GeneralBison Posted August 24, 2021 Posted August 24, 2021 I noticed that MG was able to replicate the RazerInstaller Privesc by setting the OMG cable's VID and PID to emulate a Razer keyboard, I've been trying to do the same rather than lugging my Blackwidow into work to use on a test and it doesn't work, the VID is detected as Razer but the PID seems to be unknown. I also noticed that the BashBunny is showing as an "RNDIS/Ethernet Gadget" even though I only have HID set in the payload. Does anyone know how to fix these issues?
Darren Kitchen Posted August 26, 2021 Posted August 26, 2021 Try adding the MAN_ and SN_ parameters to your ATTACKMODE. You probably also need to add another mode in addition to just HID because simply HID by itself (or any one attack mode for that matter) will enumerate as a single-interface device rather than a multi-interface "composite" device, which is what the target is expecting. See https://docs.microsoft.com/en-us/windows-hardware/drivers/install/standard-usb-identifiers
chrizree Posted August 27, 2021 Posted August 27, 2021 On 8/24/2021 at 2:46 PM, GeneralBison said: the VID is detected as Razer but the PID seems to be unknown Adding SERIAL to ATTACKMODE seems to have solved some attempts to get this working according to discussions on Discord. Try using the payload that is available on the Hak5 GitHub. https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/execution/RazerSystemShell MG has posted a link on Twitter to a list of about 2500 devices that possibly can be used, extra parameters may be found there
Recommended Posts
Archived
This topic is now archived and is closed to further replies.