Jump to content

dark_pyrro

Dedicated Members
 View Profile  See their activity

  • Posts

    2,621

  • Joined

  • Last visited

  • Days Won

    198

 Content Type 

Posts posted by dark_pyrro

    Pineapple does not open any APs - broken?

    in WiFi Pineapple

    Posted

    What's the output of:

    lsusb

    ifconfig (or: ip a)

    cat /etc/config/network

    cat /etc/config/wireless
    !!! remember to mask/remove any PSK/passphrase that might be present in the file if you don't want to share it publicly

    (dmesg or logread might be interesting to see but the above would be enough to start with)

     

    What firmware is the Pineapple on?

    Lan Turtle Quickcreds

    in LAN Turtle

    Posted

    Just a comment about my suggestion to use an older version (3.0.3.0) of Responder along with the existing quickcreds module. It seems to work. I managed to get the Turtle to grab NTLM hashes on a Win10 box now. Haven't changed the module code to do everything needed, but I did a "semi-automatic" execution of Responder (in a similar way as the module) and it was successful.

    Lan Turtle Quickcreds

    in LAN Turtle

    Posted

    First of all; Quickcreds (or Responder actually) isn't anything that offers 100% success at each and every attempt. Sometimes it works, sometimes it don't. So the fact that there aren't any creds captured doesn't necessarily mean that there are issues with the setup.

    With that said, there are issues... the Turtle implementation of Quickcreds in its latest form shouldn't really work, or will have problems for sure. Not to criticize the authors, but sometimes things have a "best before date" if they aren't being updated to follow what happens over time in the world outside the Turtle.

    One thing is that Responder has moved over to use Python3. I haven't seen any official information that it's "Python3 only", but it at least complains (kind of) if you try to start Responder with Python2. It either tells you to start Responder with Python3 or make sure netifaces is installed if trying to use Python2 (at least valid for Responder 3.1.3.0 which is the latest version available when writing this post). So... since the Turtle doesn't have Python3 out of the box, there are two possible roads to travel. Either install netifaces for Python2 (and hope everything works), or install Python3. Doing the latter will require some tweaking since the Turtle most likely won't have enough free storage space to install everything needed. That requires an installation to an alternative location and that is the Micro SD card. When doing an installation to the Micro SD card, it's also needed to manually set/configure additional paths to make Python3 work since this isn't taken care of by opkg during installation.

    The module itself also needs adjustments. For example (if Python3 is used), the line that starts Responder needs to specify that python3 is going to be used when executing Responder. There is also a parameter that Responder isn't using anymore and that is "-r". If "-r" is specified, Responder will just stop execution and exit complaining that an unknown parameter has been passed to the Python script ("error: no such option: -r").

    The fact that the orange LED is blinking as it should when Responder is assumed to be running on the Turtle (1 sec on/1 sec off) doesn't really mean that it is actually executing. It's just the "start" function of the module that has managed to reach that part of the script (the while loop where the module sits and waits for anything named "*NTLM*" in the Responder logs directory). There's nothing that actively checks that Responder is up and running, or capturing any errors that might get thrown back upon execution. So, the LED status can be a bit misleading.

    All in all, there are some things to take care of to even get to the state where Responder "should work". That is however no guarantee for success. There might be other things that needs to be looked at to really be sure that it will produce NTLM hashes. It has been quite a while since I last used Responder along with the Turtle, so I haven't been digging deeper into it. I've used it on the Bash Bunny though and it's the same thing there (of course), things needs adjustment to be possible to use with later versions of Responder.

    One thing that could be tried is to use the version of Responder that was available at the time when the latest version of the Quickcreds module for the Turtle was published (early April 2021), and that is Responder version 3.0.3.0. Doing so might have downsides though since tools develop over time and the "offense/defense game" is constantly moving forward, sometimes making tools obsolete.

    Other than the above, there are some questionable handling involving how paths are built up using constants and strings in the script plus some checks that perhaps could be better, but that is minor "glitches" as I see it.

    As a side note, the "ifconfig_dump.log" file isn't really relevant at all. It just acts as "proof" that the interface needed is up when the module is executed/started.

    Issue with Bash Bunny Mark 2 not being recognized on Kali Linux

    in Bash Bunny

    Posted

    3 hours ago, Intelkush said:

    After testing a payload on Windows 10, the Bash Bunny Mark 2 stopped being recognized on Kali Linux.

     

    3 hours ago, Intelkush said:

    find it perplexing that the Bash Bunny Mark 2 works flawlessly on Windows OS

    Based on the two quotes above; is the Bunny still working on Windows or does it show the same behavior on Windows as well?

    To my knowledge, there should be no issues using it with Kali, at least not from the use case described here.

    Lan Turtle Quickcreds

    in LAN Turtle

    Posted

    When you get the message 

    An SD card is required to install this module.

    then exit the Turtle "text UI" to get to the terminal and run 

    grep "/sd" /proc/mounts

    or 

    mount | grep "/sd"

    Does it return a line that shows that (or "how" really) /sd is mounted on the system?

     

    I have no actual reason to question your choice of Micro SD card size since I have no idea what your plans and intentions are, but using a 1 TB card with the Turtle seems a bit overkill to me. Especially for Quickcreds. I would go for far less than that. The loot that Quickcreds generates (if successful) does not need that amount of storage at all. The only thing that will need additional storage is the "components" that is used by Quickcreds, but even those won't require that much storage (however, the onboard storage of the Turtle is limited so it for sure needs the extra extension that the Micro SD card can offer in order to get everything in place for execution).

    Brand new screen crab will not connect to any wifi networks and I've spent 3 days reading and trying all solutions provided throughout the HAK5 forums. Can anyone help?

    in Screen Crab

    Posted

    First of all; what have you already tried? It's just waste of time to suggest things that doesn't solve your problem. However..... you can try the following (if you already haven't):

    If having a Micro SD card with a config.txt that should work when it comes to WiFi, but still doesn't work, then.....
    Insert a blank Micro SD card into the Crab and boot it up
    Power off the Crab
    Edit the config.txt file and add the WiFi network config on the Micro SD card
    Boot the Crab again

    Are you using a PSK with special chars? If so, don't escape those chars as the docs say. It will not work. The escape char (\ = backslash) will be echoed into wpa_supplicant.conf which makes WiFi fail.

     

    Add WifiPineApple WLAN0 interface to Kali VM (on vmware) ?

    in WiFi Pineapple

    Posted

    Not exactly sure why you need to do that when you have a wired interface already connected to the VM, but I guess you don't want that (i.e. just powering the Pineapple from some power source and not connecting it using USB-C to the VM) but instead connect wirelessly from the VM to the Pineapple(?)

    In the case you want to connect using wireless, just add a physical WiFi adapter from the hypervisor to the VM and then connect the VM to one of the access points of the Pineapple. Either the open AP or the management AP.

    Payload Security

    in Bash Bunny

    Posted

    that won't happen to my knowledge, either you do it using umount/mount or udisk unmount/udisk mount

    not sure though if you mean that the unmount/mount should be executed from the target or on the Bunny itself

    and, assuming you mean mount operations of the udisk (either internal nandf or Micro SD card if present)

    Payload Security

    in Bash Bunny

    Posted

    15 minutes ago, quentin_lamamy said:

    When unmount -> mount it is does the same for the bb than remove it -> plugin

    You have to elaborate on that. I have no idea what that means. Is it a question or something else?

    [Info] Tools

    in Bash Bunny

    Posted

    Some comments...

    Line 85
    cd /root/sdisk/python3/Python3.9.1
    will not work but throw back an error like "No such file or directory"
    it should be:
    cd /root/sdisk/python3/Python-3.9.16
    to be successfully positioned in the relevant directory for further setup and configuration

    Then it's line 88 that is incorrect
    nano /Modules/Setup.dist
    it shouldn't refer to any Modules directory in the root of the Bunny file system but the Modules directory in the Python-3.9.16 directory, so, it should be either
    nano /root/sdisk/python3/Python-3.9.16/Modules/Setup.dist
    or
    nano ./Modules/Setup.dist
    (if being positioned in the correct directory and the file is named Setup.dist which it isn't on 3.9.16, so Setup should be used)

    Also, on more recent versions, I've been needing to tell Python to compile with Sqlite3 support in order to get Responder running without complaining, perhaps not valid for 3.9.16 though

    Automounting the Micro SD card in that way will most likely be in conflict if using ATTACKMODE STORAGE which will result in the Micro SD card being mounted to both the Bunny and the target at the same time. This may result in corrupt storage.

    [Info] Tools

    in Bash Bunny

    Posted

    Quite like my instruction on Codeberg on how to set it all up. Isn't OpenSSL 3.0.0 throwing back cert errors when building? It for sure does for me (hence using a newer version with not out of date certs included).

    Internet Tethering

    in Key Croc

    Posted

    Just checked now. Using ICS is possible on the Croc. It uses the same settings as the Bunny (not that surprising), so if following the ICS guides for the Bunny, it should work for the Croc as well. I set ICS up on a Win11 box along with the Croc and it plays ball (of course disabling any WiFi connection/setup first to be sure the Croc actually use the usb0 interface to connect to the outside world).

    Internet Tethering

    in Key Croc

    Posted

    I guess it depends on the scenario. If doing an "attack" you need to get the target to set up ICS for the Croc in some appropriate way. Not sure though if the Croc is at all set up and prepared out of the box for ICS like the Bunny is. They both share a lot in other areas, so it's possible though. Never tried it since the wireless support covers the needs I've had.

    opkg 404 error

    in Shark Jack

    Posted

    What Shark Jack model is it? Battery or cable? What firmware is it on? 18.04 doesn't seem correct, it should be using 18.06 distfeeds. The snapshots aren't available anymore. It's not any official solution, but the 18.06.0 distfeed should be possible to use.

    C2 - Not Registering Clients

    in Hak5 Cloud C²

    Posted

    And, also follow the documented command line argument order. Not that I can see that it really should matter, but since the docs explicitly says to enter the parameters/arguments in a specific order, it could be a good thing to follow what the docs say.

×
×
  • Create New...