIC is slower it gets ignored.

You can fix this by specifying the NIC speed (basically spoofs the speed) as shown below:


ATTACKMODE RNDIS_ETHERNET RNDIS_SPEED_10000

The above command limits the bandwidth to 10Mbps.

However, I don't know if you can do the same with ECM but you can try (see below).


ATTACKMODE ECM_ETHERNET ECM_SPEED_10000
# OR
ATTACKMODE ECM_ETHERNET RNDIS_SPEED_10000

 

Hi Dave

Thanks for your reply, but it did not work. :-(

Have tried with PCI NIC, same result.

 

/Claus

Posted
10 minutes ago, clauspauli said:

Still not working with internet sharing on kali linux,

I had some issues in the past that sound similar.

Did you try running 'nm-connection-editor' from terminal, selecting your bb interface, go to ipv4 and changing manual/automatic to shared with other computers? maybe that sorts it, maybe it doesn't. Obviously the rest of the configs need to be correct as per the wiki.

I do this on Ubuntu 17 and works well for me for ICS the hak5 gear.

Posted
15 hours ago, clauspauli said:

Hi Dave

Thanks for your reply, but it did not work. :-(

Have tried with PCI NIC, same result.

 

/Claus

Yeah, I suspected it wouldn't because Mac doesn't use RNDIS drivers, neither does Linux.

Posted
11 hours ago, Dave-ee Jones said:

Yeah, I suspected it wouldn't because Mac doesn't use RNDIS drivers, neither does Linux.

Thanks for the replay

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...