Jump to content

[PAYLOAD] BunnyPicker (Win1oLockpicker)


rf_bandit
Go to solution Solved by rf_bandit,

Recommended Posts

i've updated the sources.list then tried to git clone the link but it keeps giving 'unable to access' 'could not resolve host'

i was unaware of updating the sources.list.d until after the fact. any tips on how to restore the original sources.list or have the links so i can do it manually? factory reset doesnt reset it. thanks

Link to comment
Share on other sites

You have to be more specific. Since you mention sources.list, I can't really see how that relates to cloning a GitHub repo. It seems to me that you're trying to install something on the Bunny using apt (probably gcc or git or both) and it's apt throwing back errors at you (which is totally normal when it comes to the Bunny since it's running Debian Jessie and that is a deprecated release, hence the errors since it's not maintained any longer).

In what way are you sure that factory reset doesn't work? By looking at the contents of the Bunny udisk (the storage device that mounts to the computer when you have set the Bunny in arming mode, or using ATTACKMODE STORAGE without a Micro SD card)? If so, that's no sign of if the Bunny was reset or not since the udisk is left untouched when doing a factory reset, i.e. all files and directories on the udisk is still there even though the Bunny (the OS and all the Hak5 specifics) have been reset.

Link to comment
Share on other sites

15 hours ago, dark_pyrro said:

You have to be more specific. Since you mention sources.list, I can't really see how that relates to cloning a GitHub repo. It seems to me that you're trying to install something on the Bunny using apt (probably gcc or git or both) and it's apt throwing back errors at you (which is totally normal when it comes to the Bunny since it's running Debian Jessie and that is a deprecated release, hence the errors since it's not maintained any longer).

In what way are you sure that factory reset doesn't work? By looking at the contents of the Bunny udisk (the storage device that mounts to the computer when you have set the Bunny in arming mode, or using ATTACKMODE STORAGE without a Micro SD card)? If so, that's no sign of if the Bunny was reset or not since the udisk is left untouched when doing a factory reset, i.e. all files and directories on the udisk is still there even though the Bunny (the OS and all the Hak5 specifics) have been reset.

i'm looking at /etc/apt/sources.list and the changes that were made are still there after doing the factory reset

Link to comment
Share on other sites

57 minutes ago, dark_pyrro said:

If so, the factory reset hasn't been successful. Are you leaving it plugged to a power source the 4th time you've plugged it in during the reset procedure?

yes and it goes through the police lights

 

Link to comment
Share on other sites

58 minutes ago, dark_pyrro said:

If so, the factory reset hasn't been successful. Are you leaving it plugged to a power source the 4th time you've plugged it in during the reset procedure?

all the tools are deleted after the reset

Link to comment
Share on other sites

7 hours ago, rf_bandit said:

 

Make sure the BB is connected to the internet, because it sounds like that's your problem.

yea its the connection to the internet. for some reason i cant get it to work. i've ran the Windows_NIC Sharing payload...it goes through the ps script but it gives an error "Test-Connection : Testing connection to computer '172.16.64.1' failed: Error due to lack of resources
At line:1 char:46
+ ...  15 ; while ($true) {If (Test-Connection 172.16.64.1 -count 1) {IEX ( ...
+                              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ResourceUnavailable: (172.16.64.1:String) [Test-Connection], PingException
    + FullyQualifiedErrorId : TestConnectionException,Microsoft.PowerShell.Commands.TestConnectionCommand"

Link to comment
Share on other sites

Well, I have some doubts about that payload in general, but that's another discussion.

Start with creating a simple payload that uses ATTACKMODE RNDIS_ETHERNET and attach the Bunny to the PC and verify that it shows up as a network device and hands out a DHCP lease to the PC from the 172.16.64.0/24 range.

Link to comment
Share on other sites

On 6/12/2023 at 6:29 PM, efexit said:

yea its the connection to the internet. for some reason i cant get it to work. i've ran the Windows_NIC Sharing payload...it goes through the ps script but it gives an error "Test-Connection : Testing connection to computer '172.16.64.1' failed: Error due to lack of resources
At line:1 char:46
+ ...  15 ; while ($true) {If (Test-Connection 172.16.64.1 -count 1) {IEX ( ...
+                              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ResourceUnavailable: (172.16.64.1:String) [Test-Connection], PingException
    + FullyQualifiedErrorId : TestConnectionException,Microsoft.PowerShell.Commands.TestConnectionCommand"

Follow the Hak5 instructions https://docs.hak5.org/bash-bunny/internet-connectivity/sharing-an-internet-connection-from-windows

Link to comment
Share on other sites

  • 8 months later...

Just dropping this here for posterity. Since this is an old post.

Im also new to the scene and i had the same self inflicted problem. You need to have a payload on one of the switches with the ATTACKMODE RNDIS_ETHERNET(for windows computers).

Connect the Bash Bunny to the computer in that mode, it will show up as a networkcard. Follow the instructions for setting up windows internet connection.

Here comes the goof i did to cause this. I then took out the BB and connected it in arming mode since thats the only way i could connect to it with my limited knowledge. I was also using Linux at the time but since the problem in this thread is using windows ill just about it in the windows environment. Instead SSH (Putty or something for windows) into the BB using its ip within the 172.16.64.0/24 range. Mine was 172.16.64.1. Then continue as you would in arming mode, with the exception that you now have a internet connection. apt update and everything else worked for me after this.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...