rf_bandit Posted June 1, 2023 Posted June 1, 2023 Basically Win10Lockpicker for the old P4wnP1, but working on the Bash Bunny on current Win10/Win11 systems. https://github.com/rf-bandit/bashbunny-payloads/tree/BunnyPicker/payloads/library/credentials/BunnyPicker
efexit Posted June 4, 2023 Posted June 4, 2023 the git hub link for John is no good in this, any clue where to get a legit package
rf_bandit Posted June 5, 2023 Author Posted June 5, 2023 I just double checked and I'm not seeing the issue.
efexit Posted June 9, 2023 Posted June 9, 2023 i've updated the sources.list then tried to git clone the link but it keeps giving 'unable to access' 'could not resolve host' i was unaware of updating the sources.list.d until after the fact. any tips on how to restore the original sources.list or have the links so i can do it manually? factory reset doesnt reset it. thanks
dark_pyrro Posted June 9, 2023 Posted June 9, 2023 You have to be more specific. Since you mention sources.list, I can't really see how that relates to cloning a GitHub repo. It seems to me that you're trying to install something on the Bunny using apt (probably gcc or git or both) and it's apt throwing back errors at you (which is totally normal when it comes to the Bunny since it's running Debian Jessie and that is a deprecated release, hence the errors since it's not maintained any longer). In what way are you sure that factory reset doesn't work? By looking at the contents of the Bunny udisk (the storage device that mounts to the computer when you have set the Bunny in arming mode, or using ATTACKMODE STORAGE without a Micro SD card)? If so, that's no sign of if the Bunny was reset or not since the udisk is left untouched when doing a factory reset, i.e. all files and directories on the udisk is still there even though the Bunny (the OS and all the Hak5 specifics) have been reset.
rf_bandit Posted June 9, 2023 Author Posted June 9, 2023 are you sharing the internet connection from your host?
efexit Posted June 9, 2023 Posted June 9, 2023 i'm following these instructions from the initial setup here bashbunny-payloads/payloads/library/credentials/BunnyPicker at BunnyPicker · rf-bandit/bashbunny-payloads · GitHub
efexit Posted June 9, 2023 Posted June 9, 2023 4 hours ago, rf_bandit said: are you sharing the internet connection from your host? no but it does the apt update, so i figure its getting connection somehow
efexit Posted June 9, 2023 Posted June 9, 2023 15 hours ago, dark_pyrro said: You have to be more specific. Since you mention sources.list, I can't really see how that relates to cloning a GitHub repo. It seems to me that you're trying to install something on the Bunny using apt (probably gcc or git or both) and it's apt throwing back errors at you (which is totally normal when it comes to the Bunny since it's running Debian Jessie and that is a deprecated release, hence the errors since it's not maintained any longer). In what way are you sure that factory reset doesn't work? By looking at the contents of the Bunny udisk (the storage device that mounts to the computer when you have set the Bunny in arming mode, or using ATTACKMODE STORAGE without a Micro SD card)? If so, that's no sign of if the Bunny was reset or not since the udisk is left untouched when doing a factory reset, i.e. all files and directories on the udisk is still there even though the Bunny (the OS and all the Hak5 specifics) have been reset. i'm looking at /etc/apt/sources.list and the changes that were made are still there after doing the factory reset
dark_pyrro Posted June 9, 2023 Posted June 9, 2023 If so, the factory reset hasn't been successful. Are you leaving it plugged to a power source the 4th time you've plugged it in during the reset procedure?
efexit Posted June 9, 2023 Posted June 9, 2023 57 minutes ago, dark_pyrro said: If so, the factory reset hasn't been successful. Are you leaving it plugged to a power source the 4th time you've plugged it in during the reset procedure? yes and it goes through the police lights
efexit Posted June 9, 2023 Posted June 9, 2023 58 minutes ago, dark_pyrro said: If so, the factory reset hasn't been successful. Are you leaving it plugged to a power source the 4th time you've plugged it in during the reset procedure? all the tools are deleted after the reset
dark_pyrro Posted June 9, 2023 Posted June 9, 2023 44 minutes ago, efexit said: yes and it goes through the police lights For how long? Seconds or minutes?
efexit Posted June 10, 2023 Posted June 10, 2023 1 hour ago, dark_pyrro said: For how long? Seconds or minutes? for a few minutes, maybe 4-5
rf_bandit Posted June 12, 2023 Author Posted June 12, 2023 Y On 6/9/2023 at 3:24 PM, efexit said: no but it does the apt update, so i figure its getting connection somehow Make sure the BB is connected to the internet, because it sounds like that's your problem.
efexit Posted June 13, 2023 Posted June 13, 2023 7 hours ago, rf_bandit said: Make sure the BB is connected to the internet, because it sounds like that's your problem. yea its the connection to the internet. for some reason i cant get it to work. i've ran the Windows_NIC Sharing payload...it goes through the ps script but it gives an error "Test-Connection : Testing connection to computer '172.16.64.1' failed: Error due to lack of resources At line:1 char:46 + ... 15 ; while ($true) {If (Test-Connection 172.16.64.1 -count 1) {IEX ( ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ResourceUnavailable: (172.16.64.1:String) [Test-Connection], PingException + FullyQualifiedErrorId : TestConnectionException,Microsoft.PowerShell.Commands.TestConnectionCommand"
dark_pyrro Posted June 13, 2023 Posted June 13, 2023 Well, I have some doubts about that payload in general, but that's another discussion. Start with creating a simple payload that uses ATTACKMODE RNDIS_ETHERNET and attach the Bunny to the PC and verify that it shows up as a network device and hands out a DHCP lease to the PC from the 172.16.64.0/24 range.
rf_bandit Posted June 15, 2023 Author Posted June 15, 2023 On 6/12/2023 at 6:29 PM, efexit said: yea its the connection to the internet. for some reason i cant get it to work. i've ran the Windows_NIC Sharing payload...it goes through the ps script but it gives an error "Test-Connection : Testing connection to computer '172.16.64.1' failed: Error due to lack of resources At line:1 char:46 + ... 15 ; while ($true) {If (Test-Connection 172.16.64.1 -count 1) {IEX ( ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ResourceUnavailable: (172.16.64.1:String) [Test-Connection], PingException + FullyQualifiedErrorId : TestConnectionException,Microsoft.PowerShell.Commands.TestConnectionCommand" Follow the Hak5 instructions https://docs.hak5.org/bash-bunny/internet-connectivity/sharing-an-internet-connection-from-windows
GrandpaPickles Posted March 1, 2024 Posted March 1, 2024 Just dropping this here for posterity. Since this is an old post. Im also new to the scene and i had the same self inflicted problem. You need to have a payload on one of the switches with the ATTACKMODE RNDIS_ETHERNET(for windows computers). Connect the Bash Bunny to the computer in that mode, it will show up as a networkcard. Follow the instructions for setting up windows internet connection. Here comes the goof i did to cause this. I then took out the BB and connected it in arming mode since thats the only way i could connect to it with my limited knowledge. I was also using Linux at the time but since the problem in this thread is using windows ill just about it in the windows environment. Instead SSH (Putty or something for windows) into the BB using its ip within the 172.16.64.0/24 range. Mine was 172.16.64.1. Then continue as you would in arming mode, with the exception that you now have a internet connection. apt update and everything else worked for me after this.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.