sud0nick
-
Posts
1,056 -
Joined
-
Last visited
-
Days Won
66
Everything posted by sud0nick
-
[BATCH/CMD] Reset a user's AD password, send email - Automated
sud0nick replied to 0phoi5's topic in Applications & Coding
You should look into PowerShell. It's much easier and far more powerful than batch. I think you'll enjoy it. -
[BATCH/CMD] Reset a user's AD password, send email - Automated
sud0nick replied to 0phoi5's topic in Applications & Coding
You should consider using the User Principle Name rather than the Full Name. There are many people within my AD environment that have the same name, middle initial too, and the only way to tell them apart is by the UPN. Why did you choose batch over PowerShell for this script? -
They've been kinda busy, you know, with the new products rolling out, being tested, updated, and retested. I'm sure their priorities are in the following order: 1. Roll out Nano and Tetra devices and resolve all bugs 2. Sleep 3. Make new Hak5 episodes Right now they're at step one.
-
lol, yeah but he acted like a skeptical web client. I presented my TLS cert to him, he checked with the CA, the CA said all was good but then he still didn't trust me. I finally got him to say it was okay to modify my hosts file but he still hasn't remoted in to the machine and modified it. As I was writing this he called and said he finally did it, like 2-3 hours later. I was skeptical myself because he said "I modified the hosts file, at least where I think it's at", lol. I'm not confident in his abilities but it looks like Google helped him find the right file.
-
Just venting about workplace woes as a server admin. So, I'm supposed to test a new service on a system that is run by another organization. I have no admin rights on my desktop or on this service. I only have admin rights on my own servers and nothing else. So, I need the hosts file updated on my system to point to the new service (can't use the IP only because links are hardcoded in places using the FQDN which would resolve to the old IP) and since I don't have the rights I need the helpdesk to do it for me. I am now 45 minutes into this and my hosts file has not been updated. After explaining where to find the hosts file to the guy on the phone and being put on hold for 15-20 minutes he comes back and says he isn't sure if he is allowed to do that. It took him 45 minutes to come to this conclusion!!! The guy actually told me "let me find out where we keep our hosts file". I think I should just go home for the day.
-
Dude, you aren't making any sense.
-
Question Regarding Adding SSL to Interface
sud0nick replied to IMcPwn's topic in WiFi Pineapple NANO
Just so you know IMcPwn, I am currently working on a module that will allow you to create and manage SSL/TLS certificates. Part of the functionality will be an automatic upgrade of the Pineapple interface to SSL. I have it working on the MKV but need to wait until I get my Tetra to start working on the front end so I can release it. -
Did you back the DK1 Oculus? Get a free retail one.
sud0nick replied to Rkiver's topic in Everything Else
Hmm, I guess Vive exists too. -
Very true. One of the reasons I'm upset the Tetra deliveries got delayed is because soon I'll be on a business trip for a few weeks. Hopefully I'll have time to work on my modules while I'm gone.
-
which infusion to keylog passwords, besides sslstripping
sud0nick replied to ghostheadx2's topic in WiFi Pineapple Mark V
You could always try using Evil Portal and Portal Auth to clone a page, inject your own code, and display that page to the target. After they send their credentials to you, you redirect them to the actual page they wanted. It takes a little more effort than just clicking a button, though. -
i8igmac, what is that first board you found? Edit: Nevermind, I found it. It's the WiTi Board
-
https://forums.hak5.org/index.php?/topic/37064-introducing-the-wifi-pineapple-nano/?p=269136
-
Telot, that is really cool. I can see how you would get an idea of, maybe, miles between the two Pineapples but if you needed something more precise were you worried about the accuracy? For example, the range of the Pineapple would spread over more than a few meters and you can't know where within that range the phone was when the beacon was sent so you could definitely have an idea of the distance +/- a few meters but you couldn't know a precise distance. Is this statement correct?
-
Kudos to Darren, Seb, Shannon, Sara and crew
sud0nick replied to xrad's topic in WiFi Pineapple TETRA
Does this mean you've slept? If not, let the man sleep, Darren! -
Kudos to Darren, Seb, Shannon, Sara and crew
sud0nick replied to xrad's topic in WiFi Pineapple TETRA
:) -
Ah, now I understand your confusion. You need to first SSH into the Pineapple using an application like PuTTy. Then you run the Linux commands from within the Pineapple via the SSH terminal. This should help you get started. Edit: You should also be able to connect to WiFi from the web interface. I haven't used the new UI yet so I can't tell you exactly where to go but there should be a Network tab.
-
You should start using PowerShell. It's pretty amazing. I use it a lot at work to automate tasks. One particular task that would take me 3 hours to perform manually now only takes 1-2 seconds and the code didn't take long to write at all. That's a typical result for programmers but it used to not be on Windows environments. I love how it integrates with Active Directory, PowerCLI allows integration with VMware products, and there are custom modules out there that cover anything Microsoft hasn't covered already. I even used a third party SSH module to write a PowerShell script to search all of the 53 Cisco switches on a network to find a machine's location. Okay, I'll stop promoting one of my favorite languages now.
-
Like you don't know how? Or the commands don't work?
-
Did you back the DK1 Oculus? Get a free retail one.
sud0nick replied to Rkiver's topic in Everything Else
You're thinking of Fove, which I think is going to be better than the Oculus. I probably won't get into the VR game for quite some time but Fove makes me want to get into it sooner. -
I for one am waiting for my Tetra to start porting my infusions to modules. I already have a new idea for another module and since all I have is a MKV I'm currently building it on that so I can port it to the new interface once I get my Tetra. It will take time for modules to be released but rest assured the developers are working on them when we have the time.
-
Sweet! Downloading it now.
-
Well this definitely makes me feel better about using Kali. I misunderstood the "flaws" that were spoken of by others. I was under the impression they were inherent system flaws rather than conveniences. I'm starting to play around with BackBox to see how I like it but now I'll keep Kali on my list too.
-
If there is nothing barring you from releasing the information to the public I would love to see a thread on how you did this. It sounds really interesting.
-
Do you think the only problem that people reference is the default setup of accounts and permissions? If so then I would probably continue to use Kali. Some of the things I've heard make it sound as if the OS is inherently insecure aside from root being the only user by default. As I stated before I wouldn't have any idea what is actually wrong with the OS unless if someone told me. So if the general consensus is that Kali is only insecure at first because you need to create an unpriv account and lock down root then I can deal with that. That's easy stuff.
-
I get that. My response remains the same because your desktop distro has nothing to do with how "smooth" the Pineapple operates. Maybe he's just looking for which distro he should use for general pentesting but again that has nothing to do with the Pineapple.
