Bash Bunny
  • Bash Bunny by Hak5
  • Getting Started
    • Switch Positions
    • Mass Storage Structure
    • LED Status Indications
    • Installing Additional Tools
    • Installing Additional Languages
    • Considerations for Mark II
  • Writing Payloads
    • Payload Development Basics
    • DuckyScript™ on the Bash Bunny
    • QUACK
    • Extensions
    • ATTACKMODE
      • VID, PID, MAN, PROD, SN
    • LED
    • Working with the File System
    • CPU Control
    • Contributing Best Practices
    • Submitting Payloads
    • WAIT_FOR_PRESENT
  • Internet Connectivity
    • Getting the Bash Bunny Online
    • Sharing an Internet connection from Windows
    • Sharing an Internet connection from Linux
    • Sharing an Internet connection from MacOS
  • Software Updates
    • Updating the Bash Bunny Firmware
  • Troubleshooting
    • Factory Reset
    • Password Reset
  • Beginner Guides
    • Writing Keystroke Injection Payloads for the Bash Bunny
    • Network Hijacking Attacks with the Bash Bunny
    • Top 5 Bash Bunny Exfiltration Payloads to "steal files"
    • Getting Root on a Bash Bunny from the Serial Console
    • Remote Triggers for the Bash Bunny Mark II
    • Geofencing for the Bash Bunny Mark II
  • Video Guides
    • Bash Bunny Primer
    • Bash Bunny Phishing Attack with Hamsters
    • Password Grabber Bash Bunny Payload
    • Operating System Detection with the Bash Bunny
    • Bash Bunny Extensions
    • Reverse Shells on Linux with Bash Bunny
    • Bash Bunny Payload - Sudo Bashdoor on Linux
    • Bash Bunny Payload - 1990's Prank
    • Bash Bunny Dev - Behind the Scenes
    • Concealed Exfiltration - Pocket Network Attacks with the Bash Bunny
    • How to write Bash Bunny payloads and contribute on GitHub
Powered by GitBook
On this page
  • Overview
  • WARNINGS
  • STEP BY STEP FIRMWARE UPGRADE INSTRUCTIONS
  • LED STATUS FOR UPGRADES FROM 1.0 TO 1.1
  • LED STATUS FOR UPGRADES FROM 1.1 ONWARDS
  1. Software Updates

Updating the Bash Bunny Firmware

Last updated 4 months ago

Overview

From time to time Hak5 releases firmware updates for the Bash Bunny including new features, bug fixes and security improvements. The easiest way to install these is with the Bash Bunny updater.

Your Bash Bunny can be easily upgraded to the latest firmware version. Just copying an upgrade file to the root of the Bash Bunny flash drive in arming mode, safely eject it, and plug it back into your computer in arming mode.

The first time the Bash Bunny is upgraded it will indicate the flashing process with a red blinking LED for up to 10 minutes. The flashing process will be followed by a green LED to indicate that the Bash Bunny is rebooting. Finally the standard slow blinking blue LED will indicate that the flashing process has succeeded and arming mode is ready.

WARNINGS

Bash Bunny Mark I Users: DO NOT flash Bash Bunny firmware 1.7 — this is only for the Bash Bunny Mark II.

Bash Bunny Mark II Users: your device ships with firmware version 1.7 already. There is no need to re-flash this firmware. Further, DO NOT downgrade to a previous firmware version as doing so will render your device inoperable. Upgrades should be done with the SD card removed.

DO NOT unplug the Bash Bunny while firmware upgrade is in progress. Doing so will spell certain doom.

DO NOT extract the contents of the downloaded .tar.gz to the Bash Bunny or change the name of the downloaded .tar.gz file. Doing so will put your Bash Bunny into a boot loop on firmwares 1.0 to 1.3.

STEP BY STEP FIRMWARE UPGRADE INSTRUCTIONS

  1. Download the latest version of the Bash Bunny firmware from . Do not extract the .tar.gz archive

  2. Verify that the SHA256 checksum of the downloaded firmware files matches the checksum listed from the download site

  3. Slide the Bash Bunny switch into Arming Mode (closest to the USB plug) and plug the Bash Bunny into your computer

  4. Copy the firmware upgrade file downloaded in step 1 to the root of the Bash Bunny flash drive.

  5. Safely eject the Bash Bunny flash drive (IMPORTANT)

  6. With the switch still in Arming Mode, plug the Bash Bunny back into your computer and wait 10 minutes.

Following version 1.0, all future upgrades and firmware recoveries will be indicated by a special LED “police” pattern, alternating quickly between red and blue.

LED STATUS FOR UPGRADES FROM 1.0 TO 1.1

LED
Status

Red Blinking

Flashing in progress

Green Solid

Rebooting

Blue Blinking

Flash complete

LED STATUS FOR UPGRADES FROM 1.1 ONWARDS

LED
Status

Red/Blue Alternating

Flashing in progress

Green Solid

Rebooting

Blue Blinking

Flash complete

MacOS / Safari users:

https://downloads.hak5.org
disable automatic unzipping