Jump to content

How do i install a python library onto my bashbunny?


Kamina

Recommended Posts

i'm a newbie when it comes to this bashbunny and i need to install a python library for keylogger that i'm trying rn. It would be nice if you could either show me how to install a python library onto the bashbunny or maybe how to set up a keylogger in general

Link to comment
Share on other sites

  • 2 weeks later...
  • 5 months later...
  • 2 weeks later...

Hey @Darren Kitchen

It is wonderful to see you are still highly active in the forums and everywhere within Hak5. I highly respect your character, attitude, personality, and intellect and how much you have accomplished in the pen-testing / cybersecurity world. Plus, your show is fantastic as well. Overall I have become a fanboy of Hak5, haha.

So, first off, I should test this at home when I have the time, but hopefully, you can just possibly answer my question before I even get home.

I have my BB Mark II plugged into my Kali Linux virtual machine on my work laptop in arming mode, and the interface seems to not detect it. Neither does it if I put it in Switch 1 or 2 with payloads using Ethernet/Mass Storage. Here is a link to an image of me attempting this on my lunch right now: https://imgur.com/gallery/3WifEOM

Also, I have been given permission and authorization to test payloads on our machines at work. So, I have been looking out for new payloads, pull requests, and more on these forums, as well as payloads that work or ones that are obsolete since I have full access to Windows 10, Mac, Linux PCs, laptops, and all sorts of hardware and network switches, etc. As long as I do not leave the campus with sensitive data, I am fine.

Anyway, I am using my Kali Linux VMware Workstation Pro 16 to arm payloads, write my own, use the BB Manager, and everything else with the Bash Bunny Mark II since I am mainly on Kali Linux anyway. Windows 10 loves to mark everything as a virus, and it is much easier to just use it in Linux for arming mode.

I need to learn more about PowerShell and more so I can write some payloads that would be a great asset to the Hak5 community. I believe in everyone here as they all seem to be white hat pentesters and work hard to make this device and the rest so much better.

I am a Frontend Web Designer & Developer but looking to get my OSCP certification and learn penetration testing in the meantime over these past 10 months or so but still new to it after nearly a year. Especially the password cracking but eventually figured it out in time to image all the computers in that cybersecurity classroom and move onto the next assignment for our IT Department, and the instructor is still unreachable.

I managed to dump the credentials of our AC1-145 classroom at CCC, where I work in the Web Design/Marketing and IT Departments at my College. As much as I love designing web pages, web applications in Vue, React, and the triad of standards, I am just too passionate about pentesting and the Linux environment to ever give up on learning it. I hope to be a great asset to cybersecurity and the Hak5 forums and GitHub Repositories, etc.

We needed to get the Onboard NIC password and eventually the instructor's station since he is on vacation until the campus is back open. We have been unsuccessful in contacting him still. Still, because I had the Bash Bunny Mark II, over 60 computers and students will have their computers ready to use next week for their cybersecurity courses. So, thank you for everything you have done in the cybersecurity community and world.

I was able to get the password from the student's computers (Dell OptiPlex) which I never had attempted before but got it. Then, I was able to get the hash string and use Hashcat to get the instructor's password. Not only was it a wonderful learning experience and exciting, but I also was paid to do it since I was on the clock working that day.  

I hope to be helpful to Hak5, our community, and the cybersecurity community, in general, to make the online world safer as I learn more, but I need to get past some of these beginner hurdles first.

My main questions are more than likely quite simple ones, but I am still learning the Bash Bunny Mark II, Ducky Language, Bash/Shell Payloads, Python (still find Vue/React easier somehow), and overall the Linux pentesting tools. I still struggle to find the correct listening port for Metasploit payloads and exploits and other simple pentesting tools, but overall I am here to learn and help eventually.

I am going to finish my lunch and get back to work. Hopefully, I can figure out how to make the Internet connection sharing with the BB on Windows and Linux, keep testing older payloads and newer ones, write new ones, and help others that are contributing to the more recent payloads.

I have found many of the payloads to not work that I want to get working again. Especially Browser Data and the credential ones. I noticed simple Sophos pre-installed antivirus software from our college to protect our machines from the BB, but I am trying to find ways around it, especially after finals are over this week.

I also have a YouTube Channel I used to do gaming on but I might do some videos on the Bash Bunny Mark II once I learn it more but maybe a setup video? Thinking about it all and learning it all still though. https://www.youtube.com/c/ShadowGaming99

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...