Jump to content
Hak5 Forums

Darren Kitchen

Root Admin
  • Content count

  • Joined

  • Last visited

  • Days Won


About Darren Kitchen

  • Rank
    Hak5 Junkie
  • Birthday 02/11/1983

Contact Methods

  • AIM
  • Website URL
  • ICQ

Profile Information

  • Gender
  • Location
    San Francisco, CA

Recent Profile Visitors

92,287 profile views
  1. PineAP Beacon Response

    Hi all - I just want to chime in here as I've been monitoring the thread. After thoroughly testing a number of units from the most recent manufacturing run I have been able to find one which reproduces this issue. We're starting a comprehensive failure analysis process now. How can I tell if my device is affected? Affected devices will immediately cash and reboot after enabling any of the packet-injecting PineAP functions, such as Deauth, Beacon Response and Broadcast SSID Pool. You will notice this immediately after enabling these features on a new device for the first time. If your device has been able to use these features in the past, it is not affected. If your device crashes and reboots after attempting to use the packet-injecting PineAP functions - please use this test to confirm that it is indeed a hardware issue causing the problem. 1. Removing the antennas 2. Attempt to use said packet-injecting PineAP functions again. It is very important that you only do this if your device immediately cashes and reboots when attempting to use packet-injection functions as removing antennas from any wireless device has the potential to damage its radios. If, without the antennas, the device now does not crash and reboot it can be confirmed that your device is affected and the hardware needs to be replaced. What do I do if my device is confirmed as affected? As Seb mentioned, please contact Hak5 and indicate your order number and MAC address (printed on the bottom next to the serial number). If confirmed to be affected with this issue, we will send a return label to retrieve your damaged unit for further investigation. A replacement unit will be promptly furnished. I'm truly sorry for the inconvenience this issue has caused for those of you affected. I want to thank everyone who has pitched in to help diagnose this issue. You have all been so helpful. It's unfortunate. We should have caught this sooner. We will stand by our product and make it right. Thanks all.
  2. How safe is factory reset for the Bunny?

    It's a pretty standard SSD so the usual read write wear applies.
  3. Android and iOS attack with Bush Bunny?

    I don't have an iOS device to test with, but does it not support ECM_ETHERNET? I know with the older 30 pin iPad devices we were able to pull off HID attacks using the camera adapter.
  4. I have to vent

    Shannon manages the shows. As it turns out there was one more 3D Printer episode to air, which pushes everything back one week. The first episode of the Hak5 [PAYLOAD] series will air in January. They're actually being re-edited now since our sponsor domain.com changed their copy for 2018. I'm really excited about their release - I have so many good ones currently in research/writing and it's such a fun format. Anyway, enough inside baseball
  5. Multiple sneak-peeks at payload I'm working on..

    Love the dark interface :)
  6. Tor router

    Absolutely. The LAN Turtle and Packet Squirrel share similar bases - so this module should be easily ported: https://github.com/hak5/lanturtle-modules/blob/gh-pages/modules/tortle That should cover most of the heavy lifting :)
  7. I have to vent

    You bring up a good point. I hadn't seen this post since my response. The USB Rubber Ducky was a great learning experience for us -- and it was an influence to bring on a full time dev. Since then Seb has been continuously pushing out awesome firmware with feature after feature for our little tropical farm. It's also another reason as I said we put emphasis on including 3 awesome payloads to get the ball rolling right on the device. I'm really excited to see what all is done with the Packet Squirrel that we could never imagine. Time after time we hear of the coolest uses of our tools from pentesters at DEF CON and the like. I'm always exclaiming "Please post that payload - it sounds awesome!" As you might imagine often times these are kept close to the vest. I can understand why, but it's a true shame that some of the most innovative stuff is never made public =/ Also quick edit: After chatting with Shannon it seems the first episode of [PAYLOAD] will air on the 20th followed by our annual blooper holiday special on the 27th, then resume on January 3rd.
  8. I have to vent

    Bob123, I don't want you to feel blown off or belittled. Your concerns are legitimate and I personally take all product feedback to heart. The Packet Squirrel is an exciting one where we actually provided 3 excellent payloads out of the box - a first for us. Over time I expect many more to be available. There have been some submissions to the github repo already. From experience I'd say submissions may have a slow burn, like the Rubber Ducky when it first came out. Time will tell - and we'll do our part to encourage development. On the show side of things, I think you'll be happy to know that in January we're launching a new Hak5 series called [PAYLOAD]. As the name implies it's all about our favorite extensions to these tools. The first two episodes are about the Packet Squirrel, and my hope is that this series spurs community development. In regards to the sale, the email you received was for Black Friday. This is an annual event that most retailers in the US participate in, which traditionally kicks off the holiday buying season. It's customary to have a "door-buster" promotion, which is typically a loss leader to generate sales. In this case that was the Packet Squirrel, with a $4-5 difference from the introduction sale we did upon release. I don't want you to feel cheated in any way - so if the sale price is a pain point for you please reach out to me directly at darren@hak5.org and I'll see what I can do to make that right. DJ hit the nail on the head in regards to all of the work that we're doing over here at Hak5. It's getting to be quite overwhelming as we're growing, so in order to be able to focus on all of the things we're known for and to do them well, like videos, products and community -- we're needing to invest in growing the team. It's a big focus of mine in 2018 and I hope that you'll soon see the fruits of all the labor we've been putting into Hak5 behind the scenes. At some point early-ish in the year we'll have some big updates to share with the community :) If there's anything else you'd like to discuss please feel free to reach out to me directly. Cheers, Darren
  9. [RELEASE] Bash Bunny Firmware v1.5

    Correction: BB does work when a computer is logged off and/or locked, just some attack modes are more useful than others in those states. I agree it would be nice to know what Ethernet type was selected. We'll see about exposing that somehow. This is my quick and dirty OS detection payload scaffolding. LED SETUP ATTACKMODE AUTO_ETHERNET LED ATTACK GET TARGET_OS case "$TARGET_OS" in WINDOWS) # Windows payload goes here LED R ;; MACOS) # Mac OS payload goes here LED G ;; LINUX) # Linux payload goes here LED B ;; esac
  10. I have to vent

    It's late and I'm just now reading further into this. I'll post a more thoughtful response tomorrow.
  11. [PAYLOAD] HoppEye - 8x Mobile Payload Chooser

    I completely agree on those colors for those types of tasks. Maybe Green = Clean for cleanup? Sadly not color blind friendly. We put a lot of emphasis on that when spec'ing out the LED command. It's not something I really gave much thought to until I got a monochrome mate.
  12. I have to vent

    Once I saw Seb not coding. Once
  13. Availibility

    Should be mid week
  14. [PAYLOAD] HoppEye - 8x Mobile Payload Chooser

    I think it's awesome. Novel use of the switches. In the FVP/RC world we often have just one button to tune a radio, long pressing to cycle between bands and tapping to select channels. Once you've become familiar with the equipment it becomes quite natural. I'm sure this concept could be extended to even more payloads, considering blink patterns and such -- but at a certain point human memory becomes a point of failure. Love the idea of switching among payloads by plugging into a USB battery. Cool payload!
  15. Unexpected LED patterns when upgrading 1.0 -> 1.1

    Your assessment is correct, the solid blue will be several minutes during the installation. Thanks for bringing this up. I've updated the documentation to reflect that the alternating red/blue pattern is when the firmware flash begins, which will be followed by a period of either a solid red or solid blue LED during the firmware installation.