Hak5 Bash Bunny Review
I wanted to spend a minute to recommend a cool new hacker device I've been playing with; The Bash Bunny by Hak5 is epic not just because it provides novel attack vectors, but because it provides a hardware platform for people to develop more attacks on, as well as the simple bash scripting language to utilize on top of the platform. I've used a number of their devices in the past, The Lan Turtle, The Rubber Ducky, and The Wifi Pineapple (similar platform style device), and this one is my favorite so far because of the novelty of the hardware platform provided. The Bash Bunny lets you programmatically change the interface device type of the USB hardware, allowing it to change functionality on the fly and deliver complex payloads in a single device. This device essentially combines the amazing capabilities of a storage device, the Ducky (scripted HID attacks), Lan Turtle (rouge device), and the PoisonTap (network hijacking) into one dynamic platform, dramatically extending the capabilities of each vector. It also makes it extremely easy to develop on this platform, enabling a much winder audience to develop unique attacks across these vectors. They set up a central github repo chock full of community payloads, and even have a companion site to help newcomers write payloads. I've submitted some payloads of my own, playing around with existing techniques on OS X and Windows. I can tell you first hand it's a really fun platform to play on, allowing for rapid experimentation and tons of real world practical applications. Hak5 is really fantastic in that regard, they are known for bringing cutting edge hacking techniques to the masses, typically in the form of their weekly videos. And the Bash Bunny is just that, an affordable, epic hacking device. You don't have to take my word either, there are other glowing reviews for this device already. It's a great spy device too, allowing you to do complicated hacks on the fly with only few seconds of physical access. And not all applications are malicious either, this is also a good way to automate the setup of machines at a very low level, by controlling HID, storage, and network interfaces dynamically, one can easily automate the bootstraping of platforms that are traditionally difficult to bootstrap (OS X for example). Regardless of what you decide to do with the The Bash Bunny, it has some amazing documentation and support. The Bash Bunny has it's own wiki, and it's an excellent resource compared to previous similar projects (PoisonTap's awful documentation comes to mind), as well as a very active forum. Finally, if you happen to encounter or suspect one being used against you, there a few helpful counter-hacks you can employ. You can use my friend Javier's USB 2fac to prevent the device from ever connecting to your machine. Further, you can check your logs for any storage devices named BashBunny, as most of the community payloads require this device name hardcoded. If it is connected to your machine in a payload state you should probably remove it immediately. Once in arming mode you should check out the \loot\ directory for any counter-intel and understand the payloads it was equipped with. You can try to log in at 172.16.64.1, using the creds "root:hak5bunny", or directly connect to the BashBunny in arming mode by using the command "sudo screen /dev/tty.usbmodemch000001 115200" (on OS X). If your feeling particularly trollish, you could even reformat the drive without necessarily bricking the bunny. That said, they seem pretty resilient (they have a hardware recovery mode built in), as I haven't seen very many complaints about bricked devices yet. If your new to this whole thing, here is a pretty awesome tutorial the Hak5 crew put together to help you write payloads: