Bash Bunny, Rubber ducky or.. For IT Automation

Orcinus · March 29, 2018

I just came across Hak5 and all the tools look very cool. I am the only IT staff for a very small school district and I was just wondering what device would be best for doing things like installing software, adding software keys and activating, etc I was thinking the Bash Bunny so I would have the option of 2 tasks. Also, I just want one of these to play around with, probably hacking my self lol. The school has a limited budget, so I would be getting this for my self.

I inherited a windows domain that can be finicky with group policy, so I use a combination of that and the free version of PDQ Deploy most of the time. But the other day I need to install a testing program and didn't have things set up in my other tools, so I went PC to PC with a USB drive. I like the idea that I might be able to plug in a Bash Bunny and just wait for the LED color telling me it's done.

I also know I don't know everything out there and there may be something better for my situation, but when I saw the Bash Bunny I thought why not kill 2 birds with 1 stone!

Thanks,

barry99705 · March 29, 2018

Would be easier to just create a hidden support folder on the file server, then put a bunch of shell scripts in it. Then you can just \\fileserver\support$\install_whatever.bat .

Also, psexec is your friend.

0phoi5 · April 5, 2018

On ‎29‎/‎03‎/‎2018 at 11:59 PM, barry99705 said:

Also, psexec is your friend.

This.

Use PowerShell (Invoke-Command), SCCM, batch files, PSEXEC and Group Policy to get things done quickly, easily and remotely.

PoSHMagiC0de · April 5, 2018

So, in a WIndows AD environment, learning Powershell is king for remoting.

Now, for the BB being used, I have done this a few times. Will have to say you will still need to prep all the stuff on the BB for the software you are installing. Example is if you want it to click through prompts then you will need a test rig to see what all those prompts are and what is needed via quack commands to click them all. All in all, you may end up putting in as much work the BB version as you would for the PDQDeploy package. Difference is the PDGDeploy package will reduce the number of machines you have to physically visit (only visit those PDQDeploy failed on). PDQDeploy is pretty cool if the installation you are pushing has a silent option.

Of course you could do it with Powershell too. If WinRM is enabled it gets easy since you can retrieve feedback from the session. If not and you go wmi then you will need a way to get feedback from the remote machine since WMI just tells you it ran your command and that is it so your script will need to drop its output somewhere either a SMB path or maybe a rest service you build on your admin box.

I have inherited a lot of sketchy AD domains. I usually, after I find out the needs, I go through and clean it up. Even gone so far, if the previous tech totally trash the AD domain, building a new domain next to the old and getting stuff recreated in the new domain. Rarely had to do that but have ran across one I did..it was a 2003 domain and complete garbage.

barry99705 · April 5, 2018

We took over a school district for a year like that. Looked like someone read a book on group policy, then enabled it all... Down to the point of setting individual computers with individual printers. It was a freaking nightmare to clean it all out. We dropped them as a client because they wouldn't purchase new windows licenses. Whoever ran the place before us made due with 4 licenses across the whole system. :ohmy:

Dave-ee Jones · April 5, 2018

1 hour ago, barry99705 said:

We took over a school district for a year like that. Looked like someone read a book on group policy, then enabled it all... Down to the point of setting individual computers with individual printers. It was a freaking nightmare to clean it all out. We dropped them as a client because they wouldn't purchase new windows licenses. Whoever ran the place before us made due with 4 licenses across the whole system.

I bet they were real happy when you said "okay, first things first, you need to buy some 200 Windows licenses to get everything legal and up-and-running without any problems" :lol:

digitalnull · April 6, 2018

Having worked in a large school district I can say the most time consuming task was pressing hotkeys during desktop imaging. It would have been amazing to have even 10 rubber duckys to save the time wasting task of [ENTER][ENTER][ENTER][ENTER][ENTER][ENTER][ENTER].... having flashbacks...

barry99705 · April 6, 2018

https://photos.app.goo.gl/gSu13LhwnBVSUHtm2

Clonezilla server for the win!

barry99705 · April 6, 2018

2 hours ago, Dave-ee Jones said:

I bet they were real happy when you said "okay, first things first, you need to buy some 200 Windows licenses to get everything legal and up-and-running without any problems"

Their biggest complaint was that they couldn't connect their couple administration surface pro's to the exchange server. "Because you can't connect office 2013 to exchange 03..."

Dave-ee Jones · April 6, 2018

Still would take more time to build a Clonezilla server than to go around 5 PCs and manually put in everything you wanted.

Unless, of course, you only had 1 monitor and a keyboard. The pain.

That said, you could use a WDS server, and I know a few who do use it for their clients because of how large they are.

2 minutes ago, barry99705 said:

Their biggest complaint was that they couldn't connect their couple administration surface pro's to the exchange server. "Because you can't connect office 2013 to exchange 03..."

Exchange servers and Office are always a fun combo.

"What's that? You want to use Office 2016 with Exchange 2007? Good joke!"

or..

"What's that? Autodiscover doesn't work on Office 2016? Yeh. I know."

Edited April 6, 2018 by Dave-ee Jones

barry99705 · April 6, 2018

9 hours ago, Dave-ee Jones said:

Still would take more time to build a Clonezilla server than to go around 5 PCs and manually put in everything you wanted.

Unless, of course, you only had 1 monitor and a keyboard. The pain.

That said, you could use a WDS server, and I know a few who do use it for their clients because of how large they are.

Exchange servers and Office are always a fun combo.

"What's that? You want to use Office 2016 with Exchange 2007? Good joke!"

or..

"What's that? Autodiscover doesn't work on Office 2016? Yeh. I know."

It works, but is a pain in the ass. Point all dns records to the outside ip address of your exchange server.

Dave-ee Jones · April 9, 2018

On 4/6/2018 at 10:08 PM, barry99705 said:

It works, but is a pain in the ass. Point all dns records to the outside ip address of your exchange server.

Ye. Office and Exchange servers that aren't 365 are very finicky.

I wonder why..

Never mind, 365 is still pretty finicky too.

Edited April 9, 2018 by Dave-ee Jones

barry99705 · April 9, 2018

We found out the hard way, ms can't restore individual email accounts in 365. Client clicked on somethig that installed a virus that blew away his contact list.

Orcinus · April 9, 2018

Thanks for the replies. For imaging we actually use FOG, and it works well once set up. I think I might just get the ducky to play around with at first.

Dave-ee Jones · April 10, 2018

5 hours ago, barry99705 said:

We found out the hard way, ms can't restore individual email accounts in 365. Client clicked on somethig that installed a virus that blew away his contact list.

Weeeeeeell, you can actually - there are 2 ways to do it (both using the same method, it's just 2 ways of doing that method). The 365 Admin console has a restore user area, but you can do it via a PS session to the mail server as well, it's just less straight-forward.

Unless you mean something different when you say "individual email accounts"? I don't know - I would assume you're talking about restoring user mailboxes.

https://technet.microsoft.com/en-us/library/dn186233(v=exchg.150).aspx

https://support.office.com/en-us/article/restore-a-user-in-office-365-2c261e42-5dd1-48b0-845f-2a016d29cfc1

barry99705 · April 10, 2018

Cool! Both of those articles are fairly new. When we contacted MS, they told us they could restore the domain, but not individuals. I think that was last spring maybe?

Wait, that's still not right though. You can't restore from "yesterday", or "last week". This just restores an admin deleted account, not a virus induced user deleted email thing.

Edited April 10, 2018 by barry99705

Dave-ee Jones · April 11, 2018

7 hours ago, barry99705 said:

Wait, that's still not right though. You can't restore from "yesterday", or "last week". This just restores an admin deleted account, not a virus induced user deleted email thing.

?

So you mean restore a previous 'state' of an email account, not a deleted one? Well, that would require you to have backups of it in the first place :lol:

barry99705 · April 12, 2018

On 4/10/2018 at 8:01 PM, Dave-ee Jones said:

?

So you mean restore a previous 'state' of an email account, not a deleted one? Well, that would require you to have backups of it in the first place

Exactly. Who has the money, or space to back up all your user's desktops? Pretty much all the companies I do work at don't. I can think of one, but that guy is freaking crazy about backups. He backs up the backup servers. Not just the backups, but the whole damn server, including the backup drives. He also backs up the desktops, who's data is redirected to the servers being backed up.

I mean sure, you could spin up an exchange server locally and mirror 365, but then, why have 365? Also 365 is a huge waste of money in the first place.

Dave-ee Jones · April 12, 2018

11 hours ago, barry99705 said:

Exactly. Who has the money, or space to back up all your user's desktops? Pretty much all the companies I do work at don't. I can think of one, but that guy is freaking crazy about backups. He backs up the backup servers. Not just the backups, but the whole damn server, including the backup drives. He also backs up the desktops, who's data is redirected to the servers being backed up.

I mean sure, you could spin up an exchange server locally and mirror 365, but then, why have 365? Also 365 is a huge waste of money in the first place.

~~You only need to tell Outlook to cache users' mail locally, then just backup the PST files..~~ Temporarily forgot the actual reason you want to backup the users..

Yeah, I know the kind of guys. Dealt with them before. :P

It sounds like it would be easier for him just to have a terminal server and give everyone thin clients, then backup the server. Ez-pz.

Edited April 12, 2018 by Dave-ee Jones

Dave-ee Jones · November 13, 2018

On 11/11/2018 at 3:17 AM, wahidovic123 said:

Are you sure there are only two methods or two ways to do it? no I think there are other methods

Apologies, I should have said 2 I know of.

Sign In

Bash Bunny, Rubber ducky or.. For IT Automation

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Recently Browsing 0 members