-
Posts
2,618 -
Joined
-
Last visited
-
Days Won
198
Posts posted by dark_pyrro
-
-
I'd suggest that you open an issue report on the GitHub of the LaZagne creator. That doesn't seem payload, or Bunny, related. It's sounds more like something to do with Python (since the LaZagne exe seems to be Python based and that an exe is created using pyinstaller or such).
-
yes, there were, you just presented one on Discord, it's rather difficult to try to help troubleshooting when asking for errors and getting reports back there are none, and... still there are...
-
What evil portal are you using? Something you created yourself or some pre-made ones?
-
Could be related to what has been described in what was the topmost thread in the Turtle section of the forums when you created your thread
https://forums.hak5.org/topic/61057-trying-to-factory-reset-lan-turtle/
I.e. if it's brand new and doesn't behave, then submit a support ticket.
-
So, if you run that payload but remove -windowstyle hidden and instead add -NoExit, will it show any errors in the PowerShell window as the ps1 file has been executed?
-
The green LED doesn't really say anything about if the payload was successful or not in this particular case. It just tells you that it has kicked off the ps1 file and waited 10 seconds. You have to be more detailed about the "scenario". For example; What Windows version is the target running? Is the A-V disabled? If it's not disabled, how did you make sure that the "malicious" exe isn't detected and eliminated? Did you try to run the exe manually on the target to verify that it at all works as expected?
-
No one knows. Not even Hak5 officials. Dragorn posted the following just yesterday on Discord.
"The radios used are still not available; there is no ETA for them being available, if they ever are again."
-
Ask Ducky questions in the Ducky section of the forums (and read the documentation)
-
From where are you trying to download the firmware file (not from what place in terms of the origin of the file, but whereto you are trying to download it)? OS of the device where you're trying to download the file (if it's not the Pineapple itself)? Are you trying to download from some country that has restrictions on what services that are allowed to being used (like Google from a country which name, for example, begins with "Ch" and ends with "ina")?
-
I can't help troubleshooting if you don't answer the questions I ask, but instead "answers" with a question.
-
From where are you sourcing your payload? Just checking since you're linking to the documentation of the Mark I version of the Squirrel.
What switch directory did you put the payload in? And, you are 100% certain that the hardware switch is in the corresponding position, i.e. the same as the switch directory?
-
1
-
-
Just for the record... I found an ASIX AX88179 based adapter and I could reproduce the failing scenario. I.e. when attaching the ASIX adapter to a computer and then to the "target" side of the Plunder Bug, I couldn't get an IP from the network to which the "WAN" side of the Plunder Bug was connected. However, when connecting the LAN cable directly to the ASIX adapter, I got an IP address straight away.
-
You are mixing things up. Pressing the reset button for 7 seconds is used when doing a factory reset, not when doing a firmware recovery. I'd suggest you read the documentation a bit more in depth.
It won't be possible to get it delivered to Pakistan, at least not from the Hak5 shop
-
45 minutes ago, logicalpower said:
I don't think the functions "continuos scan" and "automatic capture handshake" work fine
Do you have WiFi clients that are authenticating to any AP nearby?
It's also important that the Pineapple is listening on the specific channel at the time when the client is connecting to the AP.
47 minutes ago, logicalpower said:I saw some older topic about automatic capture with war-driver
Link/reference?
-
What happens when you follow the documented way of doing a firmware recovery? I would suggest trying that first instead of walking paths that isn't documented or complex to achieve.
Other things to check; try different USB cables, try different USB ports on the computer, try connecting the Tetra to other computers...
-
I would agree to the assumption that it's power related.
From the docs
"The WiFi Pineapple TETRA requires 24W for normal stable operation"So, doing a bit of simple math...
USB 2.0 can provide power in the following ways
During enumeration = 100 mA
After enumeration and possible negotiation = 500 mAIf the main connector of the Y-cable is successful in negotiating 500 mA and the "slave" connector only gets 100 mA since it's not a real USB device, just something that draws power and can't be enumerated, then...
5 volt, 0.5 amperes = 2.5 watts
5 volt, 0.1 amperes = 0.5 watts
Which will result in a max of 3 wattsIf the "slave" connector would be able to enumerate itself and get 500 mA as well, then...
5 volt, 0.5 amperes = 2.5 watts
5 volt, 0.5 amperes = 2.5 watts
Which will result in a max of 5 wattsPretty far from the minimum requirement of 24 watts, right?!
Even if it's USB 3.0 delivering power, it will for sure struggle to reach 24 watts.
Using the 12 volt barrel connector and a 2 amp power source will result in the 24 watts needed though. A 2 amp powerbank (minimum) would work if using USB since there should be no USB host enumeration going on in such a scenario.
There's no way you would be able to provide enough juice using the Y-cable. Even though it's possible to get the Tetra running using it, it's still not within spec although the docs say the Y-cable can be used. It will probably reach some spike in power consumption which the USB Y-cable can't provide and either "stalls" or reboots and that's what you're experiencing.
-
Describe in detail the process you are using to install ipk files and the full output when doing so.
-
Where in the world are you located? If you're in a country with heavy restrictions on the national level, some things might fail since it's running on/using Google infrastructure.
You can "sideload" modules using the Pineapple web UI.
When it comes to package content (opkg), then just download the package file and locate the names of the ipk files you need, then just download the ipk files and trasnfer them to the Pineapple and install them using opkg.
-
Darrens GitHub was "cleaned" when the 2nd gen Ducky was released. One reason was probably that users started to flash the firmware of the 1st gen Ducky on the 2nd gen one which rendered the new Ducky inoperable/useless.
To get hold of 1st gen Ducky firmware files and flash utilities, try the following links. Remember though that these links aren't official sources, so using them is at your own risk!
-
I guess you will have better luck getting help to troubleshoot it on Discord (where you have already asked the same thing), since it's more active than this forum. Discord is also frequently visited by the developer(s) of the Croc (something that is not the same here on the forums).
-
Is it a brand new Pineapple? If so, I would suggest submitting a support ticket. The described scenario doesn't sound healthy at all.
-
That's a question for official support. No one in the community can make any assumptions about estimated delivery.
-
It all depends on your setup (of which I know very little of, which also makes it difficult to troubleshoot). If you have a firewall somewhere between your Hak5 device(s) and the C2 server, then you'll have to open the ports needed (which is specified in the documentation).
-
I doubt your C2 server is running on your default gateway (although it could be possible). You should use the address of the device where the C2 server is running, nothing else. Either an IP address or a domain name, whatever fits your use case.
Bash Bunny Script stopping in the middle
in Payloads
Posted
If it stops after the execution of
Then, I would probably focus on the line
The part
is more commonly used (according to my experience) on a Ducky to get a drive letter.
So, either you most likely need to wrap it in quotes and also escape special chars, or use another way of obtaining the Bunny drive letter using a PowerShell session instead.