Jump to content
Hak5 Forums

All Activity

This stream auto-updates     

  1. Today
  2. C0m80 - Challenge Released

    Reposted from https://3mrgnc3.ninja I thought some in the Hak5 forum community might like this too. C0m80 Boot2Root This is my third public Boot2Root, This one is intended to be quite difficult compared to the last two. But again, that being said, it will depend on you how hard it is :D The theme with this one is all about ‘enumeration, enumeration, enumeration’, lateral thinking, and how to “combine” vulnerabilities in order to exploit a system. Important Note Once you have an IP insert it into your attack system /etc/hosts like this: [dhcp-ip-address] C0m80.ctf This VM will probably be different to other challenges you may have come across. With C0m80 You will be required to log in locally in the VirtualBox console window at some point. This, I know, may ‘rile’ some of the purists out there that say you should be able to compromise a boot2root fully remotely over a network. I agree to that in principle, and in this case I had intended to allow vnc or xrdp access. Alas, due to compatibility problems I had to make a compromise in this area in order to get the challenge published sooner rather than later. It should be obvious at what point you need to log in. So when that time comes just pretend you are using remote desktop. ;D Sorry, I hope you can forgive me. Difficulty Rating [Difficult] Get to The Root Flag There is only one goal here. Become God on the system and read the root flag. I Hope You Enjoy It. Download https://3mrgnc3.ninja/2017/09/c0m80 Details File: C0m80_3mrgnc3-v1.0.ova OS: WondawsXP ;D VM Type: VirtualBox IP Address: DHCP Size: 2.7 GB Walkthroughs Please leave feedback and comments below. Including any info on walkthroughs anyone wishes to publish, or bugs people find in the VM Image. Good Luck & TryHarder ;D
  3. darkCharlie (stealing SSH creds)

    Hmmm , well... Waiting :P
  4. Routing issue - Multi AP to Multi VPN

    BTW, I tried to add the following try to create a second routing table for my tun0 interfaces: echo "1 vpna" >> /etc/iproute2/rt_tables echo "2 vpnb" >> /etc/iproute2/rt_tables ip rule add from 10.8.0.0/24 dev tun0 table vpna ip rule add from 10.9.0.0/24 dev tun1 table vpnb ip route add default via 10.8.0.5 dev tun0 table vpna ip route add default via 10.9.0.5 dev tun1 table vpnb
  5. If you're on mobile, might not show, but on desktop if you look at the top right of a post, you see a "follow" button. Click it. Then go to https://forums.hak5.org/discover/followed-content/ to see your followed content.
  6. I am maybe a little crazy but I am trying to forward network traffic from two differents SSID to two different vps running openvpn. Why ? Because I have two VPS and I woud like to able to browse the Internet from all my device just selecting a WiFi network. Sorry for this dirty hack ; the pineapple is a cool offensive device that I love use but I am trying to configure it as something like a smart defensive device :) Well, my setup is working well with only one wifi / tun interface. It seems impossible to work that with the two VPN at the same time (openvpn client). I don't understand why :/ I think it's not a very complicate setup I hope somebody could help me here since you're network experts. I think it's a routing issue but I am not sure. So my question is the following : - How can I forward correctly forward the network traffic from my two wifi subnets to each tun / vpn interface at the same time ? Anyone can help me to fix this please ? Below few details about my setup : To simplify this, my setup looks like : eth0 (internet link) <===== tun0 <==== wifi-A eth0 (internet link) <===== tun1 <==== wifi-B Note the following statements : 1. My openwrt device get the Internet link with the eth0 interface using DHCP 2. I created a bridge on my wlan0 interface to be able to broadcast two SSID : (wifi-a & wifi-b) 3. On wifi-a : a DHCP server is running pool 172.17.42.100-200 gw 172.18.42.1 4. On wifi-b : a DHCP server is running pool 172.18.42.100-200 gw 172.18.42.1 5. I have two VPS where I installed openvpn : PublicIP-1 & PublicIP-2 6. I run on my device two openvpn client to public-IP-1 (tun0) and to public-IP-2 (tun1) 7. Finally I nated wifi-a subnet to tun0 and wifi-b subnet to tun1 with the following iptables rules : iptables -t nat -A POSTROUTING -s 172.17.42.0/24 -o tun0 -j MASQUERADE iptables -A FORWARD -s 172.17.42.0/24 -o tun0 -j ACCEPT iptables -A FORWARD -d 172.17.42.0/24 -m state --state ESTABLISHED,RELATED -i tun0 -j ACCEPT iptables -t nat -A POSTROUTING -s 172.18.42.0/24 -o tun1 -j MASQUERADE iptables -A FORWARD -s 172.18.42.0/24 -o tun1 -j ACCEPT iptables -A FORWARD -d 172.18.42.0/24 -m state --state ESTABLISHED,RELATED -i tun1 -j ACCEPT Below my interface details : eth0 inet addr:192.168.0.10 Bcast:192.168.0.255 Mask:255.255.255.0 br-wifi-a inet addr:172.17.42.1 Bcast:172.17.42.255 Mask:255.255.255.0 br-wifi-b inet addr:172.18.42.1 Bcast:172.18.42.255 Mask:255.255.255.0 tun0 inet addr:10.8.0.6 P-t-P:10.8.0.5 Mask:255.255.255.255 tun1 inet addr:10.9.0.6 P-t-P:10.9.0.5 Mask:255.255.255.255 My route table : Destination Gateway Genmask Flags Metric Ref Use Iface default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0 10.8.0.1 10.8.0.5 255.255.255.255 UGH 0 0 0 tun0 10.8.0.5 * 255.255.255.255 UH 0 0 0 tun0 10.9.0.1 10.9.0.5 255.255.255.255 UGH 0 0 0 tun1 10.9.0.5 * 255.255.255.255 UH 0 0 0 tun1 [PublicIP-VPS-1] 192.168.0.1 255.255.255.255 UGH 0 0 0 eth0 [PublicIP-VPS-2] 192.168.0.1 255.255.255.255 UGH 0 0 0 eth0 172.17.42.0 * 255.255.255.0 U 0 0 0 br-wifiA 172.17.42.0 * 255.255.255.0 U 0 0 0 br-wifiB 172.22.42.0 * 255.255.255.0 U 0 0 0 br-lan 192.168.0.0 * 255.255.255.0 U 0 0 0 eth0 **Quick debug :** ping google.com -I tun1 PING google.fr (108.177.119.94): 56 data bytes 64 bytes from 108.177.119.94: seq=0 ttl=43 time=29.665 ms ping google.com -I tun0 PING google.fr (108.177.119.94): 56 data bytes 64 bytes from 108.177.119.94: seq=0 ttl=43 time=30.277 ms ping google.com -I eth0 PING google.fr (108.177.119.94): 56 data bytes 64 bytes from 108.177.119.94: seq=0 ttl=42 time=17.860 ms ^C Again, I think it's routing issue but I am maybe to much tired to see my mistake. Can you help me to debug this ? Thanks for your help guys,
  7. [Poll] Which Country Keyboards Need Support

    Hebrew please :D
  8. order status

    Store contact - https://hakshop.zendesk.com/hc/en-us/requests/new and generally, weekdays for responses(per their page). Shop crew is just a few people who do everything themselves, in house. They also might be at Derbycon, but I am not a member of the Hak5 crew, so I can't speak for them, just my observations. They tend to be a skeleton crew around conference time though, with many of them working at the con booth, but again, I can't speak for them. just have to wait till you hear back from them. You should get a ticket # and an email(hopefully) after your info is sent, so if you don't see anything, check your spam settings.
  9. General TETRA Discussion

    Trying to use Tetra on a System76 laptop running Ubuntu 16.04 LTS Ive downloaded the update software using Chrome version 59.0.3071.115 and Im trying to connect to my Pineapple using 17.16.42.1:1471 and I keep getting a timed out error message, any idea what could be the issue. I do not have a firewall and my proxy is turned off.
  10. WarBox

    Thanks for the explanation, will use Google now :)
  11. Using a balloon as an antenna?

    My plan was to strap a phone to a weather balloon and call it and listen for the ring .
  12. Using a balloon as an antenna?

    My last question was answered so well I thought I throw another one at you guys. Has anyone used a balloon for receiving radio signals? (4g, wifi, tv or whatever else) i moved and now live behind a ridge, the AT&T tower is a stubby piece of crap like maybe 40 ft tall and can't go beyond the ridge. i bought a 4g booster/repeater and I figured the best way I could test it would be a balloon, before I put up a tower. if anyone has tried this with something similar I would be very interested to hear what type of balloon and any tricks you have. thank you
  13. RT @ebuka_akara: On a scale of 1-10, how important is Jollof rice in a party? #ThePartyThatCounts https://t.co/F40RxEEtI6

  14. Association Issue

    This Module will help you get where you want but you'll have to manually install it.
  15. Often I’ll see a pertinent post and I wish I could star or favorite that post to come back to later. Not really interested in creating a folder in my bookmark manager. I primarily use a mobile device for web browsing and if the feature already exists, just not applicable to mobile devices; Is there a way to be served up the desktop site?
  16. mwan3 installation failed

    Hey Guys, I need to install the packages mwan3 and luci-app-mwan3 to be able to manage a multi WAN configuration with my pineapple. Do you know how I can fix / bypass this opkg error ? of course I did a opkg update before to try to install this package Any idea / suggestions ?
  17. I liked a @YouTube video https://t.co/7FGDL093Fx Bash Bunny Primer - Hak5 2225

  18. order status

    What is the correct contact for the store? The The How can they get their reply?
  19. order status

    I contacted the customer service in the store, but did not reply Orders have not been processed
  20. order status

    #1 - Forums, are not customer service. Shop isn't going to see this, generally. #2 - Patience. #3 - Contact through the store if after a week or so nothing comes to you. Wait for a response. They do respond and reply on a first come first serve basis, but don't jump the gun. Give it time.
  21. order status

    My order for three consecutive days did not ship, please promptly to deal with Order number: 117275
  22. Association Issue

    That makes sense... So PineAP's association feature would only work with an open wifi network? Is it possible to supply a password for a target SSID in order to spoof it?
  23. Association Issue

    The pineapple will not work if your using your home routers ap as with PineAp. Your home router has a password and the pineapple takes advantage of you having saved open APs on your devices and it says " hey im that openap, connect to me" . So long story short, I won't replicate a password protected AP without a password.
  24. Samsung note5 hacking the pin password

    I see , my laptop has also been hacked , that was a terrible experience , i can't control my computer because they changed the login password.
  25. Question for Darren Kitchen

    darren @ hak5.org
  1. Load more activity
×