Jump to content
Hak5 Forums


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won



About Decoy

  • Rank
    Hak5 Zombie

Profile Information

  • Gender

Recent Profile Visitors

1,426 profile views
  1. Hi Everyone, So my latest obsession has been with embedded device hacking/reverse engineering. I've been having tons of fun discovering UART/JTAG ports/pins, dumping firmware, and walking the file systems. As far as binary analysis goes - I am looking for something comparable to IDA Pro. I've used it and like it, and from what I have read - it's considered the best; however it is also the most expensive. Does anyone know of any good alternatives the have a comparable feature set? I've been looking into Binary Ninja which is about $150 for a Hobbyist license - I am leaning towards that one so far. Any suggestions would be greatly appreciated. Thanks, D
  2. Decoy

    Hak5 Cloud C2

    Awesome - this is great. I can't wait to play around with this tonight when I get home :)
  3. Decoy

    Hak5 Cloud C2

    You guys are awesome. Quick question about the Individual Pen Tester/Free version. What does "Single User, Single Site" mean exactly? Does that mean I can't have devices in more than 1 place at a time? I need to keep my Pineapples all in one place? Thanks! D
  4. Decoy

    LAN Turtle 3G

    Has anyone played around with the new LAN Turtle 3G yet? Obviously there's a place for a SIM card. Are there decent "data only" SIM cards?
  5. Decoy

    Packet Squirrel/PCAP Timestamp

    This was actually mentioned in their "Let's Code" video when the Packet Squirrel was first released - so it's a known "issue". It can be done by syncing with NTP; however this can't be done in Transparent mode. You would need an IP on the target network with Internet access in order to accomplish this. While it might not be perfect, and might require some parsing on your part - you could always snag Timestamps from HTTP headers as well when returned across the wire.
  6. Decoy

    snifing phone messages

    This is a pretty decent article explaining how it can be done: https://ferrancasanovas.wordpress.com/cracking-and-sniffing-gsm-with-rtl-sdr-concept/
  7. Decoy

    Can't install SD card

    What do you mean, "Pineapple peeps"? I don't know if I should feel proud or offended.
  8. Decoy

    HakShop Concern

    That's precisely my intention.
  9. Decoy

    HakShop Concern

    So I was able to change my password by pretending to forget it; however it might not be a bad idea to introduce a legitimate feature on the account page for this. Please let me know if I am just blind and can't find it anywhere.
  10. Decoy

    HakShop Concern

    Hello, I don't know if I am blind or what - but I can't seem to find where to change my Hakshop Account password ANYWHERE. Is this functionality not available? It looks like the only thing I can add/change is my address. Thanks, D
  11. Decoy

    Meterpreter fun

    It has python, PHP, as well as Bash.
  12. Decoy

    What is the packet squirrel?

    Yes, I'll need to add it to my collection as well - but I still want to know what it is.
  13. Decoy

    What is the packet squirrel?

    Is there more info in this yet?
  14. Social engineering is a viable option. There's no way to spoof the 4-way handshake. Look at wifiphisher or fluxion for some examples. You could use the EvilPortal module to serve up a firmware update page, and get the key that way; however this would require deauthing the crap out of the actual wifi AP, and hoping the user clicks on your open hosted version. Some people do...
  15. Decoy

    Network is unreachable

    Awesome. Enjoy the Nano.