Bash Bunny
  • Bash Bunny by Hak5
  • Getting Started
    • Switch Positions
    • Mass Storage Structure
    • LED Status Indications
    • Installing Additional Tools
    • Installing Additional Languages
    • Considerations for Mark II
  • Writing Payloads
    • Payload Development Basics
    • DuckyScript™ on the Bash Bunny
    • QUACK
    • Extensions
    • ATTACKMODE
      • VID, PID, MAN, PROD, SN
    • LED
    • Working with the File System
    • CPU Control
    • Contributing Best Practices
    • Submitting Payloads
    • WAIT_FOR_PRESENT
  • Internet Connectivity
    • Getting the Bash Bunny Online
    • Sharing an Internet connection from Windows
    • Sharing an Internet connection from Linux
    • Sharing an Internet connection from MacOS
  • Software Updates
    • Updating the Bash Bunny Firmware
  • Troubleshooting
    • Factory Reset
    • Password Reset
  • Beginner Guides
    • Writing Keystroke Injection Payloads for the Bash Bunny
    • Network Hijacking Attacks with the Bash Bunny
    • Top 5 Bash Bunny Exfiltration Payloads to "steal files"
    • Getting Root on a Bash Bunny from the Serial Console
    • Remote Triggers for the Bash Bunny Mark II
    • Geofencing for the Bash Bunny Mark II
  • Video Guides
    • Bash Bunny Primer
    • Bash Bunny Phishing Attack with Hamsters
    • Password Grabber Bash Bunny Payload
    • Operating System Detection with the Bash Bunny
    • Bash Bunny Extensions
    • Reverse Shells on Linux with Bash Bunny
    • Bash Bunny Payload - Sudo Bashdoor on Linux
    • Bash Bunny Payload - 1990's Prank
    • Bash Bunny Dev - Behind the Scenes
    • Concealed Exfiltration - Pocket Network Attacks with the Bash Bunny
    • How to write Bash Bunny payloads and contribute on GitHub
Powered by GitBook
On this page
  • WIRELESS
  • STORAGE
  • Arming Mode
  • Payload Considerations
  • Mounting Considerations
  • Formatting Considerations
  1. Getting Started

Considerations for Mark II

Last updated 11 months ago

The Bash Bunny Mark II adds mass exfiltration, wireless geofencing and remote trigger functionality via a MicroSD XC card reader and bluetooth low-energy radio.

All first generation payloads are compatible with the Bash Bunny Mark II.

Two considerations to keep in mind when developing and deploying payloads for the Bash Bunny Mark II; Wireless, and Storage.

WIRELESS

If desired, the WAIT_FOR_PRESENT or WAIT_FOR_NOT_PRESENT extensions may be used for geofencing and remote triggers. When using these extensions, the bluetooth wireless landscape will be temporarily read to /tmp/bt_observation

Further reading:

STORAGE

A few key points to note when using a MicroSD card with the Bash Bunny Mark II:

Arming Mode

To load payloads, boot the Bash Bunny without a MicroSD card present.

  • Payloads are executed from internal storage only.

  • If a MicroSD card is present at boot in arming mode, it will be passed through to the host.

Payload Considerations

  • If ATTACKMODE STORAGE is active:

    • In the case that a MicroSD card is present, the MicroSD Card will be presented to the target

    • In the case that a MicroSD card is not present, the internal udisk partition will be presented to the target.

  • By default, after loading payloads during boot, the udisk is not mounted from the perspective of the Bash Bunny.

    • To mount the udisk from the perspective of the Bash Bunny, issue the command `udisk mount`.

Mounting Considerations

  • The udisk partition — whether internal or MicroSD — can only be mounted on one device at a time.

  • The /root/udisk directory will appear blank unless `udisk mount` has been executed.

  • Writing to /root/udisk when unmounted will have no effect on the actual udisk partition.

  • If both ATTACKMODE STORAGE (Mount to target) and `udisk mount` (Mount to Bash Bunny) are used — unexpected behavior may occur as the partition cannot be handled by both the target and host simultaneously.

Formatting Considerations

  • The MicroSD card should be partitioned with a single partition formatted with a filesystem appropriate to the target

    • e.g. for Windows targets: FAT32, ExFAT, NTFS

    • e.g. for Mac targets: FAT32, ExFAT, APFS

    • e.g. for Linux targets: FAT32, ExFAT, EXT

  • While the target may support various filesystems, the host (Bash Bunny) currently only supports EXT and FAT32. Additional filesystems (ExFAT) may be included in future firmware versions.

REMOTE TRIGGERS FOR THE BASH BUNNY MARK II