Jump to content


Popular Content

Showing content with the highest reputation since 07/09/2020 in all areas

  1. 4 points
  2. 4 points
    That sort of behavior will not be tolerated. User has been banned.
  3. 2 points
    And if they wont redirect it, you could have a little fun with them by buying an outdoor electric heating pad and leave it on your property, and turn it on an off at random, at all hours of the night. After a while they won't want it pointed at your property anymore.
  4. 2 points
  5. 2 points
    maybe first update your firmware
  6. 2 points
    Funny thing about this forum is ths None sketchy Site.
  7. 2 points
    If you don't own the systems then what you are requesting is illegal and so we can't help with that.
  8. 2 points
    The only problem with devices like the ones Hak5 sell is that you're expected to know what you're doing with them. They're aimed at professionals, yes some of the payloads and modules don't work but these aren't Hak5's remit, the Pineapple for example you bought the hardware and the firmware i.e. Pine AP & Recon Mode they work perfectly out of the box. Anything else is community developed and it's up to the developers to keep those up to date or it's up to you as a professional who knows what they're doing to get it working. What these products are NOT is plug and play hacking devices. There's no such thing. If there was a device that you could power up and pwn a network with it would be patched by the time it went into production / manufacturing. Hak5 tools are just that - TOOLS, you wouldn't buy a hammer and then get pissed because it didn't build you a house. The criteria is it's hard on the end and you can use it to hit things. 99.9% of Hak5's products do exactly that, yes Darren and the gang will show you some cool demos of payloads but these are only working at the time of the video tutorials etc. if things change in this industry (as they tend to do every minute of every hour of every day!) then they can't be expected to keep on top of that stuff with a one off product fee. They'd have to create a whole ecosystem and have some sort of reoccurring revenue to fund that kind of operation. Think about it logically from a business point of view and you'll see it's just not feasible. Yes some of the products don't always work quite so well with their basic features (See SD card woes and the Pineapple, IMO that should be worked on as a priority until its fixed because it's a product feature that should have been working when the product was released) but they're usually worked on and fixed shortly after release. Their base functionality is what you're buying. How you struggled with C2 cloud I've no idea. It's the easiest thing in the world to setup, execute it with -hostname -https and -db and it's just done, if you had problems I imagine they're due to things like nat loopback and you being local to your C2 server or your linux dist has apache installed by default and its snatched port 80 (so C2 wont start). But Hak5 can't teach you the fundamentals of networking and hosting your own web service etc. that's not their job. TL:DR Payloads and modules are not supported, warrantied or even guaranteed implied or otherwise by Hak5. They're third party bits of code and you can't get mad at Hak5 over them.
  9. 2 points
    You know to a point I do feel your pain. I myself have had some pains with Hak5 over the years. But I guess the question really becomes, what did you expect, and what are you aiming for? A $5 rpi zero can do everything the duck can do. Does it look as good as the duck? No. Is it as easy to program as the duck? Big No. But then again why are you buying a duck if you don't at least know some programming? The idea of the Hak5 tools were never meant to be plug in play. I think they started going in that direction because we as humans have gotten to that point of expecting things to just work. But a true hacker would never expect that, nor want that. For me, I got these to mess around with and they have all worked flawlessly. Maybe not painlessly at first. But they all worked. And I've learned so much from them over the years. Because of them I've learned to make a $5 rpi act like a duck. Or a $15 micro router act like a packet squirrel or lan turtle. The whole point of these hak5 tools are to help you to learn. So what would you like to learn about today?
  10. 1 point
    Can you send a screenshot of the password screen? BIOS info isn't battery backed any more and some of the settings, like requiring a password, can't be cleared with a reset as they are designed to lock the machine down regardless of what happens to it.
  11. 1 point
    I even went so far as to modify the script that runs when I push the button underneath my Nano, to shutdown the device instead of rebooting it. The button is much more useful to me that way.
  12. 1 point
    The downloads for the tetra is here. https://downloads.hak5.org/pineapple/tetra And how to upgrade the firmware is here. https://docs.hak5.org/hc/en-us/articles/360010555293-Upgrading-the-firmware
  13. 1 point
    I wish I had read this blog post before buying this: https://medium.com/@dephekt/a-review-of-the-pineapple-tetra-and-hak5-7198a98d8990 It acts just like a dummy router, except fort the initial recon module nothing really works as expected 😞. I'm using the latest V4.7x firmware and I just bought this last week, spent the whole of my weekend reading the wiki, did everything as mentioned, factory resets, changed configurations etc but nothing makes it work as advertised on their website. Totally bad and useless product for Wifi Pentesting.
  14. 1 point
    You have to be creative. I would use have-a-heart traps to capture jack rabbits, prairie dogs, ground hogs etc. and set them loose.
  15. 1 point
    I would of handed it back to the company. Plus this is ethical hacking forum as well..
  16. 1 point
    Personally, I have had similar issues if the Pineapple wasn’t shutdown properly before disconnecting the power. The file system on the device and/or on the MicroSD card gets corrupted otherwise.
  17. 1 point
    @DangerAnt I agree, I think once they get the time and inclination the base OS will be much better. The real issue is the 3rd paryy modules no longer getting worked on. It sucks but I get it, life happens.
  18. 1 point
    Do you ever write something constructive? I've looked through all your posts and I haven't seen even one "normal" post that describes the issue. I'm starting to think that you don't even want your issues get fixed, you just complain and complain. If you really want help, I'd recommend the discord server.
  19. 1 point
    Well, I don't feel like going through the many, many posts and comments relating to the issues related to 2.7. If you want to see what I am referring to, please do as I did and start with the 2.7 release thread and scroll through. Then, search 2.7 and see the remaining issues posted. I am not the first to have issues or complaints regarding this firmware update. I am not new to the Pineapple, it's use cases, or the modules. I have been utilizing the Pineapple since it's original incarnation when they first started implementing Jasager. I'm not mentioning this as a brag, only to demonstrate that my concerns are not those of a first time user. One of the issues I have had is Evil Portal freezing the system in 2.7. Newbi3 has already seen my post about that. My other issues are around the modules not really being maintained after 2.5.4. I understand that is a third party dev issue, but a lot of the draw to the Pineapple is some of the outstanding work done by these devs. I use my Pineapple for more than just PineAP and Recon. I have looked for solutions to the problems myself and many others have. There are none as development has not been consistent. I understand there are greater things going on in the world that is impacting dev, which is why I am not harping on the devs. I didn't ask for anyone to unhose 2.7, I asked if anyone knows of a firmware release that is stable will all options working at the same time. So I offer to you, re-read my post, notice the question as well as some of the examples I cited for my complaints, and investigate the other issues the community has for 2.7. If you have any actual insight, I welcome it. If you only have unhelpful commentary to the structure of my post/question, keep it to yourself.
  20. 1 point
    I'm a long-time fan of the pineapple hardware and love all the variants but if I had a wish, I'd "really" like to see a hardware upgrade to the Nano that supports 802.11/a, ac, or ax Lugging around the Tetra is fine but having a smaller form-factor device like the Nano would be high on my wish list. Darren 🙂 Anyway, thanks again for making my life a bit easier and please keep them coming.
  21. 1 point
    Please keep discussions public, that way we can make sure things stay fair, legal, nothing bad happens, and no one gets taken advantage of.
  22. 1 point
    Here's a couple examples. Command Copy file from remote host to local host. scp [user]@[host]:[path] [path] Copy file from local host to remote host. scp [path] [user]@[host]:[path] Copy file from remote host to remote host. scp [user]@[host]:[path] [user]@<host>:<path> Example Running the command (remote to local). scp user@ /path/to/save.txt Running the command (local to remote). scp /file/to/copy.txt user@ Running the command (remote to remote). scp user@ user@987.65.43.21:/path/to/save.txt
  23. 1 point
    I'm hoping this is also their website, but I can't be certain. The SHA256 hash matches the listed hash on the downloads.hak5.org site https://www.wifipineapple.com/downloads/nano/2.7.0
  24. 1 point
    What a dumb desicion. You could've sent it to me instead of wasting it, I'd pay for it....
  25. 1 point
    Here is a possible suggestion https://www.bioennopower.com/collections/12v-series-lifepo4-batteries/products/12v-3ah-lfp-battery-black-w-pvc-pack These batteries are used in Amateur Radio. My question for Darren is whether the Tetra can take 14 volts which is what these batteries do when fresh. The battery will produce better than 12 volts for its entire ampere hour rating. They also can function for thousands of fully discharge cycles, effectively lasting forever. Modifying the cable from the wall wart with anderson power poles (or some other DC connector) would also be needed.
  26. 1 point
    As Digininja allready said, run along kid, we can't help you 🙂 Seriously though. You say it's a remote system, not in your possession ?, do you have written consent to attack it, can we see it ? If not, you're comiting a crime, stop it, right now, and go do something else, something more constructive for society. Try helping out at the local homeless shelter for a while, donate to the homeless ?
  27. 1 point
    As it is not in your possession then it is probably illegal to be attacking it, in which case, we can't help.
  28. 1 point
    Hey guys, I want to say thanks for the participation, and Aaron, I got your message to head on over here and your SD card mystery might actually have some common ground in solving in relation to my 3G SIM module add-on. Take a look at the regular LAN Turtle of mine (see URL link) and you will notice on 'page 4' that depicts the bottom side image of the LAN Turtle near the top-right corner is what appears to be a serial (UART) which has 4-copper pinouts. Granted, my observation from comparing images of other LAN Turtle 3G types shows a 3G SIM module affixed to its 'top side'. This makes me wonder if the UART pinouts traverse the board (i.e., has soldered points that protrude through the mainboard to those 4-pinout (UART) connections, OR I also noticed a 2-pinout copper connection points near the top right corner of the mainboard (e.g., top side) near the 'top-right' corner which could possibly be another serial connection point. Either way, as long as the mainboard architecture has NOT been modified between the different LAN Turtle variants then X-MIGHT-MEAN-THE-SPOT. My intention is to diagnose/test both pinout connection on each side of the mainboard. In theory, the UART is capable of handling most serial communications which is optimal for both serial based connections, which of course, an SD card uses a similar serial-based protocol called, "SPI". Anyway, we should continue working together and comparing notes given our similar interest to modify the LAN Turtle. https://1drv.ms/b/s!Am25WKmcETlhhq8ZJzsy-yM9B5ymkQ?e=tc10Ig
  29. 1 point
    I don't know if this will be any use to anyone but. i create a poc to demonstrate sending the a status/progress of a powershell script to the bunny. The ps only send number 1,2 (3or4) & 5 with sleeps in between. And the bunny just changes it's LED depending on the number. when it get a 5 it quack the command to closes the powershell windows. #!/bin/bash trap "kill 0" EXIT LED SETUP ATTACKMODE RNDIS_ETHERNET HID GET SWITCH_POSITION GET HOST_IP cd /root/udisk/payloads/$SWITCH_POSITION/ FILE=data.txt #Clear old commands if [ -f "$FILE" ]; then cat /dev/null > "$FILE" fi LED SPECIAL # Set up an echo command to right to file. # using echo as nc only finish writing when the connection closes. CMD="while true; do read i && echo \$i >> $FILE ; done" # set nc to run in its own process nc -lvn -p 8080 -c "$CMD" & # give nc time to start sleep 1 # set the last command to empty last=""; LED ATTACK Q DELAY 200 RUN WIN "powershell" Q DELAY 100 # Create a connect object Q STRING "\$client = New-Object System.Net.Sockets.TcpClient;" Q DELAY 100 # set the host and port and connect to nc Q STRING "\$client.Connect(\"$HOST_IP\",8080);" Q DELAY 100 # create a stream for that connection Q STRING "\$stream = new-object System.IO.StreamWriter \$client.GetStream();" Q DELAY 100 # get powershell to sleep Q STRING "Start-Sleep -Seconds 3;" Q DELAY 100 # the 1 the the stream Q STRING "\$stream.WriteLine(\"1\");" Q DELAY 100 # push this over to nc Q STRING "\$stream.Flush();" Q DELAY 100 Q STRING "Start-Sleep -Seconds 3;" Q DELAY 100 Q STRING "\$stream.WriteLine(\"2\");" Q DELAY 100 Q STRING "\$stream.Flush();" Q DELAY 100 Q STRING "Start-Sleep -Seconds 3;" Q DELAY 200 # Send a 3 or 4 Q STRING "\$stream.WriteLine((3+(Get-Random -Maximum 2)).ToString());" Q DELAY 100 Q STRING "\$stream.Flush();" Q DELAY 100 Q STRING "Start-Sleep -Seconds 3;" Q DELAY 100 Q STRING "\$stream.WriteLine(\"5\");" Q DELAY 100 Q STRING "\$stream.Flush();" Q DELAY 100 #Close connection Q STRING "\$client.Close();" Q DELAY 100 Q ENTER LED SPECIAL # forever loop while : do # get the last line of the file removing line feeds (10) and carriage returns (13) curr=$(tail -1 "$FILE" | tr -d '\r\n') #curr=$(tail -1 "$FILE" | sed -e 's/[\r\n]//g') # see if the last command is different to the curr command if [ "$last" != "$curr" ] ; then # set the last to the current command last="$curr" # go to the section based on the command # most just change led color and rate on flashing. case $curr in 1) LED STAGE1;; 2) LED SPECIAL2;; 3) LED STAGE3;; 4) LED STAGE4;; 5) LED SPECIAL5 Q DELAY 100 # close powershell Q STRING "exit" Q ENTER break;; esac fi done LED FINISH sleep 1 The powershell is all on different lines just to make it easy to read. As i said don't know if this will of any uses to anyone but it may you never know may spark an idea in someone else
  30. 1 point
    None. If a VPN is free, you are the product. They are selling your information or something else.
  31. 1 point
    Hello, There is partial support for this. You can set the SSID, and yes the MAC address, for the Pineapple, but you can't set an encryption key for anything except the management interface at this time. It is possible to do this from a command shell, but not from the Web GUI. The developers have said this feature is coming in the near future. One potential problem, however - with 2 "routers" having the same SSID and MAC addresses would confuse clients, as they wouldn't know one from the other. This might not seem to be an issue, except that both would likely be dishing out different DHCP leases. It might work, if you turn off your router at the same time as you put up your Pineapple. Just make sure you have some other internet uplink...
  32. 1 point
    Please post current /etc/wpa_supplicant.conf! Please post ifconfig output! Do you stille have the ^M inside the quotations? This is my /etc/wpa_supplicant.conf: network={ ssid="Monday" psk="10Erhatxyzklmnhoecker!20" priority=1 } Do not configure wifi in config.txt! Make sure to have unix-style file endings in your conf file! Read here! How do you create config.txt? With Windows? Try Linux or use Notepad++ with Unix line endings.
  33. 1 point
    Certain products are not let be shipped to Israel due to international laws and laws within Israel itself.
  34. 1 point
    You do realise your request is very creepy? i suggest you get help!
  35. 1 point
    Ok, so with regard to the built-in reader on the NANO - almost everyone is having issues there - myself included. They might not have much to say, since it has been discussed soooooo many times on these here forums. I always say -- it doesn't hurt to ask. The worst case is they ignore you. Again.
  36. 1 point
    Hello, and welcome to the user-to-user forums here at Hak5. First off, two big disclaimers: 1. Obviously, you're going to void your warranty if you try to modify your device yourself. 2. I haven't yet ordered a LAN Turtle - that is next on my list of hak5 gear. TBH, it's also probably the last item on my list, as I have already bought the other items I want. As such, my info presented below is my supposing, and not in any way definite or concrete. That said, here we go! To the best of my knowledge, the original LAN Turtle, LAN Turtle 3G and LAN Turtle SD all use the same main board. From an engineering standpoint, this just makes sense. I would fully expect the 3G add-on board and the SD add-on board to be interchangeable. Just designing one main board, with a common expansion connector (or solder points) just makes things easier all-around. I am aware that Hak5 replaced the earlier design that had a integrated USB Male port, with one that features a pig tail. I don't have sufficient info, but I don't imagine that this is related to the transition from the original model to the SD model. The USB connector change could have been (and I expect it was) to fix an engineering oversight - to take the extra weight/torque off of the computer's USB port. Although the early models probably aren't terribly heavy, they're long and bulky enough that it wouldn't take much more to snap off the USB connector. At this point, you're probably saying "thats all great, but it doesn't answer my question". As for that, my apologies. I tend to get a bit carried away. If it were me, I would contact hak5 support and verify first if it can be done with the model you have, and second if they could just sell you the add-on board. The devs at hak5 know their own product better than anyone else - they designed them! Also, if you obtain and correctly attach their pre-designed board, you won't need to worry about device drivers, as they'll already be onboard in the stock firmware. I hope that some of this helps. P.S.: For what its worth, it should be fairly trivial to add your own pig-tail on the USB port - it sounds like you know what you're doing. Just desolder the existing USB, and add the cable in the length you want.
  37. 1 point
    Dude really? i have fond a few gaps in the online documentation, but have to push back real hard on the support side. I had a simple problem and got a response back in 24 hours from Daren himself. Not only that, he continued to provide support and valid links for as long as i needed him to. Granted it was a response about every 24 hours, but i really can't ask for more since it was the creator directly emailing me. My other thought is that you said "and the every time you encounter a problem it leads you to a solution that leads to another problem." and i say to you, Welcome to programming 😉
  38. 1 point
    I looked at arduinpcap etc but I thought I read somewhere in the docs that they can't capture a partial or full handshake. Don't forget that a PCAP isn't always a handshake, can just be packets as far as I'm aware. Might be wrong. I do think some guys have managed to get the Pi Zero wifi adaptor working in permisc mode so you could still look at that (not trying to put a downer on your project, just trying to help! as i'd be keen to build whatever you build too, esp or otherwise! I've got loads of the little fudgers all over the house haha)
  39. 1 point
    You can do this with Client mode on the Nano out of the box got to Networking > Client mode > Select interface you want to use to connect the wifi network > Scan > Select your desired Network > Connect. Then use the management AP as your Hotspot AP
  40. 1 point
    I agree with all of you here. This product is much over hyped and it is frustrating to say the least. I bought this a few days back and I wished I had read all the feedback before I purchased it. I wished I had read this blog post about how the Wifi Pineapple is a total sham https://medium.com/@dephekt/a-review-of-the-pineapple-tetra-and-hak5-7198a98d8990 I hope the community realizes that hak5 is just swindling people their money with this bullshit product. I paid this out of my own pocket and I cant use this on any engagement. Feeling dejected and frustrated. Shame on you Hak5 for this lousy Wifi Pineapple Tetra product.
  41. 1 point
    Hey Nashie, If you haven't set your service to run constantly (through systemD, etc) every time you exit the terminal, or exit the service will terminate. Please set up your service through systemD. -VB
  42. 1 point
    Once you are connected to the AP, you can access the other connected devices. In an real-life Pen test, for example, someone within a particular company would hire you to conduct a cyber attack on the company. There would be certain criteria given, such as certain machines being off-limits, or perhaps you are given a specific attack or task to perform, etc. Anyhow, in order to prove that you have accomplished the assigned task, you often retrieve data specific the the machine or machines in question, such as specific files stored there, or a list of passwords stored therein, etc. To be honest, I’ve never done a real Pen test, so my understanding of what goes on in one is limited. A tool such as nmap can be used to scan the network for attached devices. Before I go any further, I want to point-out and remind everyone, that running these kinds of tests, even for “educational purposes” is illegal if you perform them on someone else’s equipment without permission of someone who owns, manages, or maintains said equipment, and has the authority to give such permission. Lastly, as I tried to to say earlier, where you go next depends on your ultimate destination. I understand that you don’t have a destination yet, but rather are expressing curiosity as to the possibilities. I’m just saying, if you want more specific answers, it helps to ask more specific questions... 🤪
  43. 1 point
    I had an issue whereby the payload.txt would not run - the device would power on, go through set up then the LED would go out. I could boot into arming mode and couldn't see wtf I was doing wrong. chmod a+x payload.txt It was obvious really but this fixed it. I only got the thing today and only loaded files using scp / ssh I haven't tried via USB yet so I presume that method adds the execute permission to the payload file. either way it works now - hope this helps :)
  44. 1 point
    Just a short guide 🙂 I did this in windows 10. INSTALLATION: step 1 ) first update firmware! Format an usb to be either FAT32(win) or EXT4(linux) and download the latest firmware. Put it onto the usb, as the only file there. step 2 ) put the usb in the second usb port and wait 5-10 minutes step 3 ) if the LED has begun to slowly blink, you are done. Press the button on the back to go into "Arming mode" PAYLOADS: step 4 ) in "Arming Mode" we can connect to the Signal owl, check your wifi and owl_xxxx(last 4 mac address, should be in the network) step 5 ) download PuTTY and PuTTy psftp.exe step 6 ) after installation of PuTTY psftp, open the exe file. In command line write: open, login in as root, password is hak5owl step 7 ) go to /payload/. TO add files there you need to write in command line: put and the drag and drop the textfile you want to upload to the signal owl syntax example = COMMANDLINE >>put "C:\users\user\desktop\payload.txt" hit enter and you have uploadet the file! step 8 ) as far as i know, there can only be one text file named "payload.txt". So if you want more payload, you have to rename the inactive ones. fx. like:"payload_bitcoinhacking.txt" then rename it to payload.txt when you want to use it. But signal owl can only have one active file. step 9 ) good luck! and have fun. You can use normal putty to SSH access the signal owl and run program like aircrack-ng or nmap from there 🙂 I hope this can give some answers.:)
  45. 1 point
  46. 1 point
    Idk_man, a USB WiFi adapter won't help them do what they're wanting to do. From what I am seeing, they are having trouble getting clients (i.e. laptops, phones, tablets, etc.) to connect to the open network created by the Pineapple. The USB device you mention only helps them connect their Pineapple to their router to get an Internet uplink. I know you mean well, but recommending folks buy products they don't need is only going to frustrate & discourage them.
  47. 1 point
    Yes it has. Go to the shop and buy yourself a new one then don't allow her access.
  48. 1 point
    Just a dumb dumb question. Learn the basics of networking first. This isn’t The Net. Lol.
  49. 1 point
    /dev/sda means that you dont have any partitions on the drive and you are viewing the entire drive. 1. Create partition fdisk /dev/sda 2. Now you have to type n to create new partition and then type p for making a primary partition and e for making an extended or logical partition. 3. Run w command to write the changes and reboot your system. 4. Create the file system mkfs.ext4 /dev/sda1 5. Record the UUID that is returned from the previous step 6. Update config mount section of the fstab or do it from ssh. nano /etc/config/fstab Example: Replace "[PASTE UUID HERE]" with the UUID you copied from step 4. config global option anon_swap '0' option anon_mount '0' option auto_swap '1' option auto_mount '1' option delay_root '5' option check_fs '0' config mount option target '/sd' option device '/dev/sda1' option uuid '[PASTE UUID HERE]' option fstype 'auto' option options 'rw,sync' option enabled '1' 7. Save the fstab file and exit Ctrl+o, to Write the file Click Enter, to confirm filename Ctrl+x, to exit nano 8. Reboot reboot 9. Login to UI, navigate to Advanced and verify that you now see /dev/sda1
  50. 1 point
    Xavious! Thanks for all your help and useful input. Those of us with mind reading skills really enjoy your insights. In 31 years of IT and Network administration I've known many folks like yourself. Fired every single one of them. X:\Downloads\c2-1.1.1_community\c2_community-windows-64.exe -hostname -listenport 80 Where -hostname can equal your gateway on your network or an actual URL. _listenport for browser in this case If all goes well you should see something like this: X:\Users\You>X:\Downloads\c2-1.1.1_community\c2_community-windows-64.exe -hostname -listenport 80 [*] Initializing Hak5 Cloud C2 [*] Initial setup detected. Setup token: UXXX-MXXX-CXXX-BXXX [*] Running Hak5 Cloud C2 Go to your browser and type "localhost" without quotes, follow the prompts to register and login. You'll need the Setup token and the license key to complete the process. Hope this helps
  • Create New...