3mrgnc3
-
Posts
93 -
Joined
-
Last visited
-
Days Won
1
Posts posted by 3mrgnc3
-
-
Mine arrived today in UK. So hopefully anyone EU side who ordered from the US store will be getting theirs soon.
Darren, Loving the Ultra bundle backpack. I was worried my battered Panasonic CF-52 wouldn't fit (now sporting an autographed HakTip sticker along with the others). But its perfect! & still has enough room for the power adapter and a mouse.
Great job on the whole project thus far.
Now to get well practised on the new interface...
Cheers.
-
They've left the factory and are with the freight forwarder. I should have more info tonight/tomorrow. I didn't realize Monday is a holiday. I'll update as soon as I have more.
Thanks for keeping us all posted Darren.
;D
-
1
-
-
Good to know,
Thanks for you efforts and attention to detail.
Cheers :D
-
We have the topics set up. It's just finding time in both the studio and my schedule that I can fly out and knock some episodes out. Seeming to be tough to do these last few months
Great to hear.
Greatly appreciate your past episodes Mubix
Happy New Year!
-
-
Been using Hak5's gear since MK III and first sales of the Ducky.
Dual band goodness at last...
Awesome...
(Fills basket with TETRA TAC BUND,YARDSTICK,DUCKY, and other asorted Hak5 goodies)
Here, have some ov mwa monnies....
Peace.
-
Forgot to say... it should be possible to use ssh tunneling on that provider, too.
Are there any free ones or only payed services - and if so, which to choose ?
Thanx ;-)
I'm using linode.com because I'm able to build a minimal kali vm in VirtualBox the use rsync to copy it directly to the disk on my vps in the cloud. The kali minimal image starts off at about 1.7Gb once I've configured and hardened it (including scrubbing banners and changing services I use to non-standard ports etc.)
Then once working in the cloud I can very easily add any kali tools I want.
Cheers.
-
I looked at the link, and it just shows a reverse netcat shell script set to autorun at boot.
# remove the script and the LaunchDaemon
rm /Library/.hidden/*
rmdir /Library/.hidden
rm /Library/LaunchDaemons/*
rmdir /Library/LaunchDaemons
... then reboot.
Hope this helps.
-
Awesome! Thanks for the pointers!
Your Welcome.
-
Awsome Seb!
I was wondering just the other day when the next MKV FW was coming out.
nice.
Enjoy DefCon...
Some of us will only be there in spirit. Maybee next year. :(
Well done on the vuln patch response.
Cheers.
-
I know this may sound like a snarky answer, but it's really not meant as such...
I depends. Its like asking how long is a piece of string.
Most consumer grade wifi AP's should work to 100 - 300 meters at best under test condition.
However...
The factors affecting the range are thing like.
- Channel you use (in relation to what's used in the area)
- RF Interference (similar to the last but also covers non-wifi technologies)
- Terain and Environment (by the Sea, in the country, built up city?)
- Elevation of antennas (the higher you can place your pineapple the better)
- Weather (too Dry and range drops down, too Rainy and RF energy starts suffeing from absorption)
- Day or Night (Some of the affects above a cyclical and have a daily pattern)
Hope this is helpfull.
-
If you're staring out in infosec from scratch. SANS have recently put out a new FREE resource for beginners over at http://www.cyberaces.org/ .
Its a good all round starter series of videos and lesson packs (pdf) covering the basics of understanding windows/*NIX/Mac file systems, using bash, Cmd, powershell, php, to name a few areas of note.
Personally, I've used securitytube.net extensively in the past and can highly recommend any training resources produced by Vivek Ramachandran who started that particular site.
Hope this helps.
-
I ordered from the Hakshop and it only took 3 days to arrive in the UK (Gloucestershire). It was a bit pricey on the shipping. But I really wanted a Hak5 Mug and sticker pack too :D
Anyway... so far I've run through all 7 of Darren's LanTurtle videos, as well as setting up OpenVPN Server on a linode VPS (as seen in Hak5 a few episodes ago).
I can confirm my LT works flawlessly as per Darren's Tutorials, and I really like the ease of configuration when is comes the setting up RSA Keys, SSHFS & OpenVPN.
The team have really created a cracking little piece of PenTest Tech at a non-premium price.
Hats off.
Cheers.
-
1
-
-
Aww, man.You do know there's a European based reseller now, right?
I completely forgot...
ah well.
... p.s.
just had a look and you're out of stock until August anyhow...
I will remember for next time though.
Cheers.
-
Wonderful project. Important question:
Assuming a PC/server already has an IP address assigned to it via DHCP on a cable, isn't there going to be a conflict when the lan turtle is inserted into, for example, the back of a pc's/server's usb port -- does the pc/server still ask for an address even though it is already connected to a network with an established connection?
I believe this conundrum needs to be clarified a bit.
Thank you.
This can get complicated in a sophisticated corporate environment where switches/routers have various configuration differences. like certain rj45 sockets being locked to only accept a specific client MAC Address.
However, for your question I have assumed a regular SOHO router environment...
----- Scenario 1 -----
The target network's real dhcp server will issue the Turtle's outward facing ethernet another address from its pool of addresses not currently leased out to a device.
The Turtle's inward facing interface (ie. the usb plug) will issue the PC an ip address via its own dhcp server(one in the 172.16.x.x range by default).
Even if you left the origional ethernet cable connected, and pluged in a second cable from the real network into the Turtle, it will still work fine.
The PC will effectively have two functional independant network interfaces.
---- Scenario 2 ----
Same as above except you use the cat5 (or cat6) ethernet cable already in the pc...
A new ip will be issued to the Turtle's outward facing ethernet interface because it has a differen MAC Address.
---- Scenario 3 ----
If in the last case you knew the target PC's MAC and IP Address, you could spoof/statically assign these to the Turtle prior to deployment and it would also work fine as as the pc will automatically update its route to the internet and use the current connected interface (ie. the Turtle's USB end)
Hope this help answer your question.
Cheers,
3mrgnc3
-
Great Work Darren and the Team!
Just ordered one of these bad boys in the Hakshop, can wait to get it.
Just hope shipping is speedier now I'm in the UK rather than Germany like I was the last time, when I ordered my MKV and my Ducky.
Had been hoping to make it to Defcon this year to finally say hello to you guys in the flesh. But alas my boss didn't come through with funding the trip...
Well, there's always next year (If I manage to save up myself maybe)
Cheers,
-
I think you are missing the point of the secure AP. It is for configuration. Not to browse the internet through your Pineapple while conducting attacks. Obviously, since the interfaces are bridged other machines can ping/port scan/etc across them. By configuring your Pineapple through the secure AP your data is encrypted so if anyone in the area is using Wireshark and capturing your packets they won't be able to see the username and password, or any other data, that is intended for your Pineapple.
If an attacker wants to capture your configuration session traffic they can't now just passively sniff the channel near by if you use WPA2.
BUT!
If they are first connected to the open AP on the pineapple and start sniffing all traffic on the subnet, and then YOU login to the management interface you could get pwned!
Solutions to this could be...
⭐ Setup SSL on the management interface to make it https. (My personal choice)
⭐ Use SSH with CLI terminal for configuration
⭐ Use SSH and tunnel the http management interface through it
⭐ Configure segmented subnets for each AP type
⭐ Use reverse SSH to a VPS via a mobile modem then tunnel the http/https interface through the intertubes so that when you remote into the VPS with your laptop/fondleslab you get the pretty Web interface (this is my personal favourite but I haven't got it set up right now coz I'm too busy (ahem lazy ?) ?
Merry Christmas.
-
It sounds like you need to Google for the correct '<yoursimcard> APN Settings' then put that into the 'mobile' section of the 'network' infusion.
Or,
If that's no help. Have a good read of the wiki modem support page
http://wiki.wifipineapple.com/index.php/Compatible_Modems
Hope this points you towards the solution.
Merry Christmas ?
-
Awsome Seb and the team!
Well done.
-
Excellent work on this very handy and invaluable infusion.
Well done and thanks!
???
-
I wouldn't bother..."81% of Tor users can be de-anonymised by analysing router information, research indicates - http://thestack.com/chakravarty-tor-traffic-analysis-141114 "
???
-
************** SOLVED ***************
I'm such a massive tool and feel I need to appologise to the community for failing to RTFM!!!
phpsystems +1 You had the answer right there a few lines above....
Modifying the executable from :
php-cgi $DIR/meterpreter.php $IP $PORT > /dev/null
to :
cd $DIR > /dev/null php-cgi ./meterpreter.php $IP $PORT > /dev/null
Seems to solve the issue.
All the best
3mrgnc3
************** SOLVED ***************
-
Hi
I'm trying to get the Meterpreter Infusion working, but having a few issues that have me stumped atm.
Hope the mods don't mind but I thought it wise to re-post a link to my question in the infusions section here.
I believe more of the community will see it here in the forum
https://forums.hak5.org/index.php?/topic/32913-support-meterpreter/?view=getnewpost
Cheers.?
-
************** SOLVED ***************
I'm such a massive tool and feel I need to appologise to the community for failing to RTFM!!!
phpsystems +1 You had the answer right there a few lines above....
All the best
3mrgnc3
************** SOLVED ***************
I can't for the life of me seem to get this working...Can someone help me here?So, In just over a week we have a big demo and equipment test week at work.I'm trying to convince my boss to get us a load of new kit (including a box full of pineapples!)The Meterpreter infusion is pretty central to my argument for us using the Pineapple.Here are my settings...
I initially set up openssl and installed my own certificates for secure https web access using firefox.Ive also reverted the nginx config back to default and tried it out using plain old http on Firefox, Icewesel, IE 11, and the latest Chrome...P.S. The Pineapple has been renamed to "RBx" in line with the project I'm using it for just incase people start to wonderAny tips?Cheers.3mrgnc3
Stability issues with Red is wlan1mon, when being disabled and tethering stopping.
in WiFi Pineapple TETRA
Posted · Edited by 3mrgnc3
I'm having the same problem, & can confirm my setup is exactly the same as the example picture Darren posted.
Tested from a fresh install with fully charged batteries.