Search the Community

Showing results for tags 'python'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • WiFi Pineapple / Jasager
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • Mark V
    • Mark IV
    • Pineapple Modules
    • WiFi Pineapple University
    • Mark I, II, III
  • Active Projects
    • Bash Bunny
    • Lan Turtle
    • USB Rubber Ducky
    • SDR - Software Defined Radio
    • Community Projects
  • Hak5 Shows
    • Hak5
    • HakTip
    • Metasploit Minute
    • Threatwire
  • Community
    • Forums and Wiki
    • #Hak5
  • Other Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Found 13 results

  1. Hello, do you guys know if it's possible to capure Client(s)-to-WifiRouter(s) probe request, just like Karma does, but without "answering" to any of those requests by using python? I mean, to passively monitor surrounding devices' probes and log them in to a text file or something, but be invisible in their wifi network list. Any python libraries suggestions would be appreciated!
  2. Hi Everyone, I am currently writing my first script for the Bash Bunny. I am done with it and I know it works locally. I think there is a disconnect somewhere with me locating where on the Bash Bunny the payload is located? My log turns up empty when run from the Bash Bunny. I also noticed my light is turning Green (finished) before I even show it as a connected network device. Is that possible to start running the script before having the internet? I thought it waited until it received an IP. Anyway - any help would be greatly appreciated. Thanks in advance. LOOTDIR="/root/udisk/loot/brutebunny" # Setup Ethernet LED R B # ATTACKMODE RNDIS_ETHERNET ATTACKMODE ECM_ETHERNET # Need Switch Position source bunny_helpers.sh # Setup loot directory and working directory mkdir -p $LOOTDIR # Bruteforce LED G R 100 python /root/udisk/payloads/$SWITCH_POSITION/BruteBunny.py >> $LOOTDIR/log.txt # Finished LED G I am testing this on Ubuntu. Thanks, Decoy
  3. Once I deploy the LAN Turtle, SSH into it using my own VPS, is it possible to run my own custom python scripts using the LAN turtle terminal. For example: I write my own python keylogger script and SCP it onto my LAN Turtle. Is there a way to run this? I'm unsure if this will work as this is connected via ethernet, not necessarily a normal USB stick. Thanks for your time.
  4. CrackMapExec is a fantastic tool developed by Byt3bl33de3r and can be found here: https://github.com/byt3bl33d3r/CrackMapExec As stated in the repo's README, it's powered by Impacket and takes queues and inspiration from several other tools targeting SMB, WMI, and Windows in general. I recommend reading up on it if you are unfamiliar. For now, it's worth mentioning that CrackMapExec (CME) is also a Python library that can be installed with pip and used like a standard tool, i.e. you can type "crackmapexec" and use it without needing a Python script to act as a vehicle. I installed it on the Bunny and have used it for some network based attacks using RNDIS_ETHERNET mode. If you'd like to do the same, I encourage you to install pip. Connect to the Bunny via SSH and use curl with the "insecure" and output file options, like so: cd /pentest curl -k -O https://bootstrap.pypa.io/get-pip.py Now check your Bunny's current system date and time. If it's not current then you need to update it or Python and SSL will throw a fit because the date/time is wrong. Then use Python to run the script: python get-pip.py That may take some time to complete, but pip will open up a lot of possibilities and assist with Python tools and dependencies. Once that's done, you'll need to install packages required for supporting OpenSSL/PyOpenSSL. You'll need to have shared your internet connection with the Bunny for this to work. apt-get install build-essential libssl-dev libffi-dev python-dev Once those packages have been installed successfully, you should now be able to successfully use pip to install CME. If something goes wrong with this next step, it's almost certainly related to the cryptography library and a missing dependency. Read the error carefully and Google it. You can be certain there will be several GitHub and StackOverflow hits at the top. Run pip: pip install crackmapexec Once that is done, you can test everything by just running "crackmapexec" in your terminal and you should see CME spit out its help text and version information. You're now ready to include CME commands in your Bunny payloads. CME is a network attack tool, so you can use it against locked PCs. A very basic example of this is: crackmapexec $TARGET_IP That command tells CME to connect to the target's IP address via SMB. If that much can be done, CME will return a hostname and the target's operating system build. This is a fast "attack" and can be used to, let's say, fingerprint a machine quickly to prove you had access and collect some information. You can go a step further with this: crackmapexec $TARGET_IP -u "" -p "" That tells CME to try a Null session with SMB. If the target disallows Null sessions nothing bad happens. You still get the basic OS details. If the target allows for a Null session to be initiated then you can check for success and then potentially proceed with something like running CME again with the addition of "--shares" to enumerate network shares and gather additional information. If you happen to have a password hash or credentials from an earlier attack (perhaps phishing or passed to you from a teammate), those creds can be used with CME and any CME-based payload can be easily edited to include the credentials for a much wider variety of attacks.
  5. Hello everyone! I'm currently trying to make the script "fakeAP" work on my Pineapple. This script simply creates a fake AP, I let you imagine what for. The problem is: This script require Scapy to work. I tried to install it but when I run the setup script, It says that it can't find "distutils.core". Distutils is used to install python package. I searched a way to install it but, when I try to install it (via OPKG or from source), it says: * pkg_write_filelist: Failed to open //usr/lib/opkg/info/python-distutils.list: No space left on device. * opkg_install_pkg: Failed to extract data files for python-distutils. Package debris may remain! * opkg_install_cmd: Cannot install package python. * opkg_conf_write_status_files: Can't open status file //usr/lib/opkg/status: No space left on device. So, my Pineapple don't have enough space left. I tried to tweak the opkg.conf so it can install it on my sd card (mounted on /sd) but it fails everytime. I deleted a bunch of my modules and temp files, but the result is the same. Has anyone a solution ? Thanks and sorry for bad english! :)
  6. Hi, As a starter project for messing around with TK, I made a replacement for the wp6.sh script with a GUI. It's a bit basic to say the least, but it should be functional. I'm aware that I should really be using classes to build my application, but this is just an excuse to code something. Hopefully, someone might ind this useful. Anyway, the code (such as it is) is located here: https://github.com/phpsystems/PineappleSetupGui Phpsystems.
  7. Hi, I've been crunching away at this python3 script(s) for the past month and I would like some input on how to make it better. I based this bot off of Paul Mutton's work from the book “IRC Hacks.” Threading, having less hard coded variables, self healing, and making this code less dyslexic is definitely on the to do list! Let me know what you think :3 https://github.com/notpike/PikeBot
  8. Hi all, I was looking at trying wifite2 on the tetra mainly for the 5ghz addition over the std wifite which works reasonably well. It seemed to require stty, so I installed coreutils-stty and that got me a little further so it runs and finds networks. But as soon as you specify a target it hits an issue with :- WPA-handshake attack: waiting for handshake... [!] Error: global name 'err' is not defined [!] Full stack trace below [!] Traceback (most recent call last): [!] File "./Wifite.py", line 171, in <module> [!] w.main() [!] File "./Wifite.py", line 34, in main [!] self.run() [!] File "./Wifite.py", line 120, in run [!] attack.run() [!] File "/root/wifite2-master/py/AttackWPA.py", line 80, in run [!] if handshake.has_handshake(): [!] File "/root/wifite2-master/py/Handshake.py", line 61, in has_handshake [!] if len(self.tshark_handshakes()) > 0: [!] File "/root/wifite2-master/py/Handshake.py", line 127, in tshark_handshakes [!] if not Process.exists('tshark'): [!] File "/root/wifite2-master/py/Process.py", line 51, in exists [!] if stdout == '' and err == '': [!] NameError: global name 'err' is not defined At first i thought this was to do with STDOUT & STDERR so I looked at libdaemon from opkg but that doesn't seem to make a difference. Did anyone already try wifite2 and if so did you get any further? would love to hear from you. Cheers all
  9. Looking to install some python modules for a project. pip is not there. Tried a workaround that seemed have failed. So what are my options? And can I get a list of python modules available for the Turtle ahead of time? (to avoid wasting time)
  10. Hello there guys! nice to see you! Just wanted to know about the power of python from you leets, im a beginner! trying to learn new things of python can you please tell me what are the things could be done with python?? Can I use python for IoT devices? is it gonna help me only in scripting ?
  11. Hello there! Which is the best programming language to start with? I have already learned a bit of C and JAVA. May I know the best language to start with? I want to learn to make wireless hacking tools for linux with my own coding knowledge, kindly help! Thanks!
  12. I have a bit of an odd question that I'm hoping someone here can point me in the right direction to figure out. I have been looking at a DVR which I purchased for the express purpose of poking around on. I was able to gain access to it via telnet, and found some interesting things. I found the password hashes for the web portal. The passwords themselves are hashed using an algorithm detected by JTR as "dahua". Outside of the source code for the JTR module located at http://fossies.org/linux/john/src/dahua_fmt_plug.c I cannot find any information about how this algorithm works. I spent several hours using my google-fu, but I haven't found anything yet. Here is what I have so far from reading the source code from above: The password is hashed using MD5, then compressed using the compress method included above. I don't know C well enough to be able to translate the rest of it, but that seems to be 99% of the work. I am getting hashes in the correct format using the code posted below, but they aren't correct. The code from the JTR module expects a 16 character hash, but MD5 returns a 32 character hash. I am quite rusty on C/C++, but I'm having a really hard time understanding the flow of the C program of the JTR module, particularly with pointers, and memory allocations. I know my python file has some errors in it, because it wasn't until I started writing this that I realized it was only checking the first 16 characters of the hash, not the full 32. It doesn't matter because the compressor as written only reduces the length by 2 anyway. dahua_hash.py
  13. Hi Guys, I've been working on a python script to help organize the pineapple's SSID pool. Most of the work I do with the pineapple has to do with attracting unassociated clients. As such it's sometimes undesirable to have an extremely large SSID pool. For instance, if I'm trying to grab a client and it's looking for an SSID that's 2250 on the list, but the pineapple rolling through SSIDs at number 5 on the list, I might miss my opportunity. To help combat this, I generally use an SSID list that is smaller in number, but the SSIDs on that list are SSIDs that many people use (Ex: attwifi, panera, CableWifi). Up until now I've just been looking at multiple lists trying to pick out ones I think clients will be broadcasting. The script makes use of pineapple's pineap.log file. You can find this file by going to the Logging system module and clicking the Download button after you've used Pineap to log some probe requests. You can also find it on the pineapple in the /tmp/ directory. This file starts anew after each restart. If you place pineap.log in the same directory as the script and run the script, the script will: - harvest of the SSIDs and the mac addresses that probed for them - eliminate all duplicate requests - assign each SSID a rank based on the number of times a unique device requested that SSID - sort the SSID with the highest rank to the top with each successive rank behind - write the results to two files. The first file, SSIDlist.log, has just SSIDs listed in their appropriate rank order. The second file, finalRanking.log, has the same but each SSID has it's rank next to it. What I then do is edit SSIDlist.log, erase all but the top 100 SSIDs, rename the file to ssid_file, and place it in the pineapple's /etc/pineapple/ directory. (More on that here: https://forums.hak5.org/index.php?/topic/38060-ssid-pool-management/?p=275753) Now my standard pool of SSIDs are the top 100 SSIDs used in my part of the world. Just to give you an example of how I'm using this on the ground. Yesterday I took my pineapple to a large target area. I needed to know what SSIDs would most likely ensnare the devices and the employees' personal devices on that campus. I spent over an hour walking the grounds and ended up with over 450 SSIDs. Using this script, I'll cut that 450 down to 100 or even 50 to increase the speed and efficiency of grabbing a client. The example files that are with the script are from me driving around Tampa yesterday with the pineapple in the back of my car. Just for the record, war driving is a terrible way to collect probe requests for an area. You're better off walking. You might be asking, why isn't this a module? First, I've never used javascript or php. I'm attempting to learn, but I'm not even close. So if anyone finds this helpful enough and wants to make it a module, be my guest. Finally, I'd like to make a suggestion. If you use this script for a particular area and you don't mind sharing, I would like to make a repository of Top 100's on regions all over the world. I have webspace at skinnyrd.com and can post them all there in an organized fashion. The more distinct the region, like neighborhoods or industrial parks in cities vs entire metro areas, the better. If you live in a small town, that's welcome to. If you'd really rather not share, no big deal. If you have any questions just let me know. Have a great day! SSIDsort.zip