newbi3

The whole hak5 crew (who would be able to do anything about this) are in California right now and they are probably still sleeping or just getting up so we should hear something from them soon I'd imagine.

Your pineapple has internet its just that when you click the button that says to show "Show Public IP" or whatever it talks to wifipineapple.com to get the ip address of the pineapple. If the pineapple can't reach wifipineapple.com it cant display the public ip, but your pineapple will still function. And for infusions the same thing goes, the infusions are hosted at wifipineapple.com and when you go to the bar and load a list of infusions that list comes from wifipineapple.com.

Use Evil Portal in conjunction with SSL Strip

Contact the hakshop and they should be able to take care of the situation for you: shop@hak5.org

Yeah this is not a firmware, driver, or hardware problem just a problem with the infusion. For the record the infusions available are developed by community members and not necessarily by people associated professionally (getting paid) by hak5. So development, maintenance and support of infusions are all done voluntarily

I was debating if I should get a the 13" or 15" macbook pro, I ended up getting the 13" and im definitely happy with it its the best laptop I have owned so far and I usually get a different laptop every year. I don't think a 15" would be what you want the screen size doesn't make that much of a difference to me shockingly (and I use 4 heads on my development machine). Go with the 13" you wont regret it. However, I'd wait about a month or 2 because apple should be releasing their updated line of macs soon

What window manager is that guy using? Rat Poison? That looks awesome

Your pineapple should come pre-flashed with 1.0.2ish of the firmware on it. All you need to do is connect to it over wifi or a cable and then flash it over the interface

My grandpa got really frustrated trying to use Microsoft Word to type a document so he went out and bought a typewriter. At least now I won't get any calls from them needing me to remove adware and update their java...

Also some AVs look at what programs are doing while they are running and if it does something that the AV thinks is abnormal then it will flag it. This happened to me when I was working on a python program that had the ability to turn on the webcam. I was testing it out on one of my windows vms and boom AVG flagged it as soon as i tried to enable the webcam and it gave me a nice warning saying that it was trying to get a look at me and told me I should block it.

function validate() { if ((document.username.value.trim()=="") || (document.password.value.trim()=="")) { // The fields are empty so alert them alert("Por favor rellene correctamente las casillas"); return false; } else { // They typed in information so send the info sendInfo(); } } You want to check and make sure that the username and password fields are not empty and if they are you are popping up a message. If they have put stuff in the fields then you want to send info. Go head and replace your validate function with mine. Now that validate is calling sendInfo() you know longer need to call it onclick, Instead you want to call validate. <td align=center ><button name="facebook" onclick="validate();return false;">Login</button></td> I highly recommend you go through http://www.w3schools.com/ and learn HTML, JavaScript, and CSS

put your validate function onto your buttons

If I were going to put malware on the pineapple I'd put it in the boot loader because that doesn't get changed between firmware flashes and would give you persistent access to the box.

Nbt Scan is a UI Front End for the nbtscan tool which performs netbios name scanning. Change Log: 1.1 Added ability to clear results Added ability to view routing table Added a link to forum support topic Small tile no longer checks for internet connection A few UI changes Fixed a command injection vulnerability 1.0 - Initial Release ​Ability to use NBT Scan from the web interface Ability to install dependencies from the webinterface Ability to scan other networks rather than just the pineapples network Ability to review and delete previous nbt scans https://www.youtube.com/watch?v=YoUEACISRpw

You guys can do whatever you want but isn't this exactly what the hak5 community already is supposed to be; a place where everyone can get together and learn from each other?

No problem! I'm sure you won't be disappointed with VMWare, windows and linux run like they are on the physical hardware in it its crazy

I personally prefer vmware fusion over parallels. I'm a programmer professionally and my job requires me to be in windows (which I really dont like being in but what can you do?) and also in linux for a few things so I virtualize them both on my OSX machines. My boss uses parallels and has a crap load of issues with linux running properly in it. So check out vmware fusion its like $50 for the license. To delete the partition you are going to want to open up disk utility and delete it from within there its pretty easy to do. Heres a tutorial.

Yes hackers use ubuntu, it really doesn't matter to much what the distro is as long as you can get to that sweet sweet command line that we all love. Personally I use and love arch linux, I also use Ubuntu for work and ubuntu server for most of my servers. Again it doesn't really matter the distro as long as you have the CLI

Pineapples now come flashed from the factory with Firmware 1.2.0 on it already, the hak5 crew are trying to get the factory to ship with a newer version of the firmware. But yes you should update over the air for now.

What happens behind the web interface is written in C and for right now the source code is not available because if it where then companies could make karma un-effective again faster. Thats not to say that in the future the source code wont be available.

Yeah Chris its not over just move to a different plat form, Vimeo seems to be way more open to stuff like that. It still sucks that google did that they are supposed to be the good guys on the internet...

Yeah that article is just trying to scare people but vendors should take the security of their products more seriously. But just because an attacker could make some ones heart fail doesnt mean that they would, I don't think cyber criminals (even 16 year old script kiddies) are going to go around making life support equipment fail at random for the LOLz if it were to happen it would be someone targeting someone and most people that want to kill someone would probably just shoot them. The whole "its going to happen by the end of the year" crap really bothers me. It sounds like they are saying "hackers are out to kill you get ready". I'm personally not worried at all, but then again I'm not attached to any life support equipment. Also why is this post under the USB rubber ducky topic?

Metasploit is cool and all and you can use it as much as you want to but at the end of the day you don't learn anything if you're goal is to learn then put down the metasploit and the kali (keep the linux just a more day-to-day distro) and pick up programming and reading about how stuff works. Learn the hardware in computers, learn how the software works, learn the protocols that computers use to talk to each other. Learn everything you can about everything. But to answer your question if meterpreter ran then you would have seen a session open in metasploit unless you didn't have it properly configured and did port forward (assuming it was over the internet)

Well using 2 pineapples in pine plug isn't exactly the same as having twice the ram and cpu power, you also have twice the antennas, twice the usb, and the ability to off load work loads. And Hak5 could have done a lot of things with the Mk5 (double the ram, double the cpu, built in bluetooth, PoE, more USB) but these things don't cost 2 cents and for them to keep the same proffit for the device they would have to raise the cost of the device which is why many features were not in the Mk5. But yes I agree lets talk about things that are reasonable that would be awesome to see in the next hardware release. My list: Bluetooth (if there is a cheap option that could be possible) Other than that I'm not sure what I would want, An internal GSM modem would be awesome but I'm sure that comes with a whole lot of FCC regulations and certs that you have to get and would be very costly

You are forgetting the .jar file extension