[Cant connect to c2]

By learning some basic Linux commands and/or reading the Shark Jack documentation

https://docs.hak5.org/shark-jack/writing-payloads/the-cloud-c2-commands

 

[Cant connect to c2]

Try some of the things I told you to do when you had problems with the Croc (ssh and/or wget) to verify that it's possible to get any response from the C2 server on the Shark. One thing to do first of all is making sure that the Shark has the correct date and time.

[Hak5 C2 Service Running, but Server Connection and TLS Handshake Errors]

no problem, if you open a web browser and load your C2 server web interface in the browser (in simple terms "visiting your C2 server using a browser"), can you see your visit in the service status output, i.e.

1) Open your C2 server URL in your browser (note the time)

2) check the C2 server service status using the same command that you displayed in your first post

Are there error message entries (http2) in the status output that correlates with your attempts to load the C2 user interface in your web browser?

[Hak5 C2 Service Running, but Server Connection and TLS Handshake Errors]

Can you link the http2 events to when you try to visit your C2 server web interface?

[Hak5 C2 Service Running, but Server Connection and TLS Handshake Errors]

OK, and I assume that "website.com" in your service status output is just a temporary placeholder to not reveal your real domain on the forums. Is there a DNS A record created that links your domain name to the IP of the Amazon VPS public IP address?

[aqeel abba]

The best Hak5 "toolkit" is the one that fits your business plan. What services is your company going to offer your clients/customers? If you don't know, then the answer would probably be "None" or "All of them". You have to be more specific about what you want to do in order to be specific about what devices that would be suitable.

[newly bought wifi pineapple mark vii web UI Failed to obtain available modules.]

OK, not the same issue then, at least not the same scenario. You have to provide more info. In what way is the Pineapple connected to the internet? Can you ping some online service/device using the terminal of the Pineapple (either ssh into the Pineapple or use the web UI based terminal), for example www.google.com?

[newly bought wifi pineapple mark vii web UI Failed to obtain available modules.]

Same issue as in; "can't get modules and I'm located in China"?

[Cant connect to c2]

1 hour ago, hackerzero000 said:

the commands were the exact same as in the tutorial

So you used C2CONNECT to force the Shark to connect to the C2 server?

[Hak5 C2 Service Running, but Server Connection and TLS Handshake Errors]

Looks like you're running your C2 server on Amazon. Did you open all the ports needed in the VPS firewall?

[Does a index bin file already come on the duckys SD card?]

I can't remember if the classic Ducky came with an inject.bin file on the supplied Micro SD card. It's so many years since I got it. The 2nd generation Ducky should have a payload that puts it in ATTACKMODE STORAGE out of the box. But that's not valid here since this is about the classic Ducky.

[Does the rubber ducky come with a bin file on it]

Don't post USB Rubber Ducky related questions here.

[Landing page not redirecting when no internet connection is available]

What landing page? Evil portal?

[Does Quickcreds work on recent locked Windows computer ?]

Well, if you try to obtain the hash on a PC that has no logged in user (i.e. a PC that isn't actually locked), I guess you have to prepare yourself to wait until kingdom comes.

[Does Quickcreds work on recent locked Windows computer ?]

Just to be sure, you have logged in to the PC and then locked it, right? Not just let it boot up without any login.

[Does Quickcreds work on recent locked Windows computer ?]

No

[Does Quickcreds work on recent locked Windows computer ?]

Yes, if you get a NTLM hash it will turn green. If not, it will continue to blink yellow. There's no guarantee though that it will ever be able to obtain the hash. Also make sure to leave it for a while. It can take all from 2 seconds from when it starts to blink yellow (i.e. attack started) to well over a minute.

[Copy Apple keyboard ID problem]

Well, 12 is 12 and not 17, so nothing much to do about that really

Space isn't possible to use according to the specs since it's not alphanumeric

[Does Quickcreds work on recent locked Windows computer ?]

Did you at any point set a static IP address for the Bunny on the machine you're trying to run QuickCreds against?

[Does Quickcreds work on recent locked Windows computer ?]

ok, then the Bunny can't hand out any DHCP lease to the target (the computer to which it is connected) for some reason

[Does Quickcreds work on recent locked Windows computer ?]

There should be two things that produces the red LED and that's either failing to find responder (slow blink) or fast blink which indicates that the target doesn't get an IP address.

[Does Quickcreds work on recent locked Windows computer ?]

That screenshot tells me that you're not running 3.0.6.0, but the older version that comes with the deb from the forums (look at the version displayed = 2.3.3.6).

[When entering through the serial port it does not recognize the password]

So, you're using hak5bunny and nothing else when trying to login?

[STRING does not capture $var]

You probably need to escape the $ char and/or quote the whole line

[STRING does not capture $var]

You need to QUACK the DELAY lines as well as ENTER

Also, I'd suggest using QUACK instead of Q. Q is the same as QUACK, but I (and others) have experienced strange behavior using Q. I haven't been digging any deeper into that as to why that might be the case, but I always use QUACK instead of Q.

There are other things in that payload that will need adjustment, but you will find that out.