Jump to content

Teabot 5000

Active Members
 View Profile  See their activity

  • Posts

    51

  • Joined

  • Last visited

  • Days Won

    2

 Content Type 

Everything posted by Teabot 5000

  1. Teabot 5000
    I assume by an 'nmap' you mean a portscan. SANs have a nice document on a portscanner called IOSMap. It's capable of performing some basic portscans from Cisco IOS. IOScat is a port of netcat for IOS. If you need service discovery you can use that to perform banner grabbing.
  2. Teabot 5000
  3. Teabot 5000
    I'd say start off with some Web app exploitation, so SQLI, XSS, CSRF, file upload vulnerabilities, etc. That stuff helps get you in the mindset for looking at other areas like network security and binary exploitation. That said, if you don't have any programming skills I'd recommend starting with that. Learn HTML, javascript, PHP, maybe C or Java, and Python. After that understanding some networking basics would go a long way too.
  4. Teabot 5000

    hakshop

    Teabot 5000 replied to b0N3z's topic in Everything Else

    Everything on the store can be found here I can't see the mug though, it must be gone :(
  5. Teabot 5000
    The tutorials you can find on github are pretty clear.
  6. Teabot 5000
    Send a continuous stream of deauths to the legitimate network. That'll prevent hosts from maintaining a connection with the legitimate access point. However, as far as I'm aware a user would still have to manually select to join the illegitimate network.
  7. Teabot 5000
    The TP-Link wn722n is pretty good all-round https://www.amazon.co.uk/TP-LINK-TL-WN722N-Mbps-Wireless-Adapter/dp/B002SZEOLG I haven't heard of anyone having issues with it in Windows 10.
  8. Teabot 5000
    You'll need to at least sit down with the director and agree what's in scope for the test. Also, you should get a signed letter from the director permitting you to run tests against the items you decided were in scope. There could be some data protection laws in your country that should be taken into account as well.
  9. Teabot 5000
    There is a GUI for duckencoder, you can find it here. I haven't used it so i'm not sure if it does everything you want though.
  10. Teabot 5000
    I'd imagine the sqli is going to be visible in data in a Web request, so filtering for http should help you find that. You might be able to filter the data somehow to check for common strings associated with sqli. For the buffer overflow it'll probably be visible as a long string containing some hex at the end. Maybe it would be easier to filter out the other traffic first using "!". So you could get rid of arp with "!arp" and so on. Do the same with dns and any other noise that might be in the capture and take a look through what's left afterward.
  11. Teabot 5000
    You could also just get whatever tools you need onto the host machine and set up a VM (like metasploitable or something else) to target.
  12. Teabot 5000
    You can connect the Pineapple to the internet through your computer's WiFi connection. The wp6 script should work. Are you running it on your Pineapple or on your Laptop? Try running this script instead anyway #!/bin/bash #Run about 10 seconds after the Pineapple has been plugged in. #Use like "sudo ./script.sh <pineapple_interface> <computer_wifi_interface> <wifi_router_address>" #Example: sudo ./script.sh eth1 wlan0 192.168.1.254 IFACE_IN=$1 IFACE_EX=$2 GW=$3 ifconfig $IFACE_IN up ifconfig $IFACE_IN 172.16.42.42 netmask 255.255.255.0 route del default gw Pineapple.lan route add default gw $GW netmask 0.0.0.0 echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o $IFACE_EX -j MASQUERADE iptables -A FORWARD -i $IFACE_EX -o $IFACE_IN -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i $IFACE_IN -o $IFACE_EX -j ACCEPT
  13. Teabot 5000
    The black piece goes under the PCB, the white rectangular piece goes over the PCB then. The contacts for the SD card should line up with contacts on the PCB. That all fits into the metal USB head and the dark transparent piece fits onto the back them. I can't post any pictures of it right now so I hope the above was clear.
  14. Teabot 5000

    WordList

    Teabot 5000 replied to Waqar's topic in Questions

    +1 for the rockyou.txt wordlist. Kali ships with a few others too if I remember correctly :)
  15. Teabot 5000
    On Android 6.0.1, WindowsKey + b will open a browser. F2 will enable editing of the URL. You could probably navigate to the server and download what ever it is that way.
  16. Teabot 5000
    As far as I remember, pathinfo() can be bypassed using a a null byte and a correct image extension (i.e. myshell.php%00.jpg). As for getimagesize(), I'm not sure if this actually checks the file extension or verifies that the file is an image file.
  17. Teabot 5000
    You might have to set the default route on the pineapple. SSH into the pineapple and run "route" on the pineapple and see if the IP address of your WiFi router is set as the default gateway. If it isn't you can set it like so "route add default gw <router_ip> netmask 0.0.0.0". You may need to remove the one that's there by default. You can do that with a command like so "route del default gw 172.16.42.42" assuming that the route in there by default is pointing to 172.16.42.42. After writing that I just remembered that there should be a method of changing the default gateway from the pineapple's GUI. Check the networking menu and you should find it :)
  18. Teabot 5000
    It sounds like the script isn't being started as a daemon. Did you include the "&" at the end of the line in the rc.local file?
  19. Teabot 5000
    I just checked it out on a Kali VM and you're right, CTRL-ALT t doesn't open the terminal. Strange that they removed it.
  20. Teabot 5000
    Try "CTRL-ALT t" instead of "CTRL ALT T".
  21. Teabot 5000
    Here's the script I mentioned in the other post #!/bin/bash IFACE_IN=$1 IFACE_EX=$2 GW=$3 ifconfig $IFACE_IN up ifconfig $IFACE_IN 172.16.42.42 netmask 255.255.255.0 route del default gw Pineapple.lan route add default gw $GW netmask 0.0.0.0 echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o $IFACE_EX -j MASQUERADE iptables -A FORWARD -i $IFACE_EX -o $IFACE_IN -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i $IFACE_IN -o $IFACE_EX -j ACCEPT Use like "sudo ./script <pineapple_interface> <computer_wifi_interface> <wifi_router_address>" It sets the IP address for the pineapple's interface to 172.16.42.42, then removes the route added by the pineapple and adds in the correct default route. After that it enables IP forwarding and sets up NAT using iptables. Try running it ~10 seconds after you connect the pineapple. Hopefully it will solve your issue.
  22. Teabot 5000
    If the legitimate access point is secured (i.e. uses WPA, WPA2, etc) then the host will not automatically join the fake access point. A user would have to manually connect to the fake access point.
  23. Teabot 5000
    I had the same issue. For the issue was that a new default route was showing up and replacing the old default route, and the nano was being used as the default gateway. If you plug in the nano and run "sudo route" you should be able to verify if this is your issue. I wrote a small script to solve the issue and give the nano internet access through my laptop. I don't have it right now but I can post it later. There's a wp6 script available too which might solve the issue. I haven't used it so I'm not sure if it will but you can find it here :)
  24. Teabot 5000
    The command "java -jar duckencode.jar -i helloworld.txt" needs to be executed in the same directory as the duckencode.jar file, or the full path should be specified. For example, if you place the duckencode.jar file in the C:\ directory in windows, or the /opt directory in Linux, the command to encode the helloworld.txt file would change to this: Windows: java -jar C:\duckencode.jar -i helloworld.txt Linux: java -jar /opt/duckencode.jar -i helloworld.txt
  25. Teabot 5000
    Is the OS on your RPi up to date?
×
×
  • Create New...