[Modules Requests Discussion]

On 11/20/2017 at 7:36 PM, Galactic Empire said:

How about a module that can tell you which other modules are currently running?

This would be nice.

[Ports responding on WAN side]

Port knocking?

Similar to nat pinning by Mr. Samy K.

https://samy.pl/natpin/

[traceroute to DoD]

What was the IP? I want to be a part of something bigger than myself.

[problem of how to get valid credit card]

You people are a bunch of meanies!

I credit card all the time so I’m legit First you computer, then you internet, then you shop, then you shopping cart, then you register, then you validate e-mail (make sure you e-mail before all this), then you credit card, then you submit, then you wait. Voilà, you’re a certified credit carder. 

With great credit, comes great responsibility. 

[identify physical intruders SSID]

The pineapple has the ability to script notices when a mac address comes within range. 

Use the search function on the forum for the word ‘tracking’ these threads were of interest:

https://forums.hak5.org/topic/40954-private-investigator-idea-vehicle-wifi-antennas-for-tracking/

https://forums.hak5.org/topic/41748-tracking-phones-using-mac/?tab=comments#comment-296543

https://forums.hak5.org/topic/39943-tracking-script-variables/?tab=comments#comment-297095

https://forums.hak5.org/topic/41969-messing-with-wifi-occupancy-sensing/?tab=comments#comment-298006

 

Good luck and if you figure something fun out, share the good experience. This place likes a good ‘happy ending’ story.

[Networking stuff on plane]

If your switch is a multi-purpose switch with a flip out knife, pliers, file and tweezers then, no.

[Great IOS apps for Network scanning and Analyzing]

Thanks to this app’s manual, i found how to wirelessly scan wifi. I posted about it here: https://forums.hak5.org/topic/42207-ios-wifi-scanning-app/

[iOS Wifi Scanning App]

I found out that you can use the Airport Utility App to scan for active wifi on your iPhone.

in the airport utility settings, toggle wi-fi scanner and the app gives you a button at the bottom for scanning WiFi. 

The results show SSID, BSSID, MAC addresses, RSSI, channels, and clicking on a result shows past scans signal strength and channel. 

This seems to be the only app that has access to the MAC address under the new IOS 11+. 

 

[Great IOS apps for Network scanning and Analyzing]

Yeah, weak sauce. Thankfully fing kept all the mac addresses in local storage to that if scanning a network already scanned, you can see what they were.

[Video Request / idea]

You’re suggesting something akin to dramatised murder porn? 

..Hacker Porn?

..Pentest Porn

..Sec Porn?

..4-way [handshake] Porn?

..I’d find the .mp4 in the requests; download for later bathroom time viewing.. why not?

..

[SanDisk Connect 32GB Wireless Media Drive root]

I believe I have one these but the drive needs reformatting before it will work as intended. I like the idea of it. Can you post an amazon link to the one you have or one similar?

[Is it possible to get "admin" password of a dvr like "twin evil"?]

Maybe relevant?

https://depthsecurity.com/blog/unauthorized-flir-cloud-access

[RIP Kerby]

“Kirby” - by Aesop Rock

[7 Dnsmasq Security Flaws Discovered]

Found these on Thehackernews.com which links to the Google Blog describing these vulnerabilities: 

• CVE-2017-14491—A DNS-based remote code execution vulnerability in Dnsmasq versions before 2.76 is marked as the most severe that allows for unrestricted heap overflows, affecting both directly exposed and internal network setups.
• CVE-2017-14492—Another remote code execution vulnerability due to a DHCP-based heap overflow issue.
• CVE-2017-14493—Another noteworthy DHCP-based remote code execution bug caused by a stack buffer overflow. According to Google, this flaw is trivial to exploit if it's used in conjunction with the flaw (CVE-2017-14494) mentioned below.
• CVE-2017-14494—An information leak in DHCP which can be combined with CVE-2017-14493 to allow attackers bypass ASLR security mechanism and execute arbitrary code on a target system.
• CVE-2017-14495—A flaw in Dnsmasq which can be exploited to launch a denial of service (DoS) attack by exhausting memory via DNS. The flaw impacts dnsmasq only if one of these options is used: --add-mac, --add-cpe-id or --add-subnet.
• CVE-2017-14496—Google's Android operating system is specifically affected by this DoS issue which can be exploited by a local hacker or one who is tethered directly to the device. However, Google pointed out the service itself is sandboxed, so the risk to Android users is reduced.
• CVE-2017-14497—Another DoS issue wherein a large DNS query can crash the software.

[Fake network with Wifi Pineapple NANO]

It could be similar to having a dedicated router, but not the same; skewing your projects outcome. Stop by a Salvation army and pick up an old linksys router for $6. Or order a gl.init GL-ar150 ($20ish) or Ar-300m ($30ish) and have two openwrt routers that can expand to tour needs.

[Little Laptop]

Ive got two acer 11’s CB3-131-C3SZ.i’ve piddled around with linux on them but never balls to the wall. Love them, lightweight, ips screen, 9-11 hr battery. Plus you can odten get them at or just above $120.

I’ve got my eBay eye open for a good price on an acer Chromebook 14 CB3-431-C5FM or a Acer Chromebook 11 C740 which you can swap out the HD for a 128 or 256 SSD.

check out http://www.fascinatingcaptain.com/product-reviews/best-chromebooks-for-linux/ for some 2016 information

[Latest New Phones Nano Compatibility]

Are you looking for tips on a phone to also be used as a phone or a “Primarily/exclusively pineapple mobile decice”?

[Routing issue - Multi AP to Multi VPN]

On 9/27/2017 at 4:00 AM, random_dude said:

Finally, I have a question about the nano basic : Exist it a way to get an _ethernet_ link using the pineapple nano ?

This thread might illuminate: https://forums.hak5.org/topic/41574-eth1-via-usb-ethernet-adapter-a-to-be-continued-how-to/

[Free internet]

Ninja tap?

[Routing issue - Multi AP to Multi VPN]

15 hours ago, random_dude said:

 

Ok I got the solution. I go to bed. Ping me here if you're interested by this config

I would like to know. Does this constitute as a ping?

[I wish I could star/favorite certain posts, possible?]

Often I’ll see a pertinent post and I wish I could star or favorite that post to come back to later. Not really interested in creating a folder in my bookmark manager. I primarily use a mobile device for web browsing and if the feature already exists, just not applicable to mobile devices; Is there a way to be served up the desktop site?

[Beacons on all channels simultaneously]

I believe nics are only able to opperate on one channel at a time, so 14 channels would require 14 nics. /talking out my ass, so.. grain of salt.

I’ve had 4 plugged into the port, and I assume as long as they’re enough amps, you’d be good to go.

 

[Disable Autplay globally for a device?]

From what I unserstand, putting a small non text file (.gif ect.) and then rename the file autorun.inf in the root of the drive, the computer won’t be able read the file, stopping the autorun from completing. I used to use USBVaccine by Panda Security . It ‘vaccinates’ usbs to stop them from autorunning. I believe their Implementation process is similar.

[Finally Finished My Server/VPN Build]

2 hours ago, zubairkhanzhk said:

Awesome buddy,

Can I use this Idea with ExpressVPN because I am using ExpressVPN and its working very fine for me it is the best and fastest VPN services best part is that it provide 30 days money back guarantee. 

So can I? 

 

30 days to funnel all my data through their servers, free of charge? Sign me up!!1

/trollerings

[Redirect google domain CDN to my captive portal in linux]

DNSSpoof?