CloudCY Posted November 1 Posted November 1 Hello guys, I am trying to run various payloads that require a TARGET_IP, but all of them fail. The simplest payload that is failing is: (Target is a Windows 10 machine) ATTACKMODE RNDIS_ETHERNET GET TARGET_IP After an investigation, it appears that the reason of the failure is because the "DHCP Client" Windows Service is disabled (for security reasons - allowing only Static IPs to be configured). Is there a way for the Bash Bunny (Mark I) to push and set up a static IP network card when the RNDIS network card is being installed/configured? It's worth mentioning that the payloads work ok on machines that have the DHCP Client service enabled. Thanks in advance, CloudCY Quote
dark_pyrro Posted November 1 Posted November 1 You probably need to try using some payload to interact with the target (HID) and set up a static ip in the range that is valid for the Bunny, but if you have such access to the target you might as well do all of what you want to happen using HID. It all depends on goal and objective of course. Quote
CloudCY Posted November 1 Author Posted November 1 Hello and thanks for the quick reply. Exactly! HID attacks would not be possible because of another security feature... Everything is pretty locked down, ie the Win+R is disabled and the taskbar is hidden and protected. In this context most of the Win+something key combinations are disabled. Is there any way to approach this problem? Or should I just move one to another attack vector. Ie from the actual network this PC is connected on... (Instead of BYON) Quote
Solution dark_pyrro Posted November 1 Solution Posted November 1 With a target locked down to such extent, I would most likely seek other ways of getting access. Quote
CloudCY Posted November 1 Author Posted November 1 Thank you very much for your input. I thought so, but i just wanted to see if BB would have any such capabilities! This pentesting engagement is getting harder than I anticipated lol! Thanks again! Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.