xiou Posted April 24, 2018 Share Posted April 24, 2018 I desided find my Bashbunny today and to update it to firmware 1.5 and find some nice scripts I could test on it. I tried the Password Grabber. After I run the PasswordGrabber on the Bashbunny and checked the lootfolder, I noticed it was alot of strange content in it. Alot of folders and other files that I could not open. Check attatched screen. After wondering about it, I was gonna check the size of it, and it says 56TB ? I am not able to delete the lootfolder from either windows or linux by rm -rv. I just get an errormessage that it's readonly and I don't have permissions to do that! Strange I have tried this: Remove the lootfolder Move the lootfolder to another folder, then delete (that's what I've doing on the screenshoots attatched to this post) Do a factoryreset on the bashbunny upto several time. (Unplug three times on green blink) Even upgraded by the bashbunny upgradetool and manually by downloading the .tar file and copy it into the root of the bashbynny Do any of you have any ideas how I can recover my bashbunny and hopefully bring it back to life? Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted April 24, 2018 Share Posted April 24, 2018 (edited) Can you ssh into the Bash Bunny? If you can, in version 1.2 a new udisk utility was added that you can use to mount and reformat the partition. It will erase all your payloads but should get it to a condition where if you put your payloads back on it should work correctly...if the payload works as intended. Here is the link to changelog.txt with added feature. https://storage.googleapis.com/bashbunny_updates/ch_fw_1.2-changelog.txt Edited April 24, 2018 by PoSHMagiC0de Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted April 26, 2018 Share Posted April 26, 2018 Yikes. What on earth is the PasswordGrabber payload doing..Maybe it found too many password hashes ? Quote Link to comment Share on other sites More sharing options...
xiou Posted April 26, 2018 Author Share Posted April 26, 2018 On 4/25/2018 at 1:51 AM, PoSHMagiC0de said: Can you ssh into the Bash Bunny? If you can, in version 1.2 a new udisk utility was added that you can use to mount and reformat the partition. It will erase all your payloads but should get it to a condition where if you put your payloads back on it should work correctly...if the payload works as intended. Here is the link to changelog.txt with added feature. https://storage.googleapis.com/bashbunny_updates/ch_fw_1.2-changelog.txt I am able to connect to the BB trough putty and serial-connection. So you suggest I should try to downgrade to 1.2 and mount udisk for refomatting? Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted April 26, 2018 Share Posted April 26, 2018 Nope, you are already on the recent version. Ssh and run the commands to redo the udisk in the readme from the 1.2 firmware update. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.