Version 1.2 Changelog Features - ATTACKMODE now accepts a new RO_STORAGE argument - Example: "ATTACKMODE RO_STORAGE" will now present the Bash Bunny's storage partition as read only - QUACK now accepts a new KEYCODE argument - Example: "QUACK KEYCODE 00,00,56" will write the '-' character from the numpad row - A new udisk helper was added - A 'udisk' script is now available - "udisk mount" - "udisk unmount" - "udisk reformat" - The reformat_udisk command has been merged into the new udisk command - User configuration file - A config.txt is now found on the root of the Bash Bunny's storage partition - This config.txt is sourced before payloads are executed, allowing global configurations - By default the DUCKY_LANG command is run to set the keyboard to 'us'. - NOTE: settings in config.txt will be overwritten if a payload decides to do so - NOTE: config.txt will currently not survive factory resets or firmware upgrades. This will change in the future Fixes - RNDIS_ETHERNET can now be used with other attackmodes - Payloads now do not get killed after 90 seconds - Removed redundant steps in udisk script - +123 entropy points New user experiences - Bunny Script Extensions have been moved to udisk/payloads/extensions from udisk/payloads/library/extensions - Payloads should not be setting user specific variables (such as DUCKY_LANG) anymore, as these should be set by each individual user inside the config.txt file Version 1.1 Changelog Features - LED - LED now accepts either color and pattern, or status - Color: In addition to R (Red), G (Green) and B (Blue), Y (Yellow), C (Cyan) and M (Magenta) are now accepted instead of their respective additive color codes. This replaces LED color mixtures, for example LED R G. - Pattern: In addition to time in ms to blink symmetrically, pattern parameters for SOLID, SLOW, FAST, VERYFAST, SUCCESS, SINGLE, DOUBLE, TRIPLE, QUAD, QUIN, and OFF are now supported. - LED states standardize common payload practices, such as SETUP, FAIL, ATTACK, CLEANUP and FINISH. These states standardize the LED behavior from payload to payload. - See the LED documentation from readme.txt for more detail. - Extensions - Extensions from the /payloads/library/extensions folder are sourced automatically for each payload.txt. and provide new Bunny Script capabilities. - Extensions replaces bunny_helpers.sh. - RUN - accepts OS and Command to execute for HID injection on various operating systems - RUN WIN "powershell -WindowStyle Hidden \"tree c:\\ > tree.txt\"" - RUN OSX https://www.example.com - RUN UNITY ping -c2 172.16.64.1 - RUN WIN notepad.exe replaces QUACK GUI r; QUACK DELAY 500; QUACK notepad.exe; QUACK ENTER - GET - exports system variables - Accepts TARGET_IP - exports $TARGET_IP for targets IP address - Accepts TARGET_HOSTNAME - exports $TARGET_HOSTNAME for targets hostname - Accepts HOST_IP - exports $HOST_IP for IP address of Bash Bunny - Accepts SWITCH_POSITION - exports $SWITCH_POSITION for current switch position - REQUIRETOOL - Exits payload with LED FAIL state if the specified tool is not found in /tools - DUCKY_LANG - Accepts two letter country code to set the HID injection language for subsequent ducky script / QUACK commands - Tools - Tools now install automatically on boot into arming mode from a dedicated /tools folder on the root of the mass storage partition. - All .deb files are installed with dpkg. All other files and folders are copied to /tools - This replaces the tools-installer payload and renames /pentest to /tools - Languages - The HID language database is now updated on boot into arming mode when language json files are located in the dedicated /languages folder on the root of the mass storage partition. - Languages can be set from payload.txt files using DUCKY_LANG, e.g. DUCKY_LANG us - New commands - In addition to Bunny Script commands added via extensions, two additional commands have been added to the base firmware: - factory_reset_bunny - reformat_udisk Fixes - Correctly updating udisk on factory reset. - Default time now set based on a combination of NTP and last modified file. - QUACK SET_LANGUAGE us replaced with DUCKY_LANG=us. - Bash Bunny framework now started as a systemd service. - File system more robust with automatically synchronization on mount as well as on payload completion and udisk unmount. - Updated udisk to now include /docs /tools /languages /loot and /payloads. - +222 entropy points New user experiences - Firmware flashing and factory reset now show a distinctive new LED "police" pattern, alternating quickly between red and blue. - Documentation has been moved to /docs on the root of the mass storage partition. - On boot into arming, the LED will indicate the SETUP status while installing /tools and /languages. - On execution of a payload's install.sh script, the LED will indicate the SETUP status.