-
Posts
2,618 -
Joined
-
Last visited
-
Days Won
198
Posts posted by dark_pyrro
-
-
Same question to you as to the previous poster, in what way does it fail? I just fired up my Nano and downloaded and installed some modules just to check. No problems at all. Verify that your Nano has a working internet connection.
-
Did you change the password to something of your own or is the Squirrel supposed to have the "out-of-the-box" password? If the latter, then none of the one you mention is the correct one. It's not Hak5squirrel (with uppercase "H") or hack5squirrel (with an added lowercase "c"). It's hak5squirrel - all lowercase.
If you set a password of your own or can't get the original password to work, then I'd suggest a factory reset or firmware recovery to start from scratch. It will delete anything that you might have stored on the PS though, so keep that in mind.
-
No one else, except Hak5, have access to the Pineapple Enterprise since it's not released to market yet.
I haven't got any link to a specific video. I just seem to remember that I've seen something that is similar to what you describe, although it's not exactly the same since what you are trying to describe shouldn't work without additional actions.
-
Every tool has its purpose. In any way, you have to refer to that video to be able to see it all in its context and get the full picture of the methodology used. I have seen a lot of videos over the years about the Pineapple, but can't recall anything that is similar to what you are describing. That doesn't mean it's not out there though, I may have missed watching some or just don't remember. The only thing that vaguely rings a bell is that Kody did some video (Null Byte), but that didn't involve a Pineapple as I remember it off the top of my head.
-
1
-
-
Well, your choice.... either select the dk.json everytime or do the work and change the JSEncoder file. Can't see that it would be much of an issue "maintaining" it. The language file will be the same and the JSEncoder is soon to be 4 years old, so the change rate of that file/solution isn't a problem really.
-
Perhaps replace the content of the defaultUSKbdLayout variable (line 290-ish in the JSEncoder file) with the relevant content sourced from the dk.json file.
-
Not sure what you refer to when saying "WPA key". If you mean the handshake, it should not be possible to reuse/replay. You need to get hold of the actual psk. But if you can do that in some way, then it's possible to verify if anything obtained from social engineered users is the actual passphrase.
Regarding the management AP, this should be possible to control more in detail with the upcoming 2.0.0 firmware. It's still in beta and the feature to control access to the management interface is experimental.
-
1
-
-
The Evil WPA AP is used to try to capture handshakes from STA/clients that are making connect attempts to that AP/ESSID. You won't get the psk/password for the true AP, but you might be able to obtain handshakes that can be used later on to try to crack it and get the plain text psk for that network.
One way of "demoing" it
- Set up an AP using (for example) WPA2-PSK CCMP
- Connect a STA/client to that AP (only set up this specific AP on that device just to make the test/demo a bit easier)
- Do a recon scan using the Pineapple (if you don't want to add the information needed to the Evil AP manually)
- Click on the AP in the recon scan results
- Click "Clone WPA/2 AP" (disable the Evil AP at this point)
- Shutdown the "true" AP
- Enable the Evil AP on the Pineapple (that now should be set up to emulate the "true" AP)
- Try to connect to the Evil AP using the same device that previously was connected to the "true" AP
- See if any handshakes are captured on the Pineapple
- Download the capture files to some PC with Hashcat and/or aircrack-ng (running Kali Linux for example)
- Since you know the psk for this test/demo setup, try to crack it using hashcat (or aircrack-ng) and a wordlist containing the psk in order to verify that the captured handshake is valid-
1
-
-
The thing is a rather old payload. Here did you get it from (Hak5 GitHub repo)? In what way did you set it all up? What Impacket version are you using?
-
You can just use
wget https://github.com/SgtFoose/Evil-Portals/archive/refs/heads/main.zip -O /root/portals/portals.zip
Then unzip the downloaded file (unzip needs to be installed if on a fresh Pineapple)
After that, move the portals to their correct position in the file system since the unpacking procedure won't put them where they should be.
Do some cleanup if desired
-
1
-
-
I read the "Usage" section on the GitHub repo; an alternative way is to download the portals directly from the Pineapple instead of using some intermediate computer to download and then scp/sftp the files to the Pineapple. It's easier just to use wget and unzip. It's possible to script as well if desired.
-
It has worked for me on 1.1.1 for as long as I've been on that firmware, now also when running the 2.0.0 beta. Can't see why it should be necessary to downgrade. Are you using the Lenovo Ethernet NIC on the Pineapple Type A USB port? What chipset is it using?
-
The Kleo portals works with the Mark VII as well
-
Well, sekrit hasn't been online for over 3 years, so I hope he/she "wakes up" to see what you have written.
I don't agree to the fact that 881x is part of the "main ones" because they suck horses ass due to bad drivers for Linux based systems.
-
Well, beta releases tends to be buggy. It's part of the "package".
At least when the first beta was released there was a package missing that made the EP module behave bad (or not at all); libblobmsg-json
Problems are still showing though since there are something related to encryption that I haven't seen before when using EP on older firmware. Haven't been digging any deeper into that though.
-
https://docs.hak5.org/bash-bunny/getting-started/mass-storage-structure
Of which the most important in this particular case is "payloads", which needs to be positioned in the root of the Bunny udisk storage along with the sub-dirs for the switch positions "switch1" and "switch2".
In your example above, it should be
E:\payloads\switch1
and/or
E:\payloads\switch2
-
Well, you haven't got the correct directory structure. The "payloads" directory isn't even there. The Bunny expects the intended structure to be available in order to execute properly. You can't make up your own directory structure and expect it to work.
-
Why are you using the bashbunny-payloads-master as a sub-dir?
-
Have you tried to copy the actual file from the library location to the switch directory instead of opening source file > copy payload text > opening target file > paste payload text?
-
lol, this is the most frequently asked question here and on Discord. What are you going to do with it? There's no such module available since it's obsolete (unless you are trying to red team Fred Flintstone).
-
2
-
1
-
-
What do you mean when saying "complete MITM attack"?
-
Are you using a Micro SD card? Where are your payloads stored? One the Bunny internal storage or on the Micro SD card?
-
What language is your Windows box using? Have you set the correct language when encoding the payload?
-
I guess the users in this thread won't answer you since it's over 9 years old and users in it haven't been active for years either.
What zombie are you using?
What parts of the nmap documentation have you read? -Pn says "Host discovery disabled" because that is what that option does; disables host discovery. It doesn't "ping" but considers all hosts/IP addresses as "up"/alive.
Got the 5G adapter, loose connection every time i plug it in.
in WiFi Pineapple
Posted
What happens if you use the MK7AC adapter (I assume that's what you have bought) with a computer? Does it work as expected? Just to rule out if the AC adapter is bad or if the problem is linked to the Pineapple itself. You could also try a firmware recovery/factory reset and see if that helps.