It’s a story as old as time: hacker sees cool tool, hacker recoils in horror at the price of said tool, hacker builds their own version for a fraction of the price. It’s the kind of story that we love here at Hackaday, and has been the impetus for countless projects we’ve covered. One could probably argue that, if hackers had more disposable income, we’d have a much harder time finding content to deliver to our beloved readers.
[ Alex Jensen] writes in to tell us of his own tale of sticker shock induced hacking, where he builds his own version of the Hak5 Bash Bunny. His version might be lacking a bit in the visual flair department, but despite coming in at a fraction of the cost, it does manage to pack in an impressive array of features.
This pentesting multitool can act as a USB keyboard, a mass storage device, and even an RNDIS Ethernet adapter. All in an effort to fool the computer you plug it into to let you do something you shouldn’t. Like its commercial inspiration, it features an easy to use scripting system to allow new attacks to be crafted on the fly with nothing more than a text editor. A rudimentary user interface is provided by four DIP switches and light up tactile buttons. These allow you to select which attacks run without needing to hook the device up to a computer first, and the LED lights can give you status information on what the device is doing.
[Alex] utilized some code from existing projects, namely PiBunny and rspiducky, but much of the functionality is of his own design. Detailed instructions are provided on how you can build your own version of this handy hacker gadget without breaking the bank.
Given how small and cheap it is, the Raspberry Pi is gaining traction in the world of covert DIY penetration testing tools. While it might not be terribly powerful, there’s something to be said for a device that’s cheap enough that you don’t mind leaving it at the scene if you’ve got to pull on your balaclava and make a break for it.
That’s pretty cool.
I like the ending of that story…
“Hacker gains a new appreciation for the tool cost and reconsiders the value of their time.”
Really neat standoffs too.
Agreed. Great concept build, but a waste of hardware. I make mine out of $3 pro micros
Sounds nice… Do you have a place I can read about it? I had HID working from a pro-micro, but not RNDIS-ethernet
Yes its pretty cool, you can make this yourself. If your comfortable soldering hit the pads underneath by the power and by the OTG port and then the pads at the end of the board by the camera. I saw some dude do it with some putty and wires without soldering , and another kid make a shitty case and hot glued some pogo pins lined up with the contacts, and stuck a male USB on the end. You go into the control panel and device manager, where you would check or update a driver. Go to properties, advanced, and then tick off the box next to ethernet gadget and the protocol blah blah blah. Then you can ssh right into it , run vnc, or startx and you’ll get the GUI the difference is your going to get much better performance and it will feel as if you booted raspian on your pc from USB instead of a lagging server. Its nice. This guy explains it in the easiest to understand way I have seen. Here is the link https://www.youtube.com/watch?v=aL1pWI2K60w . I didn’t want to get too crazy explaining , just watch the vid and you’ll be straight.
You don’t have to get all fancy with the contacts on the bottom, you could straight up plug a regular micro USB data cable into the OTG port and plug the reg USB male into the computer and it will work just the same, without anything plugged into the power port just the OTG. Thats what I did at first I found the shortest cable I could and I zip tied it so it would hold tight when plugged in so it was stable and didn’t wiggle. If you don’t want to the take the chance of shorting something out. Its a little different when your on a job and you have to be super stealth and blend in.
I’d love to hear how you get a terminal on the Pro Micro and run Kismet.
i’d love to tell you but it is a lot to type
This is a better alternative to the original product which seems like overkill.
Can someone explain why the Bash Bunny needs a quad core ARM running Linux? If it were a one-off it’s fine, but it’s costly hardware for something that is likely expendable.
Custom functionality, you can get shell access and do whatever you want.
Also gigabit ethernet requires a non-trivial amount of processing power to do without dedicated chips.
You also get shell access on the PI.
And gigabit ethernet is not needed on the bashbunny. It’s most often small amounts of data moved to it.
One possible reason: you infiltrate a gigabit network, with tons of gigabit devices your 100MBit device is probably more prone to detection than just another gigabit device.
This quad core chip costs around 6$. A single core on 3-4$. So why not, the device is expensive enough? You can always disable cores in software.
#infiltrate #exfiltrate