-
Posts
2,618 -
Joined
-
Last visited
-
Days Won
198
Posts posted by dark_pyrro
-
-
Still not sure what your problem is. Why don't you just download all the kleo portals to the Pineapple from github and then activate the desired one from the Pineapple web gui?
-
Tell us what you have done this far. In what stage are you experiencing problems? You need to be more detailed than this to get help. Just asking for a "fix" is not enough.
-
On 9/15/2021 at 8:52 AM, cmasos said:
I would like to see scapy somehow included on this?
I know, the post is some months old, but I don't care.
What do you mean by saying "included"? Out of the box or possible to install? It's for sure possible to use on the Bunny. I have Scapy installed and running on my Mk2.
-
10 hours ago, david808 said:
Any ideas?
Tried different USB ports? Tried on another computer? What happens if you use any of the other switch positions (SW1, SW2)? That the Bunny initially reports itself as an Ethernet device isn't abnormal really.
-
From my post(s) on Discord:
It could be linked to the fact that Let's Encrypt changed their root certificate as per the 30th of September. This can/will create problems for certain devices and operating systems. There is a fair amount of general info about this on the internet to read and how to solve it. Since the Croc is running Debian Jessie 8, it could be working, or not. Jessie is one of the operating systems that could work depending on how updated it is. If it's not updated, it might not work since it trusts the old/unsupported chain and root cert. So, IdenTrust DST Root CA X3 has expired and ISRG Root X1 is the one to use. Validate the chain (for example using the "openssl" command on the Croc). It will perhaps say that the chain ends up with the expired IdenTrust DST Root CA X3 certificate. The scenario might be worth checking at least.
On the Croc, do the following
First check if this is the problem you are facing or not, either by executing:
openssl s_client -connect your.c2-domain.com:443 -servername your.c2-domain.com
or:
curl -I https://your.c2-domain.com/Both should indicate that the certificate has expired (the root certificate that is)
Verify if the expired "DST Root CA X3" certificate is available on the system (hence probably giving you problems with the Croc), it will be there if you got expired certificate issues from the commands above
Command:
grep X3 /etc/ca-certificates.conf
Output (or the vital part of it):
mozilla/DST_Root_CA_X3.crtOlder Debian releases most likely have the needed ISRG Root X1 present as well
Command:
grep X1 /etc/ca-certificates.conf
Output (or the vital part of it):
mozilla/ISRG_Root_X1.crt"Backup" the ca-certificates.conf file
cp /etc/ca-certificates.conf /etc/ca-certificates.conf.old1Disable/remove/"blacklist" the X3 root certificate:
sed -i '/^mozilla\/DST_Root_CA_X3/s/^/!/' /etc/ca-certificates.confThen execute:
update-ca-certificates -fCheck that the change has taken place. The output of the command below should show the "DST Root CA X3" as the "diff" since it's removed
diff /etc/ca-certificates.conf /etc/ca-certificates.conf.old1Verify the certificate chain again, it should now be OK (or, if you have C2 running, the Croc should show up more or less immediately after the "update-ca-certificates" command has been executed):
openssl s_client -connect your.c2-domain.com:443 -servername your.c2-domain.com
and/or:
curl -I https://your.c2-domain.com/- 2
[Module] EvilPortal
in Mark VII Mods & Modules
Posted
copy the portals to /root/portals and they will appear in the web gui, activate one of them and you are ready to go