tom564
-
Posts
95 -
Joined
-
Last visited
Posts posted by tom564
-
-
So it only only can used for gathering users which have already coneccted to a free wlan with any name?
Some clients that have connected to an open wireless AP in the past will connect, however newer devices may not.
-
to my pineapple? Of course i mean their wlan credentials.
I could not find informations about that.
Thanks
phantomas
No, The pineapple also does not work with any encrypted networks as the clients will not connect to an open AP when it is expecting a WPA one. Even if it did the way WPA works does not involve sending the pass phrase over the network IIRC.
-
So I have been playing around with a rtl sdr for a few days and really love how much it can do using mostly software. So I am now wondering if a software package could be created that interfaces a computer with an antenna and run pineapple on it. It could either work through USB radio converters like the RTL_SDR or onboard wireless cards since many new motherboards come with them. If this is possible I'm sure it would get a lot more people interested in pineapple and experimenting with it. Personally software like this would help me out a great deal since my motherboard already has two sma connections on the back that I could use. I think this could really help get more people into pineapple and expanding the hak5 community. Any idea if this is possible @Sebkinne ? If anyone has any comments about this please share them.
I don't know exactly what you are asking but i will attempt to give you an answer.
Everything (i think) that is done on the pineapple can already be done with a computer and a wireless radio that is capable of packet injection etc.
If you are asking if a RTL_SDR radio dongle could be used to perform pineapple like functions it can't as it is locked to receive only and is incapable of the 2.4Ghz band in any usable form.
-
Ok,
So I've been doing my research and I've tried a few file binders, but when I scan the outputted file with https://www.virustotal.com/uk/ , It's still detected as a virus. Anyone know of some good file binders?
Thanks.
I played around with veil using a reverse meterpreter payload and py2exe and was able to make an undetected file. I also read somewhere to not use virus total as it may result in quicker detection as they share signatures but i don't currently remember the alternative.
-
Correct me if I'm wrong but isn't it just a matter of finding out how the app and the server speeches to each other like using wireshark to spy on your phones mac and then first try to logout after doing that I think you will need to decrypt the username and password by first entering the whole alphabet both as username and password then check in wireshark what's going on and after that enter A 8 times in both fields read from wireshark what's going on then B, C, D and so on last do the same thing with numbers when your done you should be able to send the logout request to the server and when the user tries to logon you can read and decrypt it again this is just an idea and I haven't tested it before I'm not responsible for what you do please check your local laws before doing this
PS please share the decryption table
Peace
HTTPS is not that simple to decrypt, you can't just share a decryption table as a new symmetric key is derived for each session AFAIK. You need to either attack an application that does not check the validity of the SSL cert and use one that you sign or somehow obtain a trusted certificate signed by a CA for the site you wish to impersonate.
-
The app will get a successful connection and nothing will change. Just tested!!
Maybe hardcoded IP's into the app? or cached DNS?
-
That is DNSspoofing with a redirect to a phishing page... But the problem with spoofing all traffic to the pineapple (172.16.42.1 *) is that a lot of those apps use https. Wouldn't those still get through?
The DNS querys are still done unencrypted with HTTPS so i think DNSspoof should still work. the problem i think you would have is the browser moaning about the cert not matching etc.
-
DISCLAIMER*** Please ignore my ignorance as I am very new to all of this in the most basic and broadest sense. What I am about to suggest may be happening already or not even possible... i don't know *** END OF DISCLAIMER OF IGNORANCE
I was reading in the forums about people talking about delays maybe need to vary depending on the speed of that particular machine. What if all payloads went at the fastest that that particular machine would allow?
Is it possible or would it be possible to (as I don't even have my ducky yet, it has shipped though... can't wait) to have a ducky payload copy/paste a bash alias to the correct location and then run that bash alias, as opposed to having it type out everything out?
example:
nano .bashrcalias mac="ifconfig wlan0 down; ifconfig wlan0 hw ether 00:11:22:33:44:55; ifconfig wlan0 up"
close terminal, open terminal
mac
I think this would be faster as it (if it's even possible) to copy and paste the entire text into place, restart terminal, run alias
and the larger the payloads, the more time it would save.
just a thought of a n00b
The biggest delay is the initial one for it to install drivers IIRC, most of the other ones are not really a problem
-
Maybe look into DNS spoof and running your own phishing pages?
-
I just did the same thing, i bought a domain name from domain.com and pointed the name servers to namecheaps free DNS service as they have a capability for dynamic updates.
-
Hello guys and girls :)
So I'm trying to sniff HTTP with wireshark :
- I have an ALFA 500 wireless card, connected to my pentest computer
- the alfa card is connected on my wifi network.
- I want to sniff HTTP that comes from my 2nd computer, which is on the same wireless network.
How can I do this ?
(it's workingvery well if my pentest computer is ethernet connected)
Is it an open WIFI network?
-
I remembered in an episode of hak5 a long time ago Darren was joking around and said something about changing everyones posts on facebook to something about a zombie apocalypse starting so I decided that would be pretty funny and starting looking at the html from my facebook feed. Every single post looks like this:
<div class="mbs _5pbx userContent" data-ft="{"tn":"K"}">We are taking over @atticusclothing on instagram right now! Check it out and see what practice is llike before tour!</div>
The above it a post made by August Burns Red and here is a post from Wendy's
<div class="mbs _5pbx userContent" data-ft="{"tn":"K"}">Enter for a chance to win Spotify Premium, and drop ads like they’re hot, Spicy Chipotle Sandwiches! </div>
They look completely Identical so by creating a simple etterfilter you should be able to replace everything on someones facebook feed with "OMG ZOMBIES ARE EATING MY NEIGHBORS"
Ill be posting more when I get this working :)
I like it :P, would it be possible to make it so it is not every post and have it increase in frequency over time?
-
i see.
i am still very much a n00b, so pardon my ignorance: would this be a matter of coming up with a script that can decrypt packets shortly after having captured them, so that images would appear almost in real time?
i have always had the belief that there is always a solution to a problem. if a solution is untenable, then you need to reconsider one of your assumptions or relax one of your constraints.
Yeh i think that is the way i will have to go. After thinking about it i don't really need real time results and can play back capture files every x minutes
-
yes.
chris haralson, whom i believe has contributed to some of the pineapple video tutorials has a good tutorial: http://www.youtube.com/watch?v=TDhGpAZ5IGg
Sorry i should of stated. I need it to be passive and to not have to be connected to the network.
-
Has anyone managed to get driftnet to work on a monitor interface in real time? I am able to play back previous captures after i run it through airdecap-ng and replay it but after hours of experimenting i have been unable to get it to work in real or near real time.
-
I have done some work exploiting my home router and I'm sharing the full disclosure on how i did it, remote exploitation :
Any comments or suggestions are very welcome !
Happy reading :)
You said you did this for good but did you attempt to contact the vendor prior to disclosing?
-
Check out http://www.reddit.com/r/talesfromtechsupport/ for some good ones.
-
agreed i have 3 on the laptop
2x external
1x internal
still got space for 1 more external, byt 3 is enough (usually only use the 2 external, as i can attach my 40db antennas to them)
Speaking of high gain antennas, i tried to use my ALFA 9DBi antenna with one of the cards and ran airdump-ng but all of the SSID's seemed like they were being corrupted. Anyone else experienced this?
-
Not sure i dont use one yet but this one looks good. https://www.modmypi.com/raspberry-pi-accessories/7-port-raspberry-pi-hub-eu
Thanks
-
These are personal media files. The institution does not care about them. It is just that if there is too much torrent traffic from my computer, network managers may think that I am hosting content. This is a university and our students do such things often, I imagine. This comment was specifically related to the torrent solution. Anyways, I can get to my files through VPN and a network share. The problem is, it is too much data to transfer through the network.
Speculative comments about why I want to do this are, of course, welcome. However, I asked a technical question and it will be great if I get a technical answer. For example, Sodium Sync offers such a possibility, but it is a commercial product that is aimed at servers. Thanks!
This looks like it might suit your purpose http://www.microsoft.com/en-us/download/details.aspx?id=15155 assuming windows
-
you could always try a powered usb hub make sure it does not back feed (if its a power issue and not a cpu issue.
Thanks, can you recommend a specific hub that will not back feed? i did try to cut the red wire but that caused other issues.
-
Thank you for the suggestion. However, I need to transfer more than 200 GB of files, and this is more that my monthly limit on my INP. Besides, my files are in my office computer, behind some quite restricted firewalls and likely monitored traffic. I would like to have a solution that works as I described.
That being said, I think that BitTorretn Sync is a very cool product. I may use it for other things
Do they want you to be able to remove files from your work computer? it seems like you are trying to avoid them knowing that you are transferring this data.
-
Hello,
I would like to be able to capture data on 3 channels simultaneously using 3 separate radios, i have been having problems with the USB devices initializing and staying up which i assume to be a power related issue
so my first question is: What would you use to power the cards? and my second question is: How much computational power do i need if it is a fairly busy network (is trying to run it on a raspberry pi unobtainable?
Thanks,
-
So I am working on getting data between my toaster and my pi. One problem, I can find the damn ground pin on the CD4541BE timer chip on the toaster. The datasheet including the pinout is here:
http://www.ti.com/lit/ds/symlink/cd4541b.pdf
The only thing i could think of that would make sense is if ground was one of the NC pins (not connected)
Help would be amazing!
HACK ALL THE THINGS!
I would of never thought that toasters would have much information to share... but sounds interesting, good luck.
how to create forums website?
in Everything Else
Posted
I am sure you will be able to find an expert on Google who will build you a fourum for a reasonable rate... or you could find one of the hundreds of guides that are already out there