Jump to content

[PAYLOAD] BunnyPicker (Win1oLockpicker)


rf_bandit

Recommended Posts

Posted

i've updated the sources.list then tried to git clone the link but it keeps giving 'unable to access' 'could not resolve host'

i was unaware of updating the sources.list.d until after the fact. any tips on how to restore the original sources.list or have the links so i can do it manually? factory reset doesnt reset it. thanks

Posted

You have to be more specific. Since you mention sources.list, I can't really see how that relates to cloning a GitHub repo. It seems to me that you're trying to install something on the Bunny using apt (probably gcc or git or both) and it's apt throwing back errors at you (which is totally normal when it comes to the Bunny since it's running Debian Jessie and that is a deprecated release, hence the errors since it's not maintained any longer).

In what way are you sure that factory reset doesn't work? By looking at the contents of the Bunny udisk (the storage device that mounts to the computer when you have set the Bunny in arming mode, or using ATTACKMODE STORAGE without a Micro SD card)? If so, that's no sign of if the Bunny was reset or not since the udisk is left untouched when doing a factory reset, i.e. all files and directories on the udisk is still there even though the Bunny (the OS and all the Hak5 specifics) have been reset.

Posted
4 hours ago, rf_bandit said:

are you sharing the internet connection from your host?

no but it does the apt update, so i figure its getting connection somehow

 

Posted
15 hours ago, dark_pyrro said:

You have to be more specific. Since you mention sources.list, I can't really see how that relates to cloning a GitHub repo. It seems to me that you're trying to install something on the Bunny using apt (probably gcc or git or both) and it's apt throwing back errors at you (which is totally normal when it comes to the Bunny since it's running Debian Jessie and that is a deprecated release, hence the errors since it's not maintained any longer).

In what way are you sure that factory reset doesn't work? By looking at the contents of the Bunny udisk (the storage device that mounts to the computer when you have set the Bunny in arming mode, or using ATTACKMODE STORAGE without a Micro SD card)? If so, that's no sign of if the Bunny was reset or not since the udisk is left untouched when doing a factory reset, i.e. all files and directories on the udisk is still there even though the Bunny (the OS and all the Hak5 specifics) have been reset.

i'm looking at /etc/apt/sources.list and the changes that were made are still there after doing the factory reset

Posted
57 minutes ago, dark_pyrro said:

If so, the factory reset hasn't been successful. Are you leaving it plugged to a power source the 4th time you've plugged it in during the reset procedure?

yes and it goes through the police lights

 

Posted
58 minutes ago, dark_pyrro said:

If so, the factory reset hasn't been successful. Are you leaving it plugged to a power source the 4th time you've plugged it in during the reset procedure?

all the tools are deleted after the reset

Posted

Y

On 6/9/2023 at 3:24 PM, efexit said:

no but it does the apt update, so i figure its getting connection somehow

 

Make sure the BB is connected to the internet, because it sounds like that's your problem.

Posted
7 hours ago, rf_bandit said:

 

Make sure the BB is connected to the internet, because it sounds like that's your problem.

yea its the connection to the internet. for some reason i cant get it to work. i've ran the Windows_NIC Sharing payload...it goes through the ps script but it gives an error "Test-Connection : Testing connection to computer '172.16.64.1' failed: Error due to lack of resources
At line:1 char:46
+ ...  15 ; while ($true) {If (Test-Connection 172.16.64.1 -count 1) {IEX ( ...
+                              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ResourceUnavailable: (172.16.64.1:String) [Test-Connection], PingException
    + FullyQualifiedErrorId : TestConnectionException,Microsoft.PowerShell.Commands.TestConnectionCommand"

Posted

Well, I have some doubts about that payload in general, but that's another discussion.

Start with creating a simple payload that uses ATTACKMODE RNDIS_ETHERNET and attach the Bunny to the PC and verify that it shows up as a network device and hands out a DHCP lease to the PC from the 172.16.64.0/24 range.

Posted
On 6/12/2023 at 6:29 PM, efexit said:

yea its the connection to the internet. for some reason i cant get it to work. i've ran the Windows_NIC Sharing payload...it goes through the ps script but it gives an error "Test-Connection : Testing connection to computer '172.16.64.1' failed: Error due to lack of resources
At line:1 char:46
+ ...  15 ; while ($true) {If (Test-Connection 172.16.64.1 -count 1) {IEX ( ...
+                              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ResourceUnavailable: (172.16.64.1:String) [Test-Connection], PingException
    + FullyQualifiedErrorId : TestConnectionException,Microsoft.PowerShell.Commands.TestConnectionCommand"

Follow the Hak5 instructions https://docs.hak5.org/bash-bunny/internet-connectivity/sharing-an-internet-connection-from-windows

  • 8 months later...
Posted

Just dropping this here for posterity. Since this is an old post.

Im also new to the scene and i had the same self inflicted problem. You need to have a payload on one of the switches with the ATTACKMODE RNDIS_ETHERNET(for windows computers).

Connect the Bash Bunny to the computer in that mode, it will show up as a networkcard. Follow the instructions for setting up windows internet connection.

Here comes the goof i did to cause this. I then took out the BB and connected it in arming mode since thats the only way i could connect to it with my limited knowledge. I was also using Linux at the time but since the problem in this thread is using windows ill just about it in the windows environment. Instead SSH (Putty or something for windows) into the BB using its ip within the 172.16.64.0/24 range. Mine was 172.16.64.1. Then continue as you would in arming mode, with the exception that you now have a internet connection. apt update and everything else worked for me after this.

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...