sud0nick
-
Posts
1,056 -
Joined
-
Last visited
-
Days Won
66
Everything posted by sud0nick
-
[Release] 2.4.0 - Codename: Tractosaurus Rex!
sud0nick replied to Sebkinne's topic in WiFi Pineapple Mark V
I have a hard time believing the Pineapple is at fault for most of the issues that arise. I've been using my same MKV for the last year now, over multiple firmware upgrades, and I have yet to have any of the issues that plague your lives. I wouldn't blame the infusions, or the firmware, if your stuff is constantly bricking. My Pineapple has never bricked and I use it all the time. -
You can also go to the Configuration infusion, under the Advanced Tab, and enter poweroff or halt before unplugging it. That's as close as you'll ever get to shutting down the Pineapple.
-
John McAfee is running for President (Not Shilling. Just Asking.)
sud0nick replied to vailixi's topic in Everything Else
Yes, taxes need to go up now to get the US out of its debilitating debt. I was speaking more in terms of funding programs rather than working to pay off debts in which case, if money was spent wisely, taxes could be lowered. -
I ended up getting it to work by adding an additional repo in /etc/apt/sources.list. For some reason my fresh images of Kali 2.0 didn't have the necessary repos. For anyone else that might have this issue your sources.list file should look like this: # Regular repositories deb http://http.kali.org/kali sana main non-free contrib deb http://security.kali.org/kali-security sana/updates main contrib non-free # Source repositories deb-src http://http.kali.org/kali sana main non-free contrib deb-src http://security.kali.org/kali-security sana/updates main contrib non-free Then run the following: apt-get clean apt-get update And you should be able to run the setup.sh script without a problem.
-
Thanks. I'm gonna run a few more tests and make sure I'm not missing anything and if I still can't get it to work I'll raise an issue on their GitHub page.
-
Has anyone had success in installing Veil-Evasion on Kali 2.0? I've tried on both the 64-bit and 32-bit versions but it always fails. The error I get on the 64-bit version is about it not being able to find a package for Wine and on the 32-bit version I get an error about it not being able to install ttf-mscorefonts-installer. I've researched the issues through Google and even found incidents exactly like mine, however they were all resolved with solutions that did not work for me. Some of the information is misleading (possibly outdated) because some sources state it only works on Kali 1 while others state they have it working on Kali 2. Anyone have some advice for me?
-
John McAfee is running for President (Not Shilling. Just Asking.)
sud0nick replied to vailixi's topic in Everything Else
I agree with you Cooper. Unfortunately, our taxes are wasted on many different programs. There is plenty of money going toward the federal government but not enough of it being spent wisely. Taxes could probably be lowered if the money was spent wisely in each program. Of course there are so many programs being funded and so many individuals within those programs trying to line their pockets that it's difficult for anyone to do anything about it. One area in particular is government contracting. The companies that fulfill the contracts don't care about how much it's going to cost the government for their services (which comes from taxes) they just want to get as much money as they can. -
Are you using RADIUS? That's the only reason I can think of needing to enter a username for WiFi authentication.
-
Usb to usb battery power for the pineapple
sud0nick replied to molly888's topic in WiFi Pineapple Mark V
You should only power the Pineapple through it's barrel jack. The Pineapple operates at 9v @ 2A (iirc, correct me if I'm wrong) so you need at least an 18W power supply. Typically, USB pushes 5V and only about 0.5 A (from a PC) for USB 2.0, nowhere near enough power to run things properly. I'm not sure how much your PowerGen is pushing but if you can find a way to power the Pineapple through the barrel jack that would be the best method. -
Android 5.x Lockscreen bypass using a Ducky Payload.
sud0nick replied to ale's topic in Classic USB Rubber Ducky
Soooo...where's your script? I'm trying to load the video at work right now but if the ducky script works I would like to add it to my library. -
Just to be clear, the victim won't install the server on their computer. The payload I included will set up a listening socket (which is what I think you meant) so as long as that program is running in the background on their system you will be able to access it. The point of the NetClient page is to upload any payload you want. If you can make a payload for android then you can upload it to the Android section. The Payloader injection set will use the user-agent string of the victim's browser to determine what OS they are on. If they are on Android they will receive the Android payload, if they are on Windows they will receive the Windows payload, etc. By default I included the code for a Windows and OS X payload but you can always use the veil framework or metasploit to create your own payloads. I plan on playing around with the veil framework sometime this week as I have recently discovered it and it seems awesome.
-
I came across this game a few days ago at work, lol. Kind of fun.
-
Version 2.8 has been submitted to the Pineapple Bar. Here is the change log: [->] Added Payload tab which includes the Portal Auth Shell Server (PASS), payload upload center, and a default payload for Windows and OS X. [->] Modified the auth log tab to auto refresh. [->] Moved the Test Website and depends back to PuffyCode.com. [->] Added the Payloader injection set for delivering payloads to victim machines. Also, I put together a complete how to video on Portal Auth. Check it out in the Pineapple University forum.
-
Any update on this infusion? I'm anxious to get my hands on it.
-
This is a really good idea for an injection set. I'll have to look into it after I complete the updates I'm already working on for Portal Auth and the Payloader injection set. Unless if someone else wants to work on it. After all, the modularity of injection sets was intentionally designed so others could create and share.
-
I'm willing to help if you want to collaborate on this project.
-
Is the technique to get us to click on the link? If so, you have failed.
-
The park and stare idea isn't too bad. You would need a good camera with a wide FOV and possibly head tracking abilities to land it safely from such a distance. You also probably wouldn't be able to fly on the normal 2.4 GHz freq unless the building is close by with almost no interference between you and it. Regardless it would still be nerve-racking to land in a small area with only a camera.
-
Give it a couple of minutes and refresh the page. For some reason mine does this whenever I first boot it up. After a few refreshes everything runs smoothly.
-
Aside from the legal issue of walking into Walmart using your Pineapple without the consent of the company and all customers within, replaying people's MAC addresses (whatever that means) on the same network won't do anything for you. Whoever is tracking them will still see everyone is on the same network in the same location. newbi3's solution is just fine because it allows you to change the MAC address of the Pineapple so you aren't tracked. Of course if you are in a public location on WiFi that most likely requires MAC based authentication you will be reauthenticating every 5 seconds with the AP.
-
You have to clone a captive portal, or webpage, to use the injection sets. They are injected into the portal as it is copied to the Pineapple. I'm currently working on a new version of Portal Auth and I'll make a full guide on how to use every feature once it's finished but until then you can watch this video on some of the features. https://forums.hak5.org/index.php?/topic/34421-support-portal-auth/?p=258766
-
So, after you clone a captive portal, and the message appears that the portal was cloned successfully, you SSH into the Pineapple and check /sd/portals/ and nothing is there? If you open the large tile in Portal Auth, under the config tab, you should see a field for the portal directory that by default has /sd/portals/ in it. If it doesn't then you need to check the directory that's listed there instead. Under the Config tab in the large tile there is a field labeled Test Website. This is a URL to a webpage for Portal Auth to check if a captive portal is present. Since InfoTomb took down the file that Portal Auth links to by default I put up another link to my server. You can put that link in the Test Website field so you don't get false positives.
-
Even with swarm processing it won't be able to track their eye movements to know if it's been seen. If I had a drone flying above an establishment that was my target it would probably be because I don't want to be caught by the people below. So we could expect people to be around most of the time which would cause the swarm processing to constantly freak out and force the drone to fly back and forth without keeping a solid connection to the network or even gathering decent video of the surroundings.
-
It seems that InfoTomb doesn't hold on to files forever like they claim. The portal test page has disappeared now as well. Although I always recommend you use your own so you know which servers your Pineapple is connecting to when checking for captive portals I do have a page setup on my server. http://www.puffycode.com/download/PortalAuth/cptest.txt The expected data field in Portal Auth should be set to "No Captive Portal"
-
I use Ghostery. It seems to do a good job at finding trackers on pages and allowing you to block them.
