Jump to content

Leaderboard

  1. Rkiver

    Rkiver

    Dedicated Members


    • Points

      5

    • Content Count

      1,187


  2. Cap_Sig

    Cap_Sig

    Dedicated Members


    • Points

      4

    • Content Count

      546


  3. Jtyle6

    Jtyle6

    Active Members


    • Points

      4

    • Content Count

      433


  4. spywill

    spywill

    Active Members


    • Points

      3

    • Content Count

      61



Popular Content

Showing content with the highest reputation since 06/15/2020 in Posts

  1. 2 points
    This would require a microcontroller if you plan on protecting it from system wipes. You would basically need a stand alone low jack. The next issue you will face is interfacing the built in WiFi adapter to the system for sending data. There are some things out there similar to this but are something usually the manufacture has be installed/setup that the owner activates.
  2. 1 point
    Hi to all, I've bought this device for pentesting and learning. I'm quite a newbie about that kind of hardware..but it seems that the actual Windows Defender of 1903 Windows Edition prevent every kind of payload working. Is that true? I've tried quite 50 payloads. With a System with Defender on it not starts at all. I've also flashed the Ducky with Twin Ducky...it seems that is worse..it takes sometimes to analyze the usb and sometimes finds the inject.bin and remove it. All payload with "gmail send" are not working because of authentication, every payload with password grabbing are not working because Nirsoft removed command line text export for security purposes...so this is a useless expensive usb key and nothing more? Now, my question: It's really possibile outside Mister Robot series using that device in a real environment? Because I've invested about 20 hours on it and i don't find a way to make it really have a real use if the system is protected..but i've spent aout 90$ in my country for buying it. If somenone has been able to make it works i will be glad to know. Thank You.
  3. 1 point
    The only problem with devices like the ones Hak5 sell is that you're expected to know what you're doing with them. They're aimed at professionals, yes some of the payloads and modules don't work but these aren't Hak5's remit, the Pineapple for example you bought the hardware and the firmware i.e. Pine AP & Recon Mode they work perfectly out of the box. Anything else is community developed and it's up to the developers to keep those up to date or it's up to you as a professional who knows what they're doing to get it working. What these products are NOT is plug and play hacking devices. There's no such thing. If there was a device that you could power up and pwn a network with it would be patched by the time it went into production / manufacturing. Hak5 tools are just that - TOOLS, you wouldn't buy a hammer and then get pissed because it didn't build you a house. The criteria is it's hard on the end and you can use it to hit things. 99.9% of Hak5's products do exactly that, yes Darren and the gang will show you some cool demos of payloads but these are only working at the time of the video tutorials etc. if things change in this industry (as they tend to do every minute of every hour of every day!) then they can't be expected to keep on top of that stuff with a one off product fee. They'd have to create a whole ecosystem and have some sort of reoccurring revenue to fund that kind of operation. Think about it logically from a business point of view and you'll see it's just not feasible. Yes some of the products don't always work quite so well with their basic features (See SD card woes and the Pineapple, IMO that should be worked on as a priority until its fixed because it's a product feature that should have been working when the product was released) but they're usually worked on and fixed shortly after release. Their base functionality is what you're buying. How you struggled with C2 cloud I've no idea. It's the easiest thing in the world to setup, execute it with -hostname -https and -db and it's just done, if you had problems I imagine they're due to things like nat loopback and you being local to your C2 server or your linux dist has apache installed by default and its snatched port 80 (so C2 wont start). But Hak5 can't teach you the fundamentals of networking and hosting your own web service etc. that's not their job. TL:DR Payloads and modules are not supported, warrantied or even guaranteed implied or otherwise by Hak5. They're third party bits of code and you can't get mad at Hak5 over them.
  4. 1 point
    There are posts on the forum that states that there are ideas about getting non-Hak5-devices, such as the Raspberry Pi, connected to Cloud C2. Those posts were back in late 2018 though, but I guess there's a lot of stuff going on in the "Hak5 factory" that occupies valuable dev resources. Most likely not a top priority compared to the management of the Hak5 ecosystem, but totally possible to happen I guess. In the meantime, a Raspberry Pi can still exfiltrate loot to Cloud C2 if using Hak5 devices as "loot shippers". It is possible to use at least the LAN Turtle, Packet Squirrel and WiFi Pineapple for such purposes. Collect the loot desired using the Raspberry Pi, ship the loot to the Hak5 device and then let the Hak5 device upload the loot to Cloud C2. I have made example bash code available for both the Raspberry Pi and different Hak5 devices on my GitHub. https://github.com/chrizree/LootShipper
  5. 1 point
    Certain products are not let be shipped to Israel due to international laws and laws within Israel itself.
  6. 1 point
    You do realise your request is very creepy? i suggest you get help!
  7. 1 point
    Ok, so with regard to the built-in reader on the NANO - almost everyone is having issues there - myself included. They might not have much to say, since it has been discussed soooooo many times on these here forums. I always say -- it doesn't hurt to ask. The worst case is they ignore you. Again.
  8. 1 point
    Hello, and welcome to the user-to-user forums here at Hak5. First off, two big disclaimers: 1. Obviously, you're going to void your warranty if you try to modify your device yourself. 2. I haven't yet ordered a LAN Turtle - that is next on my list of hak5 gear. TBH, it's also probably the last item on my list, as I have already bought the other items I want. As such, my info presented below is my supposing, and not in any way definite or concrete. That said, here we go! To the best of my knowledge, the original LAN Turtle, LAN Turtle 3G and LAN Turtle SD all use the same main board. From an engineering standpoint, this just makes sense. I would fully expect the 3G add-on board and the SD add-on board to be interchangeable. Just designing one main board, with a common expansion connector (or solder points) just makes things easier all-around. I am aware that Hak5 replaced the earlier design that had a integrated USB Male port, with one that features a pig tail. I don't have sufficient info, but I don't imagine that this is related to the transition from the original model to the SD model. The USB connector change could have been (and I expect it was) to fix an engineering oversight - to take the extra weight/torque off of the computer's USB port. Although the early models probably aren't terribly heavy, they're long and bulky enough that it wouldn't take much more to snap off the USB connector. At this point, you're probably saying "thats all great, but it doesn't answer my question". As for that, my apologies. I tend to get a bit carried away. If it were me, I would contact hak5 support and verify first if it can be done with the model you have, and second if they could just sell you the add-on board. The devs at hak5 know their own product better than anyone else - they designed them! Also, if you obtain and correctly attach their pre-designed board, you won't need to worry about device drivers, as they'll already be onboard in the stock firmware. I hope that some of this helps. P.S.: For what its worth, it should be fairly trivial to add your own pig-tail on the USB port - it sounds like you know what you're doing. Just desolder the existing USB, and add the cable in the length you want.
  9. 1 point
    You know to a point I do feel your pain. I myself have had some pains with Hak5 over the years. But I guess the question really becomes, what did you expect, and what are you aiming for? A $5 rpi zero can do everything the duck can do. Does it look as good as the duck? No. Is it as easy to program as the duck? Big No. But then again why are you buying a duck if you don't at least know some programming? The idea of the Hak5 tools were never meant to be plug in play. I think they started going in that direction because we as humans have gotten to that point of expecting things to just work. But a true hacker would never expect that, nor want that. For me, I got these to mess around with and they have all worked flawlessly. Maybe not painlessly at first. But they all worked. And I've learned so much from them over the years. Because of them I've learned to make a $5 rpi act like a duck. Or a $15 micro router act like a packet squirrel or lan turtle. The whole point of these hak5 tools are to help you to learn. So what would you like to learn about today?
  10. 1 point
    I looked at arduinpcap etc but I thought I read somewhere in the docs that they can't capture a partial or full handshake. Don't forget that a PCAP isn't always a handshake, can just be packets as far as I'm aware. Might be wrong. I do think some guys have managed to get the Pi Zero wifi adaptor working in permisc mode so you could still look at that (not trying to put a downer on your project, just trying to help! as i'd be keen to build whatever you build too, esp or otherwise! I've got loads of the little fudgers all over the house haha)
  11. 1 point
    In short; one thing to check is the command line string that Cloud C2 is executed with, either if it is a service or started manually, and make sure the identification of the server (hostname) is correct since this is used when creating device.config files in the C2 web GUI. The TLDR version of this post is that I set up my Cloud C2 instance on a VPS and was trying it out when started manually. I added devices and everything was working as expected. I then set up my C2 instance with https and added it as a service and everything still worked as expected. Recently I was messing around with my LAN Turtle and had to remove it from C2. Since I didn't have any device.config file laying around, I created a new one in the C2 interface. After scp'ing the file to the LAN Turtle, it never showed up in Cloud C2. I tried to force the Turtle online using C2CONNECT but it just told me the device was already connected. Well, that made me start to think something fishy was going on. I then opened the device.config file to view its content. Although it's mainly filled with binary garbage, the domain name is visible in plain text and I could immediately notice that the domain name was wrong since it included the example.com domain. After calming down and removing the paranoia hat, I realized that I hadn't been hacked and it was most likely my bad. Heading over to the server running my C2 instance and executing ps ax, it was obvious that my C2 service was running with the wrong domain name/hostname. When changing to the correct domain name in the cloudc2.service file and restarting the service (and of course generating a new device.config file and adding it to my Turtle), the Turtle popped up on the beach again. So, I was a bit too quick when setting C2 up as a service according to Darren's video (link below), I just made a copy/paste of the service file example that is in the description of the video and didn't pay enough attention to the content (that included the domain example.com) https://www.youtube.com/watch?v=rgmL75ZBfSI Since everything was working fine for the other previously provisioned devices when running with example.com as hostname, I guess that the only use for the hostname parameter is to generate device.config files correctly.
  12. 1 point
    A work around for this is to swap the order of the lines in the language file. The Q and QUACK scripts seem to take the last instance in the file and 'quack' out that key code. The files are in the languages folder on the udisk. Try using to attached file instead to see if it helps. Make sure to unplug and re-connect the KeyCroc to enable the changes. us.json
  13. 1 point
    I got it to sort-of work by adding this to /etc/dnsmasq.conf dhcp-option-force=224,my_payload_string Very strange but good enough for now. Thanks!
  14. 1 point
    BIG BIG THANKS TO Cribbit and RootJunky yes my Num lock was on😕 payloads are working my bad THANKS AGIAN GUYS
  15. 1 point
    I don't know if this will be any use to anyone but. i create a poc to demonstrate sending the a status/progress of a powershell script to the bunny. The ps only send number 1,2 (3or4) & 5 with sleeps in between. And the bunny just changes it's LED depending on the number. when it get a 5 it quack the command to closes the powershell windows. #!/bin/bash trap "kill 0" EXIT LED SETUP ATTACKMODE RNDIS_ETHERNET HID GET SWITCH_POSITION GET HOST_IP cd /root/udisk/payloads/$SWITCH_POSITION/ FILE=data.txt #Clear old commands if [ -f "$FILE" ]; then cat /dev/null > "$FILE" fi LED SPECIAL # Set up an echo command to right to file. # using echo as nc only finish writing when the connection closes. CMD="while true; do read i && echo \$i >> $FILE ; done" # set nc to run in its own process nc -lvn -p 8080 -c "$CMD" & # give nc time to start sleep 1 # set the last command to empty last=""; LED ATTACK Q DELAY 200 RUN WIN "powershell" Q DELAY 100 # Create a connect object Q STRING "\$client = New-Object System.Net.Sockets.TcpClient;" Q DELAY 100 # set the host and port and connect to nc Q STRING "\$client.Connect(\"$HOST_IP\",8080);" Q DELAY 100 # create a stream for that connection Q STRING "\$stream = new-object System.IO.StreamWriter \$client.GetStream();" Q DELAY 100 # get powershell to sleep Q STRING "Start-Sleep -Seconds 3;" Q DELAY 100 # the 1 the the stream Q STRING "\$stream.WriteLine(\"1\");" Q DELAY 100 # push this over to nc Q STRING "\$stream.Flush();" Q DELAY 100 Q STRING "Start-Sleep -Seconds 3;" Q DELAY 100 Q STRING "\$stream.WriteLine(\"2\");" Q DELAY 100 Q STRING "\$stream.Flush();" Q DELAY 100 Q STRING "Start-Sleep -Seconds 3;" Q DELAY 200 # Send a 3 or 4 Q STRING "\$stream.WriteLine((3+(Get-Random -Maximum 2)).ToString());" Q DELAY 100 Q STRING "\$stream.Flush();" Q DELAY 100 Q STRING "Start-Sleep -Seconds 3;" Q DELAY 100 Q STRING "\$stream.WriteLine(\"5\");" Q DELAY 100 Q STRING "\$stream.Flush();" Q DELAY 100 #Close connection Q STRING "\$client.Close();" Q DELAY 100 Q ENTER LED SPECIAL # forever loop while : do # get the last line of the file removing line feeds (10) and carriage returns (13) curr=$(tail -1 "$FILE" | tr -d '\r\n') #curr=$(tail -1 "$FILE" | sed -e 's/[\r\n]//g') # see if the last command is different to the curr command if [ "$last" != "$curr" ] ; then # set the last to the current command last="$curr" # go to the section based on the command # most just change led color and rate on flashing. case $curr in 1) LED STAGE1;; 2) LED SPECIAL2;; 3) LED STAGE3;; 4) LED STAGE4;; 5) LED SPECIAL5 Q DELAY 100 # close powershell Q STRING "exit" Q ENTER break;; esac fi done LED FINISH sleep 1 The powershell is all on different lines just to make it easy to read. As i said don't know if this will of any uses to anyone but it may you never know may spark an idea in someone else
  16. 1 point
    https://forums.hak5.org/topic/28600-do-not-post-wifi-pineapple-related-questions-here/
  17. 1 point
    Not in my experience you will do a firmware flashing as part of the set up
  18. 1 point
    And I have tetra too, you have a right this is a sh*t
  19. 1 point
    What do you think about bashbunny? Is it better than rubber ducky? I have bashbunny and I think about buying rubber ducky.
  20. 1 point
    I think it's time you start taking dumps to see where it's getting held up. I only work with AWS/GCP so my expertise ends here. Sorry!
  21. 1 point
    Hey Shanimal, So Google Cloud Platform (GCP) uses two sets of firewalls by default. The VM's firewall, and the Virtual Private Cloud (VPC) firewall. In order to host Cloud C2 you will need to adjust your VPC firewalls rules through the VPC > Firewall tool. You should have something set like this below... You will create a network tag to apply to the VM of your choosing. Add/Remove ports as needed. If you want some hands on assistance just send me a message.
  22. 1 point
    I had a tetra for a while and can never get it to work reliably the most it did was troll people with fake SSIDs. I have bought most of this stuff as my Job paid for it but the only slightly useful thing out of all Hak5 is rubber ducky.
  23. 1 point
    Sweet! Nice work SelfTaughtDude!
  24. 1 point
    Every device has it's own section in the forums. You mentioned Rubber Ducky. https://forums.hak5.org/forum/56-usb-rubber-ducky/
  25. 1 point
    @Darren Kitchen I think that you need to look at at this.
  26. 1 point
    Same experience here on the functionality of the product. Such a shame. Product testing- UAT etc. Seems to have been left out of the development cycle. My Tetra is just an ornament to what might have been. On my third Pineaple product- none works as advertised. My $45 deauther in wrist watch form is far better to death- like it does it when I set it to do so 😉 Radical huh.
  27. 1 point
    I agree with all of you here. This product is much over hyped and it is frustrating to say the least. I bought this a few days back and I wished I had read all the feedback before I purchased it. I wished I had read this blog post about how the Wifi Pineapple is a total sham https://medium.com/@dephekt/a-review-of-the-pineapple-tetra-and-hak5-7198a98d8990 I hope the community realizes that hak5 is just swindling people their money with this bullshit product. I paid this out of my own pocket and I cant use this on any engagement. Feeling dejected and frustrated. Shame on you Hak5 for this lousy Wifi Pineapple Tetra product.
  28. 1 point
    Exactly same sentiment here. Spent $200 on something that won't work. (In my case, it's stuck on "...still booting" screen with any SSH connection refused). My first thought was "Okay, I'll chance another $200 if they won't help." But hell, seeing all these problems with no resolution -- another $200 would be a guaranteed waste.
  29. 1 point
    I hear you. Having fun with this useless device myself for the last 2 days. I'm experiencing the exact same issues and intermittently being locked out form connecting via management or the pineapple AP. My 2 laptops now report "unrecognized" USB device when connected via the Y cable. This worked just fine only yesterday. No luck connecting via the Ethernet port either. The tetra is a very unstable half backed device. I've just requested a return/refund. Let see what I get in response.
  30. 1 point
    Are you using Pineapple or straight Kali Linux?
  31. 1 point
    It should, yes. Just have to make sure you don't go crazy and pull too much power.
  32. 1 point
  33. 1 point
    Tested the fix on Mac pro Catalina 10.15.3 and the fix works flawlessly.
  34. 1 point
    This has now been addressed in firmware 1.3 – see the post at
  35. 1 point
  36. 1 point
    My recommendation is to use an SFTP server like filezilla or winscp Take the downloaded file device.config Open your c2 in sftp open etc place file
  37. 1 point
    Hello, I'm not sure if this is the problem, but I do know that my shark jack does take a moment to boot up. Try this: plug the SharkJack into your computer, and set for arming mode. Then, wait 1 minute (As in 60 seconds) or so for the SJ to fully boot before trying to connect. Before the SharkJack has fully booted, you won’t actually have an IP address, since the DHCP server hasn’t started, etc.
  38. 1 point
    Hak5 cannot ship to certain countries for legal reasons. They also make it clear that attempts to circumvent that are frowned upon, and that if you use a reshipper and something goes wrong, you get nothing back.
  39. 1 point
    I see how that wording is confusing. The intention was not to mislead. I will update it to make it more clear. The sales page states that video captures save mpeg files in various bitrates. When we finish up the currently in progress feature release of the Key Croc, we will investigate adding the C2EXFIL option for video files with an update. Live video streaming could be setup today using ffmpeg, which may be installed from apt on the device. There is a root shell accessible via serial. That said, this setup would require an RTMP server in order to receive the video signal. That's outside of the scope of Cloud C2 for now - however it doesn't look difficult to deploy based on this: https://obsproject.com/forum/resources/how-to-set-up-your-own-private-rtmp-server-using-nginx.50/ Now I understand this answer may be disappointing. I wish you only the best experience with Hak5 gear. Should it not be to your satisfaction, please submit a ticket at https://shop.hak5.org/contact and we will make it right.
  40. 1 point
    I haven't tried this, but surely this is something you could check by SSHing into the croc?
  41. 1 point
    Great to see someone encountering a problem and using their ability to research and learn to solve it!!
  42. 1 point
    Please Disregard i have gotten it working after a firmware recovery and setting it up on a different host for what ever reason it didnt like my Kubuntu machine
  43. 1 point
    https://forums.hak5.org/forum/64-wifi-pineapple/ Every item has it's own section of the forums.
  44. 1 point
    Most likely you are not close enough or have strongest signal for a success deauth between Target AP and Client device.
  45. 1 point
  46. 1 point
    Oh, and actually mine is doing the same thing.
  47. 1 point
    You can't really answer Q2 without answering Q1, since you don't know what penetration methods can be used. You just threw out some tech jargon and common tools, kinda "let's see what sticks" approach. And it sounds like you have no ideas for Q1, so why should you get this job? I would suggest you brush up on penetration techniques, specifically related to Windows and Active Directory. The following Google search yielded some really interesting articles that seem pertinent to what you are looking for: https://www.google.com/search?q=pentest+find+user+machine+from+employee+name&oq=pentest+find+user+machine+from+employee+name&aqs=chrome..69i57j33.9488j1j7&sourceid=chrome&ie=UTF-8 I especially enjoyed the article from https://hausec.com, which walks you through the process from the beginning. I'm not going to give you direct answers, since that would make me more qualified for this job than you. I also don't claim to have all the answers, but I'm not the one interviewing for a infosec job, as much as I would love a career change. I wish you luck on your job search and I hope you can gain the knowledge you need to do your job well and impress the interviewers.
  48. 1 point
    Sorry...there must be a kind misunderstanding. I'm telling that if you plug the ducky into a Windows 10 actual environment, this environment doesn't permit the launch of the ininjection file...you're telling me that i've to improve. 🙂 If isn't possible to launch a file from a USB keyboard emulator like Rubber Ducky is the device is useless and how do you right told, good only for demo online and for selling it. The thing that hurt me is that is still sold on Amazon and on the HAK5 site when it's clear that today you can't use it in a real environment. If you tell me that bunny works maybe i can try...but i've doubt that you can bypass a windows machine with an antivirus full modules enabled..have you tried? if not bypass, will turn also that hardware in a useless one. I'm talking about windows because 95% of pc's of the world are windows based. Thank you very much anyway for your support, nice to meet you.
  49. 1 point
    Your best tool for security is yourself...
  50. 1 point
    Hey guys, I have an update on this! I got a little frustrated and ended up only using the squirrel for basic packet captures (which was still great to have). But it left me empty inside knowing it can do so much more. Finally I had another go at figuring out this payload situation. I tried to run the scripts manually to see the CLI output/errors and it was a simple permission issue. I had to grant execute permission to all for each payload.sh before it would do anything. I'm still a Linux noob. So if there was something I could have done to avoid this in the first place, or anything I can do now to avoid modifying the individual file permissions each time I swap out a payload.sh please enlighten me!
×
×
  • Create New...