dark_pyrro

OK, I guess it's the V1 of the UE300 then since it uses the RTL8153 chipset (V2 is using the same as your Anker, i.e. AX88179A) Seems unlikely that the chipset should matter though. I haven't heard that there should be any hardware related issues when it comes to what the Plunder Bug might "accept", I haven't been running into any issues either. I'll see if I have something based on the same type of ASIX chipset, but most GBit adapters that I have are based on RTL8153.

So, you're not connecting the Plunder Bug to any device via the USB-C interface, just one [in] and one [out] Ethernet cable to the RJ45 ports of the Plunder Bug? What are the exact model names of each adapter (TP-Link and Anker)? What chipsets are they using?

What portal are you using? Something you created yourself or some already existing portal (such as the Kleo ones).

Just use the admin UI of your access point for the home network. But why not disable the AP instead of just hiding it. You also need to set up the Pineapple in the exact same way as the home network AP was set up. I.e. use the same passphrase, etc. if the home AP is using such.

Why post Mark VII questions in the Mark V section of the forums?

Plugged where?

Pedantic is good! As well as added knowledge in the backpack 🙂

Well, if an organization/web site owner isn't answering to your request, there's not much you can do. I wouldn't in any way do anything without permission, so don't just start trying some random pentesting if they don't answer. Even if you have only good intentions and want to help, you can still be charged. I've seen it happen several times. Even employees that wants to help and "pentest" things without permission has been reported by their employer and then convicted. "Being kind" isn't a relevant/valid argument. You need written permission by someone that have the mandate within the organization to allow such operations. Bug bounty has already been mentioned. You could also look for a security.txt file that has contact information within the organization. Look for it at https://<URL>/.well-known/security.txt (or using http) on each website. It's not a "standard" so don't expect to find it everywhere, but a way to be able to contact website owners about vulnerabilities found. Note though that you might be considered trying to break security if you first find the vulns, then report them. It might get you into trouble. Some orgs are nice, some do things "by the book" and might report you.

As said, what can you do with a keyboard in such a situation? The same capabilities goes for the Ducky. The Ducky would for sure not be my first choice of method in such a scenario.

You can do with the Ducky whatever you can do with a keyboard on a lock screen with no user yet logged in. The Ducky doesn't provide you with some magical key to the kingdom that lets you circumvent all security in an operating system if that was what you were referring to. I guess you have to elaborate on that "lost laptop assesement scenario" to fully understand what you want to achieve.

The Java encoder isn't supported anymore, so it will not be looked into. Not the old HTML/Javascript based encoder either. PayloadStudio is the only supported encoder/compiler. INJECT_MOD isn't a part of DS 1.0 so it will simply not work on the 1st gen Ducky, you'll need the 2nd gen Ducky/DS 3.0 for that.

It's a lot easier if you post the payload code so other can try to recreate what you're experiencing and troubleshoot from there

Read the documentation (you have to be careful when reading though since the old docs for the 1st gen Ducky is removed and is combined with the docs for the 2nd gen Ducky), also check DuckyScripts on GitHub. How to achieve what you want to do is less Ducky related and is more about getting knowledge about how to do it in the target OS. Then make it happen using the Ducky.

What are you actually trying to accomplish here? Do you have the actual knowledge needed of tcpreplay and/or how networking works so that you're 100% sure that what you're trying to do actually is possible to do? You can't just capture anything and replay it and think that the other end will simply accept it. In what way do you verify that some replays works OK and some (one) NOK (i.e. method used)?

I would suggest learning some Linux basics, you will benefit from it for numerous reasons It's not a service, it's a process Run the ps command to list processes running on the Squirrel

Then something is wrong in your setup. The way I described works as a generic instruction on how to set it up from start to finish. The way I describe it is made with the Squirrel in arming mode. Any mode that allows the Squirrel to have internet access (or access to the network where C2 is running) should connect to C2 if it's properly configured, and since arming mode is using NETMODE NAT the Squirrel should have access to an external network. Make sure that C2CONNECT is executed (check that the cc-client process is running).

OK, I haven't had any issues (running full HD on most machines). I seem to remember that there was some issue in earlier firmware versions, but I might remember that wrong. Are you on the latest firmware?

The json file is incomplete and missing chars/keys needs to be added. Just open the language file in PayloadStudio and add the code for BACKSPACE The file also seem to have missing chars specific for Danish and those needs to be added as well. I created a Swedish language file a while ago when a user needed it. I guess that the DK keyboard is pretty similar to SE keyboards, so you might use it as a template and just change the specific Swedish chars to the Danish equivalents. https://codeberg.org/dark_pyrro/Swedish_Layout_Test

Posting Pineapple questions in the correct part of the forums is a good start. Your chances will increase getting answers.

Well, I found hundreds of security related jobs listed on trustworthy sources with a simple search so I have to disagree on that point as well. If they violate GDPR, then just report them to Datatilsynet.

Even if you experiencing the same problem, it's always good to have more detailed information in order to try to guide and troubleshoot. What have you already tried? In what way is the Pineapple accessed/from what OS? etc...

It's a web interface, so I can't see why it wouldn't. Depends on how you define "all the functions" though.

I would dare to disagree with such a generalization. I'm pretty sure there are organizations in Denmark that has (at least some) kind of control. I can't imagine that 802.1X is totally absent in Denmark. Hamlet isn't always correct about every aspect of that country. What are you going to listen to? I assume they have switched networks and not hubs broadcasting traffic everywhere. What are you going to show the CEO? Packet captures? EU organizations will most likely get a bitter pill to swallow when the NIS2 directive becomes domestic law in the member states on the 17th of October 2024. If they haven't done their homework, the risk is that it will be costly if they get reported or caught not being compliant when being scrutinized. Instead of showing some "tech based arguments", I would start educating the organization (and with top management as a priority) to make it clear to them what could happen if they aren't compliant. That will then lead to technical actions needed, preferably based on some method/model like ISO27000, NIST Framework, and/or CIS Controls.

The Plunder Bug has no WiFi built in. It depends on the use case and what's desired, but using some alternative hardware would most likely not be that much of a challenge. Especially taking into account your profession and the type of company you run. You should have the knowledge needed. If speaking of Hak5 devices, it could probably be possible to use a slightly modded Packet Squirrel to achieve "Plunder Bug-like features" along with WiFi capabilities. Note that the Squirrel doesn't have WiFi out of the box but it's possible to add it. However, and as said, it all depends on the use case and it wouldn't be exactly like a Plunder Bug.