-
Posts
2,625 -
Joined
-
Last visited
-
Days Won
198
Posts posted by dark_pyrro
-
-
Try some of the things I told you to do when you had problems with the Croc (ssh and/or wget) to verify that it's possible to get any response from the C2 server on the Shark. One thing to do first of all is making sure that the Shark has the correct date and time.
-
no problem, if you open a web browser and load your C2 server web interface in the browser (in simple terms "visiting your C2 server using a browser"), can you see your visit in the service status output, i.e.
1) Open your C2 server URL in your browser (note the time)
2) check the C2 server service status using the same command that you displayed in your first post
Are there error message entries (http2) in the status output that correlates with your attempts to load the C2 user interface in your web browser?
-
Can you link the http2 events to when you try to visit your C2 server web interface?
-
OK, and I assume that "website.com" in your service status output is just a temporary placeholder to not reveal your real domain on the forums. Is there a DNS A record created that links your domain name to the IP of the Amazon VPS public IP address?
-
The best Hak5 "toolkit" is the one that fits your business plan. What services is your company going to offer your clients/customers? If you don't know, then the answer would probably be "None" or "All of them". You have to be more specific about what you want to do in order to be specific about what devices that would be suitable.
-
1
-
-
OK, not the same issue then, at least not the same scenario. You have to provide more info. In what way is the Pineapple connected to the internet? Can you ping some online service/device using the terminal of the Pineapple (either ssh into the Pineapple or use the web UI based terminal), for example www.google.com?
-
Same issue as in; "can't get modules and I'm located in China"?
-
1 hour ago, hackerzero000 said:
the commands were the exact same as in the tutorial
So you used C2CONNECT to force the Shark to connect to the C2 server?
-
Looks like you're running your C2 server on Amazon. Did you open all the ports needed in the VPS firewall?
-
I can't remember if the classic Ducky came with an inject.bin file on the supplied Micro SD card. It's so many years since I got it. The 2nd generation Ducky should have a payload that puts it in ATTACKMODE STORAGE out of the box. But that's not valid here since this is about the classic Ducky.
-
Don't post USB Rubber Ducky related questions here.
-
What landing page? Evil portal?
-
Well, if you try to obtain the hash on a PC that has no logged in user (i.e. a PC that isn't actually locked), I guess you have to prepare yourself to wait until kingdom comes.
-
Just to be sure, you have logged in to the PC and then locked it, right? Not just let it boot up without any login.
-
-
Yes, if you get a NTLM hash it will turn green. If not, it will continue to blink yellow. There's no guarantee though that it will ever be able to obtain the hash. Also make sure to leave it for a while. It can take all from 2 seconds from when it starts to blink yellow (i.e. attack started) to well over a minute.
-
Well, 12 is 12 and not 17, so nothing much to do about that really
Space isn't possible to use according to the specs since it's not alphanumeric
-
Did you at any point set a static IP address for the Bunny on the machine you're trying to run QuickCreds against?
-
ok, then the Bunny can't hand out any DHCP lease to the target (the computer to which it is connected) for some reason
-
There should be two things that produces the red LED and that's either failing to find responder (slow blink) or fast blink which indicates that the target doesn't get an IP address.
-
That screenshot tells me that you're not running 3.0.6.0, but the older version that comes with the deb from the forums (look at the version displayed = 2.3.3.6).
-
So, you're using hak5bunny and nothing else when trying to login?
-
You probably need to escape the $ char and/or quote the whole line
-
You need to QUACK the DELAY lines as well as ENTER
Also, I'd suggest using QUACK instead of Q. Q is the same as QUACK, but I (and others) have experienced strange behavior using Q. I haven't been digging any deeper into that as to why that might be the case, but I always use QUACK instead of Q.
There are other things in that payload that will need adjustment, but you will find that out.
Cant connect to c2
in Shark Jack
Posted
By learning some basic Linux commands and/or reading the Shark Jack documentation
https://docs.hak5.org/shark-jack/writing-payloads/the-cloud-c2-commands