Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


About 3mrgnc3

  • Rank
    Hak5 Fan ++

Profile Information

  • Gender
  • Location
    The Untidied Kingdoms
  • Interests
    Electro Magnetism
    Emergent Phenomena
    Cognitive Dissonance
    Acoustic Guitar
    Coke Zero
    & Tropical Fruits

Recent Profile Visitors

2,501 profile views
  1. Afaik, devices call back via auto ssh on port 2022. the web interface is just for you to control everything. I too have a problem with a similar config though, but with my TETRA. I am also using c2 behind an NGINX reverse proxy with HTTPS. For me The TETRA connects back fine (via ssh), but Terminal wont work properly. When i select it I just get a double disconnected error message in the window. Disconnected. Disconnected. And on my VPS I get the following error message. [*] Initializing Hak5 Cloud C2 [*] Running Hak5 Cloud C2 2018/12/24 12:40:02 http: multiple response.WriteHeader calls I suspect this is being caused by my reverse_proxy configuration. I think I should be able to solve it with the correct nginx directive to tell the webserver to correctly handle the asynchronous terminal stuff? I haven't for the life of me been able to solve it yet though. If anyone has any suggestions, I'd be very grateful. EDIT... This is my nginx sites-available file for the domain I'm using server { ssl_certificate /opt/C2C/certs/cert.pem; ssl_certificate_key /opt/C2C/certs/key.pem; listen 443 ssl; server_name ctl.mydomain.com; location / { proxy_pass; proxy_http_version 1.1; # adds gzip gzip_static on; } }
  2. I think you are confused Ekber48 The Lan Turtle won't automatically hack into computers on the same lan. Rather, in the configuration you suggest, it gives you a foothold on the lan. Then from there you are able to conduct furter recon/spoofing/sniffing/mitm activity. The Lan Turtle can be used to attack a host directly via its usb in various ways but that requires a diferent use case from what you described. if you connect the turtle to any device via the RJ45/ethernet port, the network/computer/server (whatever you wish to call it) needs to assign an IP address to the turtle because it will request one via its dhcp client. It is possible to statically assign the ip beforehand if you know the target subnet is and what addresses are available. but that could cause problems.
  3. There is a project I found on github that is a fail2ban style solution for opewrt that would probably work on the pineapple https://github.com/robzr/bearDropper Edit: lol just saw this was the same as suggested above too :D However, the issue with fail2ban's blacklisting style solution to the problem is that it ends up appending hundreds and hundreds of IP addresses to an iptables rule list. Then this has to be loaded/parsed/compared whenever connection attempts are made. This could give a significant performance hit to you little old pineapple. The simplest and least CPU intensive solution to the problem is to switch ssh to a high port (eg. 61222) AND use RSA key authentication, STRICTLY disallowing password auth in your config. Then (as just_a_user alluded to) WHITELIST you own IP addresses using iptables. The ssh BOT/BOTS that are trying to brute you tend only to focus on port 22, and if they are smart enough to detect password auth is dsabled will give up quickly. But in 99.9% of cases I would put money on the problem going away if your using a non standard high port number for ssh. Hope this helps.
  4. lol, Oh Yeah , Forgot about that when thinking about what I saw on my VPS, cheers for posting and letting people know I was mistaken in suggesting those particular commands.
  5. I don't know about the pineapple, as I don't leave any of mine connected to the internet for a long period of time. However, on the VPS I run my blog from I was seeing many connections 'ESTABLISHED' to port 22 in netstat output. After also looking at my auth.log files too I saw Chinese IP addresses attempting to brute force my ssh password (unlucky for them I disable passwords and only use rsa keys). Sadly, this is common behaviour now in this age of cyberwarfare. I changed my ssh port to a non-standard one and now I have no problems. Just so everyone is clear, a netstat connection 'ESTABLISHED' doesn't mean an ssh session has been 'AUTHENTICATED'. Check using the commands: 'w', 'last', & 'lastlog' Then you will see precisely who is/has connected to your server and when.
  6. No problem mate, We all have off days ;D Thanks for your reply too.
  7. I love the last educational scenario. A level up from that. You could demonstrate the importance of properly implemented wireless security. This could be given as a small business guest network in the classroom. Setup similar to before, but using WPA2 with a weak passphrase (ie. its in the rockyou wordlist) or even WPS enabled with a weak implementation. Then 1. An attacker deauths clients and captures 4-way handshake packets. 2. He Joins the network and demonstrates ability to do attacks such as ARP Spoofing. 3. Sets up an evilAP with the pineapple using network name and MACaddress of WPA2 Access Point with same passphrase on a different channel. 4. constantlty Deauthenticate broadcast MAC address on origional channel. 5. Demonstrate students connecting to EvilAP Homework. What are the fundemental differences to the 1st scenario? Are there flaws in the level of trust we assign based on whether a wifi network is open or WEP/WPA/WPA2? What can we do about the problem? Regards, Ps. Wish I'd had that class back in the day... :D
  8. Hey @patient0 Sorry if I came across rude. I wasn't trying to make you flame. (Hadn't had my morning coffee ;D) You make some perfeclty valid points imho, and I felt similar frustration when I first got my TETRA. As it stands though I recommend buying an alternative battery pack/mains supply that will output 12v using the barrel connector. Then reinstall firmware from scratch and always make sure to power the device off via the web interface first before unplugging the battery. I'm using a Anker Astro3 10000mAh Multi-voltage 5V / 9V / 12V Battery Pack that allows me to charge and draw power at the same time. There are much better newer ones now available though. You sound really 'ticked off' though. In your case, if you are unhappy with your WifiPineapple see if you can return it and get a refund. I've been using the pineapple since the MkIV days, and have seen the concept grow out of the 'homebrew' community on here. I guess ive got used to the 'work-in-progress' nature of this kind of project. Where, Hak5 offer 'prototype' style development platforms. Then the community gets involved trying to make it better while learning along the way. I'm sorry you feel the way you do. Genuine best regards, 3mrgnc3
  9. Many of the threads new people start in this forum (not all though) are related to three main issues I believe. These are 'Operator Error' type problems in part. Not something Seb can just 'fix' with a patch in most cases. 1. The TETRA is VERY power hungry. Especially when running certain modules. 2. The two battery packs shipped with the TETRA are really pretty poor and even when used as directed don't perform reliably (ie. together on 4xUSB to uart & eth ports using BOTH y-cables). 3. Power cycling without properly shutting down the device via the web interface can easily cause corruption to some of the main module/conf files. Obviously if the TETRA is underpowered and you keep getting reboots this is gonna break the filesystem eventually. I'm not sure what else you expect Hak5 to post in reply? If you search for and read the threads on here related to the problems described above, this has all been discussed many times over. Regards,
  10. Have a look at https://wigle.net/
  11. Great Module. Followed the videos using all the infusions/module together and it works great against Win10. Are you planning to make any videos showcasing building payloads for android/OSX? also, people should make sure they power the NANO/TETRA adequately while doing any setup work involving copying/moving/extracting etc of files. I was getting image linking errors after cloning sites until I swapped my TETRA over to mains power. So could be something to consider for some cases.
  12. Hi, I love the bootstap interface on the pineapple but the very bright default colours give me terrible eyestrain. So I made this and thought I would share. WIFIPineapple-TETRA-NANO-Themes https://github.com/3mrgnc3/WIFIPineapple-TETRA-NANO-Themes?files=1 Hope others enjoy it too. EDIT: I'll post some screenshots tomorrow so people can see it properly before trying it out. I don't have my TETRA powered up right now and its sleepy time here in the UK right now. If anyone else has any themes/skins and wants to, they can send me a link and I'll add them to the repo. I intend to have a go at making a theme changer module sometime in the near future. When I get time that is. UPDATE... Here are the screenshots I promised. 3mrgnc3
  13. Was having similar power issues. DHL just delivered the extra PSU. USA plug type :D but I can live with that. I'm in the UK but couldn't wait for the EU shop to have the TETRA in stock. So I can't complain :P Plus, it came with a super awsome wifipinapple logo sticker. Thanks Darren +1
  • Create New...