Jump to content

Just the basics? HELP!!


mcwc

Recommended Posts

I am new to all this and trying to learn to do some light pentesting/raise awareness in my building. I am trying to use this "change wall paper" attack to notify people that leave their computer and am having trouble. https://github.com/hak5/bashbunny-payloads/pull/245/commits/29d750d2062eece73b971f622e75eac8bc3bb7d5

I have added the payload, s.ps1, and my w.png file i want to use to "switch1" folder. 

when i plug it in, it just goes to setup then fail LED colors. nothing else happens. 

I have tried modifying some of the lines to things that make sense to me (ie. changing "$SWITCH_POSITION" on line 24 and 39 to "switch1")

is there anything i need to modify in the payload or s.ps1 files? trying to figure out what i am doing wrong. I am just learning so dont have any experience any help would be greatly appreciated. just trying to get it to work and learn some maybe obvious things im missing.  

Link to comment
Share on other sites

In what way is PowerShell execution policies set up on the target computer? Running ps1 scripts might be restricted on that machine. Plug in the Bunny in arming mode and try to run x:\payloads\switch1\s.ps1 "manually" from a PoSh window (where x is the drive letter of the Bunny). What errors are showing (if any)? Also check that there's actually a Desktop directory for the current user. It might be missing. Make sure that the Bunny actually holds the ps1 and the png in the correct directory. Those files missing is the only thing in the payload that should trigger LED FAIL.

Link to comment
Share on other sites

thanks for the response @chrizree i am just wondering if you can clarify something that might sound ridiculous..... does anything in the s.ps1 file need to be edited/changed?

I havnt modified it at all. also with the payload file.... would i need to edit things like "PAYLOAD_DIR" or "$SWITCH_POSITION" or "Name+"

i think we all might be overestimating my level of experience haha. Trying to figure out where and what information needs to be added to the script to see exactly how in over my head i am. To be honest.... i was hoping and kind of expecting that one could just add payloads and have them work. I am currently only taking a compTIA Network+ course to kick start my learning. not sure where to go from there, so theres an idea of my current capabilities. I imagine theres way too much to learn that no one is going to want to help me. 

Link to comment
Share on other sites

There are no shortcuts to knowledge, especially not within cybersec. "Blood, sweat and tears" are involved here as well as in other areas of expertise. Just buying a gadget in the belief that it will make someone a "hacker"/pentester is a big misconception. Knowledge and skills are needed to get things working and since cybersec is a constantly evolving landscape (like in a cat and mouse game), you have to 1) know any limits that are out there that might stop youand 2) constantly change to keep ahead of the defense.

When it comes to running that ps1 file to just see if PowerShell execution policies are in place, you don't need to change anything in the file. PowerShell will throw back errors at you just simply by trying to run the ps1 file.

Link to comment
Share on other sites

Don't be shy to ask. However, most ppl really like to see that someone has really tried (and tried and tried) before asking for help so that the question isn't just put out there when facing any problem with an "It's not working!!!" attitude. That most often is a bad strategy. I'd also recommend to join the Hak5 Discord server. A lot more activity there than here on the forums and a lot of ppl with great knowledge.

https://hak5.org/discord

Link to comment
Share on other sites

  • 1 month later...

Warning with the forums and Hak5 discord.  No one likes "It's not working" followed up by "It's not doing what I want it to do" when asked what is happening.  Folks need to know what is actually going on to fix it.  I have not met a psychic hacker yet.  If they exist, I am sure they are really epic.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...