-
Content Count
4,826 -
Joined
-
Days Won
223
About Darren Kitchen
-
Rank
Hak5 Junkie
- Birthday 02/11/1983
Contact Methods
-
AIM
hak5darren
-
Website URL
http://www.darrenkitchen.com
-
ICQ
0
Profile Information
-
Gender
Male
-
Location
San Francisco, CA
Recent Profile Visitors
101,832 profile views
-
I can see you're disappointed. I want to understand your frustration so we can do better. I put a lot into this product and feel that it's the best WiFi Pineapple yet -- both in terms of the hardware and software, and want the experience to be the best it can. I'll see to addressing your concerns: - Packet injection does indeed work on all 3 interfaces. You can test this with the aireplay-ng -9 command. - Gathering WPA2 handshakes is a passive process and does not require packet injection. Handshake capture does indeed work. - We have a highly documented module API and went as
-
onkar started following Darren Kitchen
-
Handy Geek started following Darren Kitchen
-
tim657657 started following Darren Kitchen
-
Francis Ford started following Darren Kitchen
-
Initial Setup The OTA installation from the stager (initial setup firmware) does not support hidden and open WiFi networks. It only supports WPA WiFi networks. This is addressed in a forthcoming update. WiFi Client Mode This is a known issue related to some WiFi networks on an old firmware (version 1.0.0) which has been solved on subsequent releases. In firmware 1.0.0 the WiFi Client Mode settings were not automatically saved. There was a save button for if you wished to manually save the profile, however we learned that many people were not noticing the sav
-
Buddy.bat started following Darren Kitchen
-
kaliham started following Darren Kitchen
-
I cannot speak to the kbeflo project you reference as I do not have experience with it - however if you are referencing the Evil Portal module from the WiFi Pineapple repository, I can say that exfiltrating loot from that module to the Cloud C2 server is the same as any other file. Example: C2EXFIL STRING /path/to/log/file payload-name *payload-name is option *STRING indicates that the file is ASCII and may be viewed in the browser. Omit for binaries.
-
If you run the `date` command on both your WiFi Pineapple and the server running Cloud C2 - are they the same? You also said that you have your WiFi Pineapple connected both to your computer and your LAN via WiFi, yet you are not providing the WiFi Pineapple with Internet access from the computer. Is this computer connected to the WiFi Pineapple via USB-C also the Cloud C2 server? If the WiFi Pineapple disconnects from the Cloud C2 server, does it reconnect after a few minutes? What do the server logs on the Cloud C2 server show after the WiFi Pineapple disconnects? After t
-
You don't need to reconfigure devices after updating. You just need to assign them to a site. There's a video in the release thread at https://forums.hak5.org/topic/53473-release-hak5-cloud-c2-30x/?do=findComment&comment=333943
-
Zer0V0id started following Darren Kitchen
-
Hi! Hak5 is proud to announce the second major annual update to our Command and Control platform — Cloud C2. Version 3.0.0 introduces Teams Edition with support for multiple users and multiple sites — further enabling red teams and pentest firms to conduct collaborative remote operations from anywhere. With granular real-time Role-Based Access Controls and advanced audit logging, administrators are provided comprehensive and historical insight into every aspect of Cloud C2. Moreover, architectural changes pave the way for more frequent releases to take advantage of the rich libr
-
Darkon started following Darren Kitchen
-
How are you connected to the MK7 when the slowdown occurs - over USB Ethernet or WiFi?
-
cant add pineapple mark vii to could c2
Darren Kitchen replied to funky1983's topic in Hak5 Cloud C²
My apologies for the delay. We're very close on Cloud C2 v3.0, which we expected to be releasing today, however we are still in the QA phase and making UI tweaks which have postponed the launch. We are shooting for October 5th. It's going to be an exciting release with some really cool new features so I'm really grateful for your patience as we put the final touches on this release. -
Thanks for the report @drforbin - we can surely take a look at what's going on with the slow down when broadcasting the SSID pool. More details will be required so please post the contents of your SSID pool as well as the debug log which may be found from the help page. With regards to throughput, the MK7 should have about the same wireless client mode speeds as its predecessors. The focus has always been on balancing the hardware for its core functionality (identifying devices vulnerable to rogue ap/performing recon/new campaigns). If higher throughput is necessary for your application c
-
Unauthenticated Filesystem Access
Darren Kitchen replied to Clever Name's topic in WiFi Pineapple Mark VII
Yes, it *could* be a problem *if* someone submits a vulnerable module *and* we accept that module to the repository. Considering this isn't the case, and that this is removed from 1.0.1 and onward, and that we are not accepting modules with vulnerabilities - I don't see your hypothetical scenario playing out. Any information that was obtainable before a restriction was added would provide no benefit to an adversary. Again, thank you for the report, and I don't want to split hairs with you because I believe your intention is sound - however I do not believe a CVE is warranted. -
Unauthenticated Filesystem Access
Darren Kitchen replied to Clever Name's topic in WiFi Pineapple Mark VII
Thanks for reporting this, and I understand you're trying to help. I wouldn't go as far as calling this a vulnerability. That's sort of akin to pointing out that the login page is accessible unauthenticated. There's nothing sensitive in the UI directory that's accessible - for example, the json file you mention is an element of progressive web apps. All of the configuration and loot data are stored elsewhere. As you've determined, after you reported this we removed it from 1.0.1. Again, I'm sure you have the best of intentions but, there's no data leak or pivot. Had there been I would absolute -
The MK7AC module will have two of its own dual band antennas as it will support 2:2 MIMO.
-
Verifiedsafe started following Darren Kitchen
-
Introducing the WiFi Pineapple Mark VII
Darren Kitchen replied to Darren Kitchen's topic in WiFi Pineapple Mark VII
Correct, they are standard RP-SMA antenna ports. -
December 18, 2020 There is a SD card patch that is currently being tested for the WiFi Pineapple NANO to address an issue caused by a malfunction in some automatically generated fstab configurations.