BrainEater

Active Members
  • Content count

    35
  • Joined

  • Last visited

  • Days Won

    2

About BrainEater

  • Rank
    Hak5 Fan +

Contact Methods

  • AIM
    Here to learn and help where I can.

Profile Information

  • Gender
    Male
  • Location
    Australia
  • Interests
    USB Rubber Ducky, WiFi Pineapple, Bash Bunny, LAN Turtle, Powershell, Linux, Windows command line, Raspberry pi 's, arduino' s.
  1. Hate to say ip tables didn't help :( I tried the above.
  2. Ok. So this is great I'm currently at work but when I get home I will try out those commands and see if the ip tables can fix my issue thanks so much mate. This has been bugging be for 3 days now and I'm scratching my head.
  3. Yeah mate that's it, the only other thing is there is another computer on my LAN between the openvpn server and the Nord server as a Nord client. Sorry if I didn't explain myself to well.
  4. I have a feeling I need to do something like this. # Create an alternate routing table echo "1 NOVPN" >> /etc/iproute2/rt_tables # Create the routes for this table # Actually, you just want to set the default gateway ip route add default via 192.168.1.1 dev eth0 table NOVPN # Check results with ip route show table NOVPN # Now tell the kernel that this routing table should be used when # a packet waiting to be routed has a specific "mark" ip rule add from all fwmark 0x1 lookup NOVPN # Then mark all the required packets with the same mark use above iptables -t mangle -I OUTPUT -p tcp --sport 22 -j MARK --set-mark 1 iptables -t mangle -I OUTPUT -p tcp --sport 80 -j MARK --set-mark 1 Does this look like something I need to try? Don't what to start Messing with ip tables if it is unnecessary.
  5. I have done that, that's how I had it working external before I changed the gateway to run it through the second vpn. But I believe there is an issue with port forward the server because the gateway is on another server again so the traffic passes through another server, another gateway (the one I changed it to) , a different port and then finally to the PiVPN server. So the port can't be forwarded to the PiVPN server as that's no technical where the traffic is. I need a way to have the client respond back through the current gateway then to the PiVPN server. Or for some bright spark to come up with an idea I haven't though of. Loads of smart minds on this forum.
  6. So I really need help, I though I had everything squared up and ready but I tried to connected externally this afternoon and found a large hole in my plan (a little cranky) . I have everything working great but external access to my OpenVPN server. For more information please read the below link https://forums.hak5.org/index.php?/topi ... vpn-build/ Long story short I need to access my server from outside the network. The setup is my open VPN server on a raspberry pi running raspbian which is on local ip 10.1.1.101 and I run all of its traffic through another raspberry pi configured as a gateway with the ip of 10.1.1.102 then out to the Internet. Everything is working great internally I just need to know what I have to do to access it external. The default gateway for the gateway pi is 10.1.1.1
  7. So I have been working on this Server/VPN project for about a month now and I'm supper happy i finally have everything together, setup and boxed up. A quick rundown on what is in there and what i have done. The top black box is clearly just my router and the bottom hosing is an electronic project box i picked up for my local electronics store (Jaycar). The actual internals consist of 3 raspberry pi 3's, a TP 5 port switch which i removed the housing from as the board by itself takes up significantly less room, a 70 watt powered USB hub to power the pi's, 3 micro USB power cables, 3 cat 5e Ethernet cables, and a 2TB external hard drive. The standalone raspberry pi with the 2TB external drive is a self contained, fully functional, and port forwarded for external access, OwnCloud server which i have found myself using on a dally basis. The other 2 that are stack, are VPN related. The bottom pi is my own OpenVPN household server which is port forwarded for external access and it is what i actually connect all of my devices to. The top pi is my NordVPN client that i have also set up as a local internet gateway for my local network. So the config currently works and is setup as follows. My OwnCloud server stands allow with internal pi encryption, https, and encrypted storage. The OpenVPN local server runs all of its encrypted traffic through the NordVPN pi gateway, then through to my router, while still encrypted out to the NordVPN servers and then finally decrypted and out to the internet with a change of location and ip address. Device --> OpenVPN pi Server --> NordVPN pi Client --> Router --> NordVPN Server --> Internet The theory behind this is now i can create and revoke as many client keys as I want and keep track of all of my devices with my own OpenVPN server as well as encrypting my traffic while i am way from home without setting up all of my devices with NordVPN (its all most as simple as drag and drop a ovpn file for most devices using OpenVPN plus OpenVPN can be setup in may different ways and has loads more configuration options), but then also tunnel them out through the internet while maintaining the encryption (instead of decrypt all of my traffic before it leaves my router) as well as changing my geo-location, hiding my traffic from my ISP and also avoiding the 8 device limit that NordVPN sets. Thought? Hope i Have sparked some creativity in everyone.
  8. Another down side to the arduino that I forgot to mention, is that as soon as you plug it in to edit or change the script it will run on the host computer.
  9. Sorry if this is long but I use both arduino boards and the usb rubber ducky so I will explain. The arduino's are good for a few reason but have there faults as well, so before I even start I honestly would recommend the duck and 1 or more arduino. Arduino Pros/From my experience (depending on the arduino board, it will input more keystrokes per-second then the ducky. It is much cheaper (inexpensive) being able to buy a case, the board and a usb/micro usb adapter (depending on the board) all for under $10. Marking it more viable from a plug and run situation because you are only lost $10 instead of $40-50. Arduino Cons/The arduino even with a case is more suspicious then the ducky. The arduino uses arduino ide to program the script which works great but you need to be willing to spent time debugging as there are, some bugs, issues on Linux, issues detecting some arduino boards and a few other things. The arduino starts to input as soon as it gets power and will not stop the keystrokes at any point. Meaning your delays must be longer and more accurate the then ducky as there is not tolerance or discrepancies. The arduino uses c++ code, but to answer your other question there is a program(java script) and online encoder called duckuino to convert ducky scripts into c++. All up more or less the arduino is good after alot more set up but not as inconspicuous so best to plug in to the back of a computer and run and the ducky is beter for social engineering, testing scripts for easy of use and quick file Exfiltration with things like twin duck. All up it really depends on your use case scenario but both are great. Hope this helps and anymore questions please ask.
  10. From what I have seen (although I haven't really looked) I haven't seen many Android palyloads apart from the odd one here and there (check YouTube I have found a few there). But to answer your others question, I have been teaching myself powershell as well and there are loads of tutorials online. But the easiest way I have found is to write up a draft for a payload and script out everything but the powershell section. Lay it out and figure out what you what to achieve and what order it needs to happen it. Then Google, lines of powershell commands that with achieve what you what to happen, string to them together or cut and edit them so it works. Run every command individually so you can see errors and troubleshoot. Read about how the commands you are using actually work and then start putting together your script. Over time you will Google so many different lines of code and so many questions about the code you will not only learn the commons to run but all about alias' and load of other powershell workarounds to get the job done and do it faster.
  11. I don't see why they would pull the post. The Hak5 team is pritty good like that, there all about the tech and new ways on doing things and this forum is really good for tips and projects. It's not a replacement for the Bash Bunny it's just a cheap tool that can be disposed of. I do the same thing with the Rubber Ducky. I use the actually product all the time but I preload scripts on to arduino's too. Leave them at friends house and make my life easier. Instead of always reloading scripts or teaching my friends or family how to set up a shell so I can fix there shit, all they have to do is plug in the arduino and I have a reverse shell. I see this as being the same utility.
  12. @illwill WhIle I'm here I will thank you for your input, it's interesting to see how powershell has change over the year but at the core it's still the same today as it was when it first come out. They have just added a few little commands to make life easier. Your adjustments work great and worked on every version of powershell. I'll give you some mad props in my REM and from now on try to code at the most basic level of powershell because its upwards compatible.
  13. That's fine mate and don't be sorry I'm happy to help when I can I'm only new to all this as well. So the issue your having is really simple and it's not your computer or the script. If you are using the duck encoder on the website duckytoolbox it's an issue with the encoder. I have had the exact same problem when encoding anything more then a simple script. The easy fix is just to download the Java script encode (or the whole duck toolkit)from Darren's github page and encode it on your computer with that. It's upto date and from what I believe te website is no longer maintain.
  14. I can certainly try @index Can I ask the name of the usb flash drive that you used (ie the name you have given to the drive) or what you named the mass storage of the twin duck that you used? This code has to be used with the rubber ducky flash with the twin duck firmware or the standard duck (or arduino) with a second usb drive plugged in as well (as it needs somewhere to store the output file) . The way I have written the code (stolen it from Darren) the usb or duck has to be named @ (just simply the at sign "@" and nothing else). You can of course change this just by changing the @ symbol in the code. ie $u=gwmi Win32_Volume|?{$_.Label -eq'your drive name here'}|select name;cd $u.name It seems that the code powershell is throwing after running the command, that it can not find the drive name specified. Hopefully this helps and if not let me know and I can look into it more (currently not in front of my computer).
  15. I have to agree with @Rkiver I've only been doing this for 3 months and officially on the forum for a month and I have found that self teaching is the way to go, so I'm only new to this as well. Find something that interests you and start there. For instance every one says start with phython but I haven't even written 1 python script yet. I have however been learning Powershell for ducky script and I have learnt so much it's not funny, Powershell is extremely powerfull. I have also been learning networking and html. Just pick something you can see yourself using and start researching that.