Jump to content

dustbyter

Active Members
  • Posts

    360
  • Joined

  • Last visited

  • Days Won

    7

Recent Profile Visitors

5,119 profile views

dustbyter's Achievements

  1. Looking at the IEM (inner ear monitors) that are used for wirelessly transmitting audio in concerts or other locations, they use UHF/VHF frequencies that appear to be supported by a DVB SDR. Has anyone tried to search for these frequencies and capture any audio from them? I'm just starting to look into SDR as it has not been an area of great interest thus far. Thanks!
  2. If the device is broadcasting, you can try to capture its MAC address and then cross reference it with those that pineapples use. That should get you to confirm it is really a pineapple and not another device. I've seen other devices black with 4 antennas that are not pinnaples.
  3. Can someone recommend a good resource to start learning about reading through the packets captured in wireshark? I also saw that there are two differnt modes for capture using ubertooth-btle (-f and -p) how do they differ? Thanks!
  4. Sorry, but we do not condone this type of activities on the forum. I am sure a moderator will lock this up shortly.
  5. Look at my past posts. I wrote most of this but never finished it. I provided code for the python scripts... Just set up the dependecies. had it names wigleAgent
  6. I tested instagram. I was able to get it to route traffic to burp, but I used proxydroid, I also installed the burp certificate on the android phone. is your phone rooted?
  7. Are you talking about doing wardriving with the nano? It would be that with out the GPS component.
  8. I have not tested those applications that you are referring to, however some applications are implementing certificate pinning. The applications in those cases would stop processing requests is they see that the certificate they receive is not the one expected. The pinning occurs by having the application check for hard coded values within the certificate. In your case, did the application still function correctly when trying to run it through burp? From my experience, I use ProxyDroid to set up the address of the machine that is running burp (requires root on device), sounds like you may have a different set up in your environment.
  9. Is there any way to query the information stored within the interface of the nano from a 3rd party application using an API? I saw the API Token module, but its not clear how to use that. I have an idea to use some of the information that the nano can get and display it in an interesting way. More details to come once I can confirm if it can be done.
  10. You can also route with iptables to another machine and use wireshark. Otherwise you can use tcpdump to save the pcap... and analyze it later.
  11. Staging could be a way to get it working. Depending how the first stager is coded, it can be loaded with a reflective dll. I was experimenting with A/V evasion, but haven't had much luck. I wrong some code that for now just XOR'ed the payload to hide it from AV. The XOR works fine, but when using the memcpy method on the buf that is XOR decrypted, A/V triggers. Some how, A/V is keeping track of the buf that is XOR'ed and then checks if its copied with memcpy. Have not found a way to bypass that...
  12. TextWrangler on my Mac. But looks like Sublime may be editor of choice from what I have been seeing.
  13. Have not put too much thought into this, but was thinking... So many people wear wearables today. Why not have a way to use the Pineapple "sense" who is around. Each device I imagine has a unique identifier that could be use to track who is around the pineapple when, or just to even do a traffic analysis at a particular area that the pineapple may be dropped off to. I haven't done any research to see if openwrt has any module to support bluetooth, but i imagine it does. WIth a dongle it should be do-able. Thoughts?
×
×
  • Create New...