Jump to content

dark_pyrro

Dedicated Members
  • Posts

    2,485
  • Joined

  • Last visited

  • Days Won

    189

Community Answers

  1. dark_pyrro's post in SWITCH 1 adb usb | adb tcpip 5555 payload build help was marked as the answer   
    I temporarily switched over to the Key Croc since it makes it easier to develop/test payloads instead of blindly run things using the Bunny with the help of LEDs, log files, etc.
    Got it to work in the Croc and then went back to the Bunny (used a Mk1 Bunny, but that won't make any difference compared to using a Mk2 one).
    This is the payload I used. The payload can for sure be a bit more "pretty" (while loop to wait for target IP address, etc.) but it works for a PoC scenario.
    Getting the target IP can instead be made in the more "usual" way (i.e. using GET TARGET_IP)
    ATTACKMODE ECM_ETHERNET sleep 5 TARGET_IP=$(cat /var/lib/dhcp/dhcpd.leases | grep ^lease | awk '{ print $2 }' | sort | uniq) /usr/bin/adb tcpip 5555 sleep 1 /usr/bin/adb connect ${TARGET_IP} LED FINISH  
  2. dark_pyrro's post in First Time Bashing was marked as the answer   
    From where are you trying to clone the repo? From the Bunny?
    If this is from the Bunny (I assume it is judging from the errors posted this far), is your Bunny connected to the internet? In what way?
  3. dark_pyrro's post in apt update && apt upgrade sources.list issues was marked as the answer   
    However, it's possible to "force" adb to be installed on the Bunny. Did the operations below and got adb to execute. Not sure if there are more things needed to be installed for specific adb functionality, but that will probably show in one way or the other when using it.
    wget --no-check-certificate https://archive.debian.org/debian/pool/main/a/android-platform-system-core/android-liblog_7.0.0+r33-1_armhf.deb dpkg -i android-liblog_7.0.0+r33-1_armhf.deb wget --no-check-certificate https://archive.debian.org/debian/pool/main/a/android-platform-system-core/android-libbase_7.0.0+r33-1_armhf.deb dpkg -i android-libbase_7.0.0+r33-1_armhf.deb wget --no-check-certificate https://archive.debian.org/debian/pool/main/a/android-platform-system-core/android-libcutils_7.0.0+r33-1_armhf.deb dpkg -i android-libcutils_7.0.0+r33-1_armhf.deb wget --no-check-certificate https://archive.debian.org/debian/pool/main/a/android-platform-system-core/android-libadb_7.0.0+r33-1_armhf.deb dpkg -i android-libadb_7.0.0+r33-1_armhf.deb wget --no-check-certificate https://archive.debian.org/debian/pool/main/a/android-platform-system-core/adb_7.0.0+r33-1_armhf.deb dpkg -i adb_7.0.0+r33-1_armhf.deb  
  4. dark_pyrro's post in Dead key support for international keyboards was marked as the answer   
    This should work (it at least does on one of my lab/test systems, not CAFR though)
    STRING This is a full string with a ^ SPACE SPACE STRING few d¨ead k^eys combo  
  5. dark_pyrro's post in Download C2 problems was marked as the answer   
    You can try the PowerShell script I wrote that downloads the C2 binary. It won't let you learn that much about the process, but it will get you started (and it's not that much to learn really, since it's a simple thing to get C2 up and running even if you do it all "manually").
    https://codeberg.org/dark_pyrro/CloudC2-DL-script-PowerShell
  6. dark_pyrro's post in Upgrading Firmware on Packet Squirrel Mk2 was marked as the answer   
    Some users got Squirrels that didn't have the correct firmware flashed from factory, but that was really early, even before it was officially released. Not at all sure if this is the case here, but I would suggest submitting a support ticket to get assistance.
  7. dark_pyrro's post in Spec Requirements for Self-hosting was marked as the answer   
    I wouldn't worry that much about the specs with such requirements. Just install it and run it and you'll figure out when the hardware is the limiting factor. Using the RPi you mention will most likely be just fine to start with if just using a very few devices that isn't that active.
    The same thing goes with the scenario if scaling things up, just test with what hardware you have available. And, if planning for 20-30 devices, you need to step up from the free community version and buy the Professional version, and in that case you should have access to standard support (not just community support) and can most likely ask official support about any hardware setup suggestions depending on your use case scenario.
  8. dark_pyrro's post in Bash Bunny no longer firing scripts on switch1 or switch2 was marked as the answer   
    Yes, you need to QUACK things. The author is a competent user, so I'm not sure why it has been forgotten. Perhaps too quickly "converting" it from the USB Rubber Ducky to the Bunny.
  9. dark_pyrro's post in Brand new Mark VII - Flashing firmware always fails was marked as the answer   
    Even if 1.1.1 works fine, there's still a potentially faulty flash storage device, and you don't want that. Just because you're running 1.1.1 doesn't make it go away, it's still there.
    https://hak5.customerdesk.io/
  10. dark_pyrro's post in Bash Bunny Script stopping in the middle was marked as the answer   
    If it stops after the execution of
    Then, I would probably focus on the line
    The part
    is more commonly used (according to my experience) on a Ducky to get a drive letter.
    So, either you most likely need to wrap it in quotes and also escape special chars, or use another way of obtaining the Bunny drive letter using a PowerShell session instead.
  11. dark_pyrro's post in Help with password grabber was marked as the answer   
    I'd suggest that you open an issue report on the GitHub of the LaZagne creator. That doesn't seem payload, or Bunny, related. It's sounds more like something to do with Python (since the LaZagne exe seems to be Python based and that an exe is created using pyinstaller or such).
  12. dark_pyrro's post in Classic Rubber Ducky Firmwares was marked as the answer   
    Darrens GitHub was "cleaned" when the 2nd gen Ducky was released. One reason was probably that users started to flash the firmware of the 1st gen Ducky on the 2nd gen one which rendered the new Ducky inoperable/useless.
    To get hold of 1st gen Ducky firmware files and flash utilities, try the following links. Remember though that these links aren't official sources, so using them is at your own risk!
    https://code.google.com/archive/p/ducky-flasher/
    https://github.com/midnitesnake/usb-rubber-ducky
  13. dark_pyrro's post in what is it was marked as the answer   
    https://github.com/hak5
    https://github.com/hak5/bashbunny-payloads/tree/master/languages
     
  14. dark_pyrro's post in None of my device are connecting to CloudC2 was marked as the answer   
    It all depends on your setup (of which I know very little of, which also makes it difficult to troubleshoot). If you have a firewall somewhere between your Hak5 device(s) and the C2 server, then you'll have to open the ports needed (which is specified in the documentation).
  15. dark_pyrro's post in Firmware update - error new Pinneapple was marked as the answer   
    Did you try to just let the Pineapple itself download the update by issuing a check from the web UI (instead of manually trying to "sideload" the firmware update to the Pineapple)?
  16. dark_pyrro's post in Unable to install KISMET and dumbfounded... was marked as the answer   
    Try running
    opkg update again, since you have issue downloading the Hak5 "package feed"
  17. dark_pyrro's post in Shark Jack cable won't download Payloads with UPDATE_PAYLOADS was marked as the answer   
    it's basic Linux and you can find how with a simple search, you use the date command with options/parameters to set the date, such as
    date -s "yyyy-MM-dd hh:mm:ss"
     
  18. dark_pyrro's post in Packet Squirrel tcpreplay is not working was marked as the answer   
    If you need more specific details about compiling from source, then it's not the path you should walk.
    The correct way to install is as you mention, but... there are dependencies that aren't met regarding libpcap specifically which stops tcpreplay from executing even if you installed it in the way it's supposed to be installed.
    You could try (as I mentioned in a previous post) to create a symlink between the already existing libpcap file and the one tcpreplay wants. Might not be optimal and "unorthodox", but it could make it run.
    libpcap should be located in /usr/lib
    so...
    cd /usr/lib
    Create a symlink (this is the possibly "unorthodox" thing)
    ln -s /usr/lib/libpcap.so.1 /usr/lib/libpcap.so.0.8
    ls -la (or ll) on /usr/lib/ should show the created symlink in the directory listing
    libpcap.so.0.8 -> libpcap.so.1
    Execute tcpreplay
  19. dark_pyrro's post in Partial vs full handshake was marked as the answer   
    A full capture contains all EAPOL messages (M1->M4) along with a beacon frame, as the docs visualize
    https://docs.hak5.org/wifi-pineapple/ui-overview/recon#handshakes
    Partial captures doesn't contain everything of the above, but can still be possible to crack. You will need at least M2, preferably along with M1 or M3.
    If you get a full capture, then use it. Otherwise, just try to crack it with what you got. Use the Hashcat format if you plan to use Hashcat (obviously).
    There are tons of info out there about how handshakes work and the Pineapple isn't unique in any way in that sense.
  20. dark_pyrro's post in BackPress command in a Payload for Android was marked as the answer   
    Perhaps try GUI + backspace
  21. dark_pyrro's post in Copy Apple keyboard ID problem was marked as the answer   
    Well, 12 is 12 and not 17, so nothing much to do about that really
    Space isn't possible to use according to the specs since it's not alphanumeric
  22. dark_pyrro's post in Lan Turtle and Cloud C2 was marked as the answer   
    Note that C2 isn't a command in itself. What Darren is doing in the video is pressing tab (twice probably) to make the system "reveal" what known commands that starts with "C2". In any case, the available C2 commands should be located in /usr/sbin and those are the same that is shown in the video at about 8:20. If the commands aren't there, you should probably check what firmware version the Turtle is running. I can't see any reason why the Turtle should be on anything else than a version that supports C2 (which should have been introduced from version 5), but check it anyway to be sure.
    The firmware version should be available in the top left corner of the Turtle text based UI/menu system, or by checking the file
    /etc/turtle/VERSION
  23. dark_pyrro's post in Cant connect to c2 was marked as the answer   
    If you have an ordinary USB storage device attached to your computer; how do you safely eject that storage device before you remove it from the computer? That's the way you unmount the Croc. The reason why you should do that is because it's not a good thing to have a storage device mounted to two different devices at the same time (in this case your computer that the Croc is attached to, and the Croc itself). This might lead to corruption if not doing things correct.
    Note though that unmounting the Croc from the computer does not involve physically removing the Croc from the Computer since you still need to be able to access the Croc. It just involves ejecting/unmounting the Croc from the OS, not removing it from the USB port.
  24. dark_pyrro's post in Setup Complete Hangs .... Forever was marked as the answer   
    Sounds like a parallel discussion on Discord. In that case it was the USB cable.
  25. dark_pyrro's post in Is it possible to go into the Jail Mode with the Packet Squirrel Mark II and leave the Mode was marked as the answer   
    Have you tried switching NETMODE in the payload?
×
×
  • Create New...