Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by NovaSam

  1. RT @hak5darren: I freaking love this. Niiiice "@fedd: PineAP it all... Cheers @hak5darren & @sebkinne #wifipineapple http://t.co/tVMbFGCyzT"

  2. RT @jaysonstreet: #Truth! RT @krypt3ia: Not patching is why we can't have nice things...

  3. Very unlikely as to fully implement PineAP you will want more then one radio, and in some cases two. This is one of the primary reasons Hak5 developed the custom hardware for the Mark V. I believe Darren has pointed this out several times on the forms already. Now this does not mean there will be no more updates, but I would recommend possibly investing in the Mark V.
  4. It could be helpful to have multiple rubber duckys for when you have different payloads for each one. So like you said option 1 if this is the case and option 2 if this is the case. I have also found different operating systems have different commands, and some work better then others. A good hack sometimes involves as much planning and recon as possible, and always written permission of course. Sometimes it's just having a couple options for when the opportunity presents its self. Also you could also have multiple payload pre compiled on your tablet or netbook, and you could simply change them out as needed on the fly. So you could get by with just one, but whats the fun in that.
  5. You may need to setup routing between subnets not he pineapple. By default the subnet is the same on all interfaces int he default configuration. It's all based on OpenWRT. So you can check out the OpenWRT.org site for information on how to configure different routing interfaces. The only thing you have to keep in mind is that the PineApple was design to be a Man-In-The-Middle devices. So keep this in mind while configuring routing or your pineapple will not serve this purpose anymore. Here is a thread we talk about something similar https://forums.hak5.org/index.php?/topic/33319-using-eth0-connected-to-a-router-with-dhcp-to-supply-internet/?hl=dhcp
  6. RT @HackingDave: Seriously @kaspersky - El Machete Chinese related coding and APT? It’s freaking SET, that’s my code. https://t.co/7DZLkdjU…

  7. RT @Netflixhelps: We're aware of the streaming issues on all devices in all regions except Europe. We're investigating the issue. Thank you…

  8. Nice find, will need to try it out. Thank you
  9. A quick google search on Port Mirroring and OpenWRT and I ran into this. Might be all you need. This is on the OpenWRT forums so it is more likely to work on the Pineapple as it is OpenWRT (Duh) ;) Let me know if this works, might be worth creating a simple infusion. https://forum.openwrt.org/viewtopic.php?id=28878 You can use TEE from iptables. Something like this, to monitor all traffic from and to the WAN: # incoming packets (ignore packets from local subnet) iptables -A POSTROUTING -t mangle -o br-lan ! -s -j TEE --gateway # outgoing packets (ignore packets to local subnet) iptables -A PREROUTING -t mangle -i br-lan ! -d -j TEE --gateway Thereby, all packets gets forwarded to You can also use a seperate vlan to create the mirror-port.
  10. RT @justinGMT: @TheRealJoeCross also, there are ppl that are flooding #ferguson for the sole purpose of inciting riots. They don’t even li…

  11. RT @pjswan: The media should never become part of the story. Wantonly irresponsible. #Ferguson

  12. RT @ppolstra: Why yes that is Metasploit & fern WiFi cracker running on #TheDeck 2.0 #beaglebone #ubuntu 14.04 http://t.co/maJNUxL6AE

  13. There are a lot of solutions out there to help monitor/filter internet traffic on your home network. Some Paid, and many free with paid options. All solutions are not 100% effective, and have their own ups and downs, and ways around them. - If you primary use windows 8.1 devices look into Parental controls (requires you to add at least one child account first) includes both filtering/reporting - OpenDNS - basically with very little modification to your router, devices point all DNS on your network to OpenDNS servers, and even setup a free account to run weekly reports. - Apple iOS devices have built in filtering "Restriction" options to help filter adult content. - Mac OS X has some built in limited Parental Controls. - Some home wireless routers now have parental controls and filtering built in. - K9 Web Protection, use on Windows Mac, iPhone, iPad, Android. - use a solution such as untangle.com in-line or arp spoof, they have a free version you can install on any regular PC hardware, - setup a squid server if you have even more time on your hands. Personally I'm not a big believer in web filtering, but rather user education. There is still a good place for filtering such as phishing, and malware prevention.
  14. I have had my pineapples misbehave in the recent past. Like you I have been learning a lot by trial and error. I enjoy figuring out how things work, isn't that what hackers really do? Some things I have found to help when having issues (slow or non-responsive): - Wiping the SD Card after a major update. - Re-flashing firmware This process seems to get better with every new version released. Hoping that we can preload backed up configurations in the near future to make remote flashing possible without having to have another node on the network to reconfigure everything each time.
  15. Back from @_defcon_ and a family road trip to California. Got a little too much sun but fired up about information security.

  16. RT @semibogan: @Brav0Hax @thegrugq @0xabad1dea hacking tools were created by guys who later went on to form hacking companies. In other new…

  17. RT @_defcon_: UPCOMING DEF CON DATES: #defcon 23 July 30-August 2, 2015. #defcon 24 August 4-7, 2016. #savethedate

  18. RT @briankrebs: It's Patch Tuesday again, peeps! Critical fixes for Flash, Windows, Adobe Reader. Patch 'em if you got 'em. http://t.co/95T…

  19. A Pineapple Duo I'm having endless hours of fun with. @hak5darren @Hak5 remember to pineapple responsibly... http://t.co/vK0nWLurO4

  20. Taking mental note on checking/updating SSL certs for all sites before Defcon ;)
  21. I see what your talking about. I'm trying to do something similar by connecting two Pineapple Routers together, with the new pineapple plug I got at Defcon. This guide is helpful, as it explains the default routing behavior a little more (very important when working with pineapples). I'm using the First pineapple to setup the internet client connection, as well as a WPA2 (a little more secure) access to manage both routers. Then I use the second pineapple to work the rest of the other attacks, although I can continue to use the first one for recon, and other stuff. Still toying with the whole idea of using multiple fruits to keep everyone on their feet ;)
  22. I figured a second SDR would be needed. I tried this on my own without any luck. I think it really depend on location, and if they are encrypted. I found that looking online for Policy Scanner Streams (while delayed) was a bit easier, but whats the fun in that unless you really need something quick. Would be interesting to hear the difference once you have the second SDR for control.
  23. RT @Incapsula_com: Mitigated large scale DNS flood. 80+ Gbps/40+ Mpps (million packets per second). #NoLove for #DDoS. http://t.co/o2K2Zuxo…

  24. RT @sawaba: TSA, inspecting my lock picks: "What do you do, sir?" Me: "I synergize machine-learning with value-added services." TSA: "You c…

  • Create New...