jjd
-
Posts
169 -
Joined
-
Last visited
-
Days Won
1
Posts posted by jjd
-
-
6 hours ago, Ev!c70r said:
Had the same issue. Don't use a Mac. Lol.
I think it has something to do with not completely compatible file systems.
i updated with my mac no issue
-
I have tried on two systems both mac's and since 1.1 using ATTACKMODE ECM_ETHERNET the target does not get a dhcp ip it ends up with a self assigned. seems to work fine on windows systems with NRDIS. Can anyone else test and see if they get the same thing?
-
4 minutes ago, DataHead said:
this is old, but..
does the following work for you?
$'$Bunny = (gwmi win32_volume -f \'label=\'\'BashBunny\'\'\' | Select-Object -ExpandProperty DriveLetter)
(netsh wlan show profiles) | Select-String "\:(.+)$" | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name="$name" key=clear)} | Select-String "Key Content\W+\:(.+)$" | %{$pass=$_.Matches.Groups[1].Value.Trim(); $_} | %{[PSCustomObject]@{ PROFILE_NAME=$name;PASSWORD=$pass }} | Format-Table -AutoSize | Out-File $Bunny\loot\WiFiCreds\WiFi.txt'Dollar qoutes $' ' for this purpose should work, only \ escaping your ' characters.
>echo $'isn\'t this easier?'
>isn't this easier?not sure if you mean me, but after doing a factory reset mine started working normally, not sure what was screwed up with it the first time
-
seems to work!
-
On 3/25/2017 at 7:10 PM, Onus said:
Im going to play around with this tomorrow afternoon.. thank you so much.. we can investigate later about decreasing boot time. Im just trying to understand the bones.. can you speak a bit to what the thought process of picking ip range..
you will have issues if you pick an ip range that the client or pi connect to on wireless so i just picked one I'm not likely to run into
-
Sure,
I have only ever done this with a zero w.
of course the ip range is just what I selected randomly you can adjust them as need be just keep in mind if you set it to something on the same network as your wifi or the clients network you will have issues.
first install dhcp
apt-get install isc-dhcp-server
set the dhcp option
/etc/dhcp/dhcpd.conf
ddns-update-style none; authoritative; log-facility local7; subnet 10.99.140.0 netmask 255.255.255.0 { range 10.99.140.10 10.99.140.100; option routers 10.99.140.1; option broadcast-address 10.99.140.255; default-lease-time 600; max-lease-time 7200; option domain-name "local"; }tell the dhcp server to apply to the usb0 interface
/etc/default/isc-dhcp-server
DHCPD_CONF=/etc/dhcp/dhcpd.conf DHCPD_PID=/var/run/dhcpd.pid INTERFACES="usb0"
set the usb0 interface to have a static ip
/etc/network/interfaces
add
auto usb0 # or allow-hotplug usb0 iface usb0 inet static address 10.99.140.1 netmask 255.255.255.0 network 10.99.140.0 broadcast 10.99.140.255 # gateway 10.99.140.1
thensudo service isc-dhcp-server restart
if theres any issues with your config files it will give you two commands you can run for more info.
after plugging the pi in again it may take a moment before the dhcp server comes up (pi boots much slower than bashbunny) and hands an ip to your client so give it a moment my system gets a self assigned ip then the pi gives it one but you may have to renew the ip if it does not get one quickly enough.
this should have you up and running. it will not get internet over usb with these setting, for my use i wanted internet over wifi and pi access over usb... or cellphone access over wifi and computer access over usb....
let me know if this works for you!
-
this one worked for me the down side is there is no dhcp server by default so although it does seem to work you need to wait a long time after plugging it in. To install a dhcp apt-get install isc-dhcp-server then set a static ip for the usb0 interface, and configure your /etc/dhcp/dhcpd.conf & /etc/default/isc-dhcp-server
if you need more details on configs just let me know.
-
Perhaps? I'm located in Canada (not French Canada) and windows is setup with us eng keyboard I assume that's the default for the bunny as well?
-
ok now im pulling my hair out!
I cant get this to work! I found your thread when searching for how to escape special char, but it seem to not work for me. copying your code
Q STRING \$Bunny \= \(gwmi win32_volume -f \'label\=\'\'BashBunny\'\'\' \| Select-Object -ExpandProperty DriveLetter\)in my bunny outputs this to notepad
$Bunny = (gwmi win32_volume -f <label=<<BashBunny<<< ~ Select-Object -ExpandProperty DriveLetter)with the code I was working on before finding your post
this
STRING '$a = Get-WmiObject -Class Win32_Volume -Filter "Label='BashBunny'" | select -expand Name'outputs
$a = Get-WmiObject -Class Win32_Volume -Filter @Label=BashBunny@ ~ select -expand Namethis is what made me realize that i needed to escape them
and in that your code does not work explains why most things that use hid don't seem to work for me.....
and... I have no idea why....
-
I can't say with any authority why you have an image of the FM station in the air band and doesn't make sense since you have another receiver (with nearly as wide band input as the hackrf. What are you using for an antenna?
I am testing with the ANT500. Tomorrow I will try to receive from my hand held ham radio and see if the hackrf also sees images of that 10mhz higher. I'm assuming it will since it seems to have an image of every "high powered" broadcast again. Even random noise. My spectrum is just the same things repeated every 10mhz (when hackrf bandwidth is set to 10000000)
-
I have figured out that the position of the phantom frequencies are based on my sample rate. If I set it to to then 106.1 shows up again at 116.1. If the sample rate is set to 16 then 101.1 show so again at 122.1. Still have not been able to receive anything but broadcast fm. But I have found repeating "noise" throughout all bands again repeating based on sample rate
-
Try going to greatscottgadgets.com and follow his hackrf tutorial in the education section. Many devices did not ship with the latest firmware and yours probably needs to be updated.
It is running firmware 2014.08.1 looks to be the latest release. Any other ideas?
-
So I just got my HackRf One, and testing it with sdr#, I have tried both the current install as well as nightly builds. first off I noticed it shows up as a jawbreaker (is this expected?).
when checking out broadcast fm stations everything appears to be backwards... so 107.1mhz is found around 93mhz until I select Swap I&Q (expected?)
after clicking swap fm broadcast stations appear to be where I would expect however 103.1mhz for example shows up at 103.1mhz but also at 119.1mhz... this seems.... odd, I find nothing in the air band from the local airport although it is very near (my handheld scanner picks up the tower without an antenna attached).
Did i miss something altogether? or is it a hardware issue?
any help would be great! I am new to sdr have played with rtl dongles a bit but nothing like hackrf
-jeff
-
Hello,
I think I am having similar issues: everything works great when I am using eth0 for the wan but I get bad ping and throughput with wlan1 in client mode. My connection is 50Mbps and I am lucky when I get 200kbps through in client mode. The ping also goes very high as soon as there is some traffic and there is some packet loss when I ping the pineapple on wlan1.
I have tested the pineapple with a wire and I get very good bandwidth. I have also tested the WIFI I use on the client side and it gives me the expected bandwidth. I was thinking about interference so I have played with the channels on both WIFI but it did not help much. I also looked in the syslog but did not find any clue.
My setup is completely standard using the latest firmware (1.04). Anyway did you guys solve your problems with client mode? Any idea what I should try to better diagnose the problem?
Cheers,
Franck
Nope this sounds like the same issue I am having and try as I might I can't figure it out. With so few people reporting it I am honestly starting to wonder if it could be a hardware issue with a few devices (although I hope not).
I did notice Darren's speed in the last video I would be thrilled with even 7mbps! At least that would be useable, as is there's no way I could use the device in a real world test.
-
Yeah, same thing. So a reset didn't help either. After resetting, I re-formated again and that did the trick, so far it seems to be back to normal. Working fine.
So what happened, and how can this be avoided in the future?
are you up to date with 1.0.4? were you before? i think it was in 1.0.3 Seb fixed an issue with the sd reader usb driver. maybe related to that?
-
have you tried a different card?
-
This almost sounds like the beginning of a 'scary' newspaper article about the evil hackers.They want to know, with consumer-accessible hardware and a budget of $500, how much a potential attacker can gain.
Not saying your trying to mislead anyone with your post just that it sounds familiar
-
What is your company worried about? Kids with laptops in the cafeteria or corporate espionage? Because your budget is way off for the latter. Although I think the project budget is way off anyway it would likley be cheaper to implement the fix you talked about then to test the problem.
As far as how to deploy a key logger your only option if you don't get hardware access is online. But I would assume your company does not want you installing root kits on everyone's laptops?
All in all a very strange project
-
I'm not using gpsd at all. It's a pos in my opinion. Kismet newcore can talk directly to gps devices. Edit your /etc/kismet/kismet.conf I also had to move the kismet binaries to their local positions instead of having them installed on the sd card. Kismet complains about too many links if you try to just link to the sd card.
gps=true # Do we use a locally serial attached GPS, or use a gpsd server? # (Pick only one) # gpstype=gpsd gpstype=serial # What serial device do we look for the GPS on? gpsdevice=/dev/ttyUSB0 # Host:port that GPSD is running on. This can be localhost OR remote! # gpshost=localhost:2947 # Do we lock the mode? This overrides coordinates of lock "0", which will # generate some bad information until you get a GPS lock, but it will # fix problems with GPS units with broken NMEA that report lock 0 gpsmodelock=false # Do we try to reconnect if we lose our link to the GPS, or do we just # let it die and be disabled? gpsreconnect=true
I had no idea you no longer needed gpsd!!!
-
Are you on the latest firmware? Although I'm pretty certain when I tested mine it was new. (still 1.0)
I was getting about 8-12mbps up and down testing with Speedtest.net. (50 Mbps connection)
I know that isn't much help, but at least you know it *can/should* work fine.
I am currently on 1.0.4 with no other infusions installed.
I used a wifi analyzer, after having similar problems.There was quite a few AP's using channel 11, my would get so bad I couldn't even connect to the mark v after about 20 minutes.
I looked into the channel idea as well and no go
any other ideas?
-
So... I haven't had a chance to to work with the pineapple to much the past week or so but I have noticed and posted something about it in the 1.0.1 thread.
Since 1.0.1 (I didnt test speed before that but general browsing seemed normal) I have had very poor throughput when using client mode wifi, like timing out just loading google. heres an example of a client pinging from the pineapple.
PING google.com (173.194.33.70): 56 data bytes 64 bytes from 173.194.33.70: icmp_seq=0 ttl=56 time=34.428 ms 64 bytes from 173.194.33.70: icmp_seq=1 ttl=55 time=40.911 ms 64 bytes from 173.194.33.70: icmp_seq=2 ttl=55 time=108.577 ms 64 bytes from 173.194.33.70: icmp_seq=3 ttl=56 time=37.302 ms Request timeout for icmp_seq 4 64 bytes from 173.194.33.70: icmp_seq=5 ttl=55 time=543.314 ms 64 bytes from 173.194.33.70: icmp_seq=6 ttl=56 time=57.451 ms Request timeout for icmp_seq 7 64 bytes from 173.194.33.70: icmp_seq=8 ttl=55 time=117.508 ms 64 bytes from 173.194.33.70: icmp_seq=9 ttl=55 time=40.330 ms Request timeout for icmp_seq 10 64 bytes from 173.194.33.70: icmp_seq=11 ttl=55 time=38.713 ms 64 bytes from 173.194.33.70: icmp_seq=12 ttl=55 time=56.518 ms 64 bytes from 173.194.33.70: icmp_seq=13 ttl=56 time=37.825 ms 64 bytes from 173.194.33.70: icmp_seq=14 ttl=56 time=37.989 ms Request timeout for icmp_seq 15 64 bytes from 173.194.33.70: icmp_seq=15 ttl=55 time=1005.011 ms 64 bytes from 173.194.33.70: icmp_seq=16 ttl=56 time=415.637 ms ^C --- google.com ping statistics --- 17 packets transmitted, 14 packets received, 17.6% packet loss round-trip min/avg/max/stddev = 34.428/183.680/1005.011/273.600 ms
my pineapple was just restored and then I fully upgraded everything installed nothing else.
The pings seem somewhat misleading so I thought i would do a speed test just to compare but speedtest.net timed out long before completing a test. so instead I timed loading the speedtest.net homepage. On google chrome, timed with my wrist watch it takes about 110 seconds to load completely.
This is connected to my home wifi with wpa2 (no encryption has same results) signal quality is 70 of 70 & my home internet is 100Mbit.
anyone have any ideas or things I can try?
thanks in advance!
ps: before the speedtest timed out i was getting about 0.03 bits/s
I should also mention, when using ethernet ICS everything works fine and I get great speeds
-
-
hehe
i think i was previously running into his problem.
I did some tests it seemed to happen about 5% of the time. But it is much smoother now!
-
woot! is now working without any problems. thanks for the update.
No problem!
[PAYLOAD] MacProfiler
in Payloads
Posted · Edited by jjd
Ive seen very few Mac payloads so I figured I would give it a try.
Uses a HID/Storage Attack to create a system profile including the following information:
Terminal history.
Current clipboard contents.
List of users on the system.
ifconfig data.
Systems WAN IP.
All login items set to start up with the system.
List of installed Applications from /Applications.
pull request #195
https://github.com/jdetmold/bashbunny-payloads/tree/master/payloads/library/recon/MacProfiler