Bash Bunny: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→Syntax) |
|||
| Zeile 102: | Zeile 102: | ||
| NONE | | NONE | ||
| Disables the USB interface until ATTACKMODE is executed | | Disables the USB interface until ATTACKMODE is executed | ||
| + | |} | ||
| + | |||
| + | {| class="wikitable" style="vertical-align:middle;" | ||
| + | |- style="font-weight:bold; text-align:center;" | ||
| + | ! ATTACKMODE COMBINATION | ||
| + | ! VID / PID | ||
| + | |- | ||
| + | | SERIAL STORAGE | ||
| + | | 0xF000/0xFFF0 | ||
| + | |- | ||
| + | | HID | ||
| + | | 0xF000/0xFF01 | ||
| + | |- | ||
| + | | STORAGE | ||
| + | | 0xF000/0xFF10 | ||
| + | |- | ||
| + | | SERIAL | ||
| + | | 0xF000/0xFF11 | ||
| + | |- | ||
| + | | RNDIS_ETHERNET | ||
| + | | 0xF000/0xFF12 | ||
| + | |- | ||
| + | | ECM_ETHERNET | ||
| + | | 0xF000/0xFF13 | ||
| + | |- | ||
| + | | HID SERIAL | ||
| + | | 0xF000/0xFF14 | ||
| + | |- | ||
| + | | HID STORAGE | ||
| + | | 0xF000/0xFF02 | ||
| + | |- | ||
| + | | HID RNDIS_ETHERNET | ||
| + | | 0xF000/0xFF03 | ||
| + | |- | ||
| + | | HID ECM_ETHERNET | ||
| + | | 0xF000/0xFF04 | ||
| + | |- | ||
| + | | HID STORAGE RNDIS_ETHERNET | ||
| + | | 0xF000/0xFF05 | ||
| + | |- | ||
| + | | HID STORAGE ECM_ETHERNET | ||
| + | | 0xF000/0xFF06 | ||
| + | |- | ||
| + | | SERIAL RNDIS_ETHERNET | ||
| + | | 0xF000/0xFF07 | ||
| + | |- | ||
| + | | SERIAL ECM_ETHERNET | ||
| + | | 0xF000/0xFF08 | ||
| + | |- | ||
| + | | STORAGE RNDIS_ETHERNET | ||
| + | | 0xF000/0xFF20 | ||
| + | |- | ||
| + | | STORAGE ECM_ETHERNET | ||
| + | | 0xF000/0xFF21 | ||
|} | |} | ||
Version vom 21. September 2021, 06:46 Uhr
Spezifikationen
- ARM Cortex A7 Quad-Core Prozessor mit 1,3 Ghz
- 1 GB DDR3 Ram
- MixroSD XC Laufwerk mit einer max. Kapazität von 2 TB
- Bluetooth LE
Syntax
Bunny Script
| COMMAND | Description |
|---|---|
| ATTACKMODE | Specifies the USB device or combination of devices to emulate. |
| LED | Control the RGB LED. Accepts color and pattern or payload state. |
| QUACK | Injects keystrokes (ducky script) or specified ducky script file. |
| Q | Alias for QUACK |
| DUCKY_LANG | Set the HID Keyboard language. e.g: DUCKY_LANG us |
Extensions
| COMMAND | Description | Example |
|---|---|---|
| RUN | Keystroke injection shortcut for mutli-OS command execution. | RUN WIN notepad.exe |
| RUN OSX terminal | ||
| RUN UNITY xterm | ||
| GET | Exports system variables | GET TARGET_IP # exports $TARGET_IP |
| GET TARGET_HOSTNAME # exports $TARGET_HOSTNAME | ||
| GET HOST_IP # exports $HOST_IP | ||
| GET SWITCH_POSITION # exports $SWITCH_POSITION | ||
| REQUIRETOOL | Exits payload with LED FAIL state if the specified tool is not found in /tools | REQUIRETOOL impacket |
| DUCKY_LANG | Accepts two letter country code to set the HID injection language for subsequent ducky script / QUACK commands | DUCKY_LANG de |
ATTACKMODE
| ATTACKMODE | Type | Description |
|---|---|---|
| SERIAL | ACM - Abstract Control Model | Serial Console |
| ECM_ETHERNET | ECM - Ethernet Control Model | Linux/Mac/Android Ethernet Adapter |
| RNDIS_ETHERNET | RNDIS - Remote Network Drv Int Spec | Windows (and some Linux) Ethernet Adapter |
| STORAGE | UMS - USB Mass Storage | Flash Drive |
| HID | HID - Human Interface Device | Keyboard - Keystroke Injection via Ducky Script |
| OFF | NONE | Disables the USB interface until ATTACKMODE is executed |
| ATTACKMODE COMBINATION | VID / PID |
|---|---|
| SERIAL STORAGE | 0xF000/0xFFF0 |
| HID | 0xF000/0xFF01 |
| STORAGE | 0xF000/0xFF10 |
| SERIAL | 0xF000/0xFF11 |
| RNDIS_ETHERNET | 0xF000/0xFF12 |
| ECM_ETHERNET | 0xF000/0xFF13 |
| HID SERIAL | 0xF000/0xFF14 |
| HID STORAGE | 0xF000/0xFF02 |
| HID RNDIS_ETHERNET | 0xF000/0xFF03 |
| HID ECM_ETHERNET | 0xF000/0xFF04 |
| HID STORAGE RNDIS_ETHERNET | 0xF000/0xFF05 |
| HID STORAGE ECM_ETHERNET | 0xF000/0xFF06 |
| SERIAL RNDIS_ETHERNET | 0xF000/0xFF07 |
| SERIAL ECM_ETHERNET | 0xF000/0xFF08 |
| STORAGE RNDIS_ETHERNET | 0xF000/0xFF20 |
| STORAGE ECM_ETHERNET | 0xF000/0xFF21 |