Jump to content

Search the Community

Showing results for tags 'responder'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • New USB Rubber Ducky
    • WiFi Pineapple
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
    • WiFi Coconut
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • Legacy Devices
    • Classic USB Rubber Ducky
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 7 results

  1. So I am trying the quick creds with my new bash bunny. I put it into arming mode and put the payload in the switch 1 folder and put the responder in the tools folder. I try out the attack and then go back into arming mode and see my responder is gone and all I got was the pc name. What am I doing wrong?
  2. Please see the official Hak5 tools sticky It seems like quite a few folks are having some trouble getting impacket and responder installed since the firmware v1.1 update. Here is a dead simple script that you can run on your BashBunny to install the two most commonly used tools in the currently published payloads. Steps Setup your BashBunny to share internet with your host machine, then SSH into the bunny. Ensure it has an internet connection. I prefer a simple ping to 4.2.2.2 Run the following command curl -k https://scripts.10ninetysix.com/bb/git_impacket_responder.txt | sh The content of the script can be viewed below and at the following URL: https://scripts.10ninetysix.com/bb/git_impacket_responder.txt apt-get update && apt-get install -y git mkdir -p /tools export GIT_SSL_NO_VERIFY=1 # Install Responder git clone https://github.com/lgandx/Responder.git /tools/responder # Install Impacket git clone https://github.com/CoreSecurity/impacket.git /tools/impacket cd /tools/impacket && python ./setup.py install Note: I believe Sebkinne is creating, or has created .deb files for impacket and responder that will be easily installed by placing them in the USB storage /tools/ folder, however those have yet to be released. I am guessing they will be released with the 1.2 firmware.
  3. **IT Issue, not directly Turtle Related** Hi Guys, I'm loving the Turtle, however, I've been able to get everything working however, I'm having an issue. When I use QuickCreds, or configured Responder, I capture the NTLM hash fine, but when I go to process it in Hashcat, with the known account credentials in the password file, or a weak password that I know and brute force it, I never get the calculated plaintext. The hash is seen as correct, and viable within Hashcat, but it's not valid. This is the example NTLM from Hashcat, which works fine: admin::N46iSNekpT:08ca45b7d7ea58ee:88dcbe4446168966a153a0064958dac6:5c7830315c7830310000000000000b45c67103d07d7b95acd12ffa11230e0000000052920b85f78d013c31cdb3b92f5d765c783030 (Processes to "hashcat") This is my capture with some details adjusted so that it remains private: REDACTED$::REDACTED:1122334455667788:REDACTEDFB7CBC971F7DEE1FREDACTED:0101000$ So why is this happening? The only thing I could think is that it's on a domain, (I've been given permission to this this, so don't worry) Thanks in advance.
  4. Hi all.. IM trying to wrap my head around everything that can be done with responder and impacket as well as any other tool kits available that would be useful in creating Ethernet attacks.. if anyone can point me to some good nooby tutorials for either that would be awesome.. maybe the next hak YouTube show can cover them? Specifically looking for SMB attacks that can take ntmlv2 hashes.. or ways to inject browser based payloads to locked machines Thanks in advance .
  5. I love the bash bunny. However, I thought before I got it that it might be able to access the network to run responder or exfiltrate docs over 443 to a remote server. However without setting up internet connection sharing that doesn't seem to be the case. Or am I just doing it wrong? I am working on a workaround, as a proof of concept, we would love to be able to plug this in a locked machine and send creds or docs to a remove CNC server. That would be the goal. P.S. Where can I find info on the Bash Bunny Contest? Thanks
  6. Hi, I have written a blog post on using mubix's discovery to grab AD creds using an Evil twin AP and Responder. https://zone13.io/post/Snagging-credentials-over-WiFi-Part1/ pros: • no physical access required • no driver installations.. I can see that Tetra/Nano has Responder modules but not much info on using it. I don't have a Pineapple handy at the moment to try it out. Anyone care to give this a go on tetra/nano? Happy to answer any queries on working. cheers.
  7. I am completely and utterly disappointed. i have been searching for weeks to find out how to preform a arp-poising MITM attack to sniff plain text credentials, the best thing i could find was Responder. There is no guide on how to use this explicitly on the WiFi Pineapple. I have basically paid $250 for a box. The last person to ask about this did not get anywhere in terms of help either. Please Can somebody in this entire forum show me how i can configure Responder to work on a Wireless network. Like from the ground level. What options do i select, do i connect in client mode (Wlan1, Wlan0) ect. Please, this was a big investment for me.
×
×
  • Create New...