Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

About n33dsh3llz

  • Rank

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Well, I was originally unable to get basic ADB working over the OTG like you would connected to the phone directly with USB debugging enabled. I tried the method demmsec did in that payload, but it would never get an IP address. Come to find out, it was able to pull an address once I disabled my mobile data. I assume this is because of checks android does to make sure it is using the best network connection and the bash bunny has no actual connection to the internet. With that, I may just need to add some extra HID commands to get the job done. J Edit: Now I am
  2. Thanks! I was trying to manually transfer the package over and run it. I haven't connected mine to the internet so that may be the way I go this weekend. Also, the FireTV payload seems right where I was going with this, but for Android phones. Thanks for the heads up as this will save some time! The biggest thing with launching the default payload generated by MSFVenom is it will be flagged by AV. Calling the activity will require some work using my AV bypass script as it randomizes the naming structure, but it wouldn't be hard to explain how to get that information. I wasn't thinki
  3. How would I go about getting an ARM version of ADB working on the bash bunny? I tried using Google's Python implementation of ADB, but it required libusb1 and other dependencies. The goal is to make a payload that: Enabled USB debugging (HID) Accepts connection to device (HID) ADB Install's package (bash) ADB launches package (bash) I had the HID payload working for enabling USB debugging, but then realized ADB was for x64 processors. I found a couple ARM versions, but couldn't get any of them working properly. Can anyone help me out with this. Ideally, I
  4. You also want to make sure your sources.list has the repo. http://docs.kali.org/general-use/kali-linux-sources-list-repositories
  5. What is happening is the script is seeing PayloadTrustManager.smali in the pulled apart payload generated by MSFVenom. This payload has a signature I havent spent time avoiding by AVG. The quickest solution is to make sure you are completely updated. On Kali Rolling: apt-get dist-upgrade apt-get update apt-get upgrade Also, after spending a weekend throwing this together I realized the '-x' option on MSFVenom appears to get the job done as well for injecting into other payloads. So if wanting to do a phishing attack instead of using apkinjector you can use msf
  6. Ended up finishing the unknown sources setting, but figured it is a waste of time as it can be easily bypassed once attempting to install. https://github.com/jbreed/usb-ducky-android-download Here is what I think will work best as there is so many issues that can arise. Potential issues: -Default browser not set to chrome. ALT d is to get the URL line for "Internet" app. May add this just to make it fail-safe. -Default browser not set at all. This will simply require pressing the button to relaunch the script as it should have been set with the first run. W
  7. Would be similar to using Meterpreter through the internet. WAN IP -> Router-> port-forwarding to Empire listener
  8. Are you scanning from within the local subnet?
  9. Hello Hak5 Community, Trying to figure out how to download a .apk file, then execute it. I know how to download it, which may be enough. Ideally, the whole process could be 100% automated. Maybe I could just sleep the script giving the user time to launch manually if there is no hotkeys. I tried opening the downloads inside the browser, but couldn't find a way to select the rows of downloaded files (maybe a security feature). Also, when bringing down the main bar and going to the downloaded file, then launching, it never opened the app other than seeing the AV scan take place. Note:
  10. Hello everyone, This weekend I got a little bored and began toying with Android payloads to just toy with a meterpreter shell to see how it is. Upon doing so, I noticed the payload generated from msfvenom required I ignore my AV to install. So this sent me down a path to bypass antivirus, which come to find out WAS EXTREMELY EASY! I began with apkwash, which simply takes the msfvenom generated payload and modifies it to bypass AV. The result... 0/35 on nodistribute and confirmed manually with AVG Mobile and Kaspersky Mobile. Nice! Perfect for having physical access to a device. Now i
  11. ON-THE-FLY FILE INJECTION Goal: With a MITM attack in progress, be able to sniff traffic and modify any requested downloads to the victim/client machines utilizing Ettercap. With this, the attacker should have the option to use a previously created payload from a file location, or allow for on-the-fly injection using simple ‘expect’ scripts passing a downloaded file over to a program for injection before forwarding it to the client. For pre-set files, the filenames would be modified to match the requested file before being pushed to the client. Ettercap Filters: Locate Exe fi
  12. Found the youtube series on creating modules: https://www.youtube.com/watch?v=Lvf2At3G1C0 I have experience with Bootstrap and AngularJS so it shouldn't take too long to figure out the formatting for the modules. Only thing is, hopefully I can leverage another module for finding *.exe download requests for a MITM attack otherwise it would make creating this a lot longer. Needs to be able to have a MITM running and replace any .exe a client requests with one that has a custom payload put in it. If anyone knows of something that already does this, then please let me know.
  13. Hello Hak5 members, New to this site and platform, but am pretty excited to be back in the states and to get my hands on the Tetra I purchased. When looking at modules I can't seem to find something similar to the MITMf framework integrated into it. This takes use of filepwn, but I have been having a great experience using Shellter. Where should I go for learning how to integrate a new module into the Pineapple? Here is what I am wanting: 1. Client makes request for .exe file 2. Pineapple forwards to the web server 3. Web server responds 4. Pineapple receives the
  • Create New...