Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by Batman

  1. Nevermind. Figured it out. The Text file "version" was missing from my BB root directory. I created that with the version I have installed and the updater worked flawlessly. I knew it was going to be something silly. /facepalm
  2. Hi all, My BB is running 1.3_264 according to the version.txt file on the bashbunny. I'm trying to upgrade it using the bunnyupdater. I've tried running it directly from the BB's root folder as a .exe, and also tried running from my local linux box. I've attached a screenshot below. Both ways are telling me that the updater cannot load the bashbunny's firmware. Anyone have any suggestions? I've looked over the forums and haven't been able to find anything. Thanks.
  3. Thanks for the response, b0N3z. My test MB Pro is up to date with IOS updates, etc. No encryption on the HD. I thought it was weird that this script would be cross platform with just the change of two lines. Can't be that easy since credentials are stored in Windows completely differently than they are in Mac. I'm determined to do some research and see what is needed to create a payload like this for Mac's.
  4. Same thing happened on a linux computer. Payload creates a folder in the /loot/quickcreds/ folder with the computer's hostname but the folder is empty. Bunny had a flashing yellow LED.
  5. Hi everyone, I've been playing around with Mubix's Quickcreds payload (awesome payload, Mubix!) and have run into trouble with using it on a Test Mac. I plug in the device and it goes to flashing yellow LED on the USB but doesn't proceed further. When I plug the USB in under arming mode I can see "TESTs-MBP-1" (Mac's name) in the loot/quickcreds/ folder. The folder is empty. The payload is set to use ECM_ETHERNET. I see the device under the network section of system preferences with the correct IP address ( I see in the payload that yellow LED means that it's running the attack. I have a feeling that it's getting hung up on finding NTLM logs. Mac/Nix doesn't store password hashes in the same way that Windows does, right? So why is it this payload is able to work with Mac/Nix with the only difference being the ECM_ETHERNET vs RNDIS_ETHERNET for Windows? Thanks.
  6. Seems to be a problem with the script. I tried a different scipt and it worked. Hmmmm...
  7. Thanks Broti. I did read that but the light doesn't flash continuously. Just immediately upon insertion and then goes out. The SD card is readable in an adapter. I have 3 different SD cards and all of them produce the same result.
  8. Hi guys, Been awhile since I've messed with my Rubber Ducky. I've loaded it with a clean script to save some information from the target on to the USB side of the ducky. When I plug in the ducky the LED flashes red once and then goes out and nothing else happens. I'm using it on a Windows 10 machine. Anyone know what could be the cause of this? Thanks in advance.
  9. So I recently stumbled upon a fun website that has hacking challenges on there. You have to register (its free) and then you can work on the levels and challenges at your own pace. It's pretty cool. I've knocked a few out. Just thought I'd share with you all. You might learn some new stuff. I have. Cheers! EDIT: Forgot to post link to site : https://www.hackthis.co.uk/
  10. I updated my reaver to 1.5.2 and still my router isn't getting hacked. I tried the command you suggested and got the same ouput. I tried looking at lists of vulnerable AP's and mine was not listed.
  11. Hi everyone, So I've been trying to crack my home router that's using WPA2 and WPS is disabled. Everything as far as airmon-ng, airodump-ng, and wash are working as usual. It's reaver that's the problem. I input my command - reaver -i wlan0mon -c 1 -b D8:EB:97:28:7C:A9 -S -N -vv and the output is like this: I stopped it because it just keeps doing this. I let it run for 24 hours straight to see if anything would change and nothing did. I did some research into the error code 0x04. EDIT: My router isn't vulnerable. That's what it is. >.< DUH!
  12. You could configure authentication policies on the server. https://technet.microsoft.com/en-us/library/dn486781.aspx?f=255&MSPPError=-2147217396 From what I've read on here https://technet.microsoft.com/en-us/library/dn280945.aspx it looks like you can setup multifactor login using personal devices, like cell phones. "By using Workplace Join, information workers can join their personal devices with their company's workplace computers to access company resources and services. When you join your personal device to your workplace, it becomes a known device and provides seamless second factor authentication and Single Sign-On to workplace resources and applications. When a device is joined by Workplace Join, attributes of the device can be retrieved from the directory to drive conditional access for the purpose of authorizing issuance of security tokens for applications. Windows 8.1 and iOS 6.0+, and Android 4.0+ devices can be joined by using Workplace Join"
  13. Agreed. If it's intellectual property of the company you can definitely take it to court if the former employee isn't willing to supply you with the password. That's a huge no-no. Also, out of curiosity, what password recovery program are you using?
  14. Are you trying to format the micro SD while using an administrator account? You'll probably need admin privileges to do that. You can also try right clicking the SD card under the quick access menu on the left side of the Windows Explorer, and click Properties. Click the "Tools" tab at the top of the properties window and click the "Check" button for Error checking on the drive. This should tell you if the SD card is actually bad or not. You might even be able to use DiskPart in cmd to fix the drive.
  15. Zarabyte is right, try airmon-ng check kill (this will kill all processes that are interfering with you setting your adapter into monitor mode. You can also use airmon-ng check to just run a check to see if there are any processes running that will interfere.) airmon-ng start wlan0 Kali 2.0 lists the wireless adapter as wlan0mon as apposed to kali 1.0.9 would just say mon0. And of course, if you ever need help with a command or how it works you can use the man page for it, which is a manual. Not all commands have them, but most do and they're super helpful. The syntax for using the man for a command like airmon-ng would be: man airmon-ng And if you want to save the man page for later usage or to print it out you can use cat to copy the output to a text file. Example for airmon-ng: man airmon-ng | cat > /root/Desktop/airmon-ng_man_page.txt The above command will print the manual page for the airmon-ng using cat to a text file airmon-ng_man_page.txt to your desktop. Hope this helps!
  16. Ah well thanks for trying. Haha. I found out the answer I was looking for anyway. It seems linux doesn't assign it anything if it doesn't already have one. I got lucky with my ducky in that it wasn't associated with one. :) Thanks for your time, Mr-Protocol!
  17. I just checked with a USB device I just plugged into my computer - a Sandisk micro 32GB usb drive. You can see the serial number listed in the registery, and then I double checked it using wmic. They match. I did the same thing on my GF's Windows 7 computer and they also matched. Gonna check now on my Kali box to see what it comes up with for the same USB drive. EDIT: Just plugged in the same USB drive to my Kali Laptop (totally different machine) and using lsusb -v the iSerial is listed as 4C530001110925102182. Matches the Windows Serial for it. Do you have a Windows machine to check what windows will assign to the HASP dongles you have? EDIT2: I tried doing this with my USB Rubber Ducky.. my Kali laptop left the serial number blank and the Windows 10 Desktop assigned it a serial with the "&" in the second position... see the rubber ducky jpg. The output of the lsusb -v for the Kali box was Bus 002 Device 006: ID 03eb:2422 Atmel Corp. Device Descriptor: bLength 18 bDescriptorType 1 bcdUSB 2.00 bDeviceClass 0 (Defined at Interface level) bDeviceSubClass 0 bDeviceProtocol 0 bMaxPacketSize0 64 idVendor 0x03eb Atmel Corp. idProduct 0x2422 bcdDevice 1.00 iManufacturer 1 Ducky iProduct 2 HID Keyboard and MSC iSerial 0 bNumConfigurations 1
  18. Did all of these come with the error instead of a serial number? That'd be interesting if Linux just doesn't care about serial numbers for USB devices.
  19. So here is a picture showing a USB device plugged into my system at some point that had no serial number. I have a feeling it was a USB device that I had a live boot Kali linux on, although I'm not sure. Anyway, if you look at the highlighted USB device, you'll see the "&" in the second position which means that the drive didn't have a serial number associated with it. From what I've learned in my digital forensics class I'm taking, if I were to plug that same USB device into a different USB port on my PC then windows should generate a totally new serial number for that same USB drive. Now, I've plugged in ALL of my USB drives that I own, and nothing has produced that result. Maybe my professor is wrong, or maybe Windows 10 is different than what he is accustomed to, or maybe I just don't have that USB drive setup the same way anymore. But this is what sparked my interest about linux.
  20. Sometimes you come across a generic USB drive and the drive doesn't have a unique serial number in the firmware. I know that if one of these devices is plugged in to a Windows machine that it will generate a serial number for the USB drive and it will be identifiable as a generated serial number because it will contain a "&" in the second position of the serial number. I also know that different route hosts on the same machine will generate a different serial number for the same USB drive on the same Windows machine. I also know that Ubuntu will store USB device information in the var/log/syslog file. My question is if a generic USB device is plugged into linux, will it generate a serial number for the device in the same way that windows does? Will it also generate a different serial for the same USB drive through different USB ports? I'd try this myself to get the answer but out of all of the USB drives I have all of them have actual serial numbers. -.- Thanks for your time!
  21. I couldn't believe how simple it was. I was fiddling with FTK Imager and also with EnCase. While you are right about the jpg header, you can also see the end of a jpg file because it is denoted with footer info, FF D9. Once I realized that I was thinking of how to combine all 4, and so I just tried cat and that worked! It was just a guessing game with the last 2 remaining files as to which order they came in, but I got it and was able to reconstruct the image. :)
  22. I figured it out! ROT-47!
  23. Does anyone recognize the encryption type used for the string in the image?
  24. So I'm working in Kali and want to reconstruct this QR code image from multiple files. I remember this topic being touched on briefly in a digital forensics class I took a few years ago, but can't remember where to begin. There are 4 files involved, and only one has the top 1/4 of the QR image. The others are the ones stumping me. I think the 3 other files are encrypted, but when I use FTK imager the contents aren't really identifiable to a certain encryption type. It's gibberish. Would anyone be able to suggest a good tool to use in windows or in linux for this kind of thing? Thanks!
  • Create New...