bored369

k k, cool. what's the voltage and amps on that wall adapter? So you are able to go through the unbricking and have it successful. I'm assuming that is where it's saying it's successful before you reboot? Then on reboot you get what you described in the first post? If those are both yes, then I believe you should be fine and should be able to connect to the standard web interface of 172.16.42.1:1471 assuming you have your ethernet port on your computer set to a static ip of 172.16.42.x (i would recommend 172.16.42.42 it'll make it easier for internet connection sharing later). Have you been able to connect to it at all on the 172.16.42.1 yet? Like walk through the initial setup process that it starts you out with and then it fails or can't get to that at all? Unfortunantly I don't have my mkV anymore so I can't follow along and tell you for sure that's the lights you should be seeing but IIRC it flashes lights on boot and then settles to a solid single light until you get in and setup up some stuff that would be using the other wlans and such. But I'm not positive about that. Otherwise you could get some more information about the boot up process and what's going on using the UART serial connection which it looks like is documented here: http://wiki.wifipineapple.com/legacy/#!serial_uart.md You would need a Serial TTL cable/usb adapter like they have on the hakShop here: https://hakshop.myshopify.com/collections/accessory/products/serial-ttl-cable

NP and now we're getting somewhere. If the device is restarting how are you powering it? If you are using the USB->barrel cord, make sure you are using a 5v and at least 2amp output battery or usb wall plug for it. If you are using a generic wall dc apdapter i believe you want the same, but I'm not positive about that I never used one of those with mine so i'm not sure. If the light is staying on and you just can't connect to it, I would try the steps on http://wiki.wifipineapple.com/legacy/#!firmware.md#Unbricking_a_bricked_WiFi_Pineapple_MKV For the Unbricking Method, for that you won't need anything on the SD card but you would want one in there from what it says on the steps. How did you come by this Mark V? mainly meaning do you have any reason to believe it is broken or might be malfunctioning in anyway? You may get more out of the serial port connection as to what is going on but I don't know much about doing that on the mkV. So someone else may need to chime in to assist if that is the route you end up having to go. But power would be my first thing to verify, then i would try the unbricking. Report back and we'll go more from there with what you find.

The Nano has RP-SMA connectors where the Mark V and the Tetra have SMA connectors. You ca still use it with the Nano, but you would need to get the SMA to RP-SMA adapter for each one you want to use. They use to have them on the Hak Shop but looks like they updated it and now they don't. Sure you can find them online elsewhere though. You wouldn't need the signal booster, but it would still boost the singal and range if you wanted to use it. The signal booster has RP-SMA connectors on each end so it would connect fine to the Nano, but you would need the adapter still to connect the yagi antenna to it. Edit: looks like the signal booster includes the rp-sma to sma adapter https://hakshop.myshopify.com/collections/wireless-gear/products/long-range-wifi-kit

I would say start here: http://wiki.wifipineapple.com/legacy/#!index.md Next I would say doesn't make much sense. But I'm assuming you are here to learn and figure stuff out, so that's ok. 1. How are you connecting to the pineapple mkV? 2. There is no menu: there is a web interface and ssh access (and serial but hopefully you won't have to get into that) 3. Just for some added information to get you started, what are you looking to do with the mkV once you get connected?

That is a good one, i keep forgetting about it...

The rubber ducky is a keyboard emulator, anything you can do with a keyboard you can do with the ducky. If you want to rpm you would need to use it to create a script or download/launch a program to do that. As far as emulating mouse movement, again anything you can do with a keyboard, so there are ways to emulate mouse movement but you'll probably find it easier to just use keyboard shortcuts instead of trying to use something like the mouse keys assistive technology in windows.

Yardstick is more for specific tasks in the sub 1ghz range, it does use python style commands which makes it a lot easier if that's where your tasks are focused. HackRF is def far more capable of much more, but it really requires gnuRadio to fully take advantage of all of it's abilities and that is a massive program that can be a bit daunting to get into for some.

Offline NT Password https://pogostick.net/~pnh/ntpasswd/ I think that's the one that's included with Trinity too, but it's a stand alone thing. You can blank or change the password, just know that if anything is encrypted with the user password it will be lost forever. But I agree with diginija, it would probably be best to just wipe and reload the os or put a new one on it. Vista is a terrible os so linux would work out better in the long run.

Start on the wiki here http://usbrubberducky.com/#!resources.md That will give you all the basics and information you need to get started. The Quick Start Guide Video towards the bottom with get you going fairly quickly, but the page also has links to all the other resources and tools at your disposal. Otherwise just browsing around on this forum for things others have done is a good place to go afterwards.

When I flash the firmware i just used a compiled version of dfu I didn't use a "ducky flasher", i don't have the specifics of it off the top of my head but you should be able to see the command and get the package based off that in that first video link i posted. Updating the twin duck firmware would be awesome, as far as I'm aware the latest versions are the "composite..." ones and those would be the best to update i'd imagine. Source should be on that github link in a folder level above the link destination.

hmmmm, there's a c_duck_v2.1 i think on the github here: https://github.com/hak5darren/USB-Rubber-Ducky/tree/master/Firmware/Images As far as I'm aware the Composite ones are the latest versions of the twin duck firmware but they don't have the auto start mode you have to either hit caps lock 4 times or push the button on the duck to get it to start the payload. I don't think i was able to get the autostart one working with my setup and testing but the 4caps worked great, think someone reported that linux didn't detect the 4 caps lock button presses but it def works on windows. for 2 it shouldn't matter if you have the sd card in when flashing or not, just making sure you had one in because it won't recognize the disk drive as there until then. for 3 might try FAT32 and format it under a linux os to get it that way

I didn't watch that video that you posted yet, but... Which firmware did you choose (like the name on the github ex composite_xxx or c_duck_xxx)? You have an SD card in the ducky? What filesystem do you have the SD formatted as and what os did you format it under? I had some weird things when I setup that firmware myself. I used the composite 4cap version and found that I had to format the sd card as fat32 on linux for it to actually recognize correctly. When formatted on windows it wouldn't work and recognize correctly for me. Another interesting note is i had to use the hak5 encoder to get the inject.bin to run correctly, the online one wouldn't work for me. I did a couple videos on the process I went through: 1st one is where I re-recorded the demo since it didn't look that good the way we were screen sharing and broadcasting live, the 2nd one is where we talked a lot more about it and setup and such as I did the demo (may have some extra tips and tricks and explanations). https://youtu.be/PV1HbUeDINQ https://youtu.be/exUBSs0i_pM

you can get the firmwares on the github here: https://github.com/midnitesnake/usb-rubber-ducky under firmwares folder then images (c_ducks and composites are the twin duck i believe with composites being the latest revisions) the duck is the standard or the m_duck i don't know exactly myself, i think i use m_duck if i want standard stuff just a note on the twin duck firmwares, make sure you use the hak5 encoder (also on that github) and not the online one, twin duck did not like using the bin files the online one provided i had to use the hak5 encoder

Probably best to post this under the Random Roll official thread here: but just some quick notes: 1. make sure you are installing it to the sd card, you will have to there is no space on the nano for all the rolls 2. i have seen this on my tetra, but resetting the device and going back too it looks like it just didn't install one of them, so i uninstalled it and reinstalled and went through fine the second time

https://hakshop.myshopify.com/products/wifi-pineappling-book linked from that page you posted. The book is $12 standalone and no mention of a digital version coming in the future or not.

NP, just mentioning it because they are pretty strict on the forums about that stuff. Sounds all good to me. I believe it's Site Survey module that can do deauth and capture through the interface. Or you can run the aircrack-ng suite through ssh if you prefer to go that route I've gotten a few captures with the module though so I can attest it works as advertised :) Cracking it obviously has to be done on something more powerful, but there is another module where you can upload that capture file to online hash crack (i believe it's called, never used it myself) But since you are on a targeted attack, it may be better to build the rainbow tables for the ssid yourself and try cracking it yourself. I've never tried that so I won't be able to help much past that but from what I understand if you know the ssid and have access to a decent hashing machine you would be better off going this route with hashcat or if you think it might be on a dictionary list trying that route.

You should be able to use the pineapple to capture the handshake and then crack the password that way. Then you can setup a AP that has the correct password ready. You can't do it without knowing the correct password because of how the 4way handshake works. Impossible as far as i'm aware. That sensepost that Zylla mentioned looks cool, but I don't believe it's doing what you are trying to do. Seems like a variation on PineAP with some additional mitm tools built on (some of which are already modules in pineapple) but still can't make a system connect without the system already looking for an open SSID or knowing the password so you can reply with the correct other half of the 4way handshake. This makes it sound like what you may be trying to do is illegal, especially since you don't have access to the computer nor the password for the wireless it's connecting to.

It was intentional they do that with most of the hacks on Mr. Robot, same way Breaking Bad was as realistic as possible but they made sure you're not going to be able to make meth just from watching it. As to what it was, you'll have to watch and test and see ;)

The only firmware (that I know of) that size would matter with is the twinduck firmware, otherwise it doesn't show up as a storage device plugged into the system it only shows as an HID device. The limitations (again only that i know of) is the fact that each gb you add on that firmware causes it to start up even slower or be detected even slower. So the larger size you have the longer it will take to load and be usable. I'm not positive on either of those things, but just my understanding how how things will work.

Ahhh good to know, I have been only testing the caps lock thing on windows and not the linux that i was building and flashing on.

Correct. Also the S003 I believe is supposed to be button press only. (i'm not sure about that). I found last night that I had to use the Hak5 encoder on the github to be able to have the payload run on the Composite firmwares, the online encoder would not work for some reason. Once I used that and encoded it locally it all worked without issues. I couldn't get eh c_duck_v2.1 version working at all where it runs automatically on insert.

Not entirely true, there is a badusb attack that you can turn some usb flash drives into hid devices by re-writing their firmware. See here for more on how to make your own: http://null-byte.wonderhowto.com/how-to/make-your-own-bad-usb-0165419/ Also with the twin duck firmware on the usb rubber ducky you can see a usb device can be setup in firmware to be both a mass storage and a hid device at the same time. I believe the same is possible with the badusb attack, but i haven't looked into it that much. Mainly because the usb rubber ducky is far easier to use and setup than finding a usb flash drive that can have it's firmware re-written and then rewriting the firmware and all that and it has nicer features like removable storage via sd card and a button to relaunch your payload. Interesting to note the badusb attack even uses ducky encoded scripts to perform its hid injection so you can take advantage of the same payloads.

Correct but in the case of the lan turtle it is actually taking the traffic from one interface and sending it out the other which also requires it to have two ip addresses (one for the network and one for the attached system), you can see and manipulate the traffic as MITM. The lan tap is a fully passive monitoring capabilities, you don't interact with the traffic at all and also makes it harder to be detected as listening (if I understand it all correctly myself even)

Easiest way would be to just factory reset, put a sd card in and then install modules to the sd card. You can search around more in ssh like the pineapple folder maybe or search around for logs folder, but there's so little space on the nano it would be better to just start fresh and clean with additional storage ready to go.

The Rubber Ducky was mentioned a couple episodes back on Mr. Robot but only briefly. In the latest episode (8/31/16 air date) the ducky was used for pretty much a whole segment of the show and in the spot light. It was really well done but they did leave one portion to mess people up if someone tries to do exactly what they did in the episode with the ducky. I don't know anything about the Wifi Pineapple book though.