bashbugs Posted March 24, 2023 Share Posted March 24, 2023 Hi all, I am getting some strange results from a new Bash Bunny I just purchased this week and was wondering if anyone had any insight. Random key presses are getting the shift modifier incorrectly applied/not applied to them. This occurs on my Ubuntu 22.04 laptop but not on my W11 desktop. I was able to recreate this issue consistently with the following payload. payload.txt: ATTACKMODE HID Q STRING 1 + 1 = 2 Q ENTER Q STRING AaBbCcDdEe Q ENTER Here are the results after 5 runs: ! = 1 = 2 aabbccddee ! = 1 = 2 AabBccddee 1 = 1 = 2 AabbccDdEe ! = 1 = 2 aaBBccddee 1 = 1 = 2 aaBbccddee Anyone experienced anything similar or have some insight? Thanks in advance! Quote Link to comment Share on other sites More sharing options...
bashbugs Posted March 24, 2023 Author Share Posted March 24, 2023 Couldn't find the edit button, but I'll also point out that I upgraded to the latest firmware when I first got the Bunny, and when I noticed the problem I did a factory reset to the old firmware. Happened on both. Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted March 24, 2023 Share Posted March 24, 2023 (edited) Yes, I've experienced that on Linux based computers. I've seen others that has had similar issues as well. Not really had any reason to dig deeper into it though since it's not my main target environment when using the Bunny. I have made some tests using the USB Rubber Ducky on the same PCs and haven't been able to recreate it, so it could perhaps be Bunny related. If you need this to work and want to report it, then I'd suggest creating a support ticket. Edited September 28, 2023 by dark_pyrro Quote Link to comment Share on other sites More sharing options...
Irukandji Posted March 24, 2023 Share Posted March 24, 2023 And to create a support ticket. The link is here. https://hak5.customerdesk.io Quote Link to comment Share on other sites More sharing options...
theSW4n Posted September 27, 2023 Share Posted September 27, 2023 I am experiencing the same thing in Ubuntu 22.04.3 LTS! Everything works fine in MacOS and Kali Linux, but not Ubuntu. Tried multiple computers, USB ports, etc. Same result every time with the shift presses. I have seen some people mention driver support, so I tried a couple different VID_/PID_ combinations, to no avail. I tried on USB3 and USB2 ports. I also tried "DEFAULT_DELAY 100" at the top of the script. Quote Link to comment Share on other sites More sharing options...
theSW4n Posted September 27, 2023 Share Posted September 27, 2023 It’s something to do with the desktop environment. The default in 22.04 is a modified KDE Plasma desktop environment. When switching to Plasma (X11) or Xorg, shift works as expected. I’ll see if I can isolate the issue for a fix perhaps. Quote Link to comment Share on other sites More sharing options...
theSW4n Posted September 28, 2023 Share Posted September 28, 2023 Sorry I meant to say, the default desktop environment in Ubuntu 22.04 is GNOME. However I think I figured out the issue. For this specific OS version, GNOME is using the Wayland display server by default, with a Mutter compositor. Wayland/Mutter has some built in security functions designed to help protect against keyboard injection (boo... erm... yay?). The simple solution is to use a terminal emulator like xterm or konsole. In fact, there is a Bash Bunny extension to do this for us! $ RUN UNITY xterm Hope that helps! Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted September 28, 2023 Share Posted September 28, 2023 If xterm is available on the Ubuntu target, that is Quote Link to comment Share on other sites More sharing options...
theSW4n Posted September 29, 2023 Share Posted September 29, 2023 True. I believe it’s part of the default install of Ubuntu 22.04 at least. The solution I ended up using actually didn’t use the RUN extension because Kali didn’t like it and/or I didn’t know what my options were and I wanted a universal Linux OS solution. My method was… $ QUACK GUI $ QUACK GUI SPACE $ QUACK STRING “terminal” $ QUACK ENTER $ QUACK STRING “xterm || konsole” $ QUACK ENTER This works in MacOS because the default display server isn’t Wayland, and the other terminal binaries like xterm and konsole just didn’t exist, so the extra command doesn’t hurt anything. Then for Ubuntu it opens a Wayland terminal, but then it will just run through the list of non-Wayland terminals until one exists, since they can be opened without using the shift key, and you’re good to go. List as many terminal emulators as you want that you know will work and hope one is installed. But then if Wayland/Mutter ever is updated to block more than shift presses, my method fails. Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted September 29, 2023 Share Posted September 29, 2023 Can't agree really that it's part of the "out of the box experience" when it comes to Ubuntu 22.04. I checked on 3 of my 22.04 boxes and none had xterm available. (Not the default Kali rolling release VM I spun up either). Quote Link to comment Share on other sites More sharing options...
theSW4n Posted September 29, 2023 Share Posted September 29, 2023 Oh interesting. Thanks for checking that. Do you mind listing which terminals are available in your boxes pls? Quote Link to comment Share on other sites More sharing options...
Irukandji Posted September 29, 2023 Share Posted September 29, 2023 Try CONTROL ALT t Most of the Desktops have it as shortcut for the Terminal. Note: it's almost 12:30 in the morning. Quote Link to comment Share on other sites More sharing options...
theSW4n Posted October 28, 2023 Share Posted October 28, 2023 You're right but I found a more universal method that seems to work on MacOS and the few linux distros I tested (Ubuntu, Manjaro and Kali). QUACK GUI SPACE #Will open a search prompt to search for terminal in MacOS, and does nothing in Linux QUACK GUI #Will open a search prompt in Linux and does nothing in MacOS QUACK STRING "terminal" #Opens a terminal, but we don't know what kind of terminal it opened and it might not be compatible with BashBunny SHIFT presses, so we will attempt to open a few known working terminals if they are installed on the machine QUACK ENTER QUACK DELAY 1500 QUACK STRING "qterminal" #This is the first of many possible known working terminals and we check to see if it's installed QUACK ENTER QUACK DELAY 500 QUACK STRING "n" #In Kali and probably some other Linux distributions, the terminal will prompt you to install the package if it isn't already, to which we say "no". If it's an OS that doesn't prompt to install, like MacOS, this will do no harm. Of course you could say "y" but then you're modifying the host OS which may be undesirable. QUACK ENTER QUACK DELAY 500 QUACK STRING "gnome-terminal" #If qterminal did not launch, perhaps gnome-terminal will be installed. If qterminal did launch, no problem, it will just try to launch gnome-terminal from within it, and so on and so forth as many terminals as you want to try. This way we have the best chances of launching a terminal that BashBunny is compatible with. QUACK ENTER QUACK DELAY 500 QUACK STRING "n" QUACK ENTER QUACK DELAY 500 QUACK STRING "killall qterminal & killall gnome-terminal- & killall Terminal & killall xterm & killall konsole & killall lxterminal & killall urxvt & killall st & killall alacritty & killall xfce4-terminal & killall tilda" #This will close all of the terminals that may have opened once the script is complete QUACK ENTER In my testing, I found the following terminal emulators to be compatible with BashBunny... Terminal (macOS) qterminal gnome-terminal xterm konsole lxterminal urxvt st alacritty xfce4-terminal tilda cool-retro-term Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.