Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


About DarrenRainey

  • Rank

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I'm thinking about getting a few signal owls since they're on sale at the moment but I would like to know the actual specifications of the device since I can't seem to find anything in the documentation and I think it'll be useful for development and to see if it'll fit my use cases. I'm mainly interested in the amount of RAM, Storage and CPU Thanks
  2. Yes but the thing I like about these kinds of exploit is that they only need a browser to execute so it can be easy to setup a malicious website to take over this devices using JavaScript or even plain HTML.
  3. Good to know I'm not alone :) I really like the idea for abusing some of the lesser known features of a modern web browser. I wrote a PHP script a while ago that could identify what device a user was visiting based upon the user-agent and then serve the appropriate exploit for example if it was a device running Android < 5.1 maybe serve a stagefright exploit otherwise act normal. There are so many things that people tend to take for granted for example I built a wifi probe sniffer using a nodemcu for £3 with that I can see what the devices around me are looking for a
  4. Personally I would just install a custom recovery like TWRP then dump everything to a sdcard and copy any relevant files/folders to my device to view such as /sdcard and /data
  5. Wifite is a good automated tools but from experience using airodump will typically give better results depending on your network card. For Wifite (Assuming your on a Debian based distro (Debian/Ubuntu/Kali) and your network card is called wlan0 apt install wifite aircrack-ng -y airmon-ng start wlan0 wifite -i wlan0mon For Aircrack-ng apt install aircrack-ng -y airmon-ng start wlan0 airodump-ng wlan0mon -w out # this will log the data in multiple different formats and files # Wait until airodump displays WPA Handshake captured in the top right then press CTRL+C to
  6. I used to have nethunter with nexmon installed on my Nexus 5 so I could use monitor mode with aircrack but now I use a cheap android phone with no sim card and set it up as mobile hotspot for my netbook in my backpack that way I can use an SSH client like JuiceSSH on my phone to do stuff like metasploit, aircrack or other programs. With the ability's of JavaScript and the insecurity's of some routers its even possible to attack internal devices for example a while ago there was a bug in some netgear routers that you could run any command simply by visiting a specific url so by expa
  7. Hello everyone just though I would say my JavaScript network scanner project here : https://github.com/DarrenRainey/JavaScript-Network-Scanner Currently I it will scan and fingerprint devices based upon what files exist or don't exist on the device and once it fingerprints or can connect to a device it sends a post request with the fingerprint such as the routers model, the internal ip address and the user-agent from the victims PC. This code could be embedded into any website and sent a victim for recon. Currently it only scans a few predefined ip address's in the test.html file b
  8. This is a simple ducky script I wrote that will clear your google chrome history and automatically log you off tested on windows 7 (Windows 8-10 requires modification because of start menu.) This payload is useful for when run/GUI + R is blocked DELAY 1000 CTRL + H DELAY 750 DELETE DELAY 2000 CTRL + W DELAY 750 GUI DELAY 100 TAB DELAY 100 TAB DELAY 100 ENTER You may want to increase the delays as most library computers can be slower than the average machine.
  9. Hello im working on a small project and was wondering how I can replicate the wifi pineapples ability to pretend to be a known network basically I want I raspberry pi to pretend to be the victims home network then open a captive portal. any ideas
  • Create New...