Jump to content
Sign in to follow this  
Quixx

First time settings

Recommended Posts

Hello all!
I would your help to solve an  issue ,  nothing in  loot folder.
i  already see mentioned into many posts but really got no a solution from here.

Hands on a a Fresh NEW  Bash Bunny with an outdated firmware  ,windows 7 Ultimate x64  Pc. 
Keyboard settings are US for win7, and   from factory in BB. If i open config.txt i read just:
#!/bin/bash
#This configuration file is used to set default variables
DUCKY_LANG us


Go ahead

  1.   Updated the firmware, downloading the  updater here https://bashbunny.com/setup  , the payloads library and all will be updated too
  2.  Fixed the device driver for the Gadget serial >  opening the device manager on win7,found the alert near device, update driver >select  the Bash Bunny path. The driver will be searched into the subfolders and installed.

So rerun BB. i tried and i got connection with a shell on port COM4 with Putty .

I have to run a script.
Open library folder and copy content of  H:\payloads\library\credentials\PasswordGrabber   into H:\payloads\switch2
Download to Tool folder the laZagneX64.exe file , *also tried to rename it in laZAgne.exe
That"s all.
Switched  to  2  and run BB.
Result> only an EMPTY PasswordGrabber folder in Loot folder.
ON SCREEN> I seen 2 popup windows,  Run command from Win7  and a Terminal window black clean for just a second.

Have Somebody  solved this,  and HOW ????
 

Thanks alot
Quixx


 

Share this post


Link to post
Share on other sites

The config.txt doesn't have more information

If you rename the .exe you also have to rename it in the Script!

Change the script

from:

######## ATTACK ########
LED ATTACK
RUN WIN "powerShell -windowstyle hidden -ExecutionPolicy Bypass .((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\payload.ps1')"

to:

######## ATTACK ########
LED ATTACK
Q GUI r
Q STRING notepad
Q ENTER
Q DELAY 500
Q STRING "powerShell -windowstyle hidden -ExecutionPolicy Bypass .((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\payload.ps1')"

and check the output. Maybe some characters/signs are wrong or missing. It took me a long time to get the BashBunny writing every char and sign correct...

 

And at last: Is this your first BashhBunny experience? If yes, maybe it would be better to start with easier things to learn how it's working?

Lovely Greetz :)

Edited by SchwarzerLotus
  • Like 1

Share this post


Link to post
Share on other sites

Thanks alot , yes is my first experience with BB .
The output on the text file is correct, the laZagne.exe  is in tools and have the right name as is in the script..
It creates the folder in loot , but nothing into...
I tried as you suggested less difficult scripts and tested, some are working on win7 and not works  on win 10
then i found some troubles with UAC, for sure i need to go ahead with less excitation and more attention on programming ... even if i have some programming skill i admit i barely know what i'm doing ?.
Thanks for your reply!
 

Share this post


Link to post
Share on other sites

You can also try to run it manually to find the problem:

Put in the bash bunny in arming mode and copy/paste the payload/script commands step by step. Is running everything properly? Are errors anywhere?
If you try it manually you may need to change the \$switch_position entry of the payload to switch1 (or2)

From:
payloads\\$SWITCH_POSITION\payload.ps1
To:
payloads\switch1\payload.ps1

 

Try Lazagne without bash bunny. So you can see if it's a bash bunny or a Lazagne problem ?

Oh - you wrote the Lazagne exe is in tools. The password grabber readme says it have to be in the payload folder! I haven't tried out the password grabber payload but this could be the problem?

 

Lovely Greetz ?

Edited by SchwarzerLotus

Share this post


Link to post
Share on other sites
10 hours ago, SchwarzerLotus said:

You can also try to run it manually to find the problem:

Put in the bash bunny in arming mode and copy/paste the payload/script commands step by step. Is running everything properly? Are errors anywhere?

+1.

I do this a lot when I'm developing a payload. Helps alot.

Share this post


Link to post
Share on other sites

Oh - I have seen that there exists a HAK5 video on YouTube about the password grabber payload ? Maybe this could help you with your Lazagne problem ?

Lovely Greetz ☺

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...