Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Recent Profile Visitors

1,613 profile views

mw3demo's Achievements


Newbie (1/14)

  1. I don't understand it either. Basically, he's arguing that this should ping the heuristic of your antivirus, and therefore it should know when the real thing comes along. However, surely they already have signatures for this, and updates to their own heuristic engines. It doesn't make sense, and doesn't smell right. Feels like some elaborate social engineering attempt to download his modified exe, which is probably a virus itself and he wants to see if it's detected without submitting to virustotal (and therefore to the AV companies)
  2. Looks like a new release will be coming out soon, but even more exciting is the MITMf integration that is on the cards (Unless this is going to be in the next release!). MITMf will replace some of the infusions we have come to love and hate, and replace them with a one stop shop framework. This will hopefully solve some of the issues we were having running multiple infusions impacting the network. Now we will have the best of hardware and software MITM in one sweet pineapple! Some functionality may not make it due to being CPU intensive (FilePwn), regardless, this is going to be a giant leap! MITMf V0.9.5 Framework for Man-In-The-Middle attacks Availible plugins Responder - LLMNR, NBT-NS and MDNS poisoner SSLstrip+ - Partially bypass HSTS Spoof - Redirect traffic using ARP Spoofing, ICMP Redirects or DHCP Spoofing and modify DNS queries Sniffer - Sniffs for various protocol login and auth attempts BeEFAutorun - Autoruns BeEF modules based on clients OS or browser type AppCachePoison - Perform app cache poison attacks SessionHijacking - Performs session hijacking attacks, and stores cookies in a firefox profile BrowserProfiler - Attempts to enumerate all browser plugins of connected clients CacheKill - Kills page caching by modifying headers FilePwn - Backdoor executables being sent over http using bdfactory Inject - Inject arbitrary content into HTML content JavaPwn - Performs drive-by attacks on clients with out-of-date java browser plugins jskeylogger - Injects a javascript keylogger into clients webpages Replace - Replace arbitary content in HTML content SMBAuth - Evoke SMB challenge-response auth attempts Upsidedownternet - Flips images 180 degrees Changelog Addition of the Sniffer plugin which integrates Net-Creds currently supported protocols are: FTP, IRC, POP, IMAP, Telnet, SMTP, SNMP (community strings), NTLMv1/v2 (all supported protocols like HTTP, SMB, LDAP etc..) and Kerberos Integrated Responder to poison LLMNR, NBT-NS and MDNS, and act as a WPAD rogue server. Integrated SSLstrip+ by Leonardo Nve to partially bypass HSTS as demonstrated at BlackHat Asia 2014 Addition of the SessionHijacking plugin, which uses code from FireLamb to store cookies in a Firefox profile Spoof plugin now supports ICMP, ARP and DHCP spoofing along with DNS tampering Spoof plugin can now exploit the 'ShellShock' bug when DHCP spoofing! Usage of third party tools has been completely removed (e.g. ettercap) FilePwn plugin re-written to backdoor executables and zip files on the fly by using the-backdoor-factory and code from BDFProxy Added msfrpc.py for interfacing with Metasploits rpc server Added beefapi.py for interfacing with BeEF's RESTfulAPI Addition of the app-cache poisoning attack by Krzysztof Kotowicz (blogpost explaining the attack here http://blog.kotowicz.net/2010/12/squid-imposter-phishing-websites.html) Links: https://twitter.com/hak5darren/status/585168796739964928 https://twitter.com/sebkinne/status/585550844260700162 https://github.com/byt3bl33d3r/MITMf/
  3. Hey Xcellerator, I reached out to Seb and Darren over on twitter and a new firmware should be coming out shortly (Also, MITMf integration appear to be on the horizon! This is epic news, it's well coded, and should remove the need for other infusions which weren't running well on the MKV. Not sure if it will land in the next release though!) Hope fully over the next week or so we should see a release. https://twitter.com/hak5darren/status/585168796739964928 https://forums.hak5.org/index.php?/topic/35021-new-firmware-coming-out-soon-and-mitmf-integration-on-the-cards/
  4. Looks great! Will give it a test! Meanwhile, leverage off this idea with more attacks and keep that ducky quacking! :)
  5. You need to change the link to http://www.fruitcovetech.com/updated-911_ap-sh-script-for-your-fakeap-pleasure-updated-for-kali/ vs http://www.fruitcovetech.com/updated-911_ap-sh-script-for-your-fakeap-pleasure-updated-for-kali/?preview=true&preview_id=87&preview_nonce=c9cccc612a This is because your original link has a preview argument. "You do not have permission to preview drafts."
  6. Alright. So your Bit Rate is similar as mine. Lets try this: 1) ssh into your pineapple and run the command "top". 2) Run PineAP and harvester like you were before and any other options you had running 3) Open another ssh session in a seperate window and run: bash -c 'while [ 0 ]; do iwconfig | grep "Bit Rate"; sleep 1; done' Im curious to see if your Bit Rate drops whilst running. Mine varies between 52 Mb/s to 72.2 Mb/s.. With just PineAp and harvester etc running, the browsing is seamless. As soon as I start ettercap/sslstrip, it gets sluggish then hangs. On a side note, after I stopped sslstrip and etterca, the nginx process hung and saturated the link between the pineapple and my laptop. When I browsed to, I get bad gateay. Only thing todo was reboot the pineapple. I think it's all load related, but in your case you didnt have any infusions running right?
  7. Hey there! Can you post the info you see on the client mode page. Just to be sure as well, your AP and the pineapple are on seperate channels right?
  8. Interesting, did not know it got deleted due to a Spanish gag law. No idea what the gov thought they could achieve by doing so. "Cause the new gag law which criminalized the publication of 'offensive' security tools/techniques I have to delete this repository. You can find good forks on MITMf framework (https://github.com/byt3bl33d3r/MITMf) or MANA rogue AP (https://github.com/sensepost/mana)." On a side note, MITMf's dev is pretty active, and has plans for additional features (https://github.com/byt3bl33d3r/MITMf/issues) , and he also just did a presentation at Black Hat Asia. I posted a ticket to his repo to see if he was interested in porting to the MKV back in December. He seemed very interested and also by chance, had a MKV already. Some libs were missing that would need to be included, and some functionality would have to be scaled back due to being too resource intensive, but the main parts could work. He is currently waiting for feedback from Seb/Darren, but they may very well be well along with their own version, or some other problem with officially incorporating such thing legally, commercially, or maybe limitations of the CPU/RAM to get it right, I don't know. I also posted a ticket on Sebs suggestion tracker last month, but no news yet. I know both Darren and Seb have been traveling a bunch over the past few months, as well as working on the show, so fingers crossed we get some feedback on a new proxy one way or another. :) Links: MITMf blog: http://sign0f4.blogspot.it/ GitHub: https://github.com/byt3bl33d3r/MITMf MITMf ticket: https://github.com/byt3bl33d3r/MITMf/issues/31 (Closed pending feedback ) Wifi pineapple ticket: https://www.wifipineapple.com/index.php?portal&bugs&action=view&id=291
  9. Cooper! Damnit. Was trying to do some social engineering. I was going to post this: "This all doesn't sound right, and is very suspicious. Your post screams at me that you are a peadophile. I have never heard of such a horrendous situation as a step father and his friend kidnapping a girl from another mother "teaching some skills and don't lie to us". I dated girls when I was 6 and onwards. You know what we did? Held hands, laughed and watched TV oh the shock horror. If I heard my wives new partner kidnapped my girl, I would find you and show you what kidnapping is all about, you would beg me to end it. What the hell is wrong in that sick twisted head of yours? Go get some help." Edit: Either this guy is a peadophile, or is actually a 11 year old himself. Out of curiosity though, how come you replied to him in Dutch Cooper? Anyways $5 says he doesn't reply. Edit 2: Just looked at his post again and saw that he mentioned he was Dutch.
  10. Hi Ken, This all depends on where you live. What country are you from? A city would be even better because some apps work alot better depending on this due to GPS programming for certain areas. Greetings, mw3demo
  11. Glad you are now up and running with your ducky! :)
  12. I think your problem is the missing delay at the beginning, as the usb is plugged in and needs to load drivers etc. Try adding "DELAY 3000" before "GUI r"
  13. Hey Seb, Hope you have been well. Thank you for the early Christmas Present! :) I was interested in seeing if a MITM proxy was capable of running on the pineapple. I came acroos the MITMf over at https://github.com/byt3bl33d3r/MITMf/ based on sergio-proxy, and the dev has been really active over the past month. I raised a ticket to see if the dev was interested in seeing if this could run on the MK V. Here is the link to the ticket with the devs replies: https://github.com/byt3bl33d3r/MITMf/issues/31 . I only just noticed you were already working on one which is great news. The MITMf dev seemed interested in porting this over though (He also owns a MK V), but ran into trouble due to missing libs. Would you be interested in helping port this project onto your firmware?
  14. mw3demo

    Sensepost MANNA

    Hey Barney, Great job! As Cooper said, if it's giving you that sort of load on a laptop/desktop, it will probably be too heavy for the pineapple. Can you share your script and details of the setup?
  • Create New...