Quixx Posted May 10, 2018 Share Posted May 10, 2018 Hello all! I would your help to solve an issue , nothing in loot folder. i already see mentioned into many posts but really got no a solution from here. Hands on a a Fresh NEW Bash Bunny with an outdated firmware ,windows 7 Ultimate x64 Pc. Keyboard settings are US for win7, and from factory in BB. If i open config.txt i read just:#!/bin/bash #This configuration file is used to set default variables DUCKY_LANG us Go ahead Updated the firmware, downloading the updater here https://bashbunny.com/setup , the payloads library and all will be updated too Fixed the device driver for the Gadget serial > opening the device manager on win7,found the alert near device, update driver >select the Bash Bunny path. The driver will be searched into the subfolders and installed. So rerun BB. i tried and i got connection with a shell on port COM4 with Putty . I have to run a script. Open library folder and copy content of H:\payloads\library\credentials\PasswordGrabber into H:\payloads\switch2 Download to Tool folder the laZagneX64.exe file , *also tried to rename it in laZAgne.exe That"s all.Switched to 2 and run BB. Result> only an EMPTY PasswordGrabber folder in Loot folder.ON SCREEN> I seen 2 popup windows, Run command from Win7 and a Terminal window black clean for just a second. Have Somebody solved this, and HOW ???? Thanks alot Quixx Quote Link to comment Share on other sites More sharing options...
SchwarzerLotus Posted May 11, 2018 Share Posted May 11, 2018 (edited) The config.txt doesn't have more information If you rename the .exe you also have to rename it in the Script! Change the script from: ######## ATTACK ######## LED ATTACK RUN WIN "powerShell -windowstyle hidden -ExecutionPolicy Bypass .((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\payload.ps1')" to: ######## ATTACK ######## LED ATTACK Q GUI r Q STRING notepad Q ENTER Q DELAY 500 Q STRING "powerShell -windowstyle hidden -ExecutionPolicy Bypass .((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\payload.ps1')" and check the output. Maybe some characters/signs are wrong or missing. It took me a long time to get the BashBunny writing every char and sign correct... And at last: Is this your first BashhBunny experience? If yes, maybe it would be better to start with easier things to learn how it's working? Lovely Greetz :) Edited May 11, 2018 by SchwarzerLotus 1 Quote Link to comment Share on other sites More sharing options...
Quixx Posted May 15, 2018 Author Share Posted May 15, 2018 Thanks alot , yes is my first experience with BB . The output on the text file is correct, the laZagne.exe is in tools and have the right name as is in the script.. It creates the folder in loot , but nothing into... I tried as you suggested less difficult scripts and tested, some are working on win7 and not works on win 10 then i found some troubles with UAC, for sure i need to go ahead with less excitation and more attention on programming ... even if i have some programming skill i admit i barely know what i'm doing ?. Thanks for your reply! Quote Link to comment Share on other sites More sharing options...
SchwarzerLotus Posted May 16, 2018 Share Posted May 16, 2018 (edited) You can also try to run it manually to find the problem: Put in the bash bunny in arming mode and copy/paste the payload/script commands step by step. Is running everything properly? Are errors anywhere? If you try it manually you may need to change the \$switch_position entry of the payload to switch1 (or2) From: payloads\\$SWITCH_POSITION\payload.ps1 To: payloads\switch1\payload.ps1 Try Lazagne without bash bunny. So you can see if it's a bash bunny or a Lazagne problem ? Oh - you wrote the Lazagne exe is in tools. The password grabber readme says it have to be in the payload folder! I haven't tried out the password grabber payload but this could be the problem? Lovely Greetz ? Edited May 17, 2018 by SchwarzerLotus Quote Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted May 17, 2018 Share Posted May 17, 2018 10 hours ago, SchwarzerLotus said: You can also try to run it manually to find the problem: Put in the bash bunny in arming mode and copy/paste the payload/script commands step by step. Is running everything properly? Are errors anywhere? +1. I do this a lot when I'm developing a payload. Helps alot. Quote Link to comment Share on other sites More sharing options...
SchwarzerLotus Posted May 17, 2018 Share Posted May 17, 2018 Oh - I have seen that there exists a HAK5 video on YouTube about the password grabber payload ? Maybe this could help you with your Lazagne problem ? Lovely Greetz ☺ Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.