All Activity

I should add to what I said that the Ducky doesn't "make you admin" because of some magic being used. It does what a keyboard does, nothing else (and a storage device if that mode is used). Just to make that clear.

Well, perhaps start by looking at some of the payloads on GitHub that "elevates" the current user to admin (assuming it has admin permissions to start with) and execute from a PowerShell window.

i haven't tried running any code yet as ive just looked around online searching to see if anyone has a payload already premade. Im fairly new to this so im kinda a bot when it comes to writing the code.

As the title says. Should be fun todo a recon mode better by showing all the proberequest a macadress has made. I know you can se them in the log but not grouped. Someone please do that.

Yes, but just saying you haven't had any luck doesn't add much context to it all. So, the question remains: Any payload code that you have actually tried? What does that payload code look like?

Trying to get it to run on windows 10/11 i haven't had any luck with it as the admin is hardest to get by.

What is the target OS? What have you tried this far?

Hi Guys. What are some ways I can get more rang out of my MK7? I live in a old 2 story house and having trouble getting to my router or anything downstairs. I can't really move the router either, my girlfriend insists on keeping close to the entertainment center lol. Any help is much appreciated.

Hello, Im trying to make a payload that can run a executable as admin as soon as i plug it in. Can someone assist me. Thank you

I have no idea what a "sautr" is, but you probably have a gen2 Ducky if you just got it and there shouldn't be anything blocking the Micro SD card slot on the gen1 Ducky in the way that the USB-C connector mounting blocks the Micro SD card slot on the gen2. Bringing an 11 year old thread to life isn't most likely relevant in this case either.

I think i have the r1 but it wont come out because there is a sautr blocking the sd card from being removed

If yes,how much?

Are you still selling?

Just go to https://payloadstudio.hak5.org/community/

Hi Thank you for your answer and sorry for answering late but I didn't have the permission to write for the moment. When I ho to the link https://docs.hak5.org/payload-studio to use the community edition, it asks for inscription and subscription (not free) Any solution? Thank you very much

I bet you're not going to get any help with that

I want use it a keyloger it is posible on a iPhone X sorry my englisch is Not so good

How can help me use the omg cabel to Look what my whife Write on iPhone and Internet please help me

The best way is most often related to why you want stronger signal and more range. What's the use case? And, the best way to get questions answered about the MK7 is to post them in the MK7 section of the forums, not in the section for the Mark IV.

Whats the best way of getting more range with of the MK7

What anti malware software are you using?

What product was detecting it as malware and did it provide any information of why it was detecting it? The text below is from a quite recent post by the Hak5 head dev of Cloud C2 "Question: "C2 cloud download from hak5 says it has malware" Answer: **TLDR; its a false positive. CloudC2 contains no malware nor anything malicious. ** This is an unfortunately (and ironically) a side affect of providing our software in an *easily accessible zip for all architectures*. This arbitrary determination by random AV scanners is unfortunate and **nearly impossible to combat.** AV detection is a game of "if my AV detects it and yours doesn't, mine is better" so even false positives spread like wildfire. Understandably because in the case something is actually malicious this protects more users quicker (something we can all appreciate). So what nuance are these AV companies missing in their determination of Cloud C2? Architecturally Cloud C2 is designed to** only communicate with Hak5 devices**; there is no way to even abuse Cloud C2 to provide access to even the host its running on. The executables don't even communicate with the host machine they run on -- this is both by design and for your privacy and security; *Cloud C2 is effectively a sandbox*. We expressly provide the sha256sum of the archive, and within the archive a list of sha256sums of each individual binary so that you can be sure they haven't been intercepted or tampered with. Each binary is built and tested by us in house from the same codebase and then provided to the user via our own hand built infrastructure so that you can be sure no one is able to alter the software nor track you. **In even more detail:** The combination of features Cloud C2 provides, from a *blindly heuristic perspective*, has just fooled many scanners into** false positive**; looking to naive data models that it "could be used maliciously" due to the fact that it: - requires a token and a license key to access; providing security and ensuring you're the only one who can complete the setup process - contains a self contained web server that can communicate in a custom protocol scanners have never heard of and don't understand (expressly so that your Hak5 devices are secure when using Cloud C2) - supports https and uses aes256 to communicate with Hak5 devices, making traffic uninspectable - contains a ssh server so you can remotely shell in (only) to your registered devices with a single click - supports one click OTA updates as a self updating binary - contains a cross platform compatible database architecture - contains a fully built-in web ui (which would appear as an embedded file system) - supports user accounts with fully configurable role based access control for your data security - supports full audit level internal logging of requests made to your server and actions taken by your server users **All with zero external dependencies packaged into a single executable.** The **only communication Cloud C2 server makes**: - directly with your Hak5 devices you've explicitly registered with your server, - to validate the license and only the license information."

Went to download the zip file from https://downloads.hak5.org/cloudc2 and it was flagged as malware. Can I get some confirmation as to why it was, thank you,

Just send an email to the address from which the order confirmation was sent. It has worked for me when I've had reasons to have questions about my orders (which hasn't been many btw over the years). I guess you are the same one that posted on Discord about that error. The USB (onboard) hub is probably broken which doesn't make it possible to access the USB mounted radios (and when saying USB, I don't refer to any of the physical USB ports on the Pineapple, but a USB hub that you can't use like a regular hub since it's onboard connecting the onboard 7601 based radios that you seem to have issues with). Also, make sure that the Pineapple gets enough power. I seem to remember that there has been situations when an underpowered Pineapple has shown such error. Use a power source that is guaranteed to be able to deliver 2A and that the cable used is rated for at least 2A as well (using the cable that came with the Pineapple is a good start). If these requirements have been met, and it still show those errors, then it's likely that the mentioned USB hub is bad.

I am totally bummed I cant find a solution to the (UCI unable to set Country to Radio 1 error), tried all the forums. the sad part is I had to wait 45 days for them to ship and then the ship time, 😞 so dissappointed, I cant seem to get any response to my tickets. 😞