sud0nick
-
Posts
1,056 -
Joined
-
Last visited
-
Days Won
66
Posts posted by sud0nick
-
-
You should consider using the User Principle Name rather than the Full Name. There are many people within my AD environment that have the same name, middle initial too, and the only way to tell them apart is by the UPN. Why did you choose batch over PowerShell for this script?
-
They've been kinda busy, you know, with the new products rolling out, being tested, updated, and retested. I'm sure their priorities are in the following order:
1. Roll out Nano and Tetra devices and resolve all bugs
2. Sleep
3. Make new Hak5 episodes
Right now they're at step one.
-
Haha at least he's not so easily social engineered. Take solace in that?
lol, yeah but he acted like a skeptical web client. I presented my TLS cert to him, he checked with the CA, the CA said all was good but then he still didn't trust me. I finally got him to say it was okay to modify my hosts file but
he still hasn't remoted in to the machine and modified it.As I was writing this he called and said he finally did it, like 2-3 hours later. I was skeptical myself because he said "I modified the hosts file, at least where I think it's at", lol. I'm not confident in his abilities but it looks like Google helped him find the right file.
-
Just venting about workplace woes as a server admin.
So, I'm supposed to test a new service on a system that is run by another organization. I have no admin rights on my desktop or on this service. I only have admin rights on my own servers and nothing else. So, I need the hosts file updated on my system to point to the new service (can't use the IP only because links are hardcoded in places using the FQDN which would resolve to the old IP) and since I don't have the rights I need the helpdesk to do it for me. I am now 45 minutes into this and my hosts file has not been updated. After explaining where to find the hosts file to the guy on the phone and being put on hold for 15-20 minutes he comes back and says he isn't sure if he is allowed to do that. It took him 45 minutes to come to this conclusion!!!
The guy actually told me "let me find out where we keep our hosts file". I think I should just go home for the day.
-
Dude, you aren't making any sense.
-
Just so you know IMcPwn, I am currently working on a module that will allow you to create and manage SSL/TLS certificates. Part of the functionality will be an automatic upgrade of the Pineapple interface to SSL. I have it working on the MKV but need to wait until I get my Tetra to start working on the front end so I can release it.
-
2
-
-
Hmm, I guess Vive exists too.
-
Momentum isn't slowing down - it has stayed about the same. The mkV has a ton of modules developed by only a handful of people over the course of a couple years it takes time for us to move them over and I'm sure most, if not all, of the module developers have full time jobs that are not the pineapple.
Very true. One of the reasons I'm upset the Tetra deliveries got delayed is because soon I'll be on a business trip for a few weeks. Hopefully I'll have time to work on my modules while I'm gone.
-
You could always try using Evil Portal and Portal Auth to clone a page, inject your own code, and display that page to the target. After they send their credentials to you, you redirect them to the actual page they wanted. It takes a little more effort than just clicking a button, though.
-
i8igmac, what is that first board you found?
Edit: Nevermind, I found it. It's the WiTi Board
-
-
Telot, that is really cool. I can see how you would get an idea of, maybe, miles between the two Pineapples but if you needed something more precise were you worried about the accuracy? For example, the range of the Pineapple would spread over more than a few meters and you can't know where within that range the phone was when the beacon was sent so you could definitely have an idea of the distance +/- a few meters but you couldn't know a precise distance. Is this statement correct?
-
I'll add a ":)" when Darren let's me sleep..
:)
Does this mean you've slept? If not, let the man sleep, Darren!
-
-
Ah, now I understand your confusion. You need to first SSH into the Pineapple using an application like PuTTy. Then you run the Linux commands from within the Pineapple via the SSH terminal. This should help you get started.
Edit: You should also be able to connect to WiFi from the web interface. I haven't used the new UI yet so I can't tell you exactly where to go but there should be a Network tab.
-
1
-
-
You should start using PowerShell. It's pretty amazing. I use it a lot at work to automate tasks. One particular task that would take me 3 hours to perform manually now only takes 1-2 seconds and the code didn't take long to write at all. That's a typical result for programmers but it used to not be on Windows environments. I love how it integrates with Active Directory, PowerCLI allows integration with VMware products, and there are custom modules out there that cover anything Microsoft hasn't covered already. I even used a third party SSH module to write a PowerShell script to search all of the 53 Cisco switches on a network to find a machine's location.
Okay, I'll stop promoting one of my favorite languages now.
-
I meant that i can set up the pineapple but i just cant do the commands to get it connected to internet.
Like you don't know how? Or the commands don't work?
-
1
-
-
Yeah, too expensive in Europe. £350 and it would be worth a try, but way too much on a whim at the current price. Isn't there a (vive?) competitor coming out in April too?
You're thinking of Fove, which I think is going to be better than the Oculus. I probably won't get into the VR game for quite some time but Fove makes me want to get into it sooner.
-
I for one am waiting for my Tetra to start porting my infusions to modules. I already have a new idea for another module and since all I have is a MKV I'm currently building it on that so I can port it to the new interface once I get my Tetra. It will take time for modules to be released but rest assured the developers are working on them when we have the time.
-
Sweet! Downloading it now.
-
Well this definitely makes me feel better about using Kali. I misunderstood the "flaws" that were spoken of by others. I was under the impression they were inherent system flaws rather than conveniences. I'm starting to play around with BackBox to see how I like it but now I'll keep Kali on my list too.
-
I've used the pineapples for calculating historical travel times of vehicles on major interstates for road construction projects
If there is nothing barring you from releasing the information to the public I would love to see a thread on how you did this. It sounds really interesting.
-
Do you think the only problem that people reference is the default setup of accounts and permissions? If so then I would probably continue to use Kali. Some of the things I've heard make it sound as if the OS is inherently insecure aside from root being the only user by default. As I stated before I wouldn't have any idea what is actually wrong with the OS unless if someone told me. So if the general consensus is that Kali is only insecure at first because you need to create an unpriv account and lock down root then I can deal with that. That's easy stuff.
-
I think he means what linux for his laptop that he's attaching the NANO to sud0nick. My mind went the same way as yours at first "What's he mean, get the right linux to make it run smoother? What could be smoother than openwrt?". Now that I re-read it, I believe he's talking about desktop/laptop distros.
I get that. My response remains the same because your desktop distro has nothing to do with how "smooth" the Pineapple operates. Maybe he's just looking for which distro he should use for general pentesting but again that has nothing to do with the Pineapple.
-
1
-
[BATCH/CMD] Reset a user's AD password, send email - Automated
in Applications & Coding
Posted
You should look into PowerShell. It's much easier and far more powerful than batch. I think you'll enjoy it.