Jump to content

Bitdefender AV stop most of Bash Bunny attacks


Recommended Posts

I played around with my Bash Bunny and most attacks that involve copying scripts to target will be stopped by Bitdefender AV. So if targeting a computer that might have ESET, Bitdefender etc you should never use attackmode STORAGE since your Bash Bunny's payload dir will be whiped by these two AV. Had a hard fight to even update the payload dir with bunnyupdater with the Bitdefender running 😉

But this is a nice device if used for the right purpose and you need to keep in mind that the target might have a nasty AV that can and will immunize your Bash Bunny instantly.
If you do want to test humans you should use Rubber Ducky and Bash Bunny for quick plugin/plugout operations.

Link to comment
Share on other sites

Maybe but it won't detect a pure HID device, if I run Rubber Ducky on HID, Masstorage it won't detect it. Probably it detect BB just because it shows entire filsystem while in masstorage mode. 

Have to run more tests with this, when running pure HID BB is undetected. 

Link to comment
Share on other sites

1 hour ago, fneagle said:

What version of Bitdefender are you using? I've tried Bitdefender Total Security 2020 an my Bash Bunny was not detected. I was able to run my example script without a problem.



Weird, I have Bitdefender Total Security 2020 too but mine stops everything, it even immunize the USB-drive when inserted disabling every script it finds that can be harmful etc.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...