hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add BlueBunny

Browse Source 
Command & Control (C2) solution that communicates directly over Bluetooth-Low-Energy with your Bash Bunny Mark II.
This commit is contained in:
90N45 2023-10-31 16:47:18 +01:00 committed by GitHub
parent 98bfe07603
commit 678359b7c7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 83 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
payloads/library/remote_access/BlueBunny/README.md Normal file
View File

@ -0,0 +1,20 @@
# BlueBunny
* Author: 90N45
* Version: 1.0
* Category: Remote
* Attackmodes: NONE (Custom)
### Description
Command & Control (C2) solution that communicates directly over Bluetooth-Low-Energy with your Bash Bunny Mark II.
Send your Bash Bunny all the instructions it needs on-demand over the air.
### Setup
This payload makes your Bash Bunny usable for the BlueBunny C2 server. For installing the C2 server and controlling your Bash Bunny remotly from it you can follow the instructions form the [BlueBunny GitHub repository](https://github.com/90N45-d3v/BlueBunny)
### Status
| LED | State |
| --- | --- |
| Magenta solid (SETUP) | Configuring BLE |
| Green 1000ms VERYFAST blink followed by SOLID (FINISH) | Bash Bunny can be connected to BlueBunny C2 |
*Average runtime: 13 seconds*

63
payloads/library/remote_access/BlueBunny/payload.txt Normal file
View File

@ -0,0 +1,63 @@
#!/bin/bash
#
# Title: BlueBunny
# Description: BLE based C2 server for the Bash Bunny Mark II
# Author: 90N45
# Version: 1.0
# Category: Remote
# Attackmodes: NONE (Custom)
LED SETUP
# Enable serial BLE module
stty -F /dev/ttyS1 speed 115200 cs8 -cstopb -parenb -echo -ixon -icanon -opost
stty -F /dev/ttyS1 speed 115200 cs8 -cstopb -parenb -echo -ixon -icanon -opost
sleep 1
# Configure BLE module as slave
echo -n -e "AT+ROLE=0" > /dev/ttyS1
echo -n -e "AT+NAME=BlueBunny" > /dev/ttyS1
echo -n -e "AT+ADV=1" > /dev/ttyS1
echo -n -e "AT+RESET" > /dev/ttyS1
LED FINISH
while [[ true ]]; do
# Get incomming data from serial port
data=$(head -1 /dev/ttyS1)
# Decode base64 encoded data
data=$(echo ${data} | base64 -d)
# Echo data for debugging
echo "Debugger: ${data}"
# Single command
if [[ $data =~ "<CMD>" ]]; then
# Extract command
command=${data#*<CMD>}
command=${command%%<CMD>*}
# Run recieved command
eval "${command}"
fi
# Payload file
if [[ $data =~ "<PAYLOAD>" ]]; then
# Set payload file name
file="BlueBunnyPayload-${RANDOM}.txt"
# Extract file content
content=${data#*<PAYLOAD>}
content=${content%%<PAYLOAD>*}
# Write content to file
printf "${content}" > "${file}";
# Run payload
bash $file
# Remove payload file
rm $file
fi
done