Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


About anode

  • Rank
    Hak5 Zombie

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hi all, Can a Ubertooth One be used to impersonate a BT device? lock, speaker, headset, etc.? Spoofing the MAC should be trivial, I'm just wondering about if it can present itself as the above devices/services. It doesn't have to do the job, just claim to for the pairing. TIA
  2. anode

    Quirks and Qs

    Just got one in. Thought it would be a good device to run bsside-ng with. Found you NEED to use absolute path to any binary called in payloads.txt/sh besside-ng is dumping its cap files in /overlay/upper/ -- any way to change this to /root/loot ? Really needs a second USB port or SD card slot. Internal space is rather limited. (i guess its meant to be used with the C2? kinda limiting, no?) If its a signal intel device, its going to produce logs. 30MB is tight. Multi color LED would have been nice too.
  3. anode

    Blunder Bug

    Might be able to use a Orange Pi, ODroid or the like with Android installed.
  4. anode

    Blunder Bug

    depends on how you use it :) (I'm sure I can screw it up)
  5. Either English is far from your first language or you are totally clueless on basic networking/TCP stack. (I'm thinking a little from column A ,a little from column b......)
  6. And asking security focused people.
  7. I think xmpp recently had a long running vuln discovered. (If that is what is actually running on 5222)
  8. Since just a basic browse shows a blank page, how are you losing income? Looks pretty standard: web, mail, and dns Not shown: 65525 filtered ports PORT STATE SERVICE 53/tcp open domain 80/tcp open http 110/tcp open pop3 143/tcp open imap 443/tcp closed https 465/tcp open smtps 587/tcp open submission 993/tcp open imaps 995/tcp open pop3s 8000/tcp closed http-alt
  9. Maybe? ping -c 1 webstite.com If you want all the open ports nmap -p- webstie.com (will only do TCP ports I think -sU does the UDP) Do keep in mind that many websites may 'share' the same IP address on shared hosting.
  10. Look at your router/modem's WPS settings. You may need to change them, so the client can initiate the exchange. Or, non WPS: besside-ng (from aircrack-ng) to get 4way handshake then into aircrack, JtR, hashcat, etc.
  11. If I made a hidden volume inside a 'crypt container on a USB thumbdrive, how resilience is it to unplugging the drive while mounted? I guess should also ask about full disk encryption too.
  12. anode

    sshd config Q

    I'm probably going to do a bad job asking this but..... Can one configure sshd to only connect with clients that already have the key in known_hosts? ie: Not offer the server's public key to the client on first connection. So if the client doesn't have the server's public key, its just gets a connection refused. This would be linux; raspbian or kali on a Pi. (server)
  13. anode


    Have issues with exfil. Copying about 450 files totaling 150MB *always* fails. Wether by script/payload or just mass storage drag-n-drop. When by payload it it does a self eject with the typical OS warning. When by D-n-D, it just hangs after abut 15MB. (have to yank out) Bunny gets rather warm too. (Mac OSX is the host PC)
  14. Yup that was it. Saw another post, but it didn't sink in as to why. Makes sense now. Thanks!
  15. For some reason when I quack a ~/ it is played back as /root/ ~/ works fine manually typed in a terminal I tried a simple just quack it into text editor and same results; /root/ MAC OSX 10.9 Mavericks. edit: Just tried on a Kali laptop same results. Both machine bare iron, not VMs.
  • Create New...