Jump to content

Bash bunny in 2019?

Skr3w

By Skr3w
in Bash Bunny

 Share

Recommended Posts

Skr3w Newbie

Skr3w

Posted
Posted

Hey all 🙂 

I have been pretty interested in getting a bash bunny and was wandering if it’s still a good buy? Only reason I ask is because after looking through the forums I’ve seen people saying it gets whiped when put into a machine with certain anti virus software. 
 

Just looking for some opinions on what the bash bunny is like tbh. 
 

Thanks, 

-S 🤘🏻

Link to comment
Share on other sites
Skr3w Newbie

Skr3w

Posted
  • Author
Posted
12 hours ago, bunnylover said:

I think it's still worth it, because you can easily turn the av off or just make an exclusion. I would still buy one

Okay thanks 🙂 definitely think I’m going to get one of these and the new shark jack 

Link to comment
Share on other sites
kuyaya Rookie

kuyaya

Posted
Posted

Idk about the shark jack. Newer isn't better. I mean, the bb is a ethernet adapter, keyboard, mass storage all at once. Just think about what you want to do and then choose the right one. Maybe the right one is the rubber ducky, idk what you want to do with those tools. Just think about what you want to do before buying it. (im not saying the shark jack is bad) 

  • Like 1
Link to comment
Share on other sites
  • 1 month later...
kuyaya Rookie

kuyaya

Posted
Posted
On 12/6/2019 at 2:35 AM, x_0 said:

I love the bunny. I've run it on a slew of machines and have never had AV issues.

Try running the passwordgrabber payload. If you still have no av issues, then something is wrong. LaZagne get's always detected by an AV (my experience).A way to bypass that is to make an exclusion or just turn the av off by hand (takes about 5 sec). 

Link to comment
Share on other sites
  • 1 month later...
dmetron Newbie

dmetron

Posted
Posted
On 12/10/2019 at 9:45 AM, kuyaya said:

Try running the passwordgrabber payload. If you still have no av issues, then something is wrong. LaZagne get's always detected by an AV (my experience).A way to bypass that is to make an exclusion or just turn the av off by hand (takes about 5 sec). 

Actually changing the lazagne code up a bit bypasses most avs. Just add some comments and add and call some dummy functions for good measure. Also make sure to search-replace all occurrences of the actual term 'lazagne' and you're good to go.

 

Some avs do warn about a suspect executable file but report it safe after a quick scan and let it execute anyway.

Link to comment
Share on other sites
kuyaya Rookie

kuyaya

Posted
Posted
2 hours ago, dmetron said:

Actually changing the lazagne code up a bit bypasses most avs. Just add some comments and add and call some dummy functions for good measure. Also make sure to search-replace all occurrences of the actual term 'lazagne' and you're good to go.

 

Some avs do warn about a suspect executable file but report it safe after a quick scan and let it execute anyway.

Really? Have you managed to modify lazagne so it doesn't get spotted but still works as good as before?

Link to comment
Share on other sites
  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...