Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 06/05/2019 in all areas

  1. 7 points
    I haven't had a chance to read this entire thread but I can respond to the OP and say, absolutely not, Hak5 is very much alive. I understand that we haven't put out many of our regular videos lately. Personally I've been taking a bit of a hiatus to restructure some things in my life that needed attention. With that said we have a lot of great programming right around the corner coming to the channel - some familiar faces, some new faces, and some fantastic shows all around. Stay tuned for a channel teaser in the next few weeks.
  2. 6 points
    Seems unnecessarily aggressive...
  3. 5 points
    Hi! We're pleased to announce a new release for the WiFi Pineapple NANO: 2.7.0. This update addresses some of the bugs reported by the great community here on the forums and in the Hak5 Discord, as well as updates to some community packages and updates to OpenWRT. 2.7.0 Changelog: General OpenWRT version is now 19.07.2. Kernel has been updated from 4.14.133 to 4.14.171. Fixed an issue where OpenVPN would cause a kernel panic upon establishing tunnel. Recon Fixed an issue where live scans would fail on the WiFi Pineapple TETRA. Reporting Fixed an issue where emails would not be sent. Improved the user experience by automatically saving email settings when testing emails. Improved the user experience by forcing an email to send when testing, regardless of whether the "Send Email" option was checked. Advanced Fixed an issue where swap would not be mounted automatically on the NANO's SD Card. Renamed "USB" panel to "USB & Storage". Misc Added SSLSplit package to repositories. This fixes the SSLSplit module dependencies. Updated Kismet package in repositories. Updated Kismet-RemoteCap package in repositories. You can update your WiFi Pineapple NANO Over-The-Air via the Advanced module or manually at the Hak5 Download Center. โ™ฅ - The Hak5 Development Team
  4. 4 points
    Hi! We're pleased to announce a new release for the WiFi Pineapple TETRA: 2.7.0. This update addresses some of the bugs reported by the great community here on the forums and in the Hak5 Discord, as well as updates to some community packages and updates to OpenWRT. 2.7.0 Changelog: General OpenWRT version is now 19.07.2. Kernel has been updated from 4.14.133 to 4.14.171. Fixed an issue where OpenVPN would cause a kernel panic upon establishing tunnel. Recon Fixed an issue where live scans would fail on the WiFi Pineapple TETRA. Reporting Fixed an issue where emails would not be sent. Improved the user experience by automatically saving email settings when testing emails. Improved the user experience by forcing an email to send when testing, regardless of whether the "Send Email" option was checked. Advanced Fixed an issue where swap would not be mounted automatically on the NANO's SD Card. Renamed "USB" panel to "USB & Storage". Misc Added SSLSplit package to repositories. This fixes the SSLSplit module dependencies. Updated Kismet package in repositories. Updated Kismet-RemoteCap package in repositories. You can update your WiFi Pineapple TETRA Over-The-Air via the Advanced module or manually at the Hak5 Download Center. โ™ฅ - The Hak5 Development Team
  5. 4 points
    You need to turn caps lock off.
  6. 4 points
    Hey there - welcome to the community! I understand that the modules and payloads are a big factor of Hak5 gear, and it's our goal to create powerful pentest platforms that make it convenient to execute complex attacks. Over the years the community developed contributions to these projects have increased, as has our arsenal as a whole. With WiFi Pineapple firmware version 2.6, we're introducing a major update to the platform by jumping openwrt base from 15.05 to 19.07. At this time OpenWRT has not officially released 19.07 - it seems to be "late" if one goes by the version numbering scheme. Still, we wanted to build on top of the latest possible base so that we could take advantage of the most up to date Linux kernel. As with most major OS updates, package support may lag behind the initial release. This had not been the case with previous WiFi Pineapple firmware versions for the NANO or TETRA, however with the move to 19.07 some bumps in the road were to be expected. As a general rule developers are notified of upcoming releases and community members are encouraged to join the beta program to provide feedback via discord. See https://shop.hak5.org/pages/community We strive to ensure that all core functionality is thoroughly tested and works as expected before release. This covers the first-party modules, such as PineAP, which ship with the firmware. Additionally any underlying changes to packages or the API are documented so that third party module developers can make the most of the new firmware. Usually if a module breaks it's fixed in short order. I can say from experience this is the first instance where module updates were required to this extent - and that's likely due to the new linux base. It's something we're aware of, and we're currently working on a fix. Learning from this experience going forward I am reviewing our processes to see if there is a better release channel or means to incorporate module developers with releases. Thanks, Darren
  7. 4 points
    Facebook, google, twitter, apple microsoft. They all listen. They all watch, they all sell. It's up to you if you are happy with it, if you minimise it, or just shrug and get on with your life. You're online, someone, or something, is watching. Cortana is no more "malicious" than Siri, Alexa or Google
  8. 3 points
    Thank you all for the incredible feedback on the Key Croc. We knew in development that we were on to something game changing, so to hear the enthusiasm from you all directly is truly rewarding. The amount of creativity shown in such a short period of time since initial release is encouraging. We hope that with this beta release of Key Croc firmware 1.3 we can further that creativity. As always we welcome your feedback here on the forums and of course on our Discord #beta-testing channel. Thanks for your support and happy hacking! And an especial big thank you to our team โ€“ @Korben for his work on this firmware with the support of @Foxtrot and everyone including 0xdade for feature inspiration. Changelog: General Optional Password Protected Arming Mode built into framework/parser ARMING_PASS and (optional) ARMING_TIMEOUT can be defined in config.txt (Credits: 0xdade) C2 notifications added to relevant event handlers iProduct can now be defined with PROD_ when calling ATTACKMODE, and defined in config.txt as PROD iManufacturer can be defined in config.txt as MAN Croc now waits for keyboard to enter ATTACKMODE HID Increase output log write speeds Fixed $LOOT Fixed payload validation at boot Payloads / Tools Ported GET extension script from Bash Bunny Added GET_VARS script giving your payload access to the following live data VID PID MAN PROD HOST_IP TARGET_IP TARGET_HOSTNAME Added the following helper scripts QUACKFILE (alias QFILE) ENABLE_PAYLOAD DISABLE PAYLOAD WAIT_FOR_KEYBOARD_ACTIVITY WAIT_FOR_KEYBOARD_INACTIVITY WAIT_FOR_LOOT Framework functions exported MOUNT_UDISK UNMOUNT_UDISK UPDATE_LANGUAGES ENABLE_WIFI CLEAR_WIFI_CONFIG CONFIG_PSK_WIFI CONFIG_OPEN_WIFI ENABLE_SSH DISABLE_SSH Added the following scripts WAIT_FOR_ARMING_MODE WAIT_FOR_BUTTON_PRESS ARMING_MODE Misc Added get_payloads.html to udisk Moved examples into library/examples Debug logs moved to /root/loot so they will be automatically moved to udisk for easier debugging access DEBUG ON in config.txt now enables parser and framework debug logs at boot You can download the BETA firmware here. You can find upgrade instructions here (substitute the file linked above in step one).
  9. 3 points
    The device has been on the market since 2015 and in that time has seen continious updates and patches. 2.7 was released a little over a week ago. For a device so buggy and unreliable, many are using it and successfully so. Trust it for what? Your livelihood? Job? A tool is only as reliable as the person using it. If you stake your reputation on a single device, that reflects on your own poor judgement and shows a serious lack of skill in risk planning. It also demonstrates that you really have no idea what you are doing as no one would use a singular device in such a critical test and if they absolutely had to, they'd have the skills and foresight to plan for any issues they may encounter.
  10. 3 points
    Or is this because of supply chain issues due to the outbreak?
  11. 3 points
    Hi! We're very excited to announce the release of the 2.6.x Firmware for the WiFi Pineapple TETRA! We've been working hard behind the scenes, listening to the great community feedback and building upon it to iron out reported bugs, add new features and bring updates to everyone's favourite fruity wireless device. Whether it's the updated kernel, fresh packages or improvements to PineAP and Recon - there's something in this firmware for you. 2.6.2 Changelog: PineAP Fix an issue where handshake captures might fail after a timed, non-live scan. Fix an issue where starting a handshake capture when a scan is not running would result in incorrect channel hopping behaviour. Misc Work around a kernel bug causing packet filtering to fail in some tools. Thank you @adde88! 2.6.1 Changelog: General Fix an issue affecting the microSD card on some WiFi Pineapple NANOs. Fix an issue where external USB WiFi adapters would register before internal interfaces. Module Manager Dialogs are now used for Module installation and updating. Add a message about third-party modules before installation. Misc Added missing kernel modules to the Hak5 Package Repositories. 2.6.0 Changelog: General Update firmware base from OpenWRT 15.05 to OpenWRT 19.07. Update kernel from 3.18.84 to 4.14.133. Ensure all opkg feeds are HTTPS. Update PHP5 to PHP7. Update HostAPd from 2.6 to 2.7. Improve SD Card stability on the WiFi Pineapple NANO. Include support for the MediaTek MT76x2 wireless chipsets. Dashboard Fix an issue where the "SSIDs collected this session" counter wouldn't reset after a reboot. Use more reliable method of obtaining CPU usage. PineAP Fix a rare crash due to memory corruption. Fix an issue where PineAP options would unselect if PineAP was disabled. Fix an issue where PineAP Enterprise would not work if Management AP was disabled. Improve beacon effectiveness by rotating through SSID Pool. Greatly improve memory and CPU consumption. Fix an issue where Raw Frame Injection might hang indefinitely. Add an option to reset the 'SSIDs collected this session' counter on the Dashboard. Recon Ensure that previous scan dates are displayed correctly. Networking Improve Client Mode reliability. Configuration Fix an issue where the user configured timezone would not set correctly. Advanced Fix an issue where the SD Card format may hang indefinitely. Misc Update Cloud C2 Client. Packages Add Kismet Package. Add Kismet Remote Capture Package. Updates to a huge variety of commonly used packages. A special thank you to the community members who provided excellent beta feedback: - adde88 - dragorn - Just_A_User โ™ฅ - The Hak5 Development Team
  12. 3 points
    https://www.just-fucking-google.it/?s=what is ntopng
  13. 3 points
    Try it and find out and if you get caught, then they do.
  14. 3 points
    You can't really answer Q2 without answering Q1, since you don't know what penetration methods can be used. You just threw out some tech jargon and common tools, kinda "let's see what sticks" approach. And it sounds like you have no ideas for Q1, so why should you get this job? I would suggest you brush up on penetration techniques, specifically related to Windows and Active Directory. The following Google search yielded some really interesting articles that seem pertinent to what you are looking for: https://www.google.com/search?q=pentest+find+user+machine+from+employee+name&oq=pentest+find+user+machine+from+employee+name&aqs=chrome..69i57j33.9488j1j7&sourceid=chrome&ie=UTF-8 I especially enjoyed the article from https://hausec.com, which walks you through the process from the beginning. I'm not going to give you direct answers, since that would make me more qualified for this job than you. I also don't claim to have all the answers, but I'm not the one interviewing for a infosec job, as much as I would love a career change. I wish you luck on your job search and I hope you can gain the knowledge you need to do your job well and impress the interviewers.
  15. 3 points
  16. 3 points
    You may want to check the correct forum section: https://forums.hak5.org/forum/43-security/ and particularly this post: https://forums.hak5.org/topic/913-hacking-where-to-begin/ It seems that you are not just a "new hacker", you are a new "forum user" and "searching user" as well. Next time, do a little research, do a little Googling, watch some youtube videos, (Hak5 youtube channel is a good place to start) instead of just asking people to tell you how to get started. That is not even how people get started in this field. If you have to ask, you are probably not the right person for hacking. If you think it's an easy way to make money, it's not - you will be competing with people much smarter than you and more experienced. If you truly have the passion for hacking and hardware and experimenting and all that, you would have found some sources along the way, because your passion and unquenchable taste for computers would lead the way for you. I'm not trying to be mean, just telling it like it is. Better to be honest with you up front, than spoon-feed you answers.
  17. 3 points
    It's not your network, don't go poking around. But if you want to know how YOUR school network is setup. Ask whomever takes care of it. It varies depending on country, and on the school too. But if they've any sense, it's a hierarchy, with students at the bottom, lowest level access, teachers above them, and someone with an ounce of sense above the lot. A decent filter system, vlans, good wifi infrastructure. So how is it set up? Like any decent network if it's done right.
  18. 3 points
    Another load of spam locked.
  19. 3 points
    Hi, Yes that is arguably the best approach, also you can screen grab and make notes so that you can always refer to them later..... Hope this helps ๐Ÿ˜Ž
  20. 3 points
    I'm not trying to be vague. I simply don't want to be hold responsible for people bricking their devices. Download/transfer the IPK-file from my repo to your Pineapple. SSH/SCP/wget, whatever works best for you. SSH to the Pineapple and run the command below within the same directory you downloaded/transferred the file to. opkg update ; opkg install sslsplit_0.5.5-1_mips_24kc.ipk -d sd There's no prerequisites, except having an active internet connection on the Pineapple while installing. This is not a part of the official module which you can download on the Pineapple, but you should be able to use the module with this package. When i get time, i'll create a fork of the official Module, so that people not experienced with this stuff can use it to setup everything via the Module GUI.
  21. 3 points
    Your question is similar to asking what tool you should buy for your first mechanics job. Despite that, my answer would be not to buy anything, almost anything you'll need is open source. Grab Kali and look at all that is included with it. And if by job, you mean you are looking for a paying gig, please don't, you need a lot of skill to do a good job in testing. Build your experience up first, look for a junior job with a testing firm and learn with them. If you go out without enough skill to do a job properly, you can end up giving a client a false sense of security and could cause a lot of problems. Back to the first analogy, you wouldn't act as a mechanic and change someones brakes if you'd never held a screwdriver before.
  22. 3 points
    Do I win? Probably 20 more of the 5 buck ones from hak5.and at least one more unopened tplink
  23. 3 points
    Hello! We're happy to introduce the 1.0.1 update for the Signal Owl. It introduces some bug fixes and changes on entering Arming Mode to improve the user experience. 1.0.1 Change Log: General Simplified device mode selection. The device now starts in ATTACK mode by default. Enter ARMING mode by pressing the device button at any time while in ATTACK mode. Fixed a bug in USB Storage Mounting, which sometimes would cause payloads and firmeware upgrades to fail. Fixed a bug in the LED helper, which would sometimes prevent payloads from updating the LED. Fixed a network device driver bug and interface misconfiguration caused by some external wireless adapters. Fixed a bug in the device reset button, which made it difficult to perform factory resets. You can grab the update via the Hak5 Download Center and follow the Hak5 Docs Signal Owl Update article to get on the latest version. Cheers, Marc
  24. 3 points
    Just install the latest version of Kismet on it, that has full WIDS built in.
  25. 3 points
    Is that why you're spamming around the forums? grave bumping dead threads to receive recognition on Leaderboard? ๐Ÿ˜’ ๐Ÿ‘Ž
  26. 3 points
    Hi Everyone, I just wanted to chime in and thank everyone posting in the thread for their feedback on the release. As you can imagine by looking at the changelog, 2.6.0 was a huge update and unfortunately some issues have started to show outside of our beta testing group. That being said, now that we're settled back in from DEFCON, these issues are being addressed currently. I have started work on updating third-party modules and expect those to be done in the next 1-2 days. A 2.6.1 update will also follow, containing some fixes that affect SD card usage on some NANOs. Thanks again for the continued feedback - we appreciate you. Kind Regards, Foxtrot
  27. 3 points
    thanks for the reply but I just managed to figured out a solution -- I created it as a service, here's the steps: sudo vi /lib/systemd/system/hak5c2.service ------------ [Unit] Description=Hak5 Cloud C2 Server After=multi-user.target [Service] Type=idle ExecStart=/usr/local/bin/c2_community-linux-armv7 -https -hostname [hostname] -db /var/hak5c2/c2.db [Install] WantedBy=multi-user.target ---------- sudo chmod 644 /lib/systemd/system/hak5c2.service sudo systemctl daemon-reload sudo systemctl enable hak5c2.service systemctl start hak5c2.service // OR // sudo reboot
  28. 3 points
  29. 3 points
    If you aren't in a team and the rest of the company don't know anything about jail breaking phones then I think there is something wrong with the company's business model.
  30. 3 points
    Great idea and definitely something we considered for exactly the same reason. Unfortunately the first prototype with that feature introduced lag since the video signal had to go through software - but it's something we'll be investigating because I think there's a creative way to do this with some fancy switching.
  31. 3 points
    I can't install Module Dependencys (SSLSplitt) I will start and say they are not installed. Rebooted and the same thing. Formated SDCard, does not help.
  32. 3 points
    Hi everyone, After the upgrade to the firmware 2.6.0 my Dwall isn't working anymore. Anyone is having the same problem?
  33. 3 points
    Start by learning how your own computer works. Then your own network. Then setup a home lab using Virtual Machines. That's the best place to start for what you want to learn. And read, read everything. If something is confusing, go back over it, check did you miss something. Investigate, google, READ.
  34. 3 points
    Depends if you've got permission.
  35. 2 points
    Dont steal - stealing is bad ๐Ÿ˜„ I was in a similar situation, and decided to go with the bash bunny as you have some more areas to learn and explore about !
  36. 2 points
  37. 2 points
    Just to address this: Devices that are not sold by us or the retailers we partner with are not guaranteed to have not been used in the past. Buying new parts from us directly or the retailers we choose don't come with a password set.
  38. 2 points
    SharkLib - SharkJack Quick Payload Library This Tool was created less than 24 hours after having a "SharkJack", I realized how much of a pain it is to swap back and forth between prior loaded Payloads. So after 7 hours of debugging, testing, and pulling my hair out. - I give to you "SharkLib". SharkLib allows you to Backup/Restore prior loaded Payloads, via SSH Terminal. No more needing to have to "go deploy another script", you can easily use C2 or any SSH Terminal Service to switch your desired payloads. Features: Installs to Local System to allow ease of access of "SharkLib". (/usr/sbin) Syncs on Exit to prevent data corruption in payloads. Easy to use Menu Interface. Switch payloads in seconds with SSH. I will post the Code in here, until Hak5 tells me what "category" this tool falls under in the GitHub Repo. The Code: #!/bin/bash # # Title: SharkLib # Author: REDD of Private-Locker # Version: 1.3 # # This Script is to be ran on the Hak5 SharkJack itself. This Script # makes switching between local stored payloads quick and simple. # VERS=1.3 LIB_DIR="/root/payload/sharklib" DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" START_DIR="$DIR" INSTALL_DIR="/usr/sbin" EXEC_FILE="sharklib" PAYLOAD_DIR="/root/payload" PAYLOAD_FILE="$PAYLOAD_DIR/payload.sh" function install_sharklib() { if [[ "$DIR" != $INSTALL_DIR ]]; then if [ ! -f "$INSTALL_DIR/$EXEC_FILE" ]; then printf " -> Installing SharkLib into System for Easy Access.\n" sleep 1; cp -rf $0 $INSTALL_DIR/$EXEC_FILE printf " -> Fixing Permissions of $EXEC_FILE in $INSTALL_DIR.\n" sleep 1; chmod +x $INSTALL_DIR/$EXEC_FILE fi fi } function view_payload() { printf "\n"; cat "$PAYLOAD_FILE"; printf "\n"; read -n 1 -s -r -p "Press any key to return to Menu.."; sharklib_menu; } function remove_sharklib() { if [ -f "$INSTALL_DIR/$EXEC_FILE" ]; then printf "\n" printf "Removing SharkLib from local system.\n" rm -rf "$INSTALL_DIR/$EXEC_FILE"; printf "Removing SharkLib Payload Library.\n" rm -rf "$LIB_DIR"; printf "SharkLib has been fully removed.\n\n" fi } function free_space() { FREE_MEM="$(df -h $PWD | awk '/[0-9]%/{print $(NF-2)}')" } function header() { free_space; printf "\n" printf "O========================================O\n" printf "| SharkLib - SharkJack Quick Payload |\n" printf "| Library |\n" printf "O=O====================================O=O\n" printf " | %-29s |\n" "$SHARKLIB_TITLE" printf " O====================================O\n" printf " | Free Space: %-6s Vers: %-3s | \n" "$FREE_MEM" "$VERS" printf " O================================O \n" printf " -Huge Thanks goes to Hak5! \n" printf "\n" } function backup_payload() { clear; SHARKLIB_TITLE=" Backup Payloads" header; if [ -f "$PAYLOAD_FILE" ]; then printf "\n" printf " 1. Backup current payload to SharkLib\n" printf "\n" printf " 2. Return to Previous Menu.\n" printf "\n" printf " Select a Menu Item by # and press ENTER: " read BACKUP_INPUT printf "\n" if [ "$BACKUP_INPUT" = "1" ]; then printf " What would you want to call this Payload?: " read BACKUP_INPUT_1 if [[ "$BACKUP_INPUT_1" != "" ]]; then if [ ! -d "$LIB_DIR/$BACKUP_INPUT_1" ]; then mkdir -p "$LIB_DIR/$BACKUP_INPUT_1" cp -rf "$PAYLOAD_FILE" "$LIB_DIR/$BACKUP_INPUT_1/payload.sh" printf " Created Payload directory named $BACKUP_INPUT_1\n" sleep 2; sharklib_menu; else printf " Removing Old Copy and using New Copy of $BACKUP_INPUT_1\n" rm -rf "$LIB_DIR/$BACKUP_INPUT_1" mkdir -p "$LIB_DIR/$BACKUP_INPUT_1" cp -rf "$PAYLOAD_FILE" "$LIB_DIR/$BACKUP_INPUT_1/payload.sh" sleep 2; sharklib_menu; fi else if [ ! -d "$LIB_DIR/Payload" ]; then printf " Backing up Payload into Default Payload directory..\n" mkdir -p "$LIB_DIR/Payload" cp -rf "$PAYLOAD_FILE" "$LIB_DIR/Payload/payload.sh" sleep 2; sharklib_menu; else printf " Removing Old Copy and using New Copy of $LIB_DIR/Payload\n" rm -rf "$LIB_DIR/Payload" mkdir -p "$LIB_DIR/Payload" cp -rf "$PAYLOAD_FILE" "$LIB_DIR/Payload/payload.sh" sleep 2; sharklib_menu; fi fi elif [ "$BACKUP_INPUT" = "2" ]; then sharklib_menu; else backup_payload; fi else printf " No Payload in $PAYLOAD_DIR.\n" fi } function delete_payload() { DELETE_INPUT=NULL clear; SHARKLIB_TITLE=" Delete Payloads" header; cd "$LIB_DIR" DIR_CNT="NULL" DIR_CNT=$(ls "$LIB_DIR" | grep -v total | wc -l) declare -a DIRS i=1 for d in */; do DIRS[i++]="${d%/}" done if [ "$DIR_CNT" -lt "1" ]; then printf " There are no Payloads to Delete. \n\n" printf " Returning to Previous Menu.\n" sleep 2; sharklib_menu; fi printf " There are ${#DIRS[@]} Payloads in SharkLib:\n" for((i=1;i<=${#DIRS[@]};i++)); do printf " %2d. %-20s\n" "$i" "${DIRS[i]}" done PAYLOAD_TOTAL=${#DIRS[@]} PLUS_QUIT=$((PAYLOAD_TOTAL+1)) printf "\n" printf " %2d. %-20s\n" "$PLUS_QUIT" "Return to Previous Menu." printf "\n" printf " Please choose a Payload by Number: " read DELETE_INPUT printf "\n" if [[ "$DELETE_INPUT" == "$PLUS_QUIT" ]]; then printf " Returning to Previous Menu.\n" sleep 2; sharklib_menu; elif [[ "$DELETE_INPUT" == "" ]]; then printf " Please Input a choice.\n" sleep 2; delete_payload; elif ! [[ "$DELETE_INPUT" =~ ^[0-9]+$ ]]; then printf " Please Input a choice.\n" sleep 2; delete_payload; elif [[ "$DELETE_INPUT" == "0" ]]; then printf " Please Input a choice.\n" sleep 2; delete_payload; elif [[ "$DELETE_INPUT" -gt "$PLUS_QUIT" ]]; then printf " Please Input a choice.\n" sleep 2; delete_payload; elif [[ "$DELETE_INPUT" -le "$PLUS_QUIT" ]]; then printf " Deleting payload ${DIRS[$DELETE_INPUT]} from SharkJack. \n" rm -rf "$LIB_DIR/${DIRS[$DELETE_INPUT]}" cd "$START_DIR" sleep 2; sharklib_menu; else printf " Wrong Choice, going back to Previous Menu.\n" cd "$START_DIR" sleep 2; sharklib_menu; fi } function restore_payload() { LOAD_INPUT=NULL clear; SHARKLIB_TITLE=" Restore Payloads" header; cd "$LIB_DIR" DIR_CNT=$(ls "$LIB_DIR" | grep -v total | wc -l) declare -a DIRS i=1 for d in */; do DIRS[i++]="${d%/}" done if [ "$DIR_CNT" -lt "1" ]; then printf " There are no Payloads to Restore. \n\n" printf " Returning to Previous Menu.\n" sleep 2; sharklib_menu; fi printf " There are ${#DIRS[@]} Payloads in SharkLib:\n" for((i=1;i<=${#DIRS[@]};i++)); do printf " %2d. %-20s\n" "$i" "${DIRS[i]}" done PAYLOAD_TOTAL=${#DIRS[@]} PLUS_QUIT=$((PAYLOAD_TOTAL+1)) printf "\n" printf " %2d. %-20s\n" "$PLUS_QUIT" "Return to Previous Menu." printf "\n" printf " Please choose a Payload by Number: " read LOAD_INPUT printf "\n" if [[ "$LOAD_INPUT" == "$PLUS_QUIT" ]]; then printf " Returning to Previous Menu.\n" sleep 2; sharklib_menu; elif [[ "$LOAD_INPUT" == "" ]]; then printf " Please Input a choice.\n" sleep 2; restore_payload; elif ! [[ "$LOAD_INPUT" =~ ^[0-9]+$ ]]; then printf " Please Input a choice.\n" sleep 2; restore_payload; elif [[ "$LOAD_INPUT" == "0" ]]; then printf " Please Input a choice.\n" sleep 2; restore_payload; elif [[ "$LOAD_INPUT" -gt "$PLUS_QUIT" ]]; then printf " Please Input a choice.\n" sleep 2; restore_payload; elif [[ "$LOAD_INPUT" -le "$PLUS_QUIT" ]]; then printf " Loading payload ${DIRS[$LOAD_INPUT]} to SharkJack. \n" cp -rf "$LIB_DIR/${DIRS[$LOAD_INPUT]}/payload.sh" "$PAYLOAD_FILE" cd "$START_DIR" sleep 2; sharklib_menu; else printf " Wrong Choice, going back to Previous Menu.\n" cd "$START_DIR" sleep 2; sharklib_menu; fi } function cleanup_ctrl { echo -en "\n -> Caught SIGINT! \n" printf " -> Cleaning up and Exiting..\n\n" sync sleep 1; exit $? } function exit_sharklib() { printf " -> Cleaning up and Exiting..\n\n" sync sleep 1; exit 0; } function sharklib_menu() { clear; trap cleanup_ctrl SIGINT trap cleanup_ctrl SIGTERM MENU_INPUT=NULL if [ ! -d "$LIB_DIR" ]; then printf " -> Creating SharkLib Payload Library directory.\n" mkdir -p "$LIB_DIR" fi cd "$LIB_DIR" SHARKLIB_TITLE=" By REDD" header; printf " 1. Backup Payload to SharkLib\n" printf " 2. Restore Payload from SharkLib\n" printf " 3. Delete Payload from SharkLib\n" printf "\n" printf " 4. View Current Payload on SharkJack\n" printf "\n" printf " 5. Exit\n" printf "\n" printf " Select a Menu Item by # and press ENTER: " read MENU_INPUT printf "\n" if ! [[ "$MENU_INPUT" =~ ^[0-9]+$ ]]; then sharklib_menu; elif [[ "$MENU_INPUT" = "0" ]]; then sharklib_menu; elif [[ "$MENU_INPUT" = "1" ]]; then backup_payload; elif [[ "$MENU_INPUT" = "2" ]]; then restore_payload; elif [[ "$MENU_INPUT" = "3" ]]; then delete_payload; elif [[ "$MENU_INPUT" = "4" ]]; then view_payload; elif [[ "$MENU_INPUT" = "5" ]]; then exit_sharklib; elif [[ "$MENU_INPUT" -ge "6" ]]; then sharklib_menu; elif [[ "$MENU_INPUT" == "" ]]; then sharklib_menu; else sharklib_menu; fi } if [ "$1" == "--install" ]; then install_sharklib; exit 0; elif [ "$1" == "--remove" ]; then remove_sharklib; else install_sharklib; sharklib_menu; fi Suggestions are always welcome! Huge Thanks to Hak5 for the wonderful gear! REDD (Ar1k88)
  39. 2 points
    If you hit a site by IP and the certificate isn't for the IP then you'll get a warning. View the certificate and get the common name or SAN from it then you can browse to that.
  40. 2 points
    This is a ethical hacking forum. You may want to ask at the gopro forum.
  41. 2 points
    You posted them all within 45 minutes of each other. How fast were you expecting replies?
  42. 2 points
    So anyone who's seen the other firmware post has probably seen my adventures in trying to figure out the firmware upgrade process as the suggested tool in the post just doesn't exist, is available on github if you need it, but the links in the download center appeared to be broken earlier. I ended up bricking my shark to some degree - Turns out though as it's based on openwrt it has the inbuilt recovery features. So these are the steps I took to restore its functionality - you can follow, but it is by no means the official help, nor is it without massive risk. I was willing to chalk my jack up to being a lost cause. 1. Charge it - You probably won't have LEDS here to help you out (no charge level indication) but you only need sufficient power to "wait" for it to actually boot, so plug it in for 5 minutes and just let it charge. 2. Using either a pin*, sim-card removal tool, etc locate the hole on the back of the case and insert it most of the way, you should feel a button at the end of the travel. Rest it on it, but do not depress it. *I found it difficult to "aim" my pin, at the button as it's tiny... so I removed the casing of the shark jack... there are no screws, it comes apart with a spudger inserted down the side, really easily. 3. Power on the device to ARMING mode (middle position). Depress button using your pin now. Count 1000, 1, 1000 2... etc until 1000 7. remove pin! 4. Plug device into your Network Jack within a minute or so you should see green lights, indicating activity on the network port. 5. Set your host's IP to 192.168.1.2 and attempt to browse using a web browser to 192.168.1.1 you should see a screen like the following: 6. Once you've proven connectivity to the recovery webpage, PLUG IN YOUR USB-C... KEEP THE SHARK JACK POWERED THROUGHOUT THIS PROCESS. 7. Select the OS tab. 8. Using a normal "upgrade-*.*.bin' firmware file available from the hak5 download center (download it, check the checksum), browse to the firmware. 9. CONFIRM YOU ARE ON THE OS TAB AND IT SAYS "e.g: OpenWRT.bin" DO NOT DO ANY OTHER TAB or you will be on your own. - select "start upload file". 10. Page will switch to a loading screen informing you to wait until the device reboots. 11. Once the device has rebooted you should notice this... the LEDs will have done their boot cycle (flashing greens) and turned to either flashing amber, indicating arming mode, or flashing/static blue to indicate the device is either charging or charged. 12. Set your host's IP to 172.16.24.2 and attempt to SSH to the device. You may get prompted about the SSH host key having been changed and may need to delete it from your known_hosts file, but once done... you can log back into the device using the default credentials of root:hak5shark. Now go get a celebratory beverage of your choice and get your hack on.
  43. 2 points
    Make sure to download latest from HAK5 repository, as it has a change to make it work w/firmware 1.1.0.
  44. 2 points
    2.6.2 has just been released. Grab the download OTA or via the Hak5 Download Center as usual. Thanks!
  45. 2 points
    hey guys thank you all very much for the pointers i will work my way through the sites along with my training
  46. 2 points
    They are often people trying to lure hackers in with sob stories who then try to get them to do criminal stuff for them. Or people who have read a few too many blog posts and become over paranoid.
  47. 2 points
  48. 2 points
    Hi, Just wanted to clear up any chance of misinterpretation on what is connected to Hak5 servers, etc. The WiFi Pineapple Web Interface that you refer to is stored on the WiFi Pineapple itself, and is served from it's own web server locally. The WiFi Pineapple UI will reach out to Hak5 owned services, but only if you explicitly want it to do so. Things such as updating the firmware, downloading modules and loading bulletins will initiate a connection to our servers. The buttons in the UI that do this are marked with such 'warnings' (basically just so you're aware it will be reaching out, if you're on an engagement). This goes for all of our hardware products. The Cloud C2 is different from that however, and will for licensing purposes and updates reach out to our infrastructure periodically. The news/bulletins on the Cloud C2 homepage is also hosted on our servers. I hope this answers any questions. We don't acquire any data (for example, client reports from engagements as you mention).
  49. 2 points
    When you purchase The Hacker's Play Book, be sure to check the online links for updated information. It continually updates and changes. There are an onslaught of good books from which to choose. Here's A List That Helped Me: The Hackers Playbook 3, Hacking: The Art of Exploitation (check for latest Edition and updated links in book), The Web Application Hackerโ€™s Handbook: Finding and Exploiting Security Flaws, Penetration Testing: A Hands-On Introduction to Hacking----------Books For Reference: RedTeam Field Manual, Blue Team Manual------------Books For Programming Hacking: Black Hat Python, Grey Hat Python. There is also the route of certifications. In regards to the them, many speak condescendingly. However, the right prep-courses, books and labs you could pass in just over a month. As a major benefit of obtaining the certifications, you gain strong foundations! Recommendation For Certs.: Security +, Network +, and your C.E.H., when you obtain the needed experience and proctor. Another cert. you can look into are those provided by Offensive Security(Kali).. Get those and see where you would like to specialize. "Cyber Security" and "Information Security" are massive field/s. Find your calling within it. Hope this helped a little. Good luck with your future decisions! Regards, Mr. ClassiC
  50. 2 points
    I've heard of refurbished phones but never heard of a refurbished wifi pineapple nano ๐Ÿ˜ฎ Hardware wise: Just make sure that it powers on correctly, micro sd card slot functional, antennas fitting properly and cover un-tampered with. Software wise: I dunno ๐Ÿคทโ€โ™‚๏ธ Lookout for the pineapple/Hak5 logo, etc. Mess around with it and see what works and doesn't like it should. If something doesn't work, try comparing/searching the issue on forums and if it doesn't add up, then bobs your uncle.
×
×
  • Create New...