Jump to content

korang

Active Members
  • Posts

    117
  • Joined

  • Last visited

  • Days Won

    4

Everything posted by korang

  1. korang

    Blunder Bug

    Any repository/webpage/forum group for the Plunder Bug? https://shop.hak5.org/products/bug Sorry for the typo..
  2. Do to the things above you have to write to obtain code to do this. As stated above, the Rubber Ducky acts as a keyboard on systems. It then can execute any script you load onto it . Read the documentation. HAK5 does sell a companion book with their field guide . https://shop.hak5.org/collections/hak5-field-guide-books/products/usb-rubber-ducky-field-guide. For the actual code to do what you want, you will need to expand yoru google-fu and find code that does want you want and then turn it into a ducky script.
  3. Not sure the viability to run hascat on a pineapple. If you just meant to capture the PMKID, then this would be interesting to see.
  4. So how do use use a keyboard or mouse if you disable USB ports? This is where this device gets around this. Most will disable mass storage, but since the ducky acts as a HID device, you can bypass this. Now you could disable USB totally and go old school with PS2 mice and keyboards. But in most environments, the vendors only provide USB devices. There are ways to get restrictive on HID devices but it is a management nightmare.
  5. They just mention using the Wifi Pineapple for MITM attack of Hooli-Con...Awesome. Even showed a pic of the tetra.
  6. Could you create a demo video of this in use?
  7. OK, I also put together a very similar script. I have found on my lab systems for my "work" environment, that the timing for mapping the network share had to be increased. I also ran into issues were the DUKCY ALT F4 did no close the explorer window as I had hoped. I had to use powershell to kill exploerer. This "work" system is a windows 7 x64 Laptop on a Active Directory Domain. One other weird note, due to certain GPO's we have I had to disconnect the hard wired lan cable to get it to properly map to the Bash bunny. Now , with the faster timing and ALT F4 , I found worked on my non-domain, stand alone windows 10 laptop. SO as i side note to anyone using in a professional capacity and environment. And with all PROPER PERMISSIONS, of course. May need to adjust timing and do some adjustments for it to work right, depending on any protections the workstation may have. But I will admit your script is way cleaner than mine.
  8. OK, so I have created script to do the DUCKy 2 second has grab. Currently it leaves a Windows Explorer opened where it has mapped to \\172.46.16.1\s. I have tried a few different DUCKY calls to close this window. Does anyone have a good solution to closing a windows explorer window? Sorry for all the noob questions. Also, once testing is complete to do plan on sharing.
  9. So , I am playing with my first script. I am setting up impacket with HID attack to replicate to 2 second ducky attack. My question is, can i get a windows machine to map to the share I create when the desktop is locked. So far my script works great on an unlocked machine. TIA
  10. If this has been answered or discussed please point me to the link. As my search skills are lacking today. But I was wondering if you can run the BB in both HID and RNDIS_ETHERNET attack modes? Thanks
  11. Was wondering if the BB could execute commands to change the desktop background ( on windows) while the PC is locked?
  12. So when I try to run this on a laptop with certain policies in the place, the CMD command asks for credentials to load when then causes the whole script to fail after that point as command prompt does not get executed. SO I think that bypassing UAC in this method is not working, in my situation.
  13. If a windows target, enum4linux is a good application to use.
  14. Received mine and now let the fun begin. As a side note, when setting up payloads, make sure you pay attention as to which position is tied to which payload. I was cursing for 30 min about a payload not working and I had the switch ion the wrong position.
  15. Anyone, @Sebkinne??
  16. In the built in Reporting module, can someone point me in the direction to change the generate report interval. Recent work related assessment and we discovered having a shorter interval would be more helpful. Thanks.
  17. Looks like now, if you order it will be in the March 10 batch. Seems the bunnies sold quick.
  18. OK so when running the "Mr. Robot" attack on a system (yes I am authorized). It seems when it does admin command prompt, the Dialog box becomes back grounded, so the ALT y does not hit yes. Is there any way to may the duck make sure this dialog box is the active window then do the ALT y command?. I have manually tested ALT y and it does work , I just noticed in my testing that for some reason the dialog box is not active and this cause issues with the script running. Or is there a way to psue the script till I hit yes then use the ducky button to continue running script? Thanks
  19. OK, I guess you have to use the wp6.sh script before it will use both interfaces.
  20. I just received my Tetra. I am using Kali 2.0 in VMWARE Fusion. When I connect the Tetra, I see the interface but my instance stays connected to the bridges interface. If i connect to the USB interface, then Kali turns off the Bridged interface. Not sure why this is happening. I have used this set up with my Nano with no issue. Any suggestion greatly appreciated.
  21. Every time I set the time zone. It resets when I power off then power back on the nano. Anyone else seeing this behavior?
×
×
  • Create New...