Bash Bunny
Search
⌃K

Considerations for Mark II

The Bash Bunny Mark II adds mass exfiltration, wireless geofencing and remote trigger functionality via a MicroSD XC card reader and bluetooth low-energy radio.
All first generation payloads are compatible with the Bash Bunny Mark II.
Two considerations to keep in mind when developing and deploying payloads for the Bash Bunny Mark II; Wireless, and Storage.

WIRELESS

If desired, the WAIT_FOR_PRESENT or WAIT_FOR_NOT_PRESENT extensions may be used for geofencing and remote triggers. When using these extensions, the bluetooth wireless landscape will be temporarily read to /tmp/bt_observation
Further reading:
  • REMOTE TRIGGERS FOR THE BASH BUNNY MARK II

STORAGE

A few key points to note when using a MicroSD card with the Bash Bunny Mark II:
Arming Mode
  • Payloads are executed from internal storage only.
  • If a MicroSD card is present at boot in arming mode, it will be passed through to the host.
  • To load payloads, boot the Bash Bunny without a MicroSD card present.
Payload Modes
  • If ATTACKMODE STORAGE is active, the udisk will be presented to the target as a mass storage device.
    • In the case that a MicroSD card is present, the udisk presented to the target will be the MicroSD card
    • In the case that a MicroSD card is not present, the udisk presented to the target will be the internal udisk partition.
  • By default the udisk is not mounted from the perspective of the Bash Bunny.
    • To mount the udisk from the perspective of the Bash Bunny, issue the command `udisk mount`.
Mounting Considerations
  • The udisk partition — whether internal or MicroSD — can only be mounted on one device at a time.
  • By default in all switch positions the udisk is not mounted on the host (the Bash Bunny itself).
  • The /root/udisk directory will appear blank unless `udisk mount` has been executed.
  • Writing to /root/udisk when unmounted will have no effect on the actual udisk partition.
  • If both ATTACKMODE STORAGE and `udisk mount` are used — unexpected behavior may occur as the partition cannot be handled by both the target and host simultaneously.
Formatting Considerations
  • The MicroSD card should be partitioned with a single partition formatted with a filesystem appropriate to the target
    • e.g. for Windows targets: FAT32, ExFAT, NTFS
    • e.g. for Mac targets: FAT32, ExFAT, APFS
    • e.g. for Linux targets: FAT32, ExFAT, EXT
  • While the target may support various filesystems, the host (Bash Bunny) currently only supports EXT and FAT32. Additional filesystems (ExFAT) may be included in future firmware versions.
Getting Started - Previous
Installing Additional Languages
Next - Beginner Guides
Writing Keystroke Injection Payloads for the Bash Bunny
Last modified 1d ago