Getting Root on a Bash Bunny from the Serial Console

Throughout the history of personal computers, serial has been a mainstay for file transfer and console access. To this day it’s widely used, from headless servers to embedded microcontrollers. With the Bash Bunny, we’ve made it convenient as ever – without the need for a serial-to-USB converter.

With dedicated shell access from the arming mode, dropping to the Bash Bunny Linux terminal is simple over serial from any OS. When combined with advanced payloads, using the serial attack mode, there’s limitless potential for creativity with this often overlooked interface.

CONNECTING TO THE SERIAL CONSOLE FROM WINDOWS

Find the COM# from Device Manager > Ports (COM & LPT) and look for USB Serial Device (COM#). Example: COM3

Alternatively, run the following powershell command to list ports:

[System.IO.Ports.SerialPort]::getportnames()

Enter COM# for serial line and 115200 for Speed. Click Open.

Download PuTTY

CONNECTING TO THE SERIAL CONSOLE FROM LINUX/MAC

Find the Bash Bunny device from the terminal
```
ls /dev/tty*" or "dmesg | grep tty
```
Usually on a Linux host, the Bash Bunny will register as either /dev/ttyUSB0 or /dev/ttyACM0. On an OSX/macOS host, the Bash Bunny will register as /dev/tty.usbmodemch000001.
Next, connect to the serial device using screen, minicom or your terminal emulator of choice.
If screen is not installed it can usually be found from your distributions package manager.
```
sudo apt install screen
```
Connecting with screen
```
sudo screen /dev/ttyACM0 115200
```
Disconnect with keyboard combo: CTRL+a followed by CTRL+\

Last updated 2 years ago