Version 1.1 Changelog Features - LED - LED now accepts either color and pattern, or status - Color: In addition to R (Red), G (Green) and B (Blue), Y (Yellow), C (Cyan) and M (Magenta) are now accepted instead of their respective additive color codes. This replaces LED color mixtures, for example LED R G. - Pattern: In addition to time in ms to blink symmetrically, pattern parameters for SOLID, SLOW, FAST, VERYFAST, SUCCESS, SINGLE, DOUBLE, TRIPLE, QUAD, QUIN, and OFF are now supported. - LED states standardize common payload practices, such as SETUP, FAIL, ATTACK, CLEANUP and FINISH. These states standardize the LED behavior from payload to payload. - See the LED documentation from readme.txt for more detail. - Extensions - Extensions from the /payloads/library/extensions folder are sourced automatically for each payload.txt. and provide new Bunny Script capabilities. - Extensions replaces bunny_helpers.sh. - RUN - accepts OS and Command to execute for HID injection on various operating systems - RUN WIN "powershell -WindowStyle Hidden \"tree c:\\ > tree.txt\"" - RUN OSX https://www.example.com - RUN UNITY ping -c2 172.16.64.1 - RUN WIN notepad.exe replaces QUACK GUI r; QUACK DELAY 500; QUACK notepad.exe; QUACK ENTER - GET - exports system variables - Accepts TARGET_IP - exports $TARGET_IP for targets IP address - Accepts TARGET_HOSTNAME - exports $TARGET_HOSTNAME for targets hostname - Accepts HOST_IP - exports $HOST_IP for IP address of Bash Bunny - Accepts SWITCH_POSITION - exports $SWITCH_POSITION for current switch position - REQUIRETOOL - Exits payload with LED FAIL state if the specified tool is not found in /tools - DUCKY_LANG - Accepts two letter country code to set the HID injection language for subsequent ducky script / QUACK commands - Tools - Tools now install automatically on boot into arming mode from a dedicated /tools folder on the root of the mass storage partition. - All .deb files are installed with dpkg. All other files and folders are copied to /tools - This replaces the tools-installer payload and renames /pentest to /tools - Languages - The HID language database is now updated on boot into arming mode when language json files are located in the dedicated /languages folder on the root of the mass storage partition. - Languages can be set from payload.txt files using DUCKY_LANG, e.g. DUCKY_LANG us - New commands - In addition to Bunny Script commands added via extensions, two additional commands have been added to the base firmware: - factory_reset_bunny - reformat_udisk Fixes - Correctly updating udisk on factory reset. - Default time now set based on a combination of NTP and last modified file. - QUACK SET_LANGUAGE us replaced with DUCKY_LANG=us. - Bash Bunny framework now started as a systemd service. - File system more robust with automatically synchronization on mount as well as on payload completion and udisk unmount. - Updated udisk to now include /docs /tools /languages /loot and /payloads. - +222 entropy points New user experiences - Firmware flashing and factory reset now show a distinctive new LED "police" pattern, alternating quickly between red and blue. - Documentation has been moved to /docs on the root of the mass storage partition. - On boot into arming, the LED will indicate the SETUP status while installing /tools and /languages. - On execution of a payload's install.sh script, the LED will indicate the SETUP status.