Jump to content
Hak5 Forums

Spoonish

Active Members
  • Content count

    309
  • Joined

  • Last visited

  • Days Won

    11

2 Followers

About Spoonish

  • Rank
    Master of ÷ Nothing

Profile Information

  • Gender
    Not Telling
  • Location
    Pointland
  • Interests
    Building stairs to nowhere and holes deeper and deeper still.

Recent Profile Visitors

2,235 profile views
  1. Spoonish

    Management AP through Ethernet/router on linux

    I attach (rubber band style) a small GL-AR300M travel router and connect a tetra via eth0, disable wlan0-1 (speeds things up) and connect to the tetra without changing any of the firewall. e.g. https://192.168.8.100:1471
  2. AES = Always Exxtra Secure
  3. Spoonish

    Packet Spoofing

    Which phone do think is most excellent for this extremely gnarly know how? Bill and Ted was on tonight. I can’t get this voice out of my head.
  4. Spoonish

    Got my Pineapple but no antennaes!

    this is where you could sell that second book though.
  5. Spoonish

    Packet Spoofing

    If we’re ever at a pub together, the first round is on me.
  6. Spoonish

    Coinhive or the like on a tetra/nano Hotspot?

    I’ll check it out and see what I can do. thank you.
  7. This question is hypothetical and posed as done with legal limits, 'Legal Eagle' if you will What would be the best way of injecting a minero miner while they surfed on your bandwidth on an offered access point?
  8. remember, sslsplit is different then sslstrip which is more practical for browsers.
  9. Spoonish

    CryptoMining Via Youtube?

    If you’re on a laptop/desktop, install uMatrix by Gorhill. I suggest then globally blacklisting everything and slowly whitelisting things that are needed. it can be a pain at times but know that the time spent refreshing certain websites a few extra times will be worth it. If you’re on an iPhone I suggest the browser Brave, which is opensource (github here https://github.com/jcs/endless) and allows for some great global control such as script & xhr control, cookie wiping , built in https-everywhere and user agent control. plus it’s wicked quick.
  10. This is tasty stuff right here. You want some sauce?
  11. copied from: https://www.ceos3c.com/2018/03/01/payloads-hacking-lingo/ What are Payloads in Hacking Lingo? ceos3cMarch 1, 2018 Welcome back, fellow hackers! If you have used the well-known exploitation framework Metasploit before, you probably came across the phrase “Payload” at some point. But what are Payloads in Hacking Lingo? That’s what we are going to learn today. Generally, we can say that there are 3 main groups of Payloads. The three main Payload groups Singles Stagers Stages Now let’s have a brief look at each of them to get a better understanding of how they work. Singles Singles are self-contained and completely standalone. Those Payloads are used to perform simple commands for information gathering or they can be used to make significant changes to the system you are attacking. An example would be creating a new admin user and enabling Remote Desktop Connections. Stagers Stagers are used to establish network connections between the attacker and the victim. Those connections are designed to be small and reliable. You basically can get Shell-Access over the Network. You can control a compromised system with it. When using this kind of exploit, shellcode will be executed on the target system that will execute, for example, a windows cmd.exe or a bash shell on a local network port. This shell access now awaits connections on the port. You can, for example, use Netcat to get a connection to the exploited system. Using stagers to set up a network shell You could use Netcat to connect to the open port like in the example below nc 192.168.1.54 5718 The problem with this attack is, that if the targeted system is behind a firewall, you will be able to still run the exploit, but once you try to connect to the opened port, the firewall would prevent you from connecting. That’s why you mostly use Stages to create a Reverse-Shell. Firewall blocks the attempted access Stages Alright, let’s talk about the last and most used type of Payload: Stages. Those Payloads provide advanced features like Meterpreter, VNC Injection and so on. Stages have the same goal as Stagers: Creating Shell-Access to the target system over the network. Reverse-Payloads execute Shellcode on the target system. This Shellcode creates a connection from the Target Computer to an open port on the Attacker’s computer. So it is the opposite than in a Stagers Payload. Because this connection is established from the Target Computer and not to the Target Computer, it is often possible to surpass Firewalls, except on very tightening systems. Stages Payload So those are the three main Payload types. There are more, which you can read up on here. But this should give you a good idea and a basic understanding of how certain types of Payloads work. Until next time, keep hacking!
  12. Spoonish

    Nano in hotels

    a micro 2.4ghz adapter only ads about a 1/4 of an inch to the length for about $10
  13. Spoonish

    Anonymous reverse shell

    i don’t even know what a reverse shell works but I assume you would bounce your connection off of different systems obfuscating your true IP…?
  14. Spoonish

    Change webinterface port

    awesome. thanks for looking into that
×