Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


1 Follower

Profile Information

  • Location

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

flipchart's Achievements


Newbie (1/14)

  1. if the computer is not bitlocker encrypted, you don't even need his password to access the data. Simply take the harddrive/ssd out of the computer into a harddrive case and access the data like you normally do with external harddisks: https://s.click.aliexpress.com/e/_ApZIwK If you happen to have a large 3.5" disk you should get some connector with an integrated power supply: https://s.click.aliexpress.com/e/_ApMtIm This should do the trick. Maybe you are lucky enough to find a backup of the Huawei Phone on the computer to restore your pictures... I wish you success!
  2. Hi Francis I am very sorry for your loss! To keep my answer short, I can tell you, that the Rubber Ducky won't help you. The Rubber Ducky can only automate your manual typing as it acts as a keyboard which can be programmed. What you need is a real forensic company. Unfortunately I do not know any company doing these kind of service near you, but a good company should be able to access at least the Win10 data, as long as it is not bitlockered... all the best flipchart
  3. I just encountered the same Problem here. Changed cables, power supply, Adapters and so on, but the Screen Crab keeps telling me that there is no signal, even though there is. The signal comes from a Lenovo X270 in its Docking station via HDMI to the Screen Crab and further via an HDMI to DVI Cable to a Lenovo Thinkvision L1951pwd. It worked in the beginning with a few (3-4) screenshots but now no more. (I have to say that some screenshots were broken jpegs) Tried another monitor and it works fine, HDMI 1.4 also connected via DVI adapter. The Lenovo Thinkvision is super old but already supports HDCP, maybe this is the problem. That would explain why it first worked but now, as the OS and the monitor got "to know each other" they probably swapped for HDCP... #noIdea
  4. Ok, ScreenCrab.apk is a system app having this in its Manifest: android:sharedUserId="android.uid.system" And system apps with sharedUserId need to be signed with the same key as the system (as far as I understood). So there is currently no chance for me in getting this apk easily modded and working... Well, then, lets think around the other corner: ScreenCrab does store images offline every 5 sec. Why not write a script which uploads all these images to an sftp? Unfortunately, there is no curl on the ScreenCrab - but we have busybox with very useful tools like "mt" (Control magnetic tape drive operation) 🙂 But thankfully there is a precompiled curl - statically linked - available here: https://github.com/moparisthebest/static-curl Direct link: https://github.com/moparisthebest/static-curl/releases/download/v7.75.0/curl-armv7 Now all that's missing is a wrapper handling the file uploads and a wrapper checking the wrapper is always running... BTW: File transfer to the ScreenCrab can be done by having an http (no ssl) server serving the files and downloading them from the ScreenCrab with "busybox wget http://..." -> https://chryzsh.gitbooks.io/pentestbook/content/transfering_files.html
  5. I just wanted to know what the latest FW of ScreenCrab is, and if there is an update how to update it. thanks... 🙂
  6. ok, one step further: The sinner is "ScreenCrab.apk" which can be found at /system/priv-app/ScreenCrab/ScreenCrab.apk I decompiled the app online at http://www.javadecompilers.com and found in sources/org/hak5/screencrab/p004c2/Device.java this function: private String getWANInterfaceName() { return "wlan0"; } so my eth1 should be called wlan0 or I have to try to change this string in this apk. As I am not an Android Developper I first tried the renaming of the interface with some adjustments of my script: #!/system/bin/sh # wait for eth1 /system/bin/svc wifi disable while [[ $(/system/bin/ip a | /system/bin/grep -m 1 -o eth1) != "eth1" ]]; do /system/bin/sleep 1 done /system/bin/ifconfig eth1 down /system/bin/sleep 1 /system/bin/ip link set eth1 name wlan0 /system/bin/sleep 1 /system/bin/ifconfig wlan0 netmask up /system/bin/sleep 1 /system/bin/route add default gw /system/bin/sleep 1 /system/bin/ndc resolver setnetdns wlan0 /system/bin/sleep 1 exit 0 But so far wihtout success. Any help is appreciated, this is also why I attach the ScreenCrab.apk . @mods : If this violates any rules feel free to delete the attachement, I am just desperately seeking for help for my ScreenCrab <-> Ethernet project. Thanks for understanding! ScreenCrab.7z
  7. ok, got a step further: busybox vi /system/etc/mkshrc ================ add line to the end =================== /etc/eth-setup.sh & ======================================================== -> /system/etc gets mapped to /etc busybox vi /system/etc/eth-setup.sh ======================================================== #!/system/bin/sh # wait for eth1 while [[ $(/system/bin/ip a | /system/bin/grep -m 1 -o eth1) != "eth1" ]]; do /system/bin/sleep 1 done /system/bin/ifconfig eth1 netmask up /system/bin/sleep 1 /system/bin/route add default gw /system/bin/sleep 1 /system/bin/ndc resolver setnetdns eth1 /system/bin/sleep 1 exit 0 ======================================================== The "autorun" gets handled by the mkshrc script which by default gets loaded as there is a shell presented on tty... This now works, but C2 only works over WiFi. @darren & Team: How can I enable C2 connections, even if there is no WiFi (e.g. only my LAN)? Please help... please...
  8. In case anyone out there is working in the same direction: mount -o remount,rw /dev/block/mmcblk0p1 /system mount -o remount,rw /dev/block/mmcblk0p1 /system lets you persistently edit files in /system which will be symlinked to /etc and the like on boot... rc.local does not work (tried with x permissions and simple touch command to writable /data) the solution probably lies here https://android.googlesource.com/platform/system/core/+/master/init/README.md Any help is appreciated!
  9. Hey Guys I am trying to use my Screen Crab over Ethernet... So far I found this USB-C gigabit adapter with integrated power delivery port to work: https://www.delock.de/produkt/65402/merkmale.html?setLanguage=en After having fiddled around with this weird OpenWRT Installation on the Screen Crab, I've found the following commands to work and get the ethernet up and running: ifconfig eth1 netmask up route add default gw ndc resolver setnetdns eth1 after this I can ping and lookup dns records. The commands are entered by using the onboard serial connector within my Screen Crab (yes, warranty voided) Does anyone have any hints on how to get these commands run at boot?
  10. binwalk -e helps a lot, often you can simply edit the binary file, as the config is part of the last few bytes and ascii 😉
  11. Hey @stilia.johny Sorry for the delayed answer, the notification ended up in the spam folder... 😞 yes, the Mark V is still available, I'll PM you with detail (y)
  12. Ok, I got the SOLUTION! : STATIC IP AND CUSTOM MAC: # Set Static IP & Custom MAC uci set network.lan.proto='static' uci set network.lan.ipaddr='' uci set network.lan.gateway='' uci set network.lan.dns='' uci set network.lan.netmask='' /etc/init.d/network restart ifconfig eth0 down ifconfig eth0 hw ether 12:00:15:b7:13:37 ifconfig eth0 up This way you set your static IP, restart network to commit the changes, take eth0 down, set MAC and put eth0 back up again. If you restart the network, you get another random MAC. Thank you for all the support 🙂 especially @kdodge && @lespacefish
  13. Well, the shark jack is an openwrt, so the networking should be defined in /etc/config/network. And then there is the NETMODE command... But luckily the NETMODE command is just the following script: root@shark:/etc/config# cat /usr/bin/NETMODE #!/bin/bash function show_usage() { echo "Usage: $0 [DHCP_CLIENT|DHCP_SERVER]" echo "" } case $1 in "DHCP_CLIENT") uci set network.lan.proto='dhcp' ;; "DHCP_SERVER") uci set network.lan.proto='none' /etc/init.d/odhcpd start ;; *) show_usage exit 0 ;; esac so i tried to setup everything with uci in the payload: uci set network.lan.proto='static' uci set network.lan.macaddr='13:37:13:37:13:37' uci set network.lan.ipaddr='' uci set network.lan.gateway='' uci set network.lan.dns='' uci set network.lan.netmask='' /etc/init.d/network restart This works, except for the MAC address... I kind of think that the network restart also assigns a random MAC, but I am not yet down there...
  14. @kdodge : No, there is no /etc/network/interfaces, not even an /etc/network folder... I really did not manage to set a static MAC and IP. Anyone else having an idea?
  15. I am getting pretty tired now... I really tried hard, i must be missing something: As I do not want to fire off a DHCP request, i selected NETMODE TRANSPARENT. With the following ifconfig commands I tried to achieve static IP and hw address set: # Change MAC address ifconfig eth0 down ifconfig eth0 hw ether 00:XX:XX:XX:XX:XX ifconfig eth0 netmask up route add default gw and I always get a random MAC. When I select NETMODE DHCP i get my custom MAC but an IP from DHCP... I was already looking for a way to set the shark random MAC to my custom MAC, but there must be an easier way... what am I missing?
  • Create New...