Bash Bunny
  • Bash Bunny by Hak5
  • Getting Started
    • Switch Positions
    • Mass Storage Structure
    • LED Status Indications
    • Installing Additional Tools
    • Installing Additional Languages
    • Considerations for Mark II
  • Writing Payloads
    • Payload Development Basics
    • DuckyScript™ on the Bash Bunny
    • QUACK
    • Extensions
    • ATTACKMODE
      • VID, PID, MAN, PROD, SN
    • LED
    • Working with the File System
    • CPU Control
    • Contributing Best Practices
    • Submitting Payloads
    • WAIT_FOR_PRESENT
  • Internet Connectivity
    • Getting the Bash Bunny Online
    • Sharing an Internet connection from Windows
    • Sharing an Internet connection from Linux
    • Sharing an Internet connection from MacOS
  • Software Updates
    • Updating the Bash Bunny Firmware
  • Troubleshooting
    • Factory Reset
    • Password Reset
  • Beginner Guides
    • Writing Keystroke Injection Payloads for the Bash Bunny
    • Network Hijacking Attacks with the Bash Bunny
    • Top 5 Bash Bunny Exfiltration Payloads to "steal files"
    • Getting Root on a Bash Bunny from the Serial Console
    • Remote Triggers for the Bash Bunny Mark II
    • Geofencing for the Bash Bunny Mark II
  • Video Guides
    • Bash Bunny Primer
    • Bash Bunny Phishing Attack with Hamsters
    • Password Grabber Bash Bunny Payload
    • Operating System Detection with the Bash Bunny
    • Bash Bunny Extensions
    • Reverse Shells on Linux with Bash Bunny
    • Bash Bunny Payload - Sudo Bashdoor on Linux
    • Bash Bunny Payload - 1990's Prank
    • Bash Bunny Dev - Behind the Scenes
    • Concealed Exfiltration - Pocket Network Attacks with the Bash Bunny
    • How to write Bash Bunny payloads and contribute on GitHub
Powered by GitBook
On this page
  • CONNECTING TO THE SERIAL CONSOLE FROM WINDOWS
  • CONNECTING TO THE SERIAL CONSOLE FROM LINUX/MAC
  1. Beginner Guides

Getting Root on a Bash Bunny from the Serial Console

Last updated 3 months ago

Throughout the history of personal computers, serial has been a mainstay for file transfer and console access. To this day it’s widely used, from headless servers to embedded microcontrollers. With the Bash Bunny, we’ve made it convenient as ever – without the need for a serial-to-USB converter.

With dedicated shell access from the arming mode, dropping to the Bash Bunny Linux terminal is simple over serial from any OS. When combined with advanced payloads, using the serial attack mode, there’s limitless potential for creativity with this often overlooked interface.

CONNECTING TO THE SERIAL CONSOLE FROM WINDOWS

Find the COM# from Device Manager > Ports (COM & LPT) and look for USB Serial Device (COM#). Example: COM3

Alternatively, run the following powershell command to list ports:

[System.IO.Ports.SerialPort]::getportnames()

Enter COM# for serial line and 115200 for Speed. Click Open.

CONNECTING TO THE SERIAL CONSOLE FROM LINUX/MAC

  1. Find the Bash Bunny device from the terminal

    ls /dev/tty*" or "dmesg | grep tty

    Usually on a Linux host, the Bash Bunny will register as either /dev/ttyUSB0 or /dev/ttyACM0. On an OSX/macOS host, the Bash Bunny will register as /dev/tty.usbmodemch000001.

  2. Next, connect to the serial device using screen, minicom or your terminal emulator of choice.

    If screen is not installed it can usually be found from your distributions package manager.

    sudo apt install screen

    Connecting with screen

    sudo screen /dev/ttyACM0 115200

    Disconnect with keyboard combo: CTRL+a followed by CTRL+\

User: root Password: hak5bunny

Download PuTTY
PuTTY is a free and open-source terminal emulator, serial console and network file transfer application.