Jump to content

Payloads not firing on bash bunny please help!


hoochrulez55

Recommended Posts

5 hours ago, hoochrulez55 said:

How do I check what firmware version I’m running? I want to see if it flipped it back to 1.0. The file in the file structure says 1.7 still. Not sure if perhaps I could get root and ssh in to check?

You have two files that should tell what version you are on; the version.txt file that is available on the storage that is mounted to the target in arming mode or if ATTACKMODE STORAGE is used (with no Micro SD card inserted if using the Mk2 that is), i.e. what is called the udisk of the Bunny. Then you also have a version.txt file in /root but to be able to see that file you need to ssh (or serial) into the Bunny. They should tell you the same version (this is however not always true, but I'll skip that story here).

As for the Bunny Mk2, it should go back to the most recent version on factory reset since the 1.7 version is the only one released for the Mk2. I.e. if you reset a Mk1, it will revert back a number of versions so that it needs to be updated to get to the latest firmware version after a reset. But for the Mk2, there has only been one (1) release this far so it will "revert" to the same version as it initially was using when resetting the device.

Link to comment
Share on other sites

1 hour ago, dark_pyrro said:

You have two files that should tell what version you are on; the version.txt file that is available on the storage that is mounted to the target in arming mode or if ATTACKMODE STORAGE is used (with no Micro SD card inserted if using the Mk2 that is), i.e. what is called the udisk of the Bunny. Then you also have a version.txt file in /root but to be able to see that file you need to ssh (or serial) into the Bunny. They should tell you the same version (this is however not always true, but I'll skip that story here).

As for the Bunny Mk2, it should go back to the most recent version on factory reset since the 1.7 version is the only one released for the Mk2. I.e. if you reset a Mk1, it will revert back a number of versions so that it needs to be updated to get to the latest firmware version after a reset. But for the Mk2, there has only been one (1) release this far so it will "revert" to the same version as it initially was using when resetting the device.

Excellent response. Thanks for being so detailed. I have a mark 2 device. I flashed 1.7 back to the device to make sure I was on the latest version. I tried resetting the firmware but not too sure if it worked so I wanted to check firmware version. One question for you, I am fairly decent in Linux for terminal commands, but what is the command when I am in root over ssh to check the version? Just so I know for the future. I appreciate your time (and your answer if you have one for my question)

Link to comment
Share on other sites

Not sure if I understand you correctly (since it's a rather simple and trivial question), but if you want to view the contents of a file then just use the cat command.

cat /root/version.txt

Or, use an editor (like nano), but that's a bit of an overkill.

If you want to see the version.txt that is on the udisk when ssh'd into the Bunny, you need to mount the udisk first using; udisk mount. Be careful when doing that if you are in arming mode or ATTACKMODE STORAGE since it will be mounted to the target machine at the same time which might result in problems if trying to write to the file system from two sides at the same time (and such). It's most often not a problem though if you know what you are doing.

I also forgot to mention in my last post (was rushing between meetings), that the udisk (the part of the storage that is normally mounted to the target) is left untouched on a factory reset. That is why it might look as if nothing has happened, i.e. the payload directory structure and possible old files are still there, etc. If you want to clean that up, you need to do it manually or ssh into the Bunny and run; udisk reformat

Link to comment
Share on other sites

1 minute ago, dark_pyrro said:

Not sure if I understand you correctly (since it's a rather simple and trivial question), but if you want to view the contents of a file then just use the cat command.

cat /root/version.txt

Or, use an editor (like nano), but that's a bit of an overkill.

If you want to see the version.txt that is on the udisk when ssh'd into the Bunny, you need to mount the udisk first using; udisk mount. Be careful when doing that if you are in arming mode or ATTACKMODE STORAGE since it will be mounted to the target machine at the same time which might result in problems if trying to write to the file system from two sides at the same time (and such). It's most often not a problem though if you know what you are doing.

I also forgot to mention in my last post (was rushing between meetings), that the udisk (the part of the storage that is normally mounted to the target) is left untouched on a factory reset. That is why it might look as if nothing has happened, i.e. the payload directory structure and possible old files are still there, etc. If you want to clean that up, you need to do it manually or ssh into the Bunny and run; udisk reformat

Oh okay so I can just cat the file since this is debian linux. Awesome thanks. I’m brand new at this device. Still learning. I love computers. Always have. Thanks for helping me learn. I ended up adding the correct folders back to the file structure manually since some of them vanished. I must have accidentally deleted or misplaced them. The bunny now works and fires payloads again. This was the original issue on this post. I was instructed to flash the firmware initially. Since its mark 2, I think it put the 1.7 firmware back on the device. So it must’ve reflashed the same firmware. Jumping over hurdles that arent required I guess haha. Everything works now. I appreciate all of the help from this post. Dont be late for your meeting! Lol

Link to comment
Share on other sites

6 hours ago, hoochrulez55 said:

Oh okay so I can just cat the file since this is debian linux. Awesome thanks. I’m brand new at this device. Still learning. I love computers. Always have. Thanks for helping me learn. I ended up adding the correct folders back to the file structure manually since some of them vanished. I must have accidentally deleted or misplaced them. The bunny now works and fires payloads again. This was the original issue on this post. I was instructed to flash the firmware initially. Since its mark 2, I think it put the 1.7 firmware back on the device. So it must’ve reflashed the same firmware. Jumping over hurdles that arent required I guess haha. Everything works now. I appreciate all of the help from this post. Dont be late for your meeting! Lol

 

Link to comment
Share on other sites

On 9/16/2022 at 7:58 PM, Royster said:

Do you know where I can find someone that can build me a payload

What payload did you have in mind ? And why don't you code it yourself ?
Try to play around with the ones from the BB repo, and see how they work, and use them as inspiration for your own, that's usually a good starting point 😉

/NX

Link to comment
Share on other sites

51 minutes ago, NoExecute said:

What payload did you have in mind ? And why don't you code it yourself ?
Try to play around with the ones from the BB repo, and see how they work, and use them as inspiration for your own, that's usually a good starting point 😉

/NX

The above post is awesome! Try the payloads out at the hak5 website under the tab named payloads or the BB repo on Github. Those are your two main sources. You can search for your device  on the hak5 site and select the type of payload as well. These are prewritten. Most I have tried have worked well. I haven’t personally sat down and tried my own payload writing skills but eventually I will start playing around with my laptop👍🏻

 

Hooch

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...