Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation since 05/17/2021 in all areas

  1. It's not yours. Don't bypass company security unless you want to get fired.
    3 points
  2. Glad to hear you solved it. I will update the docs page at some point to mention the type of certificate you are dealing with.
    2 points
  3. The product is a complete one. Perhaps if you added some actual information to your post, I'd be able to get an understanding of why you had issues connecting to the internet, but since you didn't I'll address the other points in your post instead. This is more than likely because you are either outright not connected to the WiFi Pineapple, or because your IP settings are configured incorrectly. The netmask is pre-populated for you in Windows' connection editor, and in NetworkManager on linux, but because it's a 172.16.0.0 network, it's 255.255.0.0. The default gateway is not a required entry. I really disagree that it's difficult to setup. But I'm happy to hear what exact changes you would like to see to make it easier. Why is the IP address weird? It's a standardised range for a private network, as described in RFC1918. There is absolutely nothing "weird" about it. Regardless of that, details about the IP Address of the device are included in the docs in written and video form. Setup instructions are also included on the card that comes inside every box. Like many other companies, we are also suffering the effects of a global chip shortage. Yes, it will come. In the meantime, you can view our documentation for what adaptors have support, and check the beta thread for support that is coming soon to a stable build.
    2 points
  4. The idea isn't bad at all. However, as the supply of components is a global problem at the moment, I guess that Hak5 can't make any promises and therefore they don't want to put any dates up or set up any preorder process. It would just disappoint potential customers even more. And we should all remember that Hak5 isn't Apple. In fact, small companies like Hak5 is last in queue as the big giants fight to get hold of components. Perhaps (if I was Hak5) I would put some text up in the shop about the situation, i.e. "Sadly we can't specify when items will be back in stock due to the current situation of global shortage of components" (-ish...) As I understand it, they not only want to get products back in stock, but also badly want to release new products. Something that is sadly not possible at the moment because of reasons mentioned.
    2 points
  5. Just implement the relevant parts of what the wp6.sh script does when it comes to ipv4 forwarding, iptables and route (i.e. make sure it happens on every boot). Or... why not let the Nano be the "main player" and let the Nano connect to the WiFi AP and establish a reverse way into it, then let the RPi connect to the Nano as a client. You still have access to both the Nano and the RPi and can most likely do whatever you have planned for the RPi (with the WiFi NIC of the RPi free to use). Possible to connect the Nano to a C2 instance as well for remote access.
    2 points
  6. @Digital Gangster hi there fellow DG member, thx for the reply! i ultimately decided against it, i can do everything i need to with a Raspberry Pi and Kali for the most part ps. DG4L
    2 points
  7. If things haven't changed recently, it should work. Not using the Nano that much anymore, but I did some stuff with mine some weeks ago and I experienced no problems at that time. Are you sure you have internet access from the Nano? Try to ping some IP address and domain name on the internet from the Nano and verify that it's connected. The Nano itself is end of life, so speaking in such terms the "project" is no more. That doesn't mean that things stop to work abruptly though. It's still alive, it just doesn't "get money from mom and dad" anymore.
    1 point
  8. Um, what? Modules are separate from the product.
    1 point
  9. What happens if you set Promiscuous Mode to Allow All for the VM network adapter that is bridged?
    1 point
  10. Keep the conspiracy theories to a minimum, thanks. I'm also not sure which loading screen you mean specifically. Can you be more specific?
    1 point
  11. I agree its a difficult system to setup and I support your rant for this issue -- my issue I had to press the everliving shit out of that button. /24 is 99% of the time used and yes the documentation is less then awesome y'all should put up a wiki and let customers fix this for you
    1 point
  12. I hate the button with a passion. The only thing about the Pineapple I don't love.
    1 point
  13. I haven't had any reason to try to make any changes port wise when using https for my C2 instance (the only thing running on that VPS, no "conflicts") so I can't be 100% sure. But since you can't seem to get it working, I would go with the other option instead and, as you say, make changes to the OpenVPN AS instead.
    1 point
  14. Well, if you read the output when running the c2 executable without parameters, it says: -listenport string Port of the HTTP server (default "8080") -https Enable https (requires ports 80 and 443) so, "listenport" is for http if interpreting the exact words used and, https "requires" 443
    1 point
  15. Yeah Na. Smells fishery. Plus it's not your device / network.
    1 point
  16. Hello, We just pushed Beta 2 to the beta channel! You can catch the changes in the change log in the original post, all new additions/changes start with NEW. Thanks!
    1 point
  17. You can't, and this is unrelated to the WiFi Pineapple. I suggest you contact your local police regarding any blackmail, etc, as you describe.
    1 point
  18. Hi mskar, To determine if it's an issue on the Pineapple side vs the server side, you could check /tmp/ on the device for the cc-error-log.txt file. If that exists, please share it here and I'll be happy to take a look.
    1 point
  19. The driver is unstable, and sometimes not very good. This is the fault of Realtek, nobody else. It's packaged in the OpenWRT opkg feeds, so if you are interested in trying it regardless of my warning, nobody is stopping you.
    1 point
  20. I ran the wireless setup on a unit myself earlier today, everything worked fine. Make sure you're actually pressing the button hard/deep enough.
    1 point
  21. Unfortunately, I have to agree. When designing the Mark 7, we spent a lot of time making the module creation process as close as possible to the previous, if not slightly easier, while also adding new capabilities to the product. But it seems that the age of community written modules is over (?). As I've said in the Discord, I'm working on writing requested modules that community members have asked for, but it saddens me to see that a majority of users simply ask for "more modules", but most don't have an idea of what they would actually like to see. I believe the original topic of this thread has run it's course, so I'll be locking it. You can find more discussion in the other forum threads, or feel free to create one if you feel.
    1 point
  22. Hello, Make sure both of you try the Firmware Recovery method to try a factory reset first. If not, please make a support ticket. Thanks
    1 point
  23. As is written on the same page, you need to press the button on the front of the unit.
    1 point
  24. Please keep the forum threads on topic and constructive, thanks. This seems like you're doing either one of two things: 1) Simply not pressing the button in deep enough. Make sure to press it firmly, past the audible click. 2) You're attempting to setup over WiFi but you're no longer connected to it.
    1 point
  25. Exactly. Device should work out of the box. Hak5 is sending out bricks. Get your money back.
    1 point
  26. from what I have seen and heard they are having a hard time with inventory due to shortage all over and that has been the delay for 5ghz and the enterprise MK7
    1 point
  27. Just look at the error messages in one of your posted screenshots. It's pretty obvious what I would try 1st in order to solve the issues. I would follow the instructions in the Hak5 article and put http:// in front of the IP addresses in the script. Now it thinks that those are local paths, hence complaining about not finding the files under C:\Windows\System32, as the error messages say.
    1 point
  28. I have to say, now that I have finally found the correct 5Ghz adapter to work in the pineappple, combined with this update this thing is finally coming into it's own. I only wish that the pineapple would have had the 5Ghz adapter built in instead of needing to have an external adapter/device.
    1 point
  29. https://forums.hak5.org/forum/56-usb-rubber-ducky/ That is where you ask about that.
    1 point
  30. Any device that can emulate/simulate a keyboard, such as the Rubber Ducky, should be possible to use to automate it. There's a Hak5 video (or a series of 3 really) about brute forcing the screen lock pin on Android devices (not valid on newer variants though) that probably can be re-used.
    1 point
  31. Just to be sure, is it possible for you to only use one interface at a time and either make sure you get network access using the USB-C cable only, or power the Mk7 using something else than the PC (some power source that produces at least 2A) and then connect using WiFi alone?
    1 point
  32. I reckon they have a reason for the denial; ask them for it and should they persist stick to the rules of your company As Rkiver said; its not yours
    1 point
  33. Try the following on the Croc: apt update apt install p11-kit trust anchor /etc/ssl/certs/cert.crt If getting an error like "no configured writable location to store anchors", then import the cert manually by copying the certificate (crt) file to /usr/local/share/ca-certificates Then execute: update-ca-certificates The Croc should show in C2 without need of doing any additional actions (such as reboot, etc.)
    1 point
  34. Just managed to get a stable and persistent reverse shell, from real Windows 10 to virtualized Kali 2021.1, in about just 1 or 2 minutes. And without putting so much effort. You have to study, experiment and try and try and try... Read code written by others, try it after you have understand what it does, apply it to your needs. I used to try my BB on two different machines, one was really slow, so even though on the other one was all running fine, on this one there was no way to get anything useful. Every command was simply out of phase, trying to write directly on the desktop, because it was taking something like three minutes only to open cmd.exe (I'm not joking, that pc had experienced more of 10 years of stress). If you're looking for a magical hacking tool that you set one time and "pwn 'em all" I'm sorry to disappoint you. These devices are built to get repeatedly modified.
    1 point
  35. Payload Library for Web UI/SSH (Unofficial Patch) This (unofficial) Patch provides the Official SharkJack Web UI with a additional Tab on the Web UI (http://172.16.24.1/) to maintain your payloads on the Device itself rather than relying on a PC to switch to your prior used payloads. I personally figured since the SharkJack has not received any Love in over a year, I'd give it a little attention. Since it was missing a Payload Management System on the device (That is accessible via Web UI), I decided to make one. I attempted to "copy" the original style of the original Web UI. - Taking the POST methods and programming style of the previous developer to try to bring features without "adding" dependencies to the SharkJack. I have also included a Patcher for both Windows Machines and Unix/Mac's (Utilizing the current sharkjack.sh tool from Hak5 - Kudos Devs) to make this feature available to everyone. Enjoy! Features: Backup your current Payload to the Library. Download any Payload in the Library. Restore any Payload in the Library. Delete any Payload in the Library. Adds "library" command to SharkJack. - Allows ALL the same features as the WebUI Library Tab and is CROSS-COMPATIABLE! Example Screenshot of the Library via WebUI: Screenshot of Library ("library" command) via SSH: What is needed to Install: Sharkjack with 1.1.0 firmware or higher installed. Ethernet Port on Local Machine to connect the SharkJack. Administrator/Root user on Local Machine. How to Install: Head to https://github.com/InfoSecREDD/sj-webui-patch/releases Download the most current release (.zip or .tar.gz). Unzip the downloaded file to a location of your choice. Connect your SharkJack in ARMING MODE to the Ethernet Port on your local machine. Run the appropriate Patcher for your OS. (Windows: patcher-win.cmd, Linux/Mac: patcher-linux.sh) Select "1" on the menu and follow the Patcher's Instructions. Once Patcher is finished, Head to the SharkJack Web UI to verify it has been installed. (http://172.16.24.1/) Enjoy! How to Remove: (If already downloaded & unzipped. Skip to Step #4) Head to https://github.com/InfoSecREDD/sj-webui-patch/releases Download the most current release (.zip or .tar.gz). Unzip the downloaded file to a location of your choice. Connect your SharkJack in ARMING MODE to the Ethernet Port on your local machine. Run the appropriate Patcher for your OS. (Windows: patcher-win.cmd, Linux/Mac: patcher-linux.sh) Select "2" on the menu and follow the Patcher's Instructions. Once Patcher is finished, Head to the SharkJack Web UI to verify it has been removed. (http://172.16.24.1/) (Your Payloads will remain saved on the device under /root/library/ - We don't want to delete your payloads without your confirmation.) How to use the Web UI Library: Connect the SharkJack in ARMING MODE to the Ethernet Port on your Local Machine. Open up your Browser of choice (Chrome, Firefox, Brave, Opera, Edge (🤮), etc) and go to "http://172.16.24.1/". Navigate to the "Library" tab on the Top Menu. Input your desired Payload Name in the Backup input field box and click the "BACKUP" button. Click "Ok" on the Window Alert. The Page will instantly refresh. (At this point you can choose to "Restore", "Download", and "Delete" that payload.) Enjoy! How to use the Terminal Extension: Connect the SharkJack in ARMING MODE to the Ethernet Port on your Local Machine. Open up your SSH Client of choice (PuTTy, Linux Terminal, PowerShell/CMD(if OpenSSH Client (Beta) Feature is installed on Windows 10)) and connect to 172.16.24.1 with your credentials. Type "library" and hit [Enter] in the shell and follow the prompted Menu. Enjoy! Known Issues: Payload Tab - Payload text that includes certain special characters do not translate in POST Method. (SharkJack 1.1.0 - 1.0.1 WebUI Issue.) This issue has nothing to do with this patcher or project. (See workaround below) Payload Tab - Payload text that exceeds certain character limit stalls and does not post payload content to correct location. (SharkJack 1.1.0 - 1.0.1 WebUI Issue.) This issue has nothing to do with this patcher or project. (See workaround below) Workaround for Payload Tab Issues: Connect to SharkJack via SSH and use SCP to transfer payloads to "/root/payload/payload.sh". It will appear in the "Payload Tab" and you'll be able to backup/restore the payload using the Library Tab. If using a SFTP Client, make sure your Text Editor is formatted for "UNIX Style Formatting" otherwise you will end up with "^M", etc, after each line. - Then transfer the appropriate Payload to "/root/payload/payload.sh". It will appear in the "Payload Tab" and you'll be able to backup/restore the payload using the Library Tab. Source GitHub Repo: https://github.com/InfoSecREDD/sj-webui-patch Patch.sh Source: https://github.com/InfoSecREDD/sj-webui-patch/blob/main/patch.sh Payload Library Source: https://github.com/InfoSecREDD/sj-webui-patch/blob/main/patch/library.sh Patcher-Win Source: https://github.com/InfoSecREDD/sj-webui-patch/blob/main/patcher-win.cmd Patcher-Linux Source: https://github.com/InfoSecREDD/sj-webui-patch/blob/main/patcher-linux.sh Payload Library Shell Extension: https://github.com/InfoSecREDD/sj-webui-patch/blob/main/patch/library
    1 point
  36. I've been running ffmpeg on the Crab for a while now. Streaming to Twitch and via a stream server of my own (C2 is out of scope since I can't get under the hood). Streaming a local file from the Crab isn't any problem. The challenge for me now is to get hold of the HDMI output and stream it using ffmpeg. I've been "successful" in using screenrecord and pipe that output to ffmpeg and further on to the stream server. It's not that "live" though, more of a static image. I need to get hold of the actual "hardware" output though, but the only devices I can find are fb or v4l2 based and the output is "nada". The lack of a package manager (as you mention) is challenging when it comes to adding software to the Crab. I don't consider wget to be a package installer though, and nothing else is available as I've found up until now. I think Darren mentioned that apt was possible in some other thread, but that isn't valid for my Crab at least (or I have failed to find it). As you say, it runs Android 6.0.1 and the hardware components are similar to some "Smart TV boxes" on the market. OpenWrt is also part of the spec, but not in the "usual" implementation of that OS. Other than ffmpeg, I'm running a web server on the Crab (when needed, most often to transfer files from the Crab instead of using the SD card) and also an alternative editor since it's easier to work with than using vi (that is possible to execute using busybox). My most recent challenge is to get an ssh server running but I'm not done there yet, either Dropbear or a plain OpenSSH daemon. Edit: I should add though (when speaking of package managers) that it is totally possible to sideload apk's and install them on the Crab using adb and the adb daemon, but sadly of little use since Android apps (for obvious reasons) 99 times out of 100 (not scientifically verified) are GUI based.
    1 point
  37. Actually, no. We didn't just "truly EOL the device from functioning" at all. Yesterday there was a service outage that lasted a few hours, which has been resolved for hours now. Both bulletins and modules are functioning as expected on the NANO and TETRA.
    1 point
  38. That generation (Tetra and Nano) is end of life and not supported anymore (no updates). However, that doesn't mean that it will not work. It will not automatically stop doing its job just because it's EOL. The reason why you can curl wifipineapple.com is because the domain still exists but being redirected to the shop. Not sure exactly what part of wifipineapple.com that is requested to talk back when it comes to bulletins, but it's most likely changed due to the fact that the use of the domain and the wiki is deprecated and you should use the Hak5 Docs instead. If not successful getting the modules, I guess you can manually clone/copy them from the Git repo and add them to the Tetra.
    1 point
  39. OK, try it and see what happens. The reason I asked about your environment/network is if you can use some other network and/or client devices to see if it acts the same. Just to rule out any possible problems with certain devices. There are situations when it seems as if the Pineapple is the problem, but after some troubleshooting other things are actually causing the issues.
    1 point
  40. Some time ago I had modified part of the NANO panel looking to have some extra functionalities. This is my public version of that project 😁 https://github.com/xchwarze/wifi-pineapple-panel Changes The following functionalities are modified looking for a better user experience General: Compress PNG images (size -55K) Compress SVG images (size -7K) Update Bootstrap to 3.4.1 (size +2K) Fix mobile view Add Chevron icon to accordions (size +1K) Change notification time from 6000 to 20000 (decrease RPM from 10 to 3) Project minification (Optional: use packer tools) Recon: Code refactor in module.php Add results counter in titles with badges Fix column alignment Clients: Add loading indicator Change default text logic PineAP: Configure used monitor interface (pineapd pineap_interface) Configure used source interface (pineapd source_mac grabber) Show pineapd service errors Logging: Fire data loading on open accordion Add PineAP Logs loading indicator Save filters in cookies Network: Add wireless config editor Setup: Fix character bad used
    1 point
  41. I made a simple video for those interested. EDIT: I will update this video a.s.a.p.
    1 point
  42. I can see you're disappointed. I want to understand your frustration so we can do better. I put a lot into this product and feel that it's the best WiFi Pineapple yet -- both in terms of the hardware and software, and want the experience to be the best it can. I'll see to addressing your concerns: - Packet injection does indeed work on all 3 interfaces. You can test this with the aireplay-ng -9 command. - Gathering WPA2 handshakes is a passive process and does not require packet injection. Handshake capture does indeed work. - We have a highly documented module API and went as far as to commission modules for launch by one of the communities best developers. If there is a specific module you want, please let us know and we will put resources behind that. - The support for this device has not changed from the last generations of WiFi Pineapple, and you will find us responsive and helpful on the forums, in our Discord, and if you reach out to open a ticket. - I believe the videos I've published should get you started with a good understanding of the basics. Otherwise, I'm confident that the user interface is intuitive enough to figure out -- but if there is a specific concern you have please share it, maybe it'll make for a good video topic. - Greed? We're make *less* on each WiFi Pineapple generation than the one before because we *increase* the hardware capabilities, not to mention the non-recoverable engineering and software development costs. Over 7 generations now, with each new version, we've added physical radios, increased the CPU power, increased the RAM, increased the storage, refined the UI -- and we've never increased the price. In short, you get out what you put in. Which is to say that if you constructively bring specific criticism it may be addressed thoughtfully, and you will find us very receptive to making the product and your experience with it better. But broad, emotional, "pretty useless" strokes don't lend to addressing your concerns.
    1 point
  43. Yeah same here, defo would love to find a fix to it!
    1 point
  44. If you insert the USB Rubber Ducky, then it should not show up in the Explorer. But, if you remove the SD card from the USB Rubber Ducky, insert the SD card into an SD card reader and then plug the SD card reader into a PC, it will show up in the Explorer.
    1 point
  45. Dude really? i have fond a few gaps in the online documentation, but have to push back real hard on the support side. I had a simple problem and got a response back in 24 hours from Daren himself. Not only that, he continued to provide support and valid links for as long as i needed him to. Granted it was a response about every 24 hours, but i really can't ask for more since it was the creator directly emailing me. My other thought is that you said "and the every time you encounter a problem it leads you to a solution that leads to another problem." and i say to you, Welcome to programming 😉
    1 point
  46. Xavius, still baffled, says " So you're saying you terminate employees for suggesting that someone gets a basic foundation of networking and OS usage, prior to setting up a web server that's specific for C2? I'm curious, what exactly was so bad about what I wrote? Was it not kind enough? 🙂 " Xavius, you went straight to the Rude and didn't offer any kind of help or suggestion. Being rude to clients is a great way to not have any clients. The fact that escapes you says volumes. Poor leadership leads to poor morale. Being rude and dismissive to colleagues is a great way to sewer morale in the work environment. I've had as many as 100 technicians and engineers of varying skill levels working with me. If someone is willing to learn, and is coachable, I'll spend as much time as is needed to get them up to speed. I expect the same thing from ALL of my engineers as well. Your attitude is your best asset or worst liability. When someone is Neither trainable or coachable and is dismissive and rude to Clients and/or co workers? You're Gone like Pizza on Friday Sport!
    1 point
  47. Im almost finished a themes module for those still interested!
    1 point
  48. It's more simpel then you think. At the XLink of your Robot is an USB Port. That's all you need. Just go there an connect a keyboard. Then you can open a terminal. Ther is allredy VNC Insalled you just need to chage it from view only. Thats it.
    1 point
  49. Yes it connects to 172.16.42.1 through ping. I can't connect to the wifi interface, if you mean the one that's suppose to appear after signing in to 172.16.42.1:1741 in a browser. Just a update: The amber "Searching for upgrade files." indicator has started. Would flashing again from a downloaded link, not from the 2G SD card, fix a bug?
    1 point
×
×
  • Create New...