Jump to content
Hak5 Forums

Search the Community

Showing results for tags 'quickcreds'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • WiFi Pineapple
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapple University
    • WiFi Pineapples Mark I, II, III
  • Hak5 Gear
    • Bash Bunny
    • Packet Squirrel
    • LAN Turtle
    • USB Rubber Ducky
  • Hak5 Shows
    • Hak5
    • HakTip
    • Metasploit Minute
    • Threatwire
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 14 results

  1. Hi all, Having a fun battle getting quickcreds and responder going on my turtle (with v4 firmware). I've got through the 'not enough space' bit to get responder up and going, but things are still failing. Looking at the script, a key line is where responder is invoked, including the bit 'python Responder.py -I br-lan -w -r -d -P' What is foxing me is how this would ever work. My device does not have a br-lan network interface, just the usual eth0, eth1 etc. So, I could hack the script to call something like 'python Responder.py -I eth0 -w -r -d -P', but my question is how could the script ever work? What am I missing? Any thoughts appreciated!
  2. TheMekon

    QuickCreds – Defences

    Not sure if this in the right place for this... What are the best defenses against this attack? I'm more interesting in logical controls that can be implemented to protect against this threat that physical ones.
  3. Nightwing

    Crash when I start Quickcreds

    Hi everybody, I bought my LAN Turtle and i have a problem in configuration of Quicreds and Responder. QuickCreds not working, leds blink, but /root/loot/ 1, 2, 3 are definitely empty. So i just tried to manually start Quickcreds from Turtle GUI and i can see this error : Stopping DHCP Detect Blink Script Terminated LED will blink rapidly while QuickCreds is running. LED will light solid upon NTLM hash capture. If starting this module from Turtle Shell menu, press CTRL+C to return. ln: /etc/turtle/Responder/logs: No sych file or directory I upgraded manually "turtle.bin" (with success), but this problem is always here. Have you any suggestion ?
  4. Hi guys. Read with interest for months, and took the plunge and purchased a bash bunny last week. Running Windows 10 pro x64 I'm trying to get quickcreds to work. I've updated to the latest firmware, downloaded the latest payloads, and added Impact and Responder to tools when trying to get dumpcreds to work (unsuccessfully). Whilst it appears to initialise, most of the payloads I try and run, other than some of the simple "none capture" ones end with a flashing red light, with nothing captured. I've tried to find a way of restoring to factory (not resetting the device, power up, green light, remove 3 times etc), in case I've done something wrong when initially messing with the device, but cannot see away to do this. Can anyone give this frustrated newbie any pointers? I have red the threads on quickcreds, and had no joy. If there's a thread that i've missed, please feel free to point me to that, or any other resource that could help me. As I said, very new to this, and have next to no experience with Linux, which \i know doesn't help, but am happy to putty into the device with a little guidance. Thank you in advance guys. Matt
  5. blackball

    Packet Squirrel + Responder?

    Has anyone evaluated the feasibility of using responder on the packet squirrel? Using on the Bash Bunny/Turtle is awesome, but I can see how putting it on a device which utilizes the supported Ethernet connection would expand the possibility of using something like the QuickCreds payload.
  6. Maestropastelero

    metasploit and bash bunny

    A couple of days ago I sent this post to the bashbunny threads, and maybe would fit better here, I don´t know how to move the thread here, but this is it : any idea on why the hash from quickcreds don't work with psexec and the ones from hashdump works fine ? I am really exited to have metasploit on the bashbunny to be able to exploit the psexec option.
  7. kurtb2012

    Bashbunny & creds issue

    So, I've got the Bashbunny and I'm testing out Quickcreds and I get nothing but the blinking Amber light. I've have tried on multiple PC's and still blinking amber. I've put NFL.com and other sites up on browsers and then locked the machine to run Quickcreds and still nothing. I've configured all of the pentest and loot directories as well. It will create a directory under loot with the name of the machine, but no data in it. And I've let it run for an hour. I've used the nmapper payload and it worked fine. So, it is writing to the loot directory. I used the Mr. Robot one, and nothing with that. Looking for any sort of direction. And yes, I've read the other postings here and made sure I had everything configured.
  8. deck_bsd

    QuickCreds

    Hi everybody, I just flashed my bash bunny to the new 1.3 version of the firmware. I would like to test the QuickCreds payload on my windows 10 Enterprise. It seems to be stuck in yellow mode (LED ATTACK) forever. Responder is correctly installed into the tools folder. In loot/QuickCreds i have a good folder name but nothing into it. I m doing something wrong ? i have noticed some few thins like, in the payload , it is using the -P option but responder.py doesn 't have it, i erased it, but nothing change. Any ideas ? The thing is, before i just change the LED color , when i tried QuickCreds, after the setup light it was directly the blinking green ligh (i didn't get the yellow one, that's why i would like to test it). After i modified those LED instruction (juste the LED i promes) , the payload always stay in yellow mode. Thanks in advance for your support :-)
  9. BobH

    Bricked Turtle?

    So I did my update, and everything worked fine. I installed after updating the catalog of plugs, and everything worked fine. I enabled QuickCreds on the turtle, along with the MacSpoofer and tried to test it. I plugged it into a locked Winblows machine to see what it could grab. It flashed forever, never ended (known problem per other forum links). I then unplugged it (after 20 minutes), and plugged it back into my Mac. I found that, it started the blinking again as if it were trying to pull creds from the Mac, and I could no longer access the Turtle via SSH. it would show up in the network control panel, but only using the "unable to connect to network" IP, never the normal default IP. Is it Bricked? How Screwed am I?
  10. zohmusic5

    Payloads not working?

    Hey guys? I have been trying the executable installer and usb exfiltrator for bash bunny but it's not working. The only payload that is working is the quickcreds payload. Is it because I installed the tools that the executable installer and usb exfiltrator are not working? I made sure that the "d.cmd", "e.cmd" and "i.vbs" files are in the ROOT of the the bashbunny and the "payload.txt" is in the "switch1" of the Bash Bunny. What is going on? Please help.
  11. SemiAnonyAnon

    QuickCreds / Responder NTLM Issue.

    **IT Issue, not directly Turtle Related** Hi Guys, I'm loving the Turtle, however, I've been able to get everything working however, I'm having an issue. When I use QuickCreds, or configured Responder, I capture the NTLM hash fine, but when I go to process it in Hashcat, with the known account credentials in the password file, or a weak password that I know and brute force it, I never get the calculated plaintext. The hash is seen as correct, and viable within Hashcat, but it's not valid. This is the example NTLM from Hashcat, which works fine: admin::N46iSNekpT:08ca45b7d7ea58ee:88dcbe4446168966a153a0064958dac6:5c7830315c7830310000000000000b45c67103d07d7b95acd12ffa11230e0000000052920b85f78d013c31cdb3b92f5d765c783030 (Processes to "hashcat") This is my capture with some details adjusted so that it remains private: REDACTED$::REDACTED:1122334455667788:REDACTEDFB7CBC971F7DEE1FREDACTED:0101000$ So why is this happening? The only thing I could think is that it's on a domain, (I've been given permission to this this, so don't worry) Thanks in advance.
  12. Hello, I just received my first LanTurtle and i wanted to test it with the quickcreds module, however when the modul is loaded en I plug it in a Logged on machine, the orange light keeps blinking and there are no log files what so ever, the module script keeps making the number folders but they are all empty. and the responder.log only states -->> Starting attack...
  13. Hello, I just received my first LanTurtle and i wanted to test it with the quickcreds module, however when the modul is loaded en I plug it in a Logged on machine, the orange light keeps blinking and there are no log files what so ever, the module script keeps making the number folders but they are all empty. and the responder.log only states -->> Starting attack...
  14. CowRose

    QuickCreds Dependencies Failing

    Hi all, I have been playing with my Lan Turtle over the weekend, I noticed there is now the QuickCreds module available for install. I updated the Lan Turtle, installed the QuickCreds module and then went to configure, where I was prompted to download required dependencies. I selected "Yes" and let it do its thing. After about 5 minutes passed andI started seeing wget errors appearing stating that it was unable to reach the server. Is there any issues with the server that hosts those dependencies? I was able to install and update other modules. It just seems to happen to this module. Thanks,
×