Active Members
  • Content count

  • Joined

  • Last visited

About wutanglan

  • Rank
  1. If this machine has modern Windows packages, I would bet my life the above file that gets extracted will be detected by an AV solution. There are ways to attempt to make it undetected which you can look into. I recommend Georgia Weidman's book: "Penetration Testing: A hands on Introduction to hacking" for further info. She covers the whole process of using metasploit in a fundamental way and bypassing AV, and also how it's done. I would look into more in WHY these exploits / payloads work instead of how to reach a specific goal. Also, in order for you to access the target machine, you will need to setup a listener on your own machine.
  2. lanturtle

    Well, the interface would not be available because there is no interface to connect to if it's just a power source as this interface relies on a physical interface to attach to. As for the 192.168.x.x failing, did you set this statically ? It's possible the ip changed. Try doing a ping sweep of your LAN to ensure it is reachable - `nmap -sS -p 22 --open`
  3. lanturtle

    So if I understand correctly, you have the LT plugged into a laptop which has the internal address and also into the LAN which received the address correct ? * From here, you mention that you plug it through a direct power source ? What I get from here is that the scheme is not accessible because the interface it is responsible for connecting to when plugged into a device through USB is not accessible as it's just a power source. You should technically still have a LAN connection, however. Also, if you're looking to access the turtle remotely you will want to look into setting up the Open VPN server either at your home on a Raspberry PI or on a router / networking device if it supports it. Hope I understood your hang ups here.
  4. Think of the turtle and Open VPN as getting a foothold on the target network itself, NOT exploiting actual machines. Now talking in terms of metasploit / meterpreter, these payloads can be leveraged, but doing so through Open VPN is rather not a good option imo -> unless you configure the payload(s) specifically to speak through the tap0 interface of the turtle, but even this would require the iptables trickery that was mentioned and likely involve altering routes which would contradict the whole white box pen testing scenario you mentioned. How did you go about configuring the payload(s), and were you sure the machines you ran them on were vulnerable and didn't get tripped by AV ? Elaborate more on what you did there and we can see if we can help. I'm sure there are iptables we can conjure on the turtle or surrounding our VPN, but to make this much simpler what you can do to get a reverse shell outside of the turtle to your machine is open up ports yourself either to a droplet through DDNS or to your local machine through the internet, although this may be noisy to local network admins on the pen-test site. Other than the networking stuff we mentioned, I would look more into the payload(s) you're using and how the target machine(s) respond to them or failed to respond in this case.
  5. Thanks for following up @0st1x - I am in the process of getting to know git so I like your thought process behind that work around and will definitely give it a try. With most issues i've had so far with the turtle, i've noticed with some simple script modifications, there usually lies a work around. I don't want to re-invent the wheel as i'm sure a lot of these work arounds have been covered on this board so far. I will share one I had for example. * Open VPN for example. * I noticed the /etc/turtles/modules/OpenVPN file's openvpn syntax by default is `openvpn --daemon --config my-vpn.conf ` * That syntax did not work for my personal setup. * For my Open VPN connection, I had to specify all of the proper Open VPN flags and do so inside the script as such (Also, I had to specify the modult to 'cd' into the /etc/openvpn directory. function start { if [ -s /etc/openvpn/my-vpn.conf ] then #/etc/init.d/openvpn start #/usr/sbin/openvpn --daemon --config /etc/openvpn/my-vpn.conf cd /etc/openvpn ; openvpn --config my-vpn.conf --ifconfig --route In my experience, having the turtle so far has taught me a lot about scripting and how to have proper use cases for modification.
  6. Hi All, I'm new to this forum, but not so new to hak5. I have been following the products and videos for awhile. I recently got a LAN turtle. Obviously the LAN turtle's selling point is not it's storage capacity, which is fine. However, after reading the forums and trying to understand the Quickcreds module, I notice when I install it the turtle instantly fills up to the point where I can't even start QuickCreds at all without it telling me there is no space on the device. root@turtle:~# df -h Filesystem Size Used Available Use% Mounted on rootfs 4.6M 4.3M 304.0K 94% / /dev/root 10.3M 10.3M 0 100% /rom tmpfs 30.0M 600.0K 29.4M 2% /tmp /dev/mtdblock3 4.6M 4.3M 304.0K 94% /overlay overlayfs:/overlay 4.6M 4.3M 304.0K 94% / tmpfs 512.0K 0 512.0K 0% /dev Is there any way around this ? I tried to search the forums and other problem tickets that mentioned it, but was unable to find anything. If i'm mis-understanding something i'm open to know what that may be. So far, i've had great luck getting OpenVPN to work and a couple other modules and enjoy learning how they work.