Jump to content

Disabled "DHCP Client" Windows Service


Go to solution Solved by dark_pyrro,

Recommended Posts

Posted

Hello guys,

I am trying to run various payloads that require a TARGET_IP, but all of them fail. The simplest payload that is failing is:  (Target is a Windows 10 machine)

ATTACKMODE RNDIS_ETHERNET

GET TARGET_IP

After an investigation, it appears that the reason of the failure is because the "DHCP Client" Windows Service is disabled (for security reasons - allowing only Static IPs to be configured).

Is there a way for the Bash Bunny (Mark I) to push and set up a static IP network card when the RNDIS network card is being installed/configured?

It's worth mentioning that the payloads work ok on machines that have the DHCP Client service enabled.

 

Thanks in advance,

CloudCY 

Posted

You probably need to try using some payload to interact with the target (HID) and set up a static ip in the range that is valid for the Bunny, but if you have such access to the target you might as well do all of what you want to happen using HID. It all depends on goal and objective of course.

Posted

Hello and thanks for the quick reply. Exactly! HID attacks would not be possible because of another security feature... Everything is pretty locked down, ie the Win+R is disabled and the taskbar is hidden and protected. In this context most of the Win+something key combinations are disabled.

 

Is there any way to approach this problem? Or should I just move one to another attack vector. Ie from the actual network this PC is connected on... (Instead of BYON)

Posted

Thank you very much for your input. I thought so, but i just wanted to see if BB would have any such capabilities! This pentesting engagement is getting harder than I anticipated lol! Thanks again!

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...