dark_pyrro
-
Posts
2,625 -
Joined
-
Last visited
-
Days Won
198
Posts posted by dark_pyrro
-
-
24 minutes ago, pejmun said:
I looks like it did update but it failed Failed to download http://downloads.hak5.org/packages/shark/1907//Packages.gz . Will this cause any issues and is there any work around this
For now; no. It's just a "dummy packages" file and doesn't have any impact on the system/updates at the moment. You can see for yourself by downloading the gz file and opening it and look at the only file that is in there (says "fakepackage").
-
6 hours ago, dcmdcm said:
(1) on which eth is it presented
On the network port using the IP address that the Squirrel is getting from the network it is connected to
6 hours ago, dcmdcm said:(2) what address and port will it use
address = see above, port = see the documentation (i.e. 1471)
-
I answered in another thread where you posted the same thing...
-
8 hours ago, pejmun said:
I have check the distrofeeds and it has 18.06
Where did you check that? Also, just being 18.06 isn't enough (since the already existing distfeeds are using 18.06, but the "snapshot" version which isn't available anymore). As I said before, use 18.06.0. Not an official fix, but should work. Also make sure that the date and time is correct on the Shark before issuing opkg update.
-
Well, I wouldn't be that hasty ordering a new one before contacting support since I've gotten the impression that the original warranty period doesn't matter when it comes to this specific issue. Pineapples with this error has been replaced anyway as I've understood it.
-
The solution is to contact official support. Submit a ticket and see if it can be solved in some way. Most cases I've seen being discussed related to this seems to have been sorted out by replacing the device.
-
1
-
-
If you do it (more or less) the way I described it in the other of your posts, it should work, for example:
DELAY 3000 GUI r DELAY 500 STRINGLN cmd DELAY 3000 STRINGLN netsh wlan show profile -
In what way are you encoding your payload?
-
In the meantime, I'd suggest reading the documentation, and also use PayloadStudio which helps with the syntax
GUI r cmd ENTER string "netsh wlan show profile" ENTERshould be
GUI r STRING cmd ENTER STRING netsh wlan show profile ENTERor, if using the Ducky Gen2
GUI r STRINGLN cmd STRINGLN netsh wlan show profilealso add a DELAY in the start (and possible also in the code as well so that the target computer is able to catch up with the tempo of the Ducky)
DELAY 3000or, use the DETECT_READY extension
-
Post Rubber Ducky question in the Ducky section of the forums
-
It's just that "first time auto setup" one-liner in the AWS howto that is wrong. The URL in the "Installation and Setup" section of the docs is correct.
I wrote a script that downloads the latest version in a slightly different way and also sets it up as a service
-
1
-
-
Try using this URL instead
-
1
-
-
Your chances to get a response will most likely increase if using English (but you've already been told that about a year ago).
-
The Ducky executes what's in the inject.bin file so that limits your playground. In the end, it depends on what you want to achieve. Either do the different payload stages within the same payload (inject.bin) or use the target to execute things in sequence.
-
16 hours ago, Docmafia said:
It would be nice if the Key Croc could talk to the Screen Crab when a Word is matched
That could be a nice feature. Not heard anything about such a feature but there is probably a long "wish list" on someones desk at Hak5 where that might be written down. It could be solved without C2. Just spin up some alternative/parallel server (or such) and script some "alert system" that would trigger such a thing.
16 hours ago, Docmafia said:other Devices communicate through the primary device
It really depends on both the primary device and the secondary devices regarding how they would be able to use the primary device. Either it'd be using wired communication which is really not an option (who want's to run cables between devices in a stealth engagement? and not all devices support wired communication), and the other option would be wireless but since not all devices have wireless capability (WiFi and/or BT), it would be a limited scope as well.
16 hours ago, Docmafia said:This would also tell you that the blue team has discovered one of your devices.
Not really sure that it would be 100% certain that the device had been discovered. There are several other reasons to why a device would go offline or stop communicating.
-
Where did you read that you should use default credentials? From what I can remember, the guide/wizard after the reset should allow you to set a password of your own.
-
I guess that Windows isn't the "first choice" when it comes to Pineapple development, that's why it hasn't really been an issue generally. Using sed on the files when they have been transferred to the Pineapple could be a way of getting rid of Windows ^M occurrences in the files.
-
I can't recreate/reproduce those issues. Recon works as well as capturing ESSIDs to pool using the Tetra UI in C2. Just doing a recon scan for about 30 seconds resulted in 20 APs and about 10 clients and during that time the ESSID pool was populated with 10+ entries. Getting 10+ probes as well. I guess you have to be more detailed about your "work process" to be able to try to troubleshoot it all.
-
I guess you have to be more detailed about what's not working to get some relevant response. Modules have been released over time based on that documentation and I haven't seen any real complaints, so it's difficult to guess what might be wrong.
Describe your work flow step by step and where the documentation/examples are failing by telling exactly what you're doing and reference the docs.
Your own module code is also good to see to be able to spot some eventual flaws in the implementation.
-
If you flashed a Mk2 Ducky, then you are in a situation where you can consider it "End of Life". You've killed it.
-
1
-
-
I will most likely post something more detailed soon (if I get the time). But essentially, you need to change the download URL and the part where the downloaded file is handled in the module (around line 80-90) since the downloaded file isn't called "master.zip" and the unpacked directory isn't called "Responder-master".
The URL to use for RESPURL is
https://github.com/lgandx/Responder/archive/refs/tags/v3.0.3.0.zip
Up to 3.0.6.0 should be fine as well. It's from 3.0.7.0 that Python3 is starting to be mentioned in the Responder scripts.
-
I guess it is the Twin Duck firmware you are referring to. Never heard of any eviltwin firmware (but that doesn't necessarily mean it doesn't exist though). I hope it was the generation 1 Ducky that was flashed, but if it was bought in 2021 it shouldn't be any risk that it is the Gen 2 Ducky (which shouldn't be flashed at all).
If you insert the Ducky to a computer WITHOUT the Micro SD card, is the LED off or is it red? If it's off, then there's something with the firmware (and since you flashed it, that might be the cause of it). If it's red, then something's wrong with the Micro SD card.
What size is the card? What filesystem is used?
To get the best out of the Ducky, I would use cards under 2 GB. Larger cards may/will slow the Ducky down since it takes more time for the Ducky to enumerate the storage.
I would reformat the card to be sure it has a format that the Ducky accepts and that there is only one (1) partition on the card. Since you're on Kali, try using gparted and create a new partition table on the card and then a new FAT16 or FAT32 primary partition. There should be no other "garbage" on the card, only the partition that was created.
-
Perhaps use nginx as a reverse proxy? Setting up a reverse proxy is possible and then let the "pineapple web server" act as a upstream server behind the nginx front end, i.e. all traffic to the perimeter of the Pineapple is done over https but it terminates in the proxy and then it goes unencrypted upstream within the Pineapple to the web UI. Probably needs the nginx-ssl package (remove any nginx package first, for example if the Evil Portal has been used on the Pineapple, that package doesn't support encryption).
-
Check this thread
https://forums.hak5.org/topic/58875-cant-flash-the-pineapple/
Some users have also tried the following:
Download the latest upgrade file from the Hak5 downloads web site and verify its SHA256 checksum, then:
1) scp the upgrade to your pineapples "/tmp" directory
2) ssh into the pineapple
3) cd /tmp && splitweb /tmp/upgrade-1.0.1.bin (or whatever firmware filename that has been downloaded)
4) sysupgrade -n /tmp/upgrade.binNo guarantee that it will help and you're doing things like the instruction above at your own risk.
If you don't have the knowledge needed to do the operations, contact official support instead.
opkg 404 error
in Shark Jack
Posted
As far as I know, nothing. If I remember it correctly it has just been a "placeholder" when it comes to the Shark specifically, i.e. "for future use".
I think the reason to why it fails is because of a correct public key that is not available to verify it all.
If you download the file manually (using wget for example), it works OK, but not using opkg and that's probably because of the fact that opkg is trying to validate using "usign" but is unable to verify it all and fails. It was a while since I looked further into it, but I think that was my conclusion. However, I just let it be since the Hak5 package file didn't add anything to it all being a "dummy".