[Deauth and Karma]

Hi. Let's say there are seven access points and those access points all presumably have clients connected to them. How do I go about (continuously?) deauthenticating five of those access points while whitelisting (or not deauthing) two of those access points? In theory, I think this should cause all the clients whose access points are deauthenticated to connect to the Pineapple with Karma. I have an Alfa and the Pineapple to work with. Since my Alfa AWUS036H might have issues with the Pineapple, I was thinking about just putting the Alfa in my Kali VM and using some deauth tool (Which one should I use? Does it need to have whitelisting support?) to deauth the five access points and then wait for the clients connected to those APs to hopefully connect to my Pineapple. What do you guys think? Can this work? What should I do? Thanks.

[WiFi Pineapple Live Stream with Darren and Sebkinne]

That doesn't play properly for me.

[WiFi Pineapple Live Stream with Darren and Sebkinne]

Can I have the recorded link?

Who knew one could be so excited about an update to a security product. Why does this announcement have to be on the day I start school? -_-

[Trapcookies]

How does this work/what exactly does this do?

Oooo. What could be happening in 6 days?

[Bought 2 pineapples, both have power issues with USB sandisk & juice pack.]

Has anyone gotten the new USBs to work? I got mine, but I haven't tested it because airman said it still doesn't work on full load.

[Wifi signal dropping]

It may just be a hardware problem. The Hak shop can fix it for you.

[[Question] Do we have a FUD meterpreter payload?]

I don't have the skills to do that. I'm pretty sure there's not going to be a pandemic. Real cyber criminals prefer their own malware, they like doing everything remotely, and hardly anyone has heard of this. The Teensy has had it for over a year and I bet the payload hasn't been used 10 times by actual cyber criminals.

So port it?

You'll find most people wont do so for various reasons, the primary being it's likely going to be used for nefarious purposes.

[[Question] Do we have a FUD meterpreter payload?]

Assuming you're talking about the windows meterp.

It is flagged by pretty much every AV going, you can try encoding the executable but it wont be 100% (or anywhere close I'd assume).

Your best bet is to learn a little about PE structure, a little C++ and code something yourself. You can encrypt an executable, load it into memory and decrypt it there which will cause it to have a much lower rate of detection.

In fact, if done with care not a single AV will detect it. :)

Did you see what I said? The Teensy uses PowerShell injection which never touches the disk, so it's FUD. You don't have to code your own if someone just ports that.

[[Question] Do we have a FUD meterpreter payload?]

I know we have a meterpreter payload, but it's flagged like crazy. There is one for Teensy on SET that worked well. It used PowerShell injection to bypass all AV. Very powerful. I think this is the main code (also check the parent directory): https://github.com/trustedsec/social-engineer-toolkit/blob/master/src/teensy/powershell_shellcode.py

[[Question] USB Spammer]

What would the purpose of that be? Would it just crash the system?

[[Question] USB Spammer]

What does a USB spammer do?

[[Release] Simple-Ducky Payload Generator v1.1.1 (International Key Mapping|Kali Compatible|Custom Payload Builder)]

Hey Sky maybe you could gather up all the other payloads on the Rubber Ducky forum. They all seem to be scattered. It would be great if someone could pull them all together.

I also made a video using Simple Ducky. It's nowhere as near as good as your video, but hopefully it's just another resource that people can use.

https://www.youtube.com/watch?v=M9gvk_X2oSQ

[[Question] OSX RunEXE from SD equivalent?]

I think there's a firmware that allows you to have two different payloads. That way you could have one for Windows and one for OSX.

[[Release] Simple-Ducky Payload Generator v1.1.1 (International Key Mapping|Kali Compatible|Custom Payload Builder)]

Wow Skysploit, you're certainly putting a lot of effort into this project. So many options. Great job, keep it up!

[[Firmware] Enhancements in Duck.hex Firmware]

So this allows the Ducky to work before the OS is fully loaded? Is there anything else you can do?

[[Firmware] Enhancements in Duck.hex Firmware]

I don't really understand what that means. Could you give a few examples?

[[Firmware] Enhancements in Duck.hex Firmware]

Hello. What exactly does v2.1 of the Duck.hex firmware (https://code.google.com/p/ducky-decode/downloads/detail?name=duck_v2.1.hex&can=2&q=) have over version 1.0? I know you can change the VID and PID easily, but what exactly is the "Subclass BOOT flag?" Is there anything else? Thanks.

[EvilJava (Revived)]

The issue still persists. I cannot install Evil Java from within the module.

[Having Issues Connecting to my Pineapple]

Yay yay yay yay yay. I got it to work! :) I have no idea why, but holding that reset button fixed whatever was the issue. Thanks Seb!

Wait, did this just like factory reset my device or something? I don't have any modules and everything looks gone. If so, then should I upgrade to 2.8.1 now? I just updated.

[Having Issues Connecting to my Pineapple]

I can ping 172.16.42.42 and get a response, but 172.16.42.1 results in a "Reply from 172.16.42.42: Destination host unreachable." Unable to SSH 172.16.42.42 (only the gateway though) and 172.16.42.1. Once fully turned on, all buttons are solid glowing fine, even the WPS button. It does broadcast a Wi-Fi AP called "Wi-Fi". It even tries to replicate my normal, secure Wi-Fi connection at my house (it shows up with the same SSID, but open). I connected to it (AP: Wi-Fi) fine, but I still couldn't get to the control panel. I could ping 172.16.42.42 and get a response, but 172.16.42.1 still resulted in an error. I also still couldn't SSH in.

[Having Issues Connecting to my Pineapple]

Hello. I've used the pineapple for quite some time in the past, but now I can't seem to get to the control center. Everything seems to be the same, so I'm not quite sure why it's not working anymore. I'm using Windows 7. I have my normal internet working fine. I have it being shared to my Local Area Connection (pineapple). I have the correct settings for IPv4 in the pineapple adapter. I connect to the same place I always did (http://172.16.42.1:1471/) and Chrome just tells me I can't connect. I've tried powering the unit on and off, re-plugging the ethernet cable, rescrewing the antenna (though I'm pretty sure that doesn't affect this), etc. I've tried it both with and without my USB, and it doesn't work either time. I tried other browsers- the issue persists. I have the Pineapple connected to my computer with an ethernet cable from the PoE LAN port of my Pineapple to the ethernet of my computer. This has worked before, and it has been pretty much the only way I have accessed my Pineapple. All the lights on the Pineapple are glowing perfectly fine. I can even see the AP it's broadcasts. Oh, and I think my pineapple was running 2.8.0 if that helps. Not sure why this is not working anymore, but any help would be appreciated. Thanks.

[[Release] Simple-Ducky Payload Generator v1.1.1 (International Key Mapping|Kali Compatible|Custom Payload Builder)]

Thanks for this big project. Your efforts are certainly appreciated.

[[Question] Haxing a tredmill?]

I'd think it would be pretty cool if you could get it to work. I would probably be pretty hard though.