DramaKing

Just needs the proper driver like any WiFi adapter. Hak5 isn't the sort of company to lock down hardware.

I wondered if you were trying to respond, but I never sent any message about you not responding. Yes, there was a post that looked like a scam, but OP has yet to do anything suspicious or even ask for anything. However, the actions described cannot be explained by typical hacker motives. Hackers usually don't waste so much time, effort, and risk of prison on lols.

Android phones (since at least version 12) will fall back to data when connecting to WiFi without Internet unless you force them to use it. Guess it's useful for some people.

It's just a USB WiFi adapter with a MediaTek MT7612u chipset or something like that. Now of course you can't use it completely on its own. It has to be plugged in.

Some of it is plausible; some of it is nonsensical. If you call an ISP to reset your router, customer service will give you instructions on how to do it. Once a router is reset, any device connected will be disconnected. And Wi-Fi app? DDoS attacks cannot realistically be done on a home network. You mention only Android phones and then say that you have an iPhone. He really would have to be a master to remotely access an iOS device. You didn't know anything about networking, but somehow you can recognize a DoS attack, including the associated "addresses." He could only have flashed your phone if he had physical control of it. Nowadays, technologies like Factory Reset Prevention should prevent that. And since when has Google's Project Treble been a hacking tool? Just kick him out and reset your devices. Change your passwords, and you'll be fine.

Easy. The Pineapple's clock hadn't updated. There's no other explanation because they get setup as a blank slate. The old SSID showing up is because you must have an old device that still uses actual SSIDs from its Preferred Network List in probe requests, instead of wildcards. Either that or the network was added as a hidden network. These probe requests happen quite frequently so that you're not waiting around for your device to connect when you move into range. The MAC address is "fake" assumedly due to MAC Randomization, which is a privacy feature.

You kind of lost me at the TVs. You can remote control them and cast media, but that's really it without opening them up and hacking into the hardware. All the mentioned devices can be reset, so I don't understand the need to keep replacing them. Plus, new devices are fully updated, making me more skeptical, not to mention your deep pockets. Anyway, I plan to read the whole post but TL;DR.

You've already asked this in the correct forum. The cables don't do anything that can't be done by interacting directly.

I've had success with using a USB adapter.

Yes, product-specific questions should be asked in their respective forums. I will tell you that if you expect O.MG cables to be a replacement for a forensic gray box or such, you will be disappointed. You can save the $120 and just punch in passcodes manually. It doesn't matter whether you use an O.MG cable, Rubber Ducky, or manual bruteforce, you'll still have only ten attempts before the iPad locks permanently.

If the lid is closed, the MacBook can be woken up, but it will probably be locked. First of all, you're probably not going to be using a bind shell, so the IP address will appear when the target connects. Study firewalls and NAT so that you know a little of what you're doing. Second, if you do have permission, I can translate DOS/PowerShell commands to Mac zsh. Message me if you want resources on networking and/or ethical hacking.

This is expected behavior on Android phones. The device will fallback to data when connecting to the Pineapple unless there is an active Internet connection.

Refer to the answers above. However, CVE-2022-20465 can bypass the lockscreen.

You just need to reset the local administrator password. If your org follows good password policies, cracking the password will not be feasible. See this guide: How to reset administrator password on Windows Server 2019 - Linux Windows and android Tutorials (osradar.com).

You can send me the details. I'll keep an open mind, but I would question why you think that it's happening.

If BitLocker wasn't enabled, a bootable password reset tool should have been all you needed to login as the default administrator. Again, that program will prevent uninstallation unless you follow the instructions from GitHub.

I teach ethical hacking / cybersecurity.

Post in the correct forum.

You can't make a client connect to WiFi without having physical access to it. With an Evil Twin, you're hoping that your ESSID is in the victim's PNL (Preferred Network List). If it isn't, a user would have to connect manually.

A quick web search shows that Ninja RMM has uninstall prevention. See here: https://github.com/samersultan/Ninja-One-Uninstall-Agent/blob/main/Uninstall-Ninja-One-Agent-From-Workstation.md. As for the server, I know some things about hacking an AD DC, especially with physical access, but it would be a long walkthrough and dependent on the environment.

Product-specific questions are off-topic in the Questions forum.

PineAP won't connect or what? You're still not really explaining your problem.

Screenshot might help.

It sounds like there's a language barrier, but I think you're referring to an Evil Twin attack.

Had to use automatic translation, so if you can use English, you should. Also, bypassing AV is an allowed topic, but this isn't the best place. It's a complex subject requiring a lot of study and experience, especially in programming. Best I can say is to learn obfuscation techniques and weaknesses of whatever AV you're up against.