Jump to content

marc

Active Members
  • Posts

    48
  • Joined

  • Last visited

Profile Information

  • Location
    England

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

marc's Achievements

Newbie

Newbie (1/14)

  1. Thanks newbi3. I'm grepping PIDs to kills in PHP exec to stop where appropriate and copying the start commands in the infusion widgets to start which is working fine.
  2. I'm wondering if it's easily possible to remote enable/disable infusions/executables running on the Pineapple. Preferably by PHP. --edit: Solved, using PHP's exec to run some bash.
  3. I've searched around a bit, but forgive me if this has been covered by someone else. Is there a custom DNS infusion for the Pineapple?
  4. Received my rubber ducky yesterday and I'm having great fun playing with some payloads. Sadly I don't have a win7 box to play with outside of my VM, and the Mac keyboard layout as well as being in the UK isn't the greatest thing in the world, but still loving the device. I recommend getting yourself a USB hub that also has a microSD slot; it makes for much faster payload writing and testing. Here's an idea. Given that the rubber ducky doesn't receive any info from the system itself, it completes its commands without receiving any feedback. As this is the case, longer payloads could be covered up visually with the following idea: We write a small app that takes the clipboard, displays it fullscreen and always-on-top, and doesn't exit unless a certain key command is pressed. Say CTRL-H. 1. Printscreen is pressed 2. Code is executed to quickly download/run this app, which launches as above. 3. Other elements of the payload are completed in the background. Meanwhile, the printscreen from the beginning is being displayed due to the app running. 4. Eventually, the other elements of the payload are quit on completion, such as command windows etc etc. 5. CTRL-H is pressed to quit the printscreen display app which cuts back to the desktop looking exactly like the printscreen. This would produce no more visual giveaways than the payload executing this app. Of course, when we have access to the microSD data itself as well as the HID, this should be a lot easier to implement. But it's just an idea to "lock" the screen whilst executing more complex procedures to avoid suspicion.
  5. Hi SteveParker, A sure fire way to do this on Windows XP would be with a U3 USB stick. These however are normally a little more costly than standard USB media as they have hardware changes allowing them to have a virtual CDROM partition. Not only this, but Windows Vista and upwards I believe won't give autorun functionality like XP did. As CanadianTaco said, the USB Rubber Ducky could work, but this would not be cross platform unless each one is flashed according to what OS the user is running which I assume is not possible in your case. This would also be quite pricey. I don't think there is a good answer to give you, but I would recommend your client against this. However, I fully understand he wants it made easy for the users. In terms of the promo code, this is easily done by loading a variable in PHP via the URL. Something like http://website.com/order.php?promo=C0DEH3R3. To auto open this URL would be impractical given you want OS-independence, so I would recommend just having subdirs on the root of the USB so that the user can choose themselves until a better solution could perhaps one day be offered.
  6. You want to upload ip.shtml somewhere on the web, and then in Gonzor's exe, tell it the URL of where it is.
  7. Merry christmas guys, You'll enjoy v3, we promise!
  8. Someone who is too unintelligent to understand anything like U3 technology, Gonzor's clear instructions, rpk's clear instructions on where to find gonzors payload, does NOT deserve to use gonzor's payload. Gonzor's payload is awesome, and i do not think it should be available to idiots. Im not pointing fingers, I'm just saying. A lot of work went in to this, for non profit, education, and for other's fun. Please obay the devteam, and let us help you, and try to have common sense. Can we all move on ?
  9. OK, did some testing today. I worked out that disabling the network dump and the messenger dump prevents the no disk error. There may be other things which cause it, but please see my screenshot above to see which options I am not using anyway, and therefore didn't test. As far as I know, the "no disk" error is given if the network passwords dump and messenger passwords dump are on. If just one of them is on, one "no disk" error will occur. If both are on, two will occur. If neither is on, it is completely silent, (with my AV disabled to stop an alarm when SBS.exe is called).
  10. Cool, seems a nice solution to the time of dumping the logs. I guess you would make it delete the payload when it is finished?
  11. Yeah, or just hit CTRL ALT DEL twice when logging in normally to access the username input screen.
  12. GonZor, since the last release, I now get the "no disk" error. I believe the options are Try Again, Continue, and something else, or something similar. I did it on a friends PC, and didn't have enough time to grab a screenshot, just enough time to click continue, and pull the thing out. The machine was running Vista. I will try to get you any other specs that I can, but I believe I get this error on my other friends laptop too, also with Vista. Here is the screenshot of my SBConfig setup: http://brapperbrap.tripod.com/sb.png However, all that was dumped was: System Info External IP VNC HackSaw Nothing else was dumped, and there were no other errors. I hope you can help here.
  13. And soon our new IP updater will be done (yeah I know, Its taken ages to get finished. I have been really busy and my main computer has died, I'm still in the process of fixing it.) No worries. My end is pretty much done, just a small amount of tidying up needs to be done. Hey, I appreciate the payload anyway, and understand we all live lives away from the computer. (Most of us.) So no rush at all GonZor, hope all is well :).
  14. Hrrm. I've tried both "hacked" and "easy" as VNC passwords with no success. Did I miss another VNC password, specified elsewhere or later in the topic? EDIT: Found a reference in the Tutorial topic to "yougothacked", which worked. Thanks, -dr. k I was the one with my friend who modified the reg file for the password "easy". The problem was, in the actual VNC Server, the password limit was 8 characters long, and therefore "yougothacked" sometimes screwed up in the registery. We then changed it to something easy to remember, "easy". I am not sure what reg file you are using, but we believe we only changed the entries which changed when we changed the server password. Another reason it may not work is the port forwarding issue. I think its WINVNC.EXE and VNCHOOKS.REG in the %systemroot% folder. I am not by a Windows machine to check for you though, or have the bat files handy.
  15. Nice tutorial and opinions on the RATs. External IP dumper FTW!
×
×
  • Create New...