Jump to content

bored369

Active Members
  • Content Count

    288
  • Joined

  • Last visited

  • Days Won

    7

2 Followers

About bored369

  • Rank
    Hak5 Pirate

Recent Profile Visitors

2,138 profile views
  1. I think it forces you to use the mouse after a couple wrong pins and then after a few more it forces you to enter the password. So no.
  2. I haven't read it myself, but they do have this: https://shop.hak5.org/collections/hak5-field-guide-books/products/wifi-pineapple-field-guide Plus what's really nice about the pineapple IMO and linux in general is you pretty much get the terms you need to google to find out more about what you have at your finger tips. There's tons of step by step guides and videos on all the bits of the pineapple and the other things you can do with the pineapple all over the internet. Don't just limit it to pineapple videos, but take the tool that you're looking at that's on the pineapple and look at things for that just in general. You can ssh into the pineapple and do pretty much everything you can with the standard tools you would also find them in kali linux as well. You'll find a lot more tools to research and fall even more down the rabbit hole. I think it's hard to point ppl in a single direction and say here do these things because there is just so much to do, you kinda have to pick and choose what you are interested in and look more into it from there. Either way the pineapple has been a great tool for me to learn more about the different options you have to pen testing networks.
  3. For your question: Bash bunny is basically a linux arm computer in usb form, with some nice switching and scripting baked in. If you've looked into something like a USB Armory, it's basically the same thing but specialized OS, scripting and switching options built in. Anything you can do with a USB connected computer (network over usb, flash storage, usb keyboard are some of the primary emulation options). The biggest options for attacks are basically providing a network and attacking over that protocol or usb keyboard and operating in the same way a usb rubber ducky does. It's a 1000x better than just a usb rubber ducky imo because you have a full arm linux computer controlling it. So if you can do what you are looking to do from the keyboard of the system or over a network connection (where the ducky can be dhcp, dns servers and more) then you can make the bunny work for you.
  4. I think that will work but you aren't going to get a lot of time out of it with ~3000mah https://www.amazon.com/Anker-PowerCore-High-Speed-Technology-Smartphones/dp/B01EKXR67M/ that's what I use for mine and that's what they started offering in the elite pack i think too since it fits so nice in that tactical case, but you are paying for the slim size so if you don't need to fit it in one of those cases i'd go for one of the following two for similar pricing yet still very compact https://www.amazon.com/Anker-PowerCore-Ultra-Compact-10000mAh-Compatible/dp/B072MH1434/ that one is a nice small size but gives you twice the amount of mah compared to the one i use https://www.amazon.com/Anker-PowerCore-Ultra-Portable-VoltageBoost-Technology/dp/B00Z9QVE4Q/ this one is even more mah but still very small and compact in size and gives you an additional port you can use to charge say your phone while your using it with the nano I have all of those packs and all work great with the nano
  5. It's more closely related to the wifi pineapple nano. The tera has 4 antenna and 5ghz support. I forgot to mention there is a beta firmware they released that updates it to the new interface style which is much better, again not sure of the status of it since I gave my mk4 to a friend a long time ago.
  6. https://wiki.wifipineapple.com/legacy/#!reset.md Also that's not the Tetra, WifiPineppple MKv4 I believe it was called. There was also some posts about the modules not working from the pineapple bar because they changed their infrastructure or something so you may have to just install packages manually or search the forum to see what others figured out about it.
  7. You can try looking up the model number in an FCC search (or i think there is an fcc number on it) if you are in the us or the device is also sold there. That should give you the exact frequency. Car remotes can be on a few different frequencies; mine is on or around 315MHz I think. Either way if you are near that frequency you should be able to see something when it's actually transmitting (pushing a button) it's normally pretty quick but you should see something even if you don't know the exact frequency down to the decimal because they are normally bleeding through to other MHz.
  8. I second Keepass, much nicer than a txt file in encrypted storage.
  9. I have the NRG Solar Backpack here: https://www.amazon.com/Ghostek-NRGsolar-Computer-Messenger-Resistant/dp/B073VYQY39/ I just confirmed the outside port it offers does support data connections and while the battery can be replaced it's a decent size/abilities so far for me. Haven't tested the full power rating capacity just yet but off the few charges i have done with my phone and the state of the battery indicator it seems close to on par. The other plus side is there are a few passthrough spots on the bag where you can run cables easily. I actually have a second quickcharge battery wired up where the main battery is and the long cable comes right out on the back near the waist line. Overall the backpack is extremely good quality and the water resistant stands up to the light rain i've been in so far. Plus read their description page on amazon, one of the best for a backpack i've seen.
  10. Wouldn't recommend PureVPN or WANSecurity anymore https://www.bleepingcomputer.com/news/security/cyberstalking-suspect-arrested-after-vpn-providers-shared-logs-with-the-fbi/ They apparently keep logs and turn them over to the FBI if needed. I'd still recommend Private Internet Access as they're the only ones I know of that have been proven in court to not be able to provide logs on request.
  11. They don't. Antennas add range, the actual radio chips they are hooked up to doesn't change and that is what determines frequency compatibility.
  12. Depends on the device on when and how often it sends out probes for other saved wifi. Newer devices normally don't send out the probes when they are connected to a wifi with internet detected. The other side is going to be signal strength. If you are providing better signal then the one they are trying to connect to (ie you are between the device and the router they want to connect to) you'll have a better chance of them trying to connect to your device instead. This is all assuming they have a saved open wifi and want to try to connect. There's other ways you can setup the pineapples to fake encrypted wifi networks but i haven't looked much into it myself. You can look around on the forum there's at least one long thread i've seen that talks about this but it's a much more advance topic and will require a decent learning curve.
  13. For the first part wouldn't you just need to add some routing? Then it wouldn't matter if it's on a wifi or lan, the bunny's network would be accessible from the local network and systems attached to it. Maybe not, just tried doing some research on it and it appears to be where networking lingo starts turning to hieroglyphics for me. From what I was able to understand you'd probably have to add the route to the router in control of the network but that doesn't seem right or straight forward either. For the second part "it's your 11111111 post!" Congrats!
  14. I haven't disassembled anything, but to my understanding it is just trying to guess what the code is doing. There could be obfuscation they did to protect it against disassembly or partial code that isn't being used/hasn't been actually implemented yet, or it could just be it's making bad guesses. Since it's not open source you can't compare, but maybe try something that is open sourced first and compare/learn about disassembly first then move on to "trying to re-engineer this code with better code at some point in the future". You may want to try a different disassembler as well. I believe IDA Pro (they have an old version that is freeware or a demo version as well) is the industry standard but this stack-exchange question has some other alternatives listed out as well: https://reverseengineering.stackexchange.com/questions/1817/is-there-any-disassembler-to-rival-ida-pro Like I said I haven't disassembled anything from Hak5 myself and I've only done brief tests to see how well the obfuscator I have for my dotNet programs performed against a novice (myself) attempt to look at the source code. This is just some of the info I learned along the way of doing that. <rant>I really doubt this would have anything to do with any issues people may have on the pineapple. More than likely those are probably issues with the users actions/environments or small bugs in the code that people keep running into possibly in various un-thought-of-ways. Having written programs myself for a decent sized user base, this is more often the case. The people that actually report (read as 'complain loudly about') bugs usually aren't taking into account the several different aspects that may play a role in what they see as a small/quick fix problem. I look at code like writing a book, bugs sometimes mean you have to add a whole new main character at some point in the story and then rewrite the whole rest of the story to account for their appearance. That's not always how it actually is, but that's how it feels to me sometimes at least.</rant>
  15. The Wifi Pineapple Nano can do this, but so can a ten dollar usb wifi adapter...
×
×
  • Create New...