Jump to content

Wait for exe to finish


EclipseXLV
 Share

Recommended Posts

I am trying to edit the password grabber payload.txt so that the Finish LED will only turn on once laZagne.exe has finished and closed, because right now it turns on after 10 second while laZagne is still running, which if i remove the usb at that point, all of the excavated passwords are lost.

i'd like it to work similar to powershell where if i Start-Process -filepath -wait 

it will wait to move on to the next line until the process has finished.

issue is, WAIT on the bunny script means Wait for switch position change, and for some reason i cant seem to get grep to find the word password in the password.txt file 

Any assistance/suggestions are appreciated, i just want the finish led to actually mean finished. 

 

Link to comment
Share on other sites

I'd append a line to the powershell script that creates a file on the Bash Bunny in a given folder. When LaZagne has finished executing, the powershell command would simply execute that line, creating a file on the Bash Bunny. Now, on the Bunny, you could modify the existing batch script to loop every 200ms or something to see if the file has been created. If it has, you can delete the file, and the LED could blink green.

Voila! A hacked machine. ^_^

Edited by MB60893
Link to comment
Share on other sites

thank you, this solution wors but my issue is when i use grep to find the file i created in my passwordgrabber file, it doesn't find it OR my system for looping the if grep lines doesn't work

here's  what i have written   

:loop
if grep DONE /root/udisk/loot/PasswordGrabber/
then
LED FINISH
else
sleep 5 
fi
goto loop

after laZagne finishes powershell creates a DONE file in the password grabber folder so my issue is either with my usage of grep or my loop

Link to comment
Share on other sites

1 minute ago, EclipseXLV said:

thank you, this solution wors but my issue is when i use grep to find the file i created in my passwordgrabber file, it doesn't find it OR my system for looping the if grep lines doesn't work

here's  what i have written   

:loop
if grep DONE /root/udisk/loot/PasswordGrabber/
then
LED FINISH
else
sleep 5 
fi
goto loop

after laZagne finishes powershell creates a DONE file in the password grabber folder so my issue is either with my usage of grep or my loop

works* not wors

 

Link to comment
Share on other sites

So, I think I posted quite a few dozen times about the attack mode some of the payloads do..."Storage".  Think USB storage.  What do you have to do with USB sticks on machines to ensure they are written to before you pull them out?  You eject them.  There you go.  Data will not show up to the bash bunny on its side until you eject it on the victim side.  There are already a few payloads out there that have examples of Powershell doing this.

Second thing is I see lazagne is being ran as a process so you will have to do a wait-process for it so the script waits until lazagne is done running before moving on and then you can add the done file and eject so it is seen by the BB.

 

What needs to be pinned at top of forums....

Bashbunny storage mode requires an eject/sync;umount to ensure files are written to the BB storage.  (ala clean eject)

Link to comment
Share on other sites

Considering the BB syncs the loot folder after ejecting, there must be a way to force it to sync... Similarly to my previous idea of having a file created for the BB to poll, I would suggest refreshing the LOOT directory on the BB side manually in the script (I'm not sure if there is an easy way to do this without unmounting the directory...?) essentially polling it until it finds the file... Hopefully that would work.

Link to comment
Share on other sites

So I tried just using the mount script below to synchronise directories and that worked well. See if you can get away using just that, or if need be use the unmount as well...

function mount_udisk() {
	mkdir -p /root/udisk
	mount -o sync /dev/nandf /root/udisk
}

function unmount_udisk() {
	sync
	umount /dev/nandf
}

* These were in the bunny_framework script on the Bash Bunny. You may be able to call them this way, but just be careful when you do. I don't know the consequences of doing this, especially if you still have it mounted when you pull the USB... Make sure you unmount the disk before flashing the LED.

Edited by MB60893
Link to comment
Share on other sites

Actually, upon further testing it appears that the mount_udisk function can simply be run to allow the BashBunny access to the disk. Any changes Windows or another operating system make to the storage part of the BashBunny are instantaneously able to be accessed under the udisk directory on the BashBunny. However, I haven't had success creating files with the BashBunny for the Windows OS to see. Despite this, that should solve your problem of being unable to access it without removing the drive. ? 

Link to comment
Share on other sites

Thanks everyone for the responses and all of the help, i had a feeling that the lines ":loop" and "goto loop" were my issue (as in: the bunny doesnt loop that part of the script). I tested this with a payload that just changes the lights 

:loop
LED G
LED B
goto loop

 and after changing from green to blue the bunny was left on a blue LED 

so it seems my issue now, is finding a loop method that the bunny will recognize.                                                                                                   

Link to comment
Share on other sites

On 7/16/2018 at 9:17 AM, PoSHMagiC0de said:

while true; do
    echo "your code indented block here"
    echo "more code continued"
done

there is your infinite loop in bash.

Infinite loops are a bad idea..even an infinite loop based on a variable is better.

bRunning="1"
while [ $bRunning -eq "1" ]; do
	# Do your jazz here
	if [ -f "file" ]; then
		bRunning="0"
	fi
done
# File exists; jazz complete

 

  • Like 1
Link to comment
Share on other sites

  • 4 weeks later...

So I waited to see if anyone discovers the answer....and I bet this is still an issue.  I noticed doing a fix above involve doing stuff on the bunny to mount and dismount drives.  I bet that takes timing since the file will not show up until the OS syncs it which will be anytime it feels like it.  So, like I mentioned, you need to eject Bunny and in the forums here someone posted the code but since I do not see it regurgitating here, here you go.  Try this while your loop on the BB is looking for that file that tells it it is done.

 

#This one be an example of getting the BashBunny USB drive letter which you probably already done.

$BB = (gwmi -class win32_volume -f {label = "BASHBUNNY"}).DriveLetter


#Do all your junk and after you write that done file do this.

$Eject = (new-object -ComObject Shell.Application).Namespace(17)
$Eject.ParseName($BB).InvokeVerb("Eject")

 

I bet after the above your loop on the BashBunny will find the done file and quit.

have you ever wrote something to a USB stick and just pull it out right afterwards to find the file not there?  Have you wondered why people always say to safely eject your USB drive.  There is a reason for all that that should be taken heed to.

I''m going back to scrolling through repeating threads now to see if any new topics are in there.  ?

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...