Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 10/16/2019 in all areas

  1. 2 points
    Hi, Yes that is arguably the best approach, also you can screen grab and make notes so that you can always refer to them later..... Hope this helps 😎
  2. 2 points
    It's understandable how recent issues caused by the firmware updates would make someone feel like that is a reasonable idea. But in practice it is not. As for the issue with the wifi pineapple, it is not really at the fault of Hak5. As discussed by @Foxtrot, other users, and myself the problem is community modules that are in need of updates to be compatible with 2.6.x firmware. These modules are made by third party users and must be maintained by them to continue working over time as firmware updates are released. As for some of the newer devices you can expect some issues as bugs are being worked out of the firmware/payloads. Community (third party) modules and payloads are not part of what you are buying but should be viewed as bonus of owning the device. On the business side of things it would be a very messy process for practice and books. It is not fair to users paying new price to receive refurbished products. Then the problem of how much to pay to satisfy the previous owner as well as handling shipping of devices back. And when it comes to the books, I feel sorry for the person that has to keep it all square. The simple answer is someone not wanting to own the device anymore should sell it privately. Some of this is just my opinion. The best thing moving forward is an active community to further the functionality of devices!
  3. 2 points
    If so why not just use wireshark and look for the traffic from TeamViewer?
  4. 2 points
    I'm not trying to be vague. I simply don't want to be hold responsible for people bricking their devices. Download/transfer the IPK-file from my repo to your Pineapple. SSH/SCP/wget, whatever works best for you. SSH to the Pineapple and run the command below within the same directory you downloaded/transferred the file to. opkg update ; opkg install sslsplit_0.5.5-1_mips_24kc.ipk -d sd There's no prerequisites, except having an active internet connection on the Pineapple while installing. This is not a part of the official module which you can download on the Pineapple, but you should be able to use the module with this package. When i get time, i'll create a fork of the official Module, so that people not experienced with this stuff can use it to setup everything via the Module GUI.
  5. 2 points
    Sorry, but if anyone feels that the above explanation doesn't give enough information i suggest you don't try to install this. I really don't want to be responsible for anyone destroying their Pineapple by doing something wrong in the terminal. Perhaps take some time, and get to know the device, and linux, a bit better before attempting it. :) <3
  6. 2 points
    hey guys thank you all very much for the pointers i will work my way through the sites along with my training
  7. 1 point
    The Lan Turtle has an ethernet connection on it so if plugged in to a network it has network by default so initiating a VPN from it is trivial unless router is blocking it. The BashBunny does not have a network connection unless the host it is connected to it is sharing its network with it which is done manually and usually not straight forward on all OSes...like MacOS. You will need to initiate sharing and then have an openvpn client on the BB with the vpn profile. So, if you get network sharing going on the host... Get openvpn client installed on Bunny.... Then I see possibility. Only other way is to install a vpn client on the host and initiate connection from it and use host as vpn client. Of course you need admin rights and you will be installing software on the victim this way.
  8. 1 point
    Try doing a factory reset: https://docs.hak5.org/hc/en-us/articles/360010555853-Factory-Reset Then do the initial config for the pineapple. Follow this guide to connect via SSH: https://docs.hak5.org/hc/en-us/articles/360010471514-Secure-Shell I would try connecting with a connection to the pineapple using ETH port. If that doesn't work for some reason post back and can try a few other things.
  9. 1 point
    If she has done it properly then you won't be able to get proof. If you are worried about her continuing to do it, get yourself a non-smartphone and use that for a while. It's the safest way.
  10. 1 point
    Yes it has. Go to the shop and buy yourself a new one then don't allow her access.
  11. 1 point
    We're aware of the issue and will be releasing an update with ACMEv2 soon. Account creation should work again today. Let's Encrypt is doing 24 hour brownouts to call attention to the upgrade. In the meantime either wait the 24 hours for the v1 service to come back online, or provide your own keys using the appropriate command line parameters.
  12. 1 point
    Correct. STRING simply states to treat the file as standard ASCII so it can be viewed in the Cloud C2 web UI. Otherwise it's treated as a binary. The SOURCE is indeed just a tag - which is helpful when managing loot from multiple payloads. No problem on the example payload - I really enjoy writing these and hope they're useful for others looking to implement these features.
  13. 1 point
    If your phone support a USB Ethernet dongle, you can exfiltrate data via the web UI from your phone. I'm sure many other methods - like SMB as you mentioned - would work similarly. The USB-C port is only for charging. Interestingly, you can use your phone to charge the Shark Jack. Select "Connected device" from USB controlled by on the USB Preferences menu.
  14. 1 point
    Yeah, I was thinking the same thing. Especially since desktops have that Ethernet port behind them. I want to try to upload a keylogger via shark jack (and pastebin). Is any of this possible with shark jack alone
  15. 1 point
    Hey everyone, Recently I have seen a lot of questions in regards to installing tools on the Bash Bunny. This post will contain a list of .deb files published by Hak5. Please see our wiki for installation instructions. If you would like to suggest a tool to be published, please reply to this thread. All other posts will be removed. Impacket Responder Gohttp Metasploit-Framework (Requires firmware 1.6 or above). Disclaimer: Hak5 is not responsible for these tools. They are 3rd party packages and have not been checked for stability or security. Hak5 simply packages these tools for easy installation.
  16. 1 point
    Personally I have Lenovo t520, someone mentioned SSD drive, I have 2 same exact models, one SATA and one SSD. I use SATA for Kali dedicated, and SSD I have Win 10, and VM with Parrot. So far, it is nice to have dedicated T520 for Kali. I never thought I would put stickers on things, but just got tetra last week and ordered nano today, now my kali laptop has hak5 sticklers all over it! Sadly, I tried to root my Samsung Tablet as it had no tethering capabilities for the nano, it is bricked - now I will breakdown and spend $$ on probably used tablet with tethering capabilities for nano. Definitely nice if you have extra $$ get separate laptop. I bought signal booster from Hak5 also, have Yagi antenna on tri-pod (really awesome), 3 different external wifi adapters useful in Kali for pen-testing. I have always thought of myself as a minimalist, but now all this equipment I have and am getting is insane. I love the tetra, getting used to it, and nano will be awesome. I think the coolest part is the community - i saw some idiot had written an article regarding tetra and software support - blah blah - in the end he had no idea how to get into linux and pen test is my take, the Linux foundation also has free intro courses I am taking that!
  17. 1 point
    Seems Recon ( under 2.6.2) is now not showing live updates during scan, but is writing to file - I was guided by to this solution. That's better than nothing.
  18. 1 point
    I just recorded a video tutorial on installing this to your Pineapple. I'll be posting it when i'm done editing it. :)
  19. 1 point
    I just bought ralink-mt7601u from china and i was cheap so i tried it with my linux computers it didnt work but with windows it works.?????????+
  20. 1 point
    It is our product, of course we think it is the best!
  21. 1 point
    I'd also ask what is "mid budget"? Being a full time tester who uses my machine every day, my budget is probably a lot more than that of someone just starting out or still in university.
  22. 1 point
    Idk about the shark jack. Newer isn't better. I mean, the bb is a ethernet adapter, keyboard, mass storage all at once. Just think about what you want to do and then choose the right one. Maybe the right one is the rubber ducky, idk what you want to do with those tools. Just think about what you want to do before buying it. (im not saying the shark jack is bad)
  23. 1 point
    Thanks! PR accepted πŸ™‚ I will note that this payload overwrites the nameserver in the /etc/resolv.conf file to 1.1.1.1. If I were to recommend any change - it would be to make that configurable in the variables at the top of the payload. Otherwise, fantastic work - and I'll see if we can't get some of those dependencies baked into the next official release so it's even easier to use out of the box.
  24. 1 point
    Welcome to the forums! The Combo Kit includes two accessory packs - the USB-C Essentials Kit and the Ethernet Essentials Kit - as well as the Hak5 Essential Gear Wrap. In total it looks like: Shark Jack UCB-C Essentials Kit 4 inch Type C to Type C USB cable Type C female to Type A male adapter Type C female to Micro B male adapter Ethernet Essentials USB Ethernet Adapter (ASIX chipset) Retractable Ethernet cable Hak5 Essential Gear Wrap I'll post some detailed photos when I get back to the office on Monday.
  25. 1 point
    What's not working for you? Everything related to Hak5 on the Pineapple works perfectly for me. Community modules needs to be updated by their authors to keep up with changes to the firmware.
  26. 1 point
    Hi, One setup runs on Mac/Ubuntu on bootable usb, and this does the trick as it provides the best of both worlds. How old is your Mac? Have you upgraded to Catalina yet? Depending on the age of your Mac, using Catalina could let you dual screen giving you greater viewing split screen versatility and that is about the only good thing that I can see on that Mac version at the moment. It is meant to give you the easy access to more Apps, but it starts looking like Android IMO πŸ€“
  27. 1 point
    As Zylla said, with the release of the 2.6.0 firmware the C library implementation is musl, in the past it was uClibc. Looks like you just downloaded a package for the wrong version. Glad you got it installed :)
  28. 1 point
    Glad the issue got solved. πŸ™‚
  29. 1 point
    If you are going to post HUGE F-ning posts. Use spoiler tags.
  30. 1 point
    Sounds like a nice build. I have done several headless builds using a tablet, phone, laptop for control. Just did the build with display for the idea of it. I have done a lot of testing with the alfa cards and what you can power without issues. As long as you have a stable 2 amp supply it will run two AWUS036NH adapters without issues. The biggest thing to not is actual power consumption of alfa adapters are much lower than TX ratings as this is based on EIRP. Mixed results with three, seems to just depend on the load collectively for all three. Six adapters is possible with a USB hub but under full load it results in slow Ethernet as they are tied together on the chipset. I am currently working on a build that I plan to post soon with the odroid ux4 (started the build before pi 4 was easily available). It is very stable under high USB loads especially with powered hubs.
  31. 1 point
    Ubuntu is great. I have duall bootted laptop with windows. whts the problem. Ill try to help. Linux distro of chose btw.
  32. 1 point
  33. 1 point
    Ouch, a pretty tough question. Here's my 2C on that. I can see why H5 wont go for it, for one. It isn't the makers problem if the users / customers have a hard time getting it to work. They provide a hardware platform with a modified OS nothing else. They do provide docs, and try do do support as promised, which is cool. But again. When it comes to getting exploits / scripts to work, thats on "us". It can be a veery bad thing for the buttom line in your books to offer a "Buy back" solution. When do you decide when to buy back ?, from who do you decide to buy back, in what condition ? I have a few things from H5, usually the things I cant get somewhere else, or what suits my projects. I agree they are expensive, but then again, custom gear always is. What matters for me is, I can get a skeleton hardware platform, and a starter OS made for pentesting. If I had to do it myself, starting from scratch, I would be so much more expensive in time and much more frustrating. This is what I pay for, when I buy custom. In that way, H5 haven't failed me one bit. If i have the patience and skills to make it work, it does. As I see it, that's what matters :) Okay, that's my 2C. Beatings welcome (as long as they're verbal ) :D /Kent
  34. 1 point
    +1 to that. Seemed to coincide with the Oakland move.
  35. 1 point
    Give us your use case for this, what are you attacking?
  36. 1 point
    you can get wugs toolkit and get any version released. Or a custum one one xda. Ive found only an otg cable will work on my nexus 5's a y cable wont. No idea why should be opisit. Like my 7's only a y will work
  37. 1 point
    Try to do a firmware recovery first: https://docs.hak5.org/hc/en-us/articles/360010471774-Firmware-Recovery This will take you to version 2.4.1. Do the initial setup and see how the core modules included work. If you want to go further than that do a manual upgrade to version 2.5.4 following this process: https://docs.hak5.org/hc/en-us/articles/360025819673-Manual-Firmware-Installation Be sure to reformat your SD card as well before starting so no old data on the card causes issues (this has been reported to happen with other users). If you are on a 2.6.x firmware version then you will have issues with modules as most are waiting on updates to be compatible with the latest firmware. This is due to the update from OpenWRT 15.x to 19.x in firmware 2.6.x requiring updates to stay work.
  38. 1 point
    Why not just use the business's firewall? 99.99% of them have that capability.
  39. 1 point
    As a newbie, it might help you to search the forum, as it is packed with great advice and guidance. You can also go to the HAK5 website for more details. Here is a link for some useful docs https://docs.hak5.org/hc/en-us Hope this helps you buddy and happy learning..........
  40. 1 point
    +1 for this. Just got mine and trying to upgrade using 2 different flash drives formatted NTFS and EXT4 by two different computers (Windows and Kali/gparted) all failed. (followed directions and verified sha256sum after copy to drive, tried 2.0, 3.0, and 3.1 firmware files) Put a drive in a used "reformat_usb", upgrade to 2.0 worked first time, then upgrade to 3.0 worked first time. Seems like the device is particular about something about the filesystem. If others are having trouble (just boots into arming mode, seemingly ignoring the upgrade file on the flash drive), try this method.
  41. 1 point
    thanks for the reply but I just managed to figured out a solution -- I created it as a service, here's the steps: sudo vi /lib/systemd/system/hak5c2.service ------------ [Unit] Description=Hak5 Cloud C2 Server After=multi-user.target [Service] Type=idle ExecStart=/usr/local/bin/c2_community-linux-armv7 -https -hostname [hostname] -db /var/hak5c2/c2.db [Install] WantedBy=multi-user.target ---------- sudo chmod 644 /lib/systemd/system/hak5c2.service sudo systemctl daemon-reload sudo systemctl enable hak5c2.service systemctl start hak5c2.service // OR // sudo reboot
  42. 1 point
    Hi madvideos, Just seen your bit on downloading it......excellent idea buddy. That way I can watch it on anytime I feel like updating my knowledge. Btw, I too have a 'stash folder' ☺️ Cheers 😎
  43. 1 point
    I miss this app on windows. When I was running macOS. https://hisham.hm/htop/index.php
  44. 1 point
    Xavious! Thanks for all your help and useful input. Those of us with mind reading skills really enjoy your insights. In 31 years of IT and Network administration I've known many folks like yourself. Fired every single one of them. X:\Downloads\c2-1.1.1_community\c2_community-windows-64.exe -hostname 10.0.0.1 -listenport 80 Where -hostname can equal your gateway on your network or an actual URL. _listenport for browser in this case If all goes well you should see something like this: X:\Users\You>X:\Downloads\c2-1.1.1_community\c2_community-windows-64.exe -hostname 10.0.0.1 -listenport 80 [*] Initializing Hak5 Cloud C2 [*] Initial setup detected. Setup token: UXXX-MXXX-CXXX-BXXX [*] Running Hak5 Cloud C2 Go to your browser and type "localhost" without quotes, follow the prompts to register and login. You'll need the Setup token and the license key to complete the process. Hope this helps
  45. 1 point
    @spencer6524@gmail.cpm format the drive via the packet squirrel's "reformat_usb" command, then move the upgrade file & try again. I ran into the same issue and this fixed it.
  46. 1 point
    Couldn't you just use any of the VPS free-tier offers? And just ssh-relay to a box at home? then again, digital ocean's smallest droplet is $5/month and might save you the hassle.
  47. 1 point
    It's actually not time based but post based. 5+ posts and you are good :)
  48. 1 point
    For anyone who finds this thread later, the icon showed up today. If you have the same problem just wait a day and try again. I hope this helps someone.
  49. 1 point
  50. 1 point
    @Amsterman, I'm in the same boat. I never could get my 3g dongle to work on my nano. It works fine on the mkv. Then again, the mkv had a mobile connection setup in it.
×
×
  • Create New...