Problem with long strings

Jausk · July 7, 2018

Good morning,

I recently acquired a BashBunny, and I have been playing with it for two days. This morning I managed to deploy a payload that launches a reverse meterpreter through powershell by making use of the HID and a veeeeery long string.

So, if I define this very long string as a unique string (Q STRING "Very Long String"), the payload works as expected in my PC, but it fails on my laptop as it seems the letters are not written in the right order, or some letters are missing. In order to mitigate this, I have divided the long string in multiple "Q STRING" statements, adding a DELAY of 100ms between then.

Q STRING "Part 1"

DELAY 100

Q STRING "Part 2"

DELAY 100

...

Even doing this, the payload fails in my laptop. When comparing what is written between my PC and my laptop, the laptop is missing like 80 characters of a total of 8000. Is there any way to solve this, other than shorting the strings even more and adding more delay?

Thank you very much, guys!

b0N3z · July 7, 2018

6 hours ago, Jausk said:

Good morning,

I recently acquired a BashBunny, and I have been playing with it for two days. This morning I managed to deploy a payload that launches a reverse meterpreter through powershell by making use of the HID and a veeeeery long string.

So, if I define this very long string as a unique string (Q STRING "Very Long String"), the payload works as expected in my PC, but it fails on my laptop as it seems the letters are not written in the right order, or some letters are missing. In order to mitigate this, I have divided the long string in multiple "Q STRING" statements, adding a DELAY of 100ms between then.

Q STRING "Part 1"

DELAY 100

Q STRING "Part 2"

DELAY 100

...

Even doing this, the payload fails in my laptop. When comparing what is written between my PC and my laptop, the laptop is missing like 80 characters of a total of 8000. Is there any way to solve this, other than shorting the strings even more and adding more delay?

Thank you very much, guys!

what are the specs of the laptop vs the desktop? It might be something where you have to break it down a bit more for an older system to be able to keep up with the speed of the hid attack.

PoSHMagiC0de · July 8, 2018

I believe there is a way to change the typing rate but cannot find it anywhere. If you find it, you can try slowing down the rate to see if that does it?

MB60893 · July 9, 2018

See DEFAULT_DELAY on the DuckyScript Github Page: https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Duckyscript

Not sure if this has been implemented entirely with the BashBunny, but I see no reason for it not to have been.

MB60893 · July 9, 2018

Also, see this forum post for more information:

Sebkinne · July 9, 2018

2 hours ago, MB60893 said:

See DEFAULT_DELAY on the DuckyScript Github Page: https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Duckyscript

Not sure if this has been implemented entirely with the BashBunny, but I see no reason for it not to have been.

This should work, yeah ?

Jausk · July 13, 2018

Thank you very much, guys. I will test this solution during the weekend and I will let you know.

Jausk · July 13, 2018

3 minutes ago, Jausk said:

Thank you very much, guys. I will test this solution during the weekend and I will let you know.

I have been reading the doc, and it seems that this command is intended to 'pause' between instructions, but not to reduce the typing rate, which I think is the problem. Before I can test, do you know if, as a previous message suggested, is there any way to change typing rate?

MB60893 · July 13, 2018

I don't believe the rate of typing characters can be changed directly... I don't know the process of doing it on the BashBunny, but you may need to avoid using the USB Rubber Ducky commands and create your own code that allows the BashBunny to act as a HID and type with the delays. Else get the duckyscript to type each character individually (horrible, but doable in the article I linked to in my previous post.)

Sebkinne · July 13, 2018

We'll be adding "typing speed" and even cadence to the firmware soon ?

Jausk · July 13, 2018

9 hours ago, Sebkinne said:

We'll be adding "typing speed" and even cadence to the firmware soon ?

Great, thank you! Looking forward to it ?

Also, thank you MB60803 for your approach, I'll take it into consideration!

Dave-ee Jones · July 17, 2018

Cadence meaning the "rhythm" of the string being inputted?

As in adding a random delay between each character being inputted? Just like someone typing?

# Pseudocode
for each char in string
	random delay (50, 300) # min, max in ms
	ducky(char)
end

Sebkinne · July 17, 2018

Pretty much that, yeah.

Dave-ee Jones · July 18, 2018

20 hours ago, Sebkinne said:

Pretty much that, yeah.

Good idea. Hadn't really thought of that before..

iondream · July 15, 2021

Does anyone know if this has been implemented yet?

Sign In

Problem with long strings

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Archived

Recently Browsing 0 members