shutin
-
Posts
78 -
Joined
-
Last visited
-
Days Won
2
Posts posted by shutin
-
-
That's me in the corner.
That's me in the spot light
Trying to figure out ettercap
Through a 3rd. party. interface.
I know I should google.
I know I should just. give up.
But I paid money
Now explain. how to hack.
-
The laptop part was totally unecessary. You could have done it all on the pineapple.
-
You really want a pentest box sitting on your internal network? After the recent exploit? buy a freakin adapter they are like ten bucks.
I just got my alfa whatever the hell it is replacement dongle today. The one they said would fix the slow connection speeds? HOLY CRAP it is showing networks I've never seen before. Absolutely you want this thing. It's in the hak5 shop, like $20 or something. Buy that. Leave your internal network internal. $0.02
-
any progress? I have 3 of those damn cables but ive never successfully gotten this to work. the p2pgui app just happily accepts clicks and doesnt do anything :/ i was thinking about just using Script Manager to run the kos commands..
-
Still unable to get "start" to do anything like shown in the video. is there a command line option?
-
That video helped a bunch,and was informative as far as learning about how more devices are using broadcast probes instead of revealing the SSID they are looking for. However, on my 2.04 Pineapple Mark V I cannot enable pineap! I can start Karma, but none of the PineAP "enable" links work. Can anyone else run it?
-
I keep getting "save file is corrupted" errors. I installed internal. anyone else?
-
to read the logs i have to click view then scroll up using arrow keys.
-
Finally got my usb ethernet adapter so I could run the mk5 off my 3000px laptop. As an owner of the mk4, i'm very impressed! Things work! Infusions work! Jasager works! Well done people!
Hopefully I get better results with reaver and sslstrip. Also, I could use an infusion walkthrough. But overall I'm thrilled it delivers on the promises.
-
dont be afraid to try the options on the advanced tab. that's what they are there for.
-
good luck!!
What that guy said. You have to be close as fuck. Also, you can't tell if an AP is WPS compatible because they forgot wash. All you can do is examine your fucking LOGS on the other tab of the wps page. You'll see bully and reaver startup and fail because "WPS is locked" or other shit.
-
I would love to see the latest version. theman at sent.com post here please!
-
Just got my Mark V after a long wait. I know what a microSD slot looks like. I don't have one. Has anyone else experienced this? Is my only option a return? Why does god hate me? I also didn't get a card.
https://www.dropbox.com/s/zr8mrcvwcrxb5un/20140710_183309.jpg
Edit: I should add that by looking at the bottom I can see the silver outline of what appears to be a slot. So maybe the plastic just didnt get punched correctly. I don't know if I should take a dremel to the thing or just return it and pay the shipping.
Edit: OMH IM A DUMB ASS CARRY ON.
-
Looks very cool and useful. Can't wait to try it.
Be honest though, have you tested this? 80% of the scripts I see posted here have major halting bugs in them, which makes no sense because surely the developer attempted to run it ONCe on their machine, right? (and someone else's machine!)
-
Jesse, did you have this working on Kali, and then ported it for the pineapple? if so, do you have the original kali script?
I realize this is a work in progress, but due to the amount of errors people have encountered just getting it installed, I think people should try browsing through the source *before* running it to make sure there isn't anything potentially catastrophic in there like rm yournuts. just putting that out there. We all appreciate the effort.
-
Donno buddy. Are the saved networks unencrypted, open wifi APs? Karma might not work with WPA/WPA2/WEP networks since you can't authenticate to a fake version of them. Reword your details, your English seems off..
Set up the exact same networks on all three devices and see what happens..
-
not if it's anything like the previous model. you had to scrap the web screen to log that info.
-
Aww damn i've been waiting for this for awhile! I thought i would have to write a bunch of scripts in SCripter or some other tool. The DL link doenst work but the source one does. I think the apk is in the bin directory there. I am stoked! good work man. and SecDroid looks vital too. i;ll pick that up.
Another thing that enabled USB Debugging mode? Titanium Backup nags you to enable it every time it runs.
-
interested buuut.. i can already install those apps. what is XTS mode? and how do you have a hidden 100m area? why does the guardian group get so beat up in play store reviews? at least they are trying..
-
The First Word: MultiRom, homie. DL it. Love it.
Use that to alternate boot the kalipwn image (pwnpad is less cool). I was very impressed with kalipwn. everything WORKED PERFECTLY!
i love my nexus. i choose between 5 different roms on boot now.
-
honestly man, who wouldn't just check every box that wasnt obtrusive. It's not like I DONT want the computer name. This didnt work for me, but then, i packed the list.
IMHO, ducky tech has evolved to where it's now about getting the report file back on the twin duck or loading exes from it. everything else has been done. Glad to see a web site for it though. even if it didnt work for me ;)
-
yr on the right path, but no need for the 3020. Use a Pi. I had
ME -> wifi -> Tor Pi /w wifi adapter as AP and cat5 -> other wifi router -> internet
SO i had two aps to choose from, the anonymizing one and the other. was fairly easy to build using a tutorial called TRAP. but i cant find it. the best i found is this tut that never worked right for me but maybe for you
https://www.google.com/search?q=rry+pi+trap+tor+on+ion#q=raspberry+pi+tor+onion+wifi&start=10
-
OP wants to know why he only sees his own traffic while rurnning wireshark. The rest is coloring. It's because you are on a switched network. You need ettercap or something to ARP poison so you are the MITM. That, or a throwing star LAN tap placed in between you and the internet. OTherwise you just get broadcast DHCP and Bounjor crap. If your friend watches you watch porn, he's gay. No straight guy would watch another one while he's spanking it.
Why are you watching porn live over the net anyway. You should already have a vpn to dl porn via torrents or risk getting sued, and that vpn would protect you from sniffing attacks locally.
You seriously need to have proof he's monitoring? Simply run the ettercap plugin that detects devices in promiscuous mode. There's also command line utils for it.
-
A "recoded" reaver? Yeah, that exists. It's called Bully and it's C.
Bully is a new implementation of the WPS brute force attack, written in C. It is conceptually identical to other programs, in that it exploits the (now well known) design flaw in the WPS specification. It has several advantages over the original reaver code. These include fewer dependencies, improved memory and cpu performance, correct handling of endianness, and a more robust set of options. It runs on Linux, and was specifically developed to run on embedded Linux systems (OpenWrt, etc) regardless of architecture.
Bully provides several improvements in the detection and handling of anomalous scenarios. It has been tested against access points from numerous vendors, and with differing configurations, with much success.
Bully requires libpcap and libssl. It uses WPS functionality written by Jouni Malinen; that source code is included in this repro for simplicity, as are libcrypto and several other sources that provide needed functionality.
Because Bully stores randomized pins and session data in normal files, there is no need for any database functionality.
Bully can be built and installed by running:
~/bully$ cd src
~/bully/src$ make
~/bully/src$ sudo make install
[Infusion idea] Offline WPS Cracking
in Mark V Infusions
Posted
Sounds like bs to me, and even if it did work, it would only be against a small amount of routers, and they would have to be unpatched, and they would have to be running WPS, which you could already break if it was vulnerable... tell me again why you want an ARM router with limited CPU to mount an offline attack.. against anything? Might as well make a c0wpatty infusion.
Theres a lot more stuff I'd rather see than some vaporware.