Jump to content
Hak5 Forums

Search the Community

Showing results for tags 'windows'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • WiFi Pineapple
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapple University
    • WiFi Pineapples Mark I, II, III
  • Hak5 Gear
    • Bash Bunny
    • Packet Squirrel
    • LAN Turtle
    • USB Rubber Ducky
  • Hak5 Shows
    • Hak5
    • HakTip
    • Metasploit Minute
    • Threatwire
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Found 42 results

  1. [PAYLOAD] RevShellBack

    Discussion thread for the RevShellBack payload. I've seen quite a few Rubber Ducky projects to do with getting a reverse shell running on a PC so that the shell can be accessed remotely on a different computer. But what got me thinking is this: the Bash Bunny is a full-on Linux ARM computer, right? It has netcat and it can do HID and ethernet simultaneously. So.. why not use that instead? At first, this payload will use a bit of HID trickery to hide itself from an observer as best as it can. As soon as it has done executing the final PowerShell command, HID is no longer used. User-defined commands will be sent to the computer in the background. By default, 4 commands are executed as a demo: Write file (with content) to the desktop Eject CD/DVD tray (if it exists) -- thank PowerShell for making that possible Open calculator application Message box -- powered by PowerShell For information about the payload, the payload script itself and how to configure it, it can be found at this GitHub repository: https://github.com/NodePoint/RevShellBack
  2. Testing the BashBunny for use on a physical pentest/red team engagement but noticing a huge problem with using this device for a real world assessment. Mainly, on a Windows 7 x64 desktop, the initial driver install process took over 2 minutes to install. After initial drivers are installed, my payload initializes and finishes within 10 seconds which is great if only I didn't have to install the drivers first... What makes this issue even worse is that the BashBunny doesn't wait until the drivers have been installed before executing the payload which means you need to unplug/re-plug the device in after waiting 2 minutes to execute the payload. Ideally, it would be nice to build some code into the BashBunny to automatically detect when the drivers are installed and then run the payload. Has anyone had any issues with this and is there any way to improve the speed here? 2 minutes is wayyy to long to wait around at an unlocked workstation. I would be better off typing out the payload by hand if it meant only taking 20-30 seconds max.
  3. QuickCreds

    Hi everybody, I just flashed my bash bunny to the new 1.3 version of the firmware. I would like to test the QuickCreds payload on my windows 10 Enterprise. It seems to be stuck in yellow mode (LED ATTACK) forever. Responder is correctly installed into the tools folder. In loot/QuickCreds i have a good folder name but nothing into it. I m doing something wrong ? i have noticed some few thins like, in the payload , it is using the -P option but responder.py doesn 't have it, i erased it, but nothing change. Any ideas ? The thing is, before i just change the LED color , when i tried QuickCreds, after the setup light it was directly the blinking green ligh (i didn't get the yellow one, that's why i would like to test it). After i modified those LED instruction (juste the LED i promes) , the payload always stay in yellow mode. Thanks in advance for your support :-)
  4. When I connect the Bash Bunny with ATTACKMODE RNDIS_ETHERNET it sets itself as a default network interface, which is desired in most cases. However, I would like it to show up as a secondary interface as part of my payload requires actual internet. Since the Bash Bunny doesn't have internet itself, it can't provide internet to the windows box. It would be nice if I could configure the Bash Bunny to show up as a non-default interface. It is possible to change the metric in powershell, so if my payload uses powershell, I can do this to change it: Get-NetAdapter | Where-Object -FilterScript {$_.LinkSpeed -Eq "2 Gbps"} | Set-NetIPInterface -InterfaceMetric 100
  5. So I literally just finished copying this tutorial ... https://www.youtube.com/watch?v=fmRRX7-G4lc And everything went smoothly... Apart from when I plugged in the duck... Nothing happened on my Kali MSF... No shells were caught? I should first off mention that my target machine was actually a 64 bit windows, so i had to change the msfvenom -a to x64 and change the payload to windows/x64/meterpreter/reverse_tcp... But besides that everything went ok... So because the shell wasnt being caught, I decided to open up powershell my self, and manually type in the code that the ducky inject.bin is trying to run in powershell.... and i got this error... So I think the reason nothing happens when I plug the duck in, is because in the background (because obviously it is commanded to be hidden in the inject.bin) this is happening... making MSF not catch a shell... Please could anyone take a look at this and help me overcome this error please. I would be forever grateful! Thank you hak5 enthusiasts! <3
  6. Windows Internet Connection (again)

    Hi All, I know this one seems to have been done to death on the forum but I am not sure what else to do. I have read all the posts that I can find on trying to get an internet connection on the BB. I have set, reset the different permutations with regards to RNDIS device, IPs, Drivers etc and get the same results. No internet. Ive tried on Windows 10, 8 and 7 and its the same. Ive tried deploying the payload to the different switches. Ive tried sharing the WiFi and Ethernet connections on the laptop. Okay, so I have updated the firmware to the latest. Storage and HID are fine. The payload is the simple ATTACKMODE RNDIS_ETHERNET. internet sharing is set on the laptop, IP address of BB is 172.16.64.1. IP address of windows side is 172.16.64.10 (have also tried 64). I have also tried disabling and enabling the lan devices as per some of the advice. I can Putty in both serial (arming mode) or SSL in on either the attack switches. When running ifconfig on the BB side, i get the expected 172.16.64.1 IP so all seems ok there. Ive set some LEDs to track the payload going through its motions but i get a red LED and no internet. Its the same for every configuration of the BB on all windows machines. This must be something so silly thats staring me in the face but for all the trees in the woods, i just cannot see it. Any help will be greatly appreciated.
  7. I am trying to stop service MsMpSvc but it dosen't seem to work. I have tried following : 1) net stop MsMpSvc 2) sc config MsMpSvc start= disabled It gives me following error : [SC] OpenService FAILED 5: Access is denied. And I do have admin privileges.
  8. Hey, i'm reading a book Metasploit The Penetration Testers Guide and in it the author mentions that in general you should not set the THREADS value in Metasploit to more than 16 on Windows machines and more than 128 on UNIX style machines. I'm just curious as to why, and also why so little on windows? Later in the book the author also uses 255 threads for a port scan. Thanks
  9. I am trying to setup wifi pineapple nano but when I get to the part with load bulletin it crashes my PC and gives me the error in this picture. Also when I try to do "firmware upgrade" to also check if it's working I get this error: "Error connecting to WiFiPineapple.com. Please check your connection." Any Help?
  10. I am trying to setup wifi pineapple nano but when I get to the part with load bulletin it crashes my PC and gives me the error in this picture. Also when I try to do "firmware upgrade" to also check if it's working I get this error: "Error connecting to WiFiPineapple.com. Please check your connection." Any Help?
  11. Install on Windows, then on Andorid

    I just received my Pineapple nano today and installed everything on my laptop running Windows. I also wanted to ensure I could use the same nano on my android when I'm mobile, but I'm running into difficulties getting the android to connect to the nano. The pineapple connector app prompts for USB tethering, which is enabled, but continually attempts to connect with no result and no installation screen...just the loading circle. Any advice or assistance would be much appreciated. I wasn't sure if its because now that the pineapple nano has been setup via the Windows environment if there is an alternative way I have to connect the pineapple to interface with other environments as well (i.e. Linux/Android). Chris
  12. https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/recon/InfoGrabber It has been a while since my script was updated so if anyone want to want to help make it more effective or make it faster it would be much appreciated :D
  13. BrowsersCreds 1.3 win7-10

    Hello, i just got my bash bunny yday, and i tried fews payloads straight after setting up languages & tools. I only managed to run, with the 1.3 firmware, the PasswordGrabber exploit with the lazaro.exe on a windows 7 computer. All others scripts claming "browsers creds" and other, are actually not working, on the 1.3. I can read that many people managed to make it work on a 1.2 or 1.1 version. If any of you, could actually tell me if this is a known problem, or tell me if you managed to run a creds grabber on a win8 or 10, with the 1.3 firmware. Thx for your answers :)
  14. At first: Sorry for my bad English, I´m german and only 14 years old. I upload an .exe file from my computer to my FTP Server with the FTP.exe(cmd). Before I did that it was working just fine. But after I downloaded it, it comes up with the following error: "The file is not compatible with your computer." Before that, it came up with another error, something like "not compatible with a 64 Bit System. I accidently asked the question on StackOverflow 2 hours ago, and some people answered that I have to active binary mode. When I do that with the "binary" command, I get an answer that the activation was successful, but it isn´t working anyways. The .exe looks identical after download, but instead of having the old icon it shows up the standard .exe icon. I do not want to use another FTP program like FileZilla or ncftp (I tried it with FileZilla, it isn´t working either, so I don´t think, that FTP.exe is the problem here. The commands I used + Output(maybe the translation isn´t correct, but I think you know what the output meant): C:\WINDOWS\system32>ftp myftpserver.com Connection to icarus.bplaced.net established. 220 Welcome to myftpserver.com, FTP server standing by ... 504 Unknown command User (myftpserver.com:(none)): user 331 Hello user, your FTP account password is required: password: password 230-Login successful, your current directory is / 230 34349 Kbytes used (3%) - authorized: 1048576 Kb ftp> binary 200 TYPE is now 8-bit binary ftp> get example.exe 200 PORT command successful 150-Connecting to port 61051 150 347.5 kbytes to download 226-File successfully transferred 226 1.648 seconds (measured here), 210.83 Kbytes per second FTP: 355794 bytes received in 1.91 seconds 186.38KB/s ftp> Thanks and greetings, c0ntriX Edit: I´m owning a 64-Bit System.
  15. WinKeylog

    Hi there, I just finished the first version of my BB keylogger. It basicly launches a powershell which keylogs to the loot folder of the BB. Features: Fast launching (thanks to USB Exfil for the one line launcher) Leaves no traces when cleanup is enabled. (Insert feature?) Link: https://github.com/Vinc0682/bashbunny-payloads/tree/master/payloads/library/phishing/WinKeylogger VincBreaker PS: I will create a push request upon positive feedback and improve the payload in the other case.
  16. mass storage attack mode question

    how does the bash bunny gain execution access in mass storage attack mode (in windows)? will it always work when windows autorun is disabled? i would love to get a detailed explanation of how it works
  17. mass storage attack mode question

    how does the bash bunny gain execution access in mass storage attack mode (in windows)? will it always work when windows autorun is disabled? i would love to get a detailed explanation of how it works
  18. Violation of CoC

    Violation of CoC
  19. Localized SMB Powershell delivery. For when USB and Web methods are disabled or too noisy. https://github.com/hak5/bashbunny-payloads/pull/172
  20. Hi, When I am trying to install the tools_installer payload the bash the green led is plain solid and windows 10 can seem to be able to install the driver for ATTACKMODE SERIAL I guess ? Did anyone manage to solve this ? I can connect to it via SSH (Serial) when in arming mode so I am not sure what is going on. I did try the automatic driver search function and google around a bit for a generic driver but I am still a bit stuck. Can anyone help ? / Albert
  21. Violation of CoC

    Violation of CoC
  22. [PAYLOAD] UnifiedRickRollWindows

    In the spirit of april fools, I ported the original UnifiedRickRoll to windows, so you can easily switch between apple and windows computers and still get the same effect. https://github.com/hak5/bashbunny-payloads/pull/139
  23. Violation of CoC

    Violation of CoC
  24. Bunny not recognised & buggy

    Hi, I just received my Bash Bunny a few days ago and I've been tinkering around with it. It seems, to me, to be quite buggy: - Windows does not recognise the RNDIS interface at all. Not on Windows 7, not on Windows 10. - On MacOS, the ethernet interface *sometimes* works, sometimes it doesn't. When it does work, *sometimes* it is possible to connect to the Bunny using, quite often, SSH doesn't start up even though FTP and other services are running. This even after a few minutes waiting. - The serial interface often conflicts with having network & storage together, resulting in nothing happening or giving only access to storage. (I did this by adding "SERIAL" to the standard payloads already on the Bunny) - Using the manuals found online for network sharing (MacOS Internet sharing through 172.16.64.64), I cannot access the internet from the Bunny, so I cannot update it. On Windows, that's entirely out of the question as Windows does not even recognise the RNDIS network device. Windows gives the following message on the RNDIS driver: The drivers for this device are not installed. (Code 28) There are no compatible drivers for this device. To find a driver for this device, click Update Driver.
  25. Violation of CoC

    Violation of CoC
×