Jump to content

DramaKing

Active Members
  • Posts

    317
  • Joined

  • Last visited

  • Days Won

    23

5 Followers

Recent Profile Visitors

3,146 profile views

DramaKing's Achievements

  1. Maybe I'm thinking of different aireplay-ng attack modes.
  2. Then I guess that was your last post. What would it use? Ajax? ActiveX?
  3. I have mostly moved on from WiFi hacking myself, but I didn't have this kind of trouble. Sometimes the Mk. VII can be finicky until you restart pineapd. There are multiple deauth types, which I don't think has been mentioned yet. That could be the difference.
  4. By script, it's likely a reference to the commands run by PineAP on the backend.
  5. It's a service that executes a binary. I assume it is, anyway. PHP is certainly powering the web backend and interfacing with the binaries.
  6. How are you going to deauth APs yourself using AWS? Am I not understanding something?
  7. Asking for permission is good, though can be awkward. Intercepting handshakes from all surrounding APs is entirely illegal (though who can judge).
  8. It's a bundle. Not including the hardware would be a bait-and-switch. "Our notorious Wi-Fi hacking tool," there you go.
  9. D Do you mean the MK VII? Are you trying to factory reset it or provision a new unit? I'm getting mixed signals. You can only go through the first-time setup once. If you plug a USB drive into a Pineapple that has already been setup, there won't be factory firmware that will know to look for and flash firmware from USB. Used to be a manual process, too. I think the USB method was pretty tricky to get working, in fact.
  10. The Pico badusb project isn't even emulated. It uses HIDscript like Arduinos. It's a totally different thing. I know some things, but HIDscript is totally off-topic.
  11. A Google search on Wireshark string search will give you the answer in seconds. Then you just need to be able to recognize SQL injection.
  12. I did help. Like dark_pyrro stated, you're not getting the answer, only tips.
  13. I easily identified Nikto from the useragent in packets from Session1. I do cybersecurity tutoring, so if I'm allowed to advertise, maybe we could meet for a short session. I can tell you now that I see URLs with encoded JavaScript. That isn't good and could be XSS. Never mind. I found it. You just have to do a string search for SQL operators in login attempts. It's pretty easy.
  14. digininja is correct, but I understand that people have dreams about hacking like the tech world hasn't evolved since the movie Hackers. Best advice that I can offer is to seek legal help if you get blackmailed.
  15. I only see Session1.
×
×
  • Create New...