Jump to content

Decoy

Active Members
  • Posts

    248
  • Joined

  • Last visited

  • Days Won

    2

Profile Information

  • Gender
    Male

Recent Profile Visitors

3,448 profile views

Decoy's Achievements

  1. Hi @Foxtrot - the new firmware is great. Is there any chance we can modify '/etc/opkg.conf' in a future release to add the following line? dest usb /mnt I've been experimenting with installing required packages directly onto USB with some success so far and was hoping a firmware update wouldn't wipe it out or require others to add it for future payloads. Thanks! Decoy
  2. I know this post is super old - but a quick fix (which I just used recently) is to modify the payload changing NETMODE from TRANSPARENT to BRIDGE. Obviously this won't work if you're looking to keep the device hidden as you will be assigned an IP address from the target; however for my purposes I was simply monitoring one node on my network. This allowed me to track time appropriately. Payload modification: function run() { # Create loot directory mkdir -p /mnt/loot/tcpdump &> /dev/null # Set networking to TRANSPARENT mode and wait five seconds #NETMODE TRANSPARENT # Set networking to BRIDGE to allow for correct timestamp on caps NETMODE BRIDGE sleep 5 # Start tcpdump on the bridge interface tcpdump -i br-lan -s 0 -w /mnt/loot/tcpdump/dump_$(date +%Y-%m-%d-%H%M%S).pcap &>/dev/null & tpid=$! # Wait for button to be pressed (disable button LED) NO_LED=true BUTTON finish $tpid }
  3. Hi Everyone, So my latest obsession has been with embedded device hacking/reverse engineering. I've been having tons of fun discovering UART/JTAG ports/pins, dumping firmware, and walking the file systems. As far as binary analysis goes - I am looking for something comparable to IDA Pro. I've used it and like it, and from what I have read - it's considered the best; however it is also the most expensive. Does anyone know of any good alternatives the have a comparable feature set? I've been looking into Binary Ninja which is about $150 for a Hobbyist license - I am leaning towards that one so far. Any suggestions would be greatly appreciated. Thanks, D
  4. This was actually mentioned in their "Let's Code" video when the Packet Squirrel was first released - so it's a known "issue". It can be done by syncing with NTP; however this can't be done in Transparent mode. You would need an IP on the target network with Internet access in order to accomplish this. While it might not be perfect, and might require some parsing on your part - you could always snag Timestamps from HTTP headers as well when returned across the wire.
  5. This is a pretty decent article explaining how it can be done: https://ferrancasanovas.wordpress.com/cracking-and-sniffing-gsm-with-rtl-sdr-concept/
  6. That's precisely my intention.
  7. So I was able to change my password by pretending to forget it; however it might not be a bad idea to introduce a legitimate feature on the account page for this. Please let me know if I am just blind and can't find it anywhere.
  8. Hello, I don't know if I am blind or what - but I can't seem to find where to change my Hakshop Account password ANYWHERE. Is this functionality not available? It looks like the only thing I can add/change is my address. Thanks, D
  9. I agree with the ugly pocket; however I do like the idea of using nethunter on a phone while wardriving. It's easier to use my mobile device and slap an alpha card onto my passenger side window or driver side window as opposed to using a laptop.
  10. I just picked this up myself. I love Johnny Long and saw he made some contributions.
  11. That's right. I'm confusing the two. Check out his drone work too, it's pretty awesome. It flies around hacking other drones in flight, creating a drone army.
  12. I saw that for the first time last year I think... I'm more amazed that he built it out of a little girl's toy. He also caused mass inflation of the price in which to purchase one... But definitely genius. I've picked up some SDR gear, but I've yet to dabble.
  13. Are we talking strictly Mobile Browsing? The new Focus browser from Firefox is decent, and seems to tote privacy as its primary purpose. If we're talking desktop, I think Firefox is the way to go as there tend to be more plug-ins available for specific tasks. I was really excited for the Mantra Browser (variation of Firefox) from the OWASP project, but support seems to have fizzled out. There hasn't been an update in quite some time. This browser came bundled with a suite of plugins and pre-configured settings for web application testing. Check out some videos when you get the chance, it was pretty slick.
×
×
  • Create New...