Darren Kitchen

We have a tractor 🚜🍍

Deano123 - I'm really sorry we completely dropped the ball on this. I really appreciate your patience and understanding - but you shouldn't have to wait a month for your order or a week for a response. You have my word we'll make this right - and in doing so we'll prevent this from happening again. I must admit we're pretty damn good for the 99% of orders, but the edge cases like yours where packages go lost, stolen, stuck in customs, bounced back to us or any number of other odd exceptions - we can do better. For what it's worth, we're in the midst of a transition here internally where we're revamping a lot of processes that were put in place ad hoc as we grew from the garage. For the most part there has already been a lot of refinement on the backend, but customer service - especially with these edge cases - is the number one area where we need improvement. Based on this experience, we're developing a bot which will monitor the packages tracking while they're in transit and alert us if an order is taking longer than usual to get to its destination. That way we can be proactive about notifying the customer and helping in situations where customs or the shipping carriers cause issues. I know this doesn't immediately solve your particular issue, but know that we're taking the issue seriously and we're working to solve your AWOL package in the process. You'll be hearing from us via ZenDesk/Email shortly. xinjie00 - Your order held briefly since there was a short delay between the order being accepted and one of the items - I believe the WiFi Pineapple - being available at the warehouse. I'm 99% certain it left the warehouse yesterday (Monday). Regarding the 30 day policy for international orders - I'd say that it's more like 2-5 days for DHL and 4-11 days for USPS - but unfortunately customs can add up to another 3-4 weeks if the package gets held and while it only impacts less than 1% of orders, sadly it's something that's completely out of our hands. The hope is that our new order tracking/alerting bot will allow us to be proactive in these situations.

Hi all - I just want to chime in here as I've been monitoring the thread. After thoroughly testing a number of units from the most recent manufacturing run I have been able to find one which reproduces this issue. We're starting a comprehensive failure analysis process now. How can I tell if my device is affected? Affected devices will immediately cash and reboot after enabling any of the packet-injecting PineAP functions, such as Deauth, Beacon Response and Broadcast SSID Pool. You will notice this immediately after enabling these features on a new device for the first time. If your device has been able to use these features in the past, it is not affected. If your device crashes and reboots after attempting to use the packet-injecting PineAP functions - please use this test to confirm that it is indeed a hardware issue causing the problem. 1. Removing the antennas 2. Attempt to use said packet-injecting PineAP functions again. It is very important that you only do this if your device immediately cashes and reboots when attempting to use packet-injection functions as removing antennas from any wireless device has the potential to damage its radios. If, without the antennas, the device now does not crash and reboot it can be confirmed that your device is affected and the hardware needs to be replaced. What do I do if my device is confirmed as affected? As Seb mentioned, please contact Hak5 and indicate your order number and MAC address (printed on the bottom next to the serial number). If confirmed to be affected with this issue, we will send a return label to retrieve your damaged unit for further investigation. A replacement unit will be promptly furnished. I'm truly sorry for the inconvenience this issue has caused for those of you affected. I want to thank everyone who has pitched in to help diagnose this issue. You have all been so helpful. It's unfortunate. We should have caught this sooner. We will stand by our product and make it right. Thanks all.

It's a pretty standard SSD so the usual read write wear applies.

I don't have an iOS device to test with, but does it not support ECM_ETHERNET? I know with the older 30 pin iPad devices we were able to pull off HID attacks using the camera adapter.

Shannon manages the shows. As it turns out there was one more 3D Printer episode to air, which pushes everything back one week. The first episode of the Hak5 [PAYLOAD] series will air in January. They're actually being re-edited now since our sponsor domain.com changed their copy for 2018. I'm really excited about their release - I have so many good ones currently in research/writing and it's such a fun format. Anyway, enough inside baseball

Love the dark interface :)

Absolutely. The LAN Turtle and Packet Squirrel share similar bases - so this module should be easily ported: https://github.com/hak5/lanturtle-modules/blob/gh-pages/modules/tortle That should cover most of the heavy lifting :)

You bring up a good point. I hadn't seen this post since my response. The USB Rubber Ducky was a great learning experience for us -- and it was an influence to bring on a full time dev. Since then Seb has been continuously pushing out awesome firmware with feature after feature for our little tropical farm. It's also another reason as I said we put emphasis on including 3 awesome payloads to get the ball rolling right on the device. I'm really excited to see what all is done with the Packet Squirrel that we could never imagine. Time after time we hear of the coolest uses of our tools from pentesters at DEF CON and the like. I'm always exclaiming "Please post that payload - it sounds awesome!" As you might imagine often times these are kept close to the vest. I can understand why, but it's a true shame that some of the most innovative stuff is never made public =/ Also quick edit: After chatting with Shannon it seems the first episode of [PAYLOAD] will air on the 20th followed by our annual blooper holiday special on the 27th, then resume on January 3rd.

Bob123, I don't want you to feel blown off or belittled. Your concerns are legitimate and I personally take all product feedback to heart. The Packet Squirrel is an exciting one where we actually provided 3 excellent payloads out of the box - a first for us. Over time I expect many more to be available. There have been some submissions to the github repo already. From experience I'd say submissions may have a slow burn, like the Rubber Ducky when it first came out. Time will tell - and we'll do our part to encourage development. On the show side of things, I think you'll be happy to know that in January we're launching a new Hak5 series called [PAYLOAD]. As the name implies it's all about our favorite extensions to these tools. The first two episodes are about the Packet Squirrel, and my hope is that this series spurs community development. In regards to the sale, the email you received was for Black Friday. This is an annual event that most retailers in the US participate in, which traditionally kicks off the holiday buying season. It's customary to have a "door-buster" promotion, which is typically a loss leader to generate sales. In this case that was the Packet Squirrel, with a $4-5 difference from the introduction sale we did upon release. I don't want you to feel cheated in any way - so if the sale price is a pain point for you please reach out to me directly at darren@hak5.org and I'll see what I can do to make that right. DJ hit the nail on the head in regards to all of the work that we're doing over here at Hak5. It's getting to be quite overwhelming as we're growing, so in order to be able to focus on all of the things we're known for and to do them well, like videos, products and community -- we're needing to invest in growing the team. It's a big focus of mine in 2018 and I hope that you'll soon see the fruits of all the labor we've been putting into Hak5 behind the scenes. At some point early-ish in the year we'll have some big updates to share with the community :) If there's anything else you'd like to discuss please feel free to reach out to me directly. Cheers, Darren

Correction: BB does work when a computer is logged off and/or locked, just some attack modes are more useful than others in those states. I agree it would be nice to know what Ethernet type was selected. We'll see about exposing that somehow. This is my quick and dirty OS detection payload scaffolding. LED SETUP ATTACKMODE AUTO_ETHERNET LED ATTACK GET TARGET_OS case "$TARGET_OS" in WINDOWS) # Windows payload goes here LED R ;; MACOS) # Mac OS payload goes here LED G ;; LINUX) # Linux payload goes here LED B ;; esac

It's late and I'm just now reading further into this. I'll post a more thoughtful response tomorrow.

I completely agree on those colors for those types of tasks. Maybe Green = Clean for cleanup? Sadly not color blind friendly. We put a lot of emphasis on that when spec'ing out the LED command. It's not something I really gave much thought to until I got a monochrome mate.

Once I saw Seb not coding. Once