[Bricked Mark VII factory reset]

Skip trying to get it working on a Mac, that won't work (at least if it's a more recent version of the OS)

https://docs.hak5.org/wifi-pineapple/faq/macos-support

When the LED is static red in recovery mode, did you set the IP address on the computer to a static IP address (172.16.42.42)?

 

[zip file corrupted]

You are probably not using a URL that is valid anymore which (instead of downloading the zip file) produces a HTML file containing an error message.

Not sure what directions/instruction you are following though.

[Evil Portals]

Well, there's nothing called portal-login. I guess the instructions are just referring to "portal" in "portal-login" as one of the portals available in the repo, for example: "google-login"

[Evil Portals]

Seems like you're trying to scp something that doesn't exist, or at least isn't correctly referred to in the filesystem

[STRING does not capture $var]

You need to use QUACK on the Bunny

[NETMODE CLONE ?!]

You can use uci to clone it

[Is it possible to go into the Jail Mode with the Packet Squirrel Mark II and leave the Mode]

Have you tried switching NETMODE in the payload?

[Two Shark Jacks, SSH Issues]

It's of course possible to change the IP range, it's just OpenWrt. Nothing I would recommend though since I prefer to keep things using the default settings.

Removing the already existing stuff from known_hosts (or equivalent name depending on OS) isn't that annoying, I do it all the time when flipping between devices.

[Can I use apple products to utilize the payloads real newly!!!]

What cable? If you're referring to some O.MG device, then you're in the wrong part of the forums.

[Cloud C2 TLS and Cipher Suites]

The Discord server and this forum is just community, not official support

Here's the link to contact official support

https://hak5.customerdesk.io/

[Cloud C2 TLS and Cipher Suites]

You probably have to direct that question to official support

[Hardware locks up when trying to C2EXFIL or grab it via SCP]

I guess you got some feedback/troubleshooting support on Discord related to this

[sslplit and bettercap on wifi pineapple mark 7]

 

sslplit (I guess it's sslsplit that we're talking about)... no idea, it's not in any way relevant to me so I haven't tried to install it on the Pineapple

 

bettercap... you could try the ipk by Adde88, not anything that is Hak5 or OpenWrt official though, so it's used at your own risk

https://github.com/adde88/openwrt-useful-tools

[Is there anyway you rerun the script/payload on sharkjack without turning it off and on again?]

OK, I put the code up on Codeberg, use it if it fits your needs. It can be trimmed down if not in need of any logging or such. As said, it's just something simple I put together and hasn't been used that much at all, so there is for sure room for improvement or tweaking.

https://codeberg.org/dark_pyrro/Shark_Loop

[I dont know]

Difficult to say. It sounds like the boot loop the Bunny was affected by way back, but it's not possible to use the same procedure to try to get the Croc out of any loop (if it's really a boot loop). Could be that the firmware/update file is stuck on the udisk for some reason and therefore the Croc tries to update every single time it's booting up. A factory reset/recovery won't help, most likely, since the udisk is left untouched (at least the majority of it) after an update or factory reset, so any "garbage" firmware file will still be there. I'd suggest submitting a support ticket.

[Evil Portal: Automatically connected users do not see the portal.]

1 hour ago, bas112 said:

when clients automatically connect to the network

In what way do they automatically connect? Did they connect before to the Evil Portal or are they "first time users"? Are the IP address that the device gets listed in the "authorized" (can't remember at the moment if that's what it's actually called) list box? What does iptables say? What IP addresses are listed as allowed?

[Is there anyway you rerun the script/payload on sharkjack without turning it off and on again?]

I have a payload script that (probably) does what you are looking for. It doesn't blink in the way you describe it, but writes to a loot file (however, it uses the LED to tell in what "state" it is as it loops through the functionality of the payload). It was in "early alpha" state though since I had the idea a long time ago but really didn't finish it. I took a quick look at it now and made some adjustments and it seems to work. There are more things that needs to be developed further in detail but it is possible to use with the SJC (cable based Shark) and prints to a loot file as well as optional log file for more info and also to the serial console if the SJC is attached to a phone or other kind of device that can monitor the serial output. It also has some functionality for Cloud C2 exfiltration, but I haven't had the time to test that yet. It should also run on the battery based Shark, but I had some ideas on implementing battery related functionality and that isn't in the payload at all at the moment. I can share the code a bit later on if I get the time to do it.

[Is there anyway you rerun the script/payload on sharkjack without turning it off and on again?]

What Shark are you using? Battery or cable?

[I dont know]

In what way does it repeat things? Is it doing red, blue, green, white all the time in some kind of endless loop or does it "sit" on some color at some point (for example stays on white)? What happens if you try to enter arming mode? What firmware where you on when upgrading and what did you try to upgrade to (1.3 > 1.4 or something else)? What part of the factory reset procedure didn't work?

[Rubber Ducky Coding Issue]

6 hours ago, apauloson said:

I'm writing a program for a USB rubber ducky to mass-add google autocorrect settings

What target OS is used, application used (Google Docs, or similar, I guess?), target language settings in PayloadStudio for the payload (if not US language)?

Any part of the payload code is always helpful when troubleshooting in order to find any errors in code, or trying to reproduce the error

[Can't Find Router's IP]

To little info, and what says that the gateway uses the same MAC as the AP?

And... I assume that you have permission to crack those networks...

[What am I doing wrong?]

I would suggest reading the official documentation instead so that you get the correct information about how things work

https://docs.hak5.org/hak5-usb-rubber-ducky/ducky-script-basics/keystroke-injection#standalone-modifier-keys

https://docs.hak5.org/hak5-usb-rubber-ducky/duckyscript-tm-quick-reference#holding-keys

https://docs.hak5.org/hak5-usb-rubber-ducky/advanced-features/holding-keys#holding-modifier-keys

Try this

DELAY 3000
REM or use EXTENSION DETECT_READY
GUI r
DELAY 1000
STRINGLN cmd
DELAY 3000
STRINGLN ipconfig

 

[What am I doing wrong?]

You also say you received your Ducky today, but you're posting in the forum section for the classic Ducky (1st generation), so a bit confusing about what Ducky variant you actually have.

[What am I doing wrong?]

Not sure why you are using INJECT_MOD

[Any chance the WiFi Coconut will return to the Hak5 store?]

Why wouldn't it? If it's still listed in the shop and you can register your e-mail address to get notified when it is available again, it doesn't seem logic that it wouldn't return to the Hak5 store. It would be totally removed if it wasn't.