Jump to content


Popular Content

Showing content with the highest reputation since 02/13/2011 in all areas

  1. 12 points
    Introducing Bash Bunny firmware v1.1 A feature packed firmware awaits Bash Bunny users just one month after release. We've excited to announce version 1.1, including many new features, conveniences, bug fixes and refined experiences. The newly improved LED command adds patterns in addition to variable blinks, as well as standardized payload states for common stages such as setup, attack, cleanup and finish. The Bash Bunny framework now includes support for extensions which augment the bunny scripting language with new commands and functions. Tools can now be installed with ease by copying .deb packages or entire directories to the dedicated /tools folder on the flash drive in arming mode. Updating ducky languages is now just a matter of copying json files to the dedicated /languages folder on the flash drive in arming mode. Many more features, fixes and experiences in the full changelog - so hop on over to BashBunny.com/downloads and nab version 1.1 today! (\_/)
  2. 11 points
    Hey guys, I'm sincerely sorry for not making a formal announcement when the podcast went on hiatus a few weeks ago. I should have said something - but seeing as Hak5 has been in my life since the beginning - it was too hard to say that I was putting the show on hold. I've been going through a difficult time in my personal life (tl;dr: wedding is canceled) and I wasn't able to do the show the justice it deserves. That said, I'm resilient and new episodes will begin to air on January 2. We're also growing as a team, and we have amazing plans content, products, and community in 2019.
  3. 11 points
    Hi all -- big news we're super excited to share with you. If you've been following the recent 6th gen WiFi Pineapple developments you may have seen comments about 5 GHz. This has been on our road map for quite some time and man let me tell you it ain't easy. Then again, nothing worth doing ever is, right? Which is why we're excited to introduce our first ever dual-band device (2.4/5 GHz) -- the WiFi Pineapple TETRA! We're way ahead of schedule on the project and I want to give the forums community the first opportunity to get them in your hands because this ongoing project is made possible by you. Thank you! Ok - on with the good stuff! :) The WiFi Pineapple TETRA is the second device in the 6th generation line using the new software platform designed around usability and performance. So far the new modern interface has been very well received on the NANO and we expect the TETRA to continue taking the platform to the next level. Speaking of which, this is some serious next level hardware. The TETRA incorporates two Atheros dual-band (2.4/5 GHz) 2:2 MIMO radios capable of 802.11 a/b/g/n over a rock solid PCI Express bus directly connected to FOUR integrated skybridge amplifiers. With the included 5 dBi antennas we're right around 29 dBm EIRP -- which is huge. Range is incredible on this WiFi Pineapple. Under the hood it's a powerhouse. A 533 MHz RISC CPU from Atheros is running the WiFi Pineapple firmware - and it's not only 33% faster than the previous generation but it's based on the MIPS 74K instruction set. Adding to that we have 64 MB of high speed DDR2 32-bit memory and a fast SLC NAND controller with 2 GB of onboard storage -- so there's plenty of space. Ports are a plenty as we've gone with the classic Mark V style platform housing RJ45 Ethernet (eth0), 12V power, and USB 2.0 Host that'll support our new WiFi Pineapple Connector app on Android. Additionally we've incorporated some really convenient extras, like a built-in FTDI Serial UART over Micro USB -- so a console is never far! Next to that is an onboard Realtek USB Ethernet controller (eth1) over Micro USB so connecting directly to your laptop without Ethernet cables is a breeze! Furthermore, both the UART and ETH1 Micro USB ports can power the device over the included USB Y cables -- so most modern laptops can power it, as well as our Pineapple Juice 15000 battery included in the Tactical Edition of course :) This is a major milestone for the project and we can't wait to get them into your hands first. As you know developers are already working on the new 6th gen platform and this is one serious bit of kit that'll be taking advantage of all the new features. We invite you to get in on the ground floor with the TETRA from the HakShop at http://hakshop.com/products/wifi-pineapple-tetra
  4. 10 points
    MANA-Toolkit! Pineapple NANO + TETRA. (IPK installation-files, and source-files ready to compile with OpenWRT-SDK) MANA Toolkit includes a working version of SSLstrip2+dns2proxy for the Pineapples. Last update: 22.07.2018 Changelog: Taxonomy part of hostapd is activated. Updated to follow upstream, same updated source-code as Sensepost is using. Changes have been done to installation part! Remember to read the output! Will no longer use a copy of my python-library. But download the needed python packages fro SSLstrip2, SSLsplit, dns2proxy, crackapd, net-creds, firelamb and every part of the MANA-Toolkit comes with the package. (Even aslEAP) EAP penetration testing is now very feasible. Install procedure: root@Pineapple:~# wget -qO- https://raw.githubusercontent.com/adde88/hostapd-mana/master/INSTALL.sh | bash -s -- -v -v After a little while you should get a message saying installation was successful. But we're not quite done. You need to install the python-dependencies with this command: root@Pineapple:~# install-mana-depends How do i start MANA? Make sure you are not using wlan1 for anything. (For example having it in monitor mode) If you are, hostapd-mana will not be able to set the interface to 'master' mode Type 'launch-mana' in the terminal to launch the attack. The attack should go silently into the background while at the same time giving output to the screen and to the log-files. root@Pineapple:~# launch-mana Type 'kill-mana' in the terminal to stop the attack. root@Pineapple:~# kill-mana Module: https://github.com/adde88/ManaToolkit I have released a "pre-release" version of the Mana Toolkit "Module" for the Pineapples. This lets you launch the attack from the Pineapples web-interface. General feedback or tips for improving the module are greatly appreciated! Github repo. + source-codes: https://github.com/adde88/hostapd-mana-openwrt https://github.com/adde88/hostapd-mana https://github.com/adde88/ManaToolkit (The Mana Toolkit Module - dev. stage) The first repo. contains the IPK files you need to install everything, but it also contains the files you need to build it yourself with a proper SDK. The second repo. is used by the SDK. The SDK Makefile will download everything it needs from this repo. to build the MANA-Toolkit package. You don’t need to touch the second repo. to get anything up and running. (OpenWRT-SDK shouold handle this automatically.) The third repo. is the MANA Toolkit "Module", that needs testing and feedback from you guys. It also has a new dev-branch that contains my latest fresh changes, but it's not as stable as the master branch. Important directories: Config files: /etc/mana-toolkit/ Log files: /pineapple/modules/ManaToolkit/log (This is the log-directory, even if you don't have the Module installed) You will find the usual MANA Tools at: /usr/share/mana-toolkit/ OPKG Installation Files: (For those who want to install it manually): https://github.com/adde88/hostapd-mana-openwrt/raw/master/bin/ar71xx/packages/base/asleap_2.2-1_ar71xx.ipk https://github.com/adde88/hostapd-mana-openwrt/raw/master/bin/ar71xx/packages/base/hostapd-mana_2.6-15_ar71xx.ipk Donations are very helpful, and would help me contribute towards keeping all of these custom tools ported and up-to-date.
  5. 10 points
    BunnyTap is coming... 415 ? Ss 0:00 /usr/bin/SCREEN -dmS dnsspoof /usr/sbin/dnsspoof -i usb0 port 53 417 ? Ss 0:00 /usr/bin/SCREEN -dmS node /usr/bin/nodejs ./bunnytap.js 419 pts/0 Ss+ 0:00 /usr/sbin/dnsspoof -i usb0 port 53 420 pts/1 Ssl+ 0:02 /usr/bin/nodejs ./bunnytap.js
  6. 10 points
    Lookit, anyone that's been around for awhile, even noobs, there have been ups and downs. Hak5 stuck with it, I just want to say Thank you guys, I hope this year is a New Dawn. Thank you developers so much...guys lets donate a bit to them, they give us the good stuff....WhistleMaster, Newbi3, Foxtrot, sud0nic, Datahead, mbuckyboy, Ingsoc, hfam, ExigentCircumstance, patriceking, phpsystem, barry99705, leg3nd....ect ect... Whatever you have used.... Forgive me devs if I missed you, I had to post on my phone
  7. 10 points
    What would be a WiFi Pineapple firmware release without a code name vintage movie poster?
  8. 9 points
    For all the people who are new at this whole “computer†thing and don’t really understand what hacking is all about and where to begin, I offer up these links to some great places to start learning. Please contribute to this thread and I will keep it up to date. Probably should be made sticky. News: www.digg.com www.slashdot.org Presentations: http://www.lessig.org/freeculture/free.html <-- A speech given talking all about the problems facing culture when dealing with copyright and other digital laws. Podcasts: http://www.grc.com/SecurityNow.htm <-- This is fantastic for people who are new to the field. If you have the time or motivation, go back and listen to them from day 1, they assume you know very little if anything and hit on all of the major topics in the security field. Fantastic show. IPTV Shows: http://www.binrev.com/ <-- Produce a good IPTV show and also have forums that are usually helpful. http://www.hak5.org <--- Duh.... Tutorial sites: http://www.remote-exploit.org <-- Pretty good resources, some very nice video tutorials on various exploits. Defiantly check out the tutorial section. http://www.irongeek.com/ <-- Excellent tutorials/information/articles. http://www.antionline.com/ <-- Tutorials, tools and forums full of helpful people. Programming Related: Teach Yourself C in 21 Days: http://neonatus.net/C/index.html Teach Yourself C++ in 21 Days: http://cma.zdnet.com/book/c++/ The Art of Assembly Language Programming: http://maven.smith.edu/~thiebaut/ArtOfAssembly/artofasm.html Microsoft Developers Network: http://msdn.microsoft.com ----Web Programming: HTML: http://www.w3schools.com PHP: http://www.php.net ASP.NET: http://www.asp.net/Default.aspx?tabindex=0&tabid=1 SQL: http://www.mysql.com Perl: http://www.perl.com/ Python: http://www.python.org Security Related: SecurityFocus: http://www.securityfocus.com/ Milw0rm: http://www.milw0rm.com SecurityForest: http://securityforest.com/wiki/index.php/Main_Page
  9. 9 points
    This payload exfiltrates specified documents to the Bash Bunny via SMB (Windows File Sharing). https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/exfiltration/smb_exfiltrator The first stage injects keystrokes into the run dialog. The powershell one-liner wait until the Bash Bunny appears as a network, then copies files and exits. The powershell runs in a minimized state to limit visual impact on the target. The second stage switches the attack mode from HID to RNDIS_ETHERNET and sets up an SMB server using Impacket. It then waits for files to finish copying from the target to a temp directory. Once exfiltration is complete, files are moved to a named and numbered loot directory on the USB disk partition. A video walk-through can be found on Hak5 episode 2202: https://www.youtube.com/watch?v=VPhqD__lOBQ Version 1.0 of this payload uses conservative delay values and is not optimized yet for speed. A number of powershell aliases and shortcuts can be used to limit the first stage, while the function which waits for files to finish copying can also be improved. Hope you like guys! Cheers from Indonesia ? --Darren
  10. 9 points
    Module: Site Survey Version: 1.2 Features: View APs around with information such as SSID, MAC, Encryption, Cipher, Auth, Channel, Frequency, Signal Quality. View connected Clients Vendor information on AP's MAC Start capture on AP Start deauth on AP Capture history with information such as number of IVS or 4-Way Handshake Change log: 1.2 Add timer to know when the scan will be finished1.1 View connected Clients Bug fixes
  11. 9 points
    I think we may do a pre-order next week leading up to the launch on Friday, but it wouldn't be publicized really. Just something special for us cool peeps on the forums & IRC.
  12. 9 points
    Hey all - just thought I'd share a great time I had with the NANO this weekend. My dear friends got married this weekend and I thought I'd have some fun, but not in the usual pineapple-y way. I wanted to wish them the best and congratulate them in my way - the hacker way. I loaded up the NANO with the Occupineapple module and created a list comprised of: Congrats Drew and Pete! Woohoo Pete and Drew! P&D 2016! Pete and Drew Tie the Knot! Pete and Drew Forever! etc, etc, etc I used a small usb battery, and fit it into my tux. People started arriving, and of course after the obligatory greetings and whatnot many of them pulled out there phones and were taking photos of themselves all dressed up. When they went to post to Facebook and Instagram, many of them noticed the new BSSIDs! Remarks such as "Whoa, whats this? Wow, cool!" and "Holy shit, Pete and Drew had a whole bunch of wifi things setup!" were overheard by my wife and I. Best of all, on the shuttle over to the reception, I cornered the couple and said "Hey guys, I think theres some wifi on the shuttle, that's pretty sweet". They both pulled out their phones and tried to connect, and upon seeing all the celebratory BSSIDs...ear to ear smiles. They both turned their heads to me, knowing I was somehow responsible, and we shared a great memorable moment. All because of the Pineapple. So big thanks to the hak5 crew and to Whistlemaster for the excellent module that added a bit more magic to the evening. You guys are the best telot
  13. 9 points
    Hi @RazerBlade, I'm sorry you are not satisfied with the WiFi Pineapple. I haven't been able to spend a lot of time on the WiFi Pineapple lately, because I was focusing on other Hak5 products. That's why you haven't seen any firmware or system module updates. In terms of bugs, I am aware that some exist, but you should know that only a small subset of our users experience them, which make them hard to track down. Once I pick up the WiFi Pineapple again, I'm going to go over every Module (maybe one a week) and rid it of bugs and usability issues. I'll also be launching RCs to ensure that the shipped firmware upgrades are solid and "bug free(tm)". For now though, I'm truly sorry you are unhappy with the current state of the WiFi Pineapple. I hope that over the next few weeks and months we can remedy this.
  14. 9 points
    Hey Everyone, Just three and a half weeks from dev launch, the WiFi Pineapple NANO is getting its first full firmware update. We're excited to bring you a number of bug fixes and features. In the coming days modules will begin to become available over the air through the Module Manager. Similarly the package repository is now online. Our next focus will be on API documentation. Thank you all for the continued support and feedback! Once again please submit any bugs found to wifipineapple.com/bugs Changelog 1.0.6: Wireless Update WiFi drivers from upstream Fixed an issue where the mac80211 driver would crash Fixed an issue where access to the WPA2 management network was lost Fixed an issue where adding a third radio caused the SD card to reset Recon Mode Added UTF-8 support Fixed an issue with channels not showing correctly Added more verbose security types Improved the scan reliability Logging Fixed MAC and SSID filters being case-sensitive Automatically apply filters when refreshing the PineAP log Misc Fixed tracking MAC being case-sensitive Fixed PineAP filters being case-sensitive Added nginx SSL module Fixed varius utf-8 issues Updated all system modules to their latest versions Ensure applications installed to the SD card can reference /etc/ correctly Ensure the correct PATH variables are set for the SD card Changelog 1.0.5: Fixed an issue with packages not downloading correctly Changelog 1.0.4: Added the ability to download the PineAP SSID Pool and Log Improved the stability of WiFi Client mode Improved various API components Changelog 1.0.3: Fixed an issue with Module Manager not upgrading system modules Fixed a couple of issues with the PineAP Pool Changelog 1.0.2: PineAP Improved the PineAP configuration view. PineAP Daemon is now a toggle which should clear up some issues and conclusions Fixed a bug where "Capture SSIDs to Pool" did not save for autostart Added a refresh button to the SSID Pool Added support for changing the PineAP log location Fixed jibberish SSIDs Networking Fixed an issue with a third external radio causing bootup and interface issues Fixed a bug where Android Tethering did not share the connection properly to clients Fixed an issue where scanning does not work when the radio is in monitor mode Added support for some ralink and realtek dongles Dashboard Clicking the number of connected clients / number of SSIDs in pool now opens up the appropriate module Fixed a bug where the "SSIDs added this session" counter would not increment Module Manager Module Manager has now been released Modules are going to be added over the course of this week API documentation for how to create custom Modules will be released shortly Fixed a bug where no SSIDs were show in the clients Module Fixed a bug where the SD card did not mount correctly Fixed a bug where no MAC dropdowns appeared next to some MACs in Recon Fixed a bug where the SSID filter would never change mode Misc Added and made public the Pineapple opkg (package) repository. Updated the old SSH ASCII banner The logout button is now a dropdown allowing for quick logging out, shutting down, or rebooting. API fixes We hope you enjoy this release! -The WiFi Pineapple Team
  15. 9 points
    Hey guys we're super excited to introduce our 6th gen wireless network auditing tool! We're calling it the WiFi Pineapple NANO. We engineered it from the ground up based on the successes and feedback from the Mark V with a focus performance and usability. What we ended up with is something total new. It's not a simple client radio, or just a router or access point. We believe the WiFi Pineapple NANO is the most powerful wireless network auditing tool you can put in your pants. It leverages our unique hardware design and intuitive new web interface to integrate with your pentest workflow. There's a huge emphasis on workflow and usability with the WiFi Pineapple NANO. We completely re-engineered the web interface built on modern standards. It's fast, intuitive, responsive and familiar. For example new table views give you a detailed look of the WiFi landscape and context menus provide instant access to core PineAP features and modules. But it's not just the web interface either - the entire system was rebuilt on a modern base and compartmentalized in way that'll allow us to take the platform to the level. Of course modules (ya know, Infusions ) remain a core feature. Over the air downloads of community developed add-ons and web front-ends to popular tools remain. The new API is extremely simple for seasoned developers and newcomers alike. We also put together a really sweet Tactical kit. The case straps to your bag as an every-day-carry including a new Pineapple Juice battery pack. We even tailored the case with a nice Hak5 imprint liner and a cut out for the USB host port so you don't have to take it out of the case to plug in your phone. Oh yeah, it works with your phone now. The new WiFi Pineapple Android app simplifies USB Internet connection sharing. You just tap to tether and it instantly connects to the beautiful new mobile friendly web interface. No root required. https://play.google.com/store/apps/details?id=org.hak5.pineappleconnector You can also plug the NANO into your laptop and it'll both power on and enumerate as a USB Ethernet adapter so less cables and mess. And if you're doing a long term deployment, you can just plug the NANO into any standard USB power plug. Getting out-of-band access is even easier seeing as it supports the new gen of QMI-based modems. Here'a an intro video Seb and I made: So it should be no surprise that we had been working very hard to bring the new device for our little WiFi Pineapple ecosystem. What really surprised us though was the Mark V availability ending so soon. We were caught off guard post-DEFCON when our parts supplier notified us that the RTL8187 would no longer be available. We had developed a Mark V successor prototype using an alternative chipset, one that would allow for a somewhat inline change, but we found it came with a number of new complications that made the change unfeasible. At that time we had also anticipated the launch of our new WiFi Pineapple device to be much sooner. That being said, with as meticulous as we have been throughout the development, it's added considerable time to the process. Thankfully though our attention to detail has paid off as what we've developed is nothing short of amazing. We're so proud of the new device! Design decisions were made based on feedback from users and directly by observing the way in which the Mark V is being used, and it's clear we have a real winner. Unfortunately we underestimated the time in which certification takes to complete. For the last month and a half we've been anticipating the ability to launch for mass availability "in just another week or two". We have CE. We have FCC. We even have units in hand, awesome firmware, and a team raring to go. The latest development is that we're undergoing SAR testing, and sadly between labs being backed up and the new dongle requirement - we're looking at needing to wait just a while longer. The good news is that we're ready to launch for development and evaluation - meaning software developers like you here on the forums will now have early access to the new device. I want to give the core community that has been so good to us first dibs. Link at the bottom of the post. We'll be updating the other sites soon in anticipation of the official launch. Lastly, thank you for your patience and continued support for the project. I know it's not easy when we run into snags like this, especially while we're working tirelessly and quietly to bring something epic to the WiFi Pineapple community. And yes, we're rethinking that quietly part now. I'll keep you all updated with all of the latest as we take this next big step together and I'll try my best to answer any questions you have. Order the WiFi Pineapple Evaluation and Development Kit here: https://hakshop.myshopify.com/products/wifi-pineapple-nano-evaluation-and-development-kit Specifications: CPU: 400 MHz MIPS Atheros AR9331 SoC Memory: 16 MB ROM, 64 MB DDR2 RAM Disk: ROM + Micro SD Card Reader (card not included) Wireless: Atheros AR9331 + Atheros AR9271, both IEEE 802.11 b/g/n Ports: (2) RP-SMA Antenna, Ethernet over USB (ASIX AX88772A), USB 2.0 Host, Micro SD Power: USB 5V 1.5A. Includes USB Y-Cable Configurable Status Indicator LED, Configurable Reset Button FCC NOTICE: This kit is designed to allow: (1) Product developers to evaluate electronic components, circuitry, or software associated with the kit to determine whether to incorporate such items in a finished product and (2) Software developers to write software applications for use with the end product. This kit is not a finished product and when assembled may not be resold or otherwise marketed unless all required FCC equipment authorizations are first obtained. Operation is subject to the condition that this product not cause harmful interference to licensed radio stations and that this product accept harmful interference. Unless the assembled kit is designed to operate under part 15, part 18 or part 95 of this chapter, the operator of the kit must operate under the authority of an FCC license holder or must secure an experimental authorization under part 5 of this chapter. For evaluation only; not FCC approved for resale.
  16. 9 points
    To all those that are whining about "customer service" and/or the "we want value for money" boys; you're not only giving your money for the hardware, you're also supporting innovation. You're supporting a good cause, see it as a way you can make Unicef keep doing what they do. But without the CEO that fills his pockets with $1000000 a year. Besides that, they have given us more updates for the hardware then Linksys, Netgear and Belkin did combined for all of their stuff in the past year... And not only you get the best piece of hardware you yourself never could come up with, they also are giving you a weekly dose of technolust, and everything that surrounds that. Have you ever seen a company that gave you as much bang for buck than these bunch? No you haven't. It's absurd how much heart they put into their product, it is pure love and dedication. You can't even compare it to another company, these are the people we need more of in the world, make sure they can keep doing what they do.
  17. 8 points
    Hey everyone, Recently I have seen a lot of questions in regards to installing tools on the Bash Bunny. This post will contain a list of .deb files published by Hak5. Please see our wiki for installation instructions. If you would like to suggest a tool to be published, please reply to this thread. All other posts will be removed. Impacket Responder Gohttp Metasploit-Framework (Requires firmware 1.6 or above). Disclaimer: Hak5 is not responsible for these tools. They are 3rd party packages and have not been checked for stability or security. Hak5 simply packages these tools for easy installation.
  18. 8 points
    Hello all, With MAC's (and Linux) you have to know the device of course to serial into it. To make it quicker for me I wrote the below script to search the MAC for the bash bunny (If you have multiple modems this may not work for you) and prompt you to connect to it. Feel free to use and modify as desired. #!/bin/bash # # Title: Mac Serial Connect # Author: NightStalker # Version: 1.0 # # Finds the Bash Bunny in the /dev/cu.* location and # prompt you to connect to it. clear bunnyloc=`ls /dev/cu.* | grep usbmodem` echo "Bash bunny is located at: $bunnyloc" read -r -p "Would you like to connect to it? (Y/N): " connanswer echo $connanswer if [ "$connanswer" == "N" -o "$connanswer" == "n" ] then exit 0 elif [ "$connanswer" == "Y" -o "$connanswer" == "y" ] then screen $bunnyloc 115200 fi
  19. 8 points
    The new firmware is coming, and the current plan is to release it before Christmas. Because this upgrade is very important to us (and is packed with features and fixes), we wanted to take our time and do it right, rather than launch a bunch of new firmware in short succession. That said, after this release, upgrades will be much more frequent, with the possibility of nightly builds in Q1 of 2018.
  20. 8 points
  21. 8 points
    Currently working on a PoC - we'll see how well it works.
  22. 8 points
    Ahem... So does being mid Sept. constitute appeasing our endless anticipation with at least another hint? Can't blame a fellow for trying right...
  23. 7 points
    I haven't had a chance to read this entire thread but I can respond to the OP and say, absolutely not, Hak5 is very much alive. I understand that we haven't put out many of our regular videos lately. Personally I've been taking a bit of a hiatus to restructure some things in my life that needed attention. With that said we have a lot of great programming right around the corner coming to the channel - some familiar faces, some new faces, and some fantastic shows all around. Stay tuned for a channel teaser in the next few weeks.
  24. 7 points
    Hak5 is proud to release the firmware we’ve all been waiting for - the much anticipated WiFi Pineapple version 2.0.0! This beast of a release brings a complete rewrite of the pineapple core, numerous enhancements to the web interface, updates to the OS and base packages across the board as well as dozens of performance tweaks, stability improvements and bug fixes. For instance you can now sort and download recon and profiling data. OUI lookups are just clicks away and raw HEX frames can even be injected from PineAP - just to name a few. There's more in this release than we can even list in the changelog. This has been one massive development effort, given the interdependent nature of the pineapple base. PineAP, the frame sniffer, the injection engine and control system have all been rewritten for rock solid performance. This undertaking couldn't have been realized bit by bit, hence the long period between releases. WiFi Pineapple firmware version 2.0.0 constitutes the combined efforts of Seb Kinne and recent additions to the Hak5 engineering team -- Foxtrot and Tesla. As long time contributors to the project, their code and countless hours testing in an official capacity now have made for the most robust WiFi Pineapple firmware to date. This would not have been possible without the feedback and contributions from you all - the Hak5 community. We're excited to have laid the groundwork for much quicker releases, with the backend development processes and build systems having been reworked substantially. The NANO and TETRA bases are now merged, along with the web interface and many interdependent systems - so in usual Hak5 fashion we look once more to your feedback as thoughts on the future of the fruit. Download and changelog can be found at https://www.wifipineapple.com/downloads#nano.
  25. 7 points
    Hi everyone, We just released firmware version 2.5.x for the WiFi Pineapple, vastly improving the PineAP engine. Expect greater results on your next wireless engagement with this release. Changelog 2.5.4: Recon Fixed an issue where scan times would be invalid in non-Chromium web browsers. Changelog 2.5.3: Clients Fixed an issue where SSIDs would not populate. Filters Add detailed Filters information. Setup Choosing the Filter modes is now required upon Setup. Recon Fixed an issue where, in some cases, probes would not be shown in the Recon dialog. Fixed an issue where some probes were not logged during a Recon scan. Fixed an issue where, in some cases, handshakes would not be captured. Fixed an issue where captured handshakes could not be downloaded if the capture had stopped. Fixed an issue where, in some cases, captured handshakes would have invalid frame lengths. Previous scan dates are now translated to the browsers local time. Fixed a rare issue where Live Scan results would not populate in the Web UI. PineAP Fixed an issue where downloading captured handshakes would not work. Changelog 2.5.2: Recon Fixed an issue where invalid results with BSSID 00:00:00:00:00:00 would be collected. Fixed an issue where changing the band to scan would not update until PineAP was restarted. Fixed a firewall issue preventing Live recon results to populate in the Web UI. Changelog 2.5.1: Misc Fix an issue where "Unsupported Device" would incorrectly show. Changelog 2.5.0: Hak5 Cloud C2 Client Update PineAP Rewrite of PineAP, featuring a multitude of improvements and reliability fixes. Recon Improved reliability of scanning. Add throbber for deauth button. Automatically start scan after enabling PineAP. Remove misleading information message when the user started their first scan. Fixed a rare issue where multiple live Recon processes would start. Misc Reduce amount of Web UI HTTP requests. Fix missing paths on the WiFi Pineapple NANO. Download: Over the air via your WiFi Pineapples webinterface, or at https://downloads.hak5.org. ♥ - The Hak5 Development Team
  26. 7 points
    Hi All - I've started the beginning of a comprehensive user manual on the WiFi Pineapple NANO and TETRA. This will eventually become available as a PDF download, but until then I invite you all to review and comment on the living Google Doc either here or in the doc. https://docs.google.com/document/d/1KVYSTedUJTjn8VxG2Wk2iXeo3QHnnwM8V1GVFnr8w8c I'm very excited to hear your feedback on what I believe will help many newcomers and veterans alike with this project. Cheers!
  27. 7 points
    Hot off the heels of 1.2 our brave little bunny is hopping into 1.3 with exciting new features and fixes! This Kilo Echo Whiskey Lima release is cool as a cucumber - with new CPU performance and thermal enhancements to boot! In fact, the new CUCUMBER command allows you to throttle down to one core for chilly long term deployments - or put the petal to the metal and go PLAID with all out quad core speeds! We even snuck in some sneaky new ATTACKMODE features - like ATTACKMODE OFF to run dark and go completely bus silent after your attack completes. Or new ATTACKMODE parameters for Serial Number and Manufacturer in addition to VID and PID, for you masquerading types! Find all the fixes and features in the changelog and bounce on by to BashBunny.com/downloads for your devious device download (\_/) Full Changelog
  28. 7 points
    not sure what it is yet but just shut up and take my money!!!
  29. 7 points
    dafuq are you talking about? If you have a problem with a module post the issue in its support thread and the developer will help you.
  30. 7 points
    TL;DR: The NANO isn't txpower locked -- they're capped the chips maximum which is what we've implemented. No magic command is going to push the silicon past its spec. The easy way to increase total output power is with a higher gain antenna. If you want to take it a step further, I recommend using a low noise amplifier like the USB powered ALFA booster in the hakshop. There's a lot of myth and legend surrounding txpower, mostly because improperly configured systems would let you set the txpower as high as the config file would allow -- but not actually do anything. So while you can sometimes issue a command to set txpower to 30 and the system will report back 30, it won't actually do anything on the radio side. No special command is going to push the silicon to output more than it's made to, regardless of what the OS says -- and that goes for any system. Here's how it actually works: You start with a radio SoC. In our case chain0 is AR9331 and chain1 is AR9271. Actual silicon is typically between 16-22 dBm depending on mode. (HT40 for instance, while twice the bandwidth, typically sees lower output power than HT20). The txpower reported by the OS is determined by a special partition which is written to when the board is calibrated at the factory. This calibration is essential to the sensitivity, reliability and overall effectiveness of the device since no two things in the universe are 100% identical. #physics. What you end up with is the output power in dBm. Then you have the antenna, which is rated in dBi gain. The NANO ships with small 2 dBi gain antennas -- though we will soon offer a pair of 5 dBi gain antennas specially fit for the tactical case. The more gain, the higher the total output power. When you add the two values -- the dBm output and dBi gain, you get your total output power in dBm. It's often called EIRP. For the NANO that's 20 and 22 dBm. A watt calculator will tell you that a stock NANO can output some 158 mW while an upgraded 5 dBi antenna brings it to 316 mW and a 9 dBi will get you to 800 mW. If you want to increase the output power further, you'll need an amplifier. These are large and expensive, but when paired with the right transmitter and antenna can greatly improve performance. We have four skybridge amps built into the TETRA -- which constitute nearly 50% of its mass and at least half of the power budget. For them to work efficiently they need to be tuned and they'll want a relatively lower input power. It's sorta like how you don't want your iPod cranked to max volume when you plug it into your car stereo. The NANOs size, cost and power budget couldn't warrant such onboard amplifiers, but that's not to say you can't use one downstream. It's just a matter of plugging in and powering on. The ALFA booster in the HakShop will up the NANO output to 27 dBm (500 mW) or 29 dBm (800 mW). The later with a 9 dBi antenna will do 6.3 Watt and the former with a 15 dBi antenna will do 16 Watt -- both legally. Here's some further reading: http://www.cpcstech.com/dbm-to-watt-conversion-information.htm
  31. 7 points
    If you read through these forums a few things should become readily apparent. First, this community is very supportive and helpful and Hak5 is quite responsive. You'll also notice that many threads are successfully marked answered, and many others do not require such tags. Some have to do with newcomers to the project, or Linux as a whole -- and that's awesome (we welcome you). Most of the "unanswered" threads are known issues being addressed by the upcoming firmware release this week. I'm using a beta build on 1.0.2 now and it has addressed many of the concerns. Likewise if you take a few steps back and look at the project as a whole you'll see that throughout the lineage of the WiFi Pineapple, the tool has grown leaps and bounds in both hardware and software. For example the Mark 1 and 2 on the very original "jasager" firmware only allowed for enabling/disabling Karma, watching a log, managing a black/white list and seeing connected clients. That's it. We've come a LONG way... We're only at the very beginning of the 6th generation. We're in a development and evaluation phase where documentation and modules are being written, feedback is being gathered, and the project is being refined. Yes, there are bugs (that have been and will continue to be squashed) and yes we'll encounter hiccups along the way -- but through it all you'll see us continue to up our game and stand by our WiFi Pineapple. In the last 3 years there have been 50 firmware updates. 50. Each bringing bug fixes, security improvements, and features -- many of which are based on feedback from this community. The constructive critical feedback we've been receiving in the last two and a half weeks have been immensely positive and valuable in refining this WiFi Pineapple. If you have similar constructive critical feedback, it is wholeheartedly welcomed by Seb, myself, and I believe this community as a whole.
  32. 6 points
    Hi everyone, We just launched the Hak5 Cloud C2! I just wanted to give everyone a heads up and give some basic instructions on how to get everything set up: Setting up the Hak5 Cloud C2 Server To set up the Hak5 Cloud C2 server, simply head over to https://c2.hak5.org, download either the community or professional edition, and wait for an email to arrive with the download link and licence key. Once you have downloaded the ZIP file containing the server, choose the correct version for your OS and architecture (such as linux 64bit), and execute the binary. You will be prompted to add some parameters such as '-hostname'. We recommend setting up the Hak5 Cloud C2 with DNS. Once running, you will have a setup token printed to your terminal. Make a note of that and head over to the configured IP / DNS and port using your favorite web browser (Firefox or Chrome(ium) are recommended). You will be be guided through the setup there, and asked to enter your setup token and licence key. After performing the initial setup, if you need further help, click on the three dots in the top right corner and click on "Help". Update your device firmwares: WiFi Pineapple Update your WiFi Pineapple NANO or TETRA to version 2.4.0 or above, via the webinterface as you do normally Packet Squirrel Visit https://packetsquirrel.com/setup and follow the "Firmware Upgrades" instructions to install firmware version 2.0 or above LAN Turtle Update your LT, LT-SD, or LT-3G by using the "Check for updates" button inside of the turtle shell. Alternatively, follow the manual upgrade instructions from https://lanturtle.com/setup. You'll want to be on version 5 or above to have Cloud C2 support. Provisioning your devices: Once you have updated all of your Hak5 devices, you can go ahead and create new devices in the Hak5 Cloud C2 interface. After doing so, you'll be able to download the device.config files for each device by clicking the device from the list and then clicking the setup button from the device's menu. Once you have the config file, SCP it into the /etc/ folder on your device of choice and reboot the device. You should see it come online in the Hak5 Cloud C2 interface within a few minutes. Please remember that your devices will need to be networked to be able to reach the Hak5 Cloud C2 server (a mistake we made a lot during development). Introducing the Hak5 Cloud C2 video:
  33. 6 points
    PMKID Attack WPA/WPA2 on WiFi Pineapples! Pineapple NANO + TETRA WARNING! This attack is EXTREMELY effective on the Pineapples! And is capable of capturing an entire neighborhood of PMKID's in a minute or less, no clients needed! ONLY use hcxdumptool on networks you have permission to, because of this: hcxdumptool is able to prevent complete wlan traffic! hcxdumptool is able to capture PMKID's from access points (only one single PMKID from an access point required) hcxdumptool is able to capture handshakes from not connected clients (only one single M2 from the client is required) hcxdumptool is able to capture handshakes from 5GHz clients on 2.4GHz (only one single M2 from the client is required) hcxdumptool is able to capture extended EAPOL (RADIUS, GSM-SIM, WPS) hcxdumptool is able to capture passwords from the wlan traffic hcxdumptool is able to capture plain master-keys from the wlan traffic hcxdumptool is able to capture usernames and identities from the wlan traffic This attack was discovered accidentally while looking for new ways to attack the new WPA3 security standard. The main difference from existing attacks is that in this attack, capture of a full EAPOL 4-way handshake is not required. The new attack is performed on the RSN IE (Robust Security Network Information Element) of a single EAPOL frame. At this time, we do not know for which vendors or for how many routers this technique will work, but we think it will work against all 802.11i/p/q/r networks with roaming functions enabled (most modern routers)! The main advantages of this attack are as follow: No more regular users required - because the attacker directly communicates with the AP (aka "client-less" attack) No more waiting for a complete 4-way handshake between the regular user and the AP No more eventual retransmissions of EAPOL frames (which can lead to uncrackable results) No more eventual invalid passwords sent by the regular user No more lost EAPOL frames when the regular user or the AP is too far away from the attacker No more fixing of nonce and replaycounter values required (resulting in slightly higher speeds) No more special output format (pcap, hccapx, etc.) - final data will appear as regular hex encoded string The RSN IE is an optional field that can be found in 802.11 management frames. One of the RSN capabilities is the PMKID. This attack is quite new, and gets updated regularly. I've compiled it for the Pineapples and uploaded it to GitHub. As the tools gets updated often, i will have to update the packages often. So please check back for updates! Download: hcxtools (v4.2.1-16) Download: hcxdumptool (v4.2.1-17) Download and install both tools automatically by using this command on your Pineapple: wget -qO- https://raw.githubusercontent.com/adde88/hcxtools-hcxdumptool-openwrt/master/INSTALL.sh | bash -s -- -v -v Last update: 06.10.20618 Changelog: Updated hcxdumptool to follow changes from upstream (@ZerBea) Install procedure: Download the IPK's to your Pineapple and install them using opkg. (If you're using the Nano remember to install them to your SD-card) How do i use this? Chose an interface, and make sure it's not being used on anything else, let's use wlan1 in this example! (It will set the interface to monitor mode while working) hcxdumptool -o test.pcapng -i wlan1 --enable_status 3 This will use wlan1 to perform the attack and create a file named test.pcapng containing the PMKID. (You can try other options for --enable_status (1, 2, 4, 16 ?. Use --help for more info) Filters can also be applied with --filterlist and --filtermode (Again, read --help for details) You can then use hcxpcaptool to convert the PMKID to a hash readable by hashcat. hcxpcaptool -z test.16800 test.pcapng The next step would be to transfer test.16800 to a desktop, capable of running the latest version of hashcat. (Version 4.2.0 or higher) And then run the attack, for example like this: (This is NOT done on the Pineapple!!!) hashcat -m 16800 test.16800 -a 3 -w 3 '?l?l?l?l?l?lt!' Github repo. + source-codes: https://github.com/adde88/hcxtools-hcxdumptool-openwrt https://github.com/adde88/openwrt-useful-tools The first repo. contains the IPK files, and the SDK Makefiles needed to compile the project yourelf. The second repo contains alot of other useful tools i've compiled over time for the Pineapples if you're interested in taking a peek. Donations are very helpful, and would help me contribute towards keeping all of these custom tools ported and up-to-date.
  34. 6 points
    Seems unnecessarily aggressive...
  35. 6 points
    Move out and get a different flat with better room mates.
  36. 6 points
    See some people getting stuck with updating bunnies and tools etc. so put together quicklist of what I did from a brand new bash bunny on my linux box. I'm sure there are some differences with OSX and windows but in general with adaptation or tweaks this should work for all as a general outline. 1. Read the wiki - seriously even if you dont remember it all, know where it is and use it for reference. 2. Switch position to 3 (closest to USB) and insert to pc. With mine I got a blue light. I also backed up the original payloads dir but its not required. 3. Clone the payloads github locally or download the zip and extract the contents. 4. Copy the payload folder you just cloned or extracted to the bash bunny storage and overwrite all. You now have latest payloads. At this point if you were to unplug the bunny, select switch 1 or 2 and then reinsert you would see a purple light rather than the blue one that came from factory (at least mine did). 5. Some payloads require dependencies such as quick creds. You install the dependencies using the tools_installer payload So its worth running this payload as your first payload. On the Bashbunny storage delete the payload in switch 1 or 2 and then CUT the contents of /payloads/library/tools_installer/ to the switch folder of choice. DONT copy it as there is a slight bug if you have 2x copy’s of this payload on the bashbunny storage when its run. Unplug the bunny and select the switch to match where you placed the payload and reinsert the bunny. If all goes well you should eventually see a white LED. if you see red LED you may need to check the forums. From this point your ready to try other payloads or start developing new ones. Talking of which I almost forgot DuckToolkit adds support for new languages. and uses the Ducktoolkit python library for encoding. I had some issues getting the bunny online with ICS on linux but was mostly down to me not reading things in the bb.sh ICS script but I will point them out in case others do the same. 1. A factory fresh bashbunny can only ICS when switch is in position 1 or 2 not in arming mode position 3. There is no Ethernet device on a factory fresh bunnny in arming mode. 2. When you download and run the bb.sh it should be first run without the bashbunny inserted and when the script gets to stage 3 you insert the bashbunny to complete the guided config. 3. Just because you configured the bb.sh does not mean your online, you still need to hit C to connect with the current configuration and start ICS. So from here you should have Bashbunny with up to date payloads, dependencies installed and are able to ICS to get it online if required. Hope this helps some people.
  37. 6 points
    It's also my opinion that you don't need to be very knowledgeable on <topic> to be a hacker. It's a mindset, or a way of thinking, a personality.
  38. 6 points
    Hak5 is proud to release the firmware we’ve all been waiting for - the much anticipated WiFi Pineapple version 2.0.0! This beast of a release brings a complete rewrite of the pineapple core, numerous enhancements to the web interface, updates to the OS and base packages across the board as well as dozens of performance tweaks, stability improvements and bug fixes. For instance you can now sort and download recon and profiling data. OUI lookups are just clicks away and raw HEX frames can even be injected from PineAP - just to name a few. There's more in this release than we can even list in the changelog. This has been one massive development effort, given the interdependent nature of the pineapple base. PineAP, the frame sniffer, the injection engine and control system have all been rewritten for rock solid performance. This undertaking couldn't have been realized bit by bit, hence the long period between releases. WiFi Pineapple firmware version 2.0.0 constitutes the combined efforts of Seb Kinne and recent additions to the Hak5 engineering team -- Foxtrot and Tesla. As long time contributors to the project, their code and countless hours testing in an official capacity now have made for the most robust WiFi Pineapple firmware to date. This would not have been possible without the feedback and contributions from you all - the Hak5 community. We're excited to have laid the groundwork for much quicker releases, with the backend development processes and build systems having been reworked substantially. The NANO and TETRA bases are now merged, along with the web interface and many interdependent systems - so in usual Hak5 fashion we look once more to your feedback as thoughts on the future of the fruit. Download and changelog can be found at https://www.wifipineapple.com/downloads#tetra.
  39. 6 points
    Hello all, being a proxy engineer when I got the Bash Bunny the first thing I thought of was how can I force people who are (excuse my assumptions here ) lazy to lock their machines when they walk away and leave them vulnerable. As a pentester an unlocked and unattended machine is a gold mine but you sometimes only have those few precious seconds to gather the data you need. If you could set a proxy and more important a SSL proxy by inserting your certificate as well you could gather all the intel you need even after the initial attack. Enter Proxy Interceptor (Geeky name I know), this payload will enable the proxy settings and import the proxy certificate to the certificate store allowing you to man-in-the-middle the users web traffic including gathering credentials for later escalation use in the pentest. The payload is simple using PowerShell and Ducky Script and the end of the payload will even eject the bash bunny so you can just unplug and walk away. The script is 1.0 so there is more I want to do with it later including adding support for Firefox, running confirmation tests, dropping a script for persistence, and more. As of know this only affects IE and Chrome. Also there is no failure detection as of yet in the PowerShell scripts you just will not get the purple LED to confirm it is completed. I would love to hear your thoughts. https://github.com/ajmatson/bashbunny-payloads/tree/master/payloads/library/Proxy_Interceptor
  40. 6 points
    Coming soon - I don't recommend networkingPlus, it will most likely break a bunch of configurations.
  41. 6 points
    Hey everyone, Version 1.4 of the Bash Bunny firmware is now available! With it comes an important fix which will prevent the device from boot-looping when an invalid update file is put onto the root of the Bash Bunny's storage partition. A bug in the Bash Bunny's QUACK command has also been fixed and all underlying packages have been updated. Find all the fixes and features in the changelog and bounce on by to BashBunny.com/downloads for your devious device download (\_/)
  42. 6 points
    Hey Everyone, As is likely apparent from the name, Buffalo Bulldozer is a rock solid release with the intent of synchronizing a stable base for both WiFi Pineapples in the 6th generation - the NANO and TETRA. We've implemented some major improvements to the Recon mode of the PineAP engine, both increasing accuracy as well as stability. Recon scans now gather both AP and Client information by default using only one radio. This change decreases wlan0 overhead, allowing for faster association responses and uninterrupted communication with connected clients. WPS detection has also been added to Recon, further adding to the at-a-glance visibility of the wireless landscape. Information gathering is also enhanced from the Recon view with each client's probe requests visible from their respective menus, meaning you'll be able to immediately identify targets without having to page over to logs. Under the hood the kernel has been updated, upstream wireless fixes have been applied and packages have been updated. We feel you'll find this release rock solid throughout and we're eager to hear your feedback. Please as always use the bug tracker from https://www.wifipineapple.com/bugs This major release paves the way for an upcoming "CC" version and its accompanying cloud infrastructure. We're excited to share these developments as the project progresses. Once again thank you all for your support. This is truly the best time to be a WiFi Pineappler and we're grateful for this community! -- Seb & Darren Changes can be found at https://www.wifipineapple.com/downloads#nano.
  43. 6 points
    Both the nano and tetra will receive a new firmware upgrade in short order. We hope to have improved the experience a lot with the coming release.
  44. 6 points
    Here's the official specs: Atheros AR9331 SoC at 400 MHz MIPS 16 MB Onboard Flash 64 MB DDR2 RAM 2x 10/100 Ethernet Port USB 2.0 Host Port 4-way payload select switch RGB Indicator LED Scriptable Push-Button Power: USB 5V 120mA average draw Dimensions: 50 x 39 x 16 mm Weight: 24 grams
  45. 6 points
  46. 6 points
    It really depends on what you're wanting to do. The Armory has some nice specs for a dev platform - so if you have a specific use case in mind and are keen on the programming, go for it. The Bash Bunny is a purpose built pentesting platform. We emphasize the convenience factor and really try to foster a healthy development community around the tools. It's a simple plan that's been working for us for nearly a decade as we've been making infosec tools. So - you could probably do some nifty attacks with the Armory, but there'll be more heavy lifting involved. As for the hardware differences - while Micro SD is nice for memory expansion, the fast SLC NAND memory in the Bash Bunny is one of the enabling factors for the quick boot -- which is very important for physical pentest engagements. The Bash Bunny has a 50% higher clock speed and 4x more cores. The other specs like RAM and dimensions are similar. At the end of the day it's really the software, community, and continued support you've come to know from Hak5 that makes the difference.
  47. 6 points
    No we aren't... Some people read books then go out and sell their services as testers and let people down. That reflects badly on the industry and can get clients into trouble if they trust bad advice or rely on faulty results. Some people pose as testers to ask questions that they know if they asked offering their real intentions that they would be kicked off. Some people are just hobbyists. Someone who is a working pen tester would know how to scan a network to find user names and would know that you can't know what reach you have into a network without looking.
  48. 6 points
    Hi This is a module that allows you to quickly generate a template for your GUI module. You can also manage the modules you have generated in the past. Module Maker creates a template for your module, with some comments to help you understand what each file does and how they work together. Images are available in the spoiler. -Foxtrot
  49. 6 points
    ZaraByte - Thanks for providing detailed feedback on the WiFi Pineapple NANO. While it is unfortunate that your particular Android device does not support USB Tethering, I have yet to see any indication that your NANO is not working properly. Similar to the wp6.sh script, the WiFi Pineapple Connector app is provided free of charge as a convenient way to tether the device. The former is a front-end to iptables, and the later is a front-end to figuring out the IP address of the WiFi Pineapple on your Android device when USB Tethered. Given the nearly infinite unix network configurations and nearly 20,000 unique Android devices, we cannot possibly warrant or support each. Not all Android devices support USB Tethering, and we are not in control of that situation. Simply put, the issue is far outside the scope of this project. That said, we're here on the community forums to be as helpful as possible. There is no one way to use the WiFi Pineapple, and creative solutions are presented all the time. As xrad pointed out, iMcPwn's tutorial on Easy Tether for Android may be helpful. https://forums.hak5.org/index.php?/topic/37101-questions-about-usb-tethering/page-2#entry270022 Similarly the WiFi Pineapple may be tethered over its built-in USB Ethernet controller in Windows, Linux, OSX, Android, or via WiFi to an access point or portable hot-spot. The requirements listed on the box state "Computer, Smartphone or Tablet" as well as "Internet Connection for Setup". In a previous video you demonstrated the new interface, so obviously you have completed setup successfully. I also see a Windows computer in your video, so might I recommend the following Hak5 video on Internet Connection Sharing with Windows: The WiFi Pineapple NANO is in a development and evaluation phase while we finalize certification -- and we're providing early access to developers and evaluators to gather feedback, make bug fixes, refine features and develop modules. Based on your shown expertise, I am confident that you will be able to use your NANO rather than relegating it to the "gadget box". Regarding the USB Rubber Ducky - it has always shipped with the same factory firmware -- so there's no way your friends device was a paperweight due to an out dated firmware. We do support flashing community firmware versions through the DFU bootloader, but those aren't made by us. Saying "Typical Hak5 sell you stuff that doesn't work correctly half the time" is absolutely bogus. Everyone here is trying to be as helpful as possible, and while we value your input, a little less hostility would be appreciated. We stand by our products and I reject any statement to the contrary. If you're not satisfied with the NANO, I'm happy to take it back.
  50. 6 points
    I'm planning on doing some videos covering the core functionality. For right now I highly recommend checking out the Help section in the new interface. I know it sorta sounds like I'm saying RTFM, but as the author of TFM -- I tend to think it's pretty good
  • Create New...