Jump to content

dark_pyrro

Dedicated Members
 View Profile  See their activity

  • Posts

    2,588

  • Joined

  • Last visited

  • Days Won

    194

 Content Type 

Everything posted by dark_pyrro

  1. dark_pyrro
    What language is your Windows box using? Have you set the correct language when encoding the payload?
  2. dark_pyrro
    I guess the users in this thread won't answer you since it's over 9 years old and users in it haven't been active for years either. What zombie are you using? What parts of the nmap documentation have you read? -Pn says "Host discovery disabled" because that is what that option does; disables host discovery. It doesn't "ping" but considers all hosts/IP addresses as "up"/alive.
  3. dark_pyrro
    Is there any ep file in /www ?
  4. dark_pyrro
    This is a really old thread so I guess response will be rather limited. To your question, I would probably say: "nothing". You most likely have to tweak the Evil Portal module code. The target gets connected and gets network access, that message just shows up. If you continue to browse, your target will browse the web as intended. I can't remember off the top of my head where it is located, but just search for that string and you will find where it is located in the module code structure. Then change/tweak/correct it as you desire to get another response.
  5. dark_pyrro
    What product? And don't just post randomly in the forums. Keep it in the sections related to what you want answers to.
  6. dark_pyrro
    I would probably seek another way of doing this. The payload isn't limited to have a possible SPoF (Single Point of Failure), but several. First, using Netcat at all is a trick in the bag that is most likely going to be picked up by Defender. Then, using vbs files is a second way of getting noticed and/or blocked. Letting Netcat touch any storage device is a possible third. If I would do that operation I would most likely skip using vbs and Netcat. Running the target side entirely in PowerShell could be an alternative and live off the land instead. Persistence could be achieved by using scheduled tasks. Will require that the logged on user is a member of the local Administrators group, but it won't trigger any uac prompt that needs to be dealt with. In the end, it all depends on the target and how hardened it is. Some use payloads that disable Defender (or any A-V), but that is not realistic in my opinion since it will create "noise" in any environment worth mentioning. It's possible of course for some targets in less managed and "not looked after" environments, but for a black box engagement, I would most likely not include it in my plan.
  7. dark_pyrro
    I've come to the conclusion that it's easier (and more related to success) to run a staged payload/binary on the Turtle to get a Meterpreter shell. Note though that this probably requires the later variant of the Turtle with an SD card slot. The older version of the Turtle doesn't have enough storage space to host the payload (at least a linux/mipsbe based binary).
  8. dark_pyrro
    I guess that "error" is pretty clear about if things are going to be shipped to the address you have specified. If the Hak5 shop returns such a message, it will not ship to that destination. Pretty obvious.
  9. dark_pyrro
    no, and I don't want to get any older than I am
  10. dark_pyrro
    I'm so happy I was finally classified as a fanboi. It has always been my goal in life and now I won the Oscar! I'm all open to hear about bad things, I'm a user too, but when things are ventilated in ways that is too vague, I need to ask. Being specific is a good thing and when it becomes too blurry, it's just some kind of general opinion based on "something". And... "we"?! Is there some kind of club that collectively is passing judgement on Hak5 forum users?
  11. dark_pyrro
    What features? What components? It's been 4 updates since the product release, so I don't get the "shit practice".
  12. dark_pyrro
    What do you want in an update? Updates are generally not time based, but based on need.
  13. dark_pyrro
    I'd suggest that you contact Hak5 directly instead of using the forums. There's no guarantee that it will be monitored by Hak5 staff.
  14. dark_pyrro
    I guess that the end of that quote is actually your question. I'd suggest that you ask the question in some forum (or whatever) that is relevant to your hardware since you obviously isn't using a Hak5 USB Rubber Ducky.
  15. dark_pyrro
    Repeating the same question as for the other user; tried to install it? opkg update opkg list | grep python3 Find some install candidate and install it, perhaps opkg install python3
  16. dark_pyrro
    "With this", what? What do you want to do, and... there's a dedicated forum section for the Ducky, use that for Ducky questions/posts.
  17. dark_pyrro
    Tried to install it? You don't have to wait for it if it's in the repos. Not sure any Python3 package available for the Turtle is new enough to run the most recent version of Responder though.
  18. dark_pyrro
    Could be a client side (Turtle) issue, or host side. A bit difficult to say without digging deeper into it. When running the Python based shell component manually on the Turtle, it reports "Unable to connect" even though the Meterpreter host reacts. The dynamically generated URL on the client side doesn't seem to be accepted by the Meterpreter host.
  19. dark_pyrro
    If you downloaded the deb package from this forum thread and installed it as per the instructions from Hak5, the Metasploit should be considered as installed on the Bunny. Note though that the contents of that deb package is about two and a half years old. Don't expect everything to work since the security domain has moved quite a bit over such a period of time. Things needs to be up to date to be useful in most cases. When it comes to Metasploit specifically, I guess the best advise is to dig elsewhere to get more knowledge about how to use it all. There are for sure people here that knows stuff, but my bet is that the response is better on dedicated forums, etc. that is focused around Metasploit. If you want to get hold of credentials, then you could try the QuickCreds payload instead. It doesn't deliver 100% clear text stuff though, but it's a step on the way of showing what is possible to get hold of in customer engagements/pen tests/red team activities.
  20. dark_pyrro
    I would go for the Bunny, I have both the Bunny (Mk1 and Mk2) and the Turtle and between them I use the Bunny the most. It's more useful, but that of course always depends on what you are trying to achieve.
  21. dark_pyrro
    What argumentation is that debate based upon?
  22. dark_pyrro
    The thing I think you have misunderstood is that it's kind of fruitless to post things related to the Mark VII in the Mark V section of the forum. Post this in the correct part of the forum instead. Or better still, take it to Discord. Those discussions are far more active and responsive.
  23. dark_pyrro

    Evil Portals

    dark_pyrro replied to kleo's topic in Hacks & Mods

    https://github.com/kleo/evilportals
  24. dark_pyrro
    Describe the problem more in detail. Explain the steps you do and where it fails.
  25. dark_pyrro
    A complete mystery.....
×
×
  • Create New...