Jump to content

RazerBlade

Active Members
  • Posts

    216
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by RazerBlade

  1. Fair enough. But I still stand by it that the Bunny is overall much more effective than the ducky. Sure, the ducky may be fast but if you are getting into these kinds of attack, the best tool is the BashBunny in my opinion.
  2. If you wanna go for the pineapple, go for the TETRA cause Nano sucks. For USB, BashBunny all the way. 100x better than the ducky, it can do so much more stuff. If you really want the ducky, I would recommend the malduino. It's the same as the rubberducky but much cheaper. All payload are compatible with the ducky. Link here: https://malduino.com/
  3. So I have a question. How do I reverse enginer a Javascript file? The problem comes from my previous thread: The goal is to get the request headers the website has so I can scrape data from the website. The problem is that the website uses a javasricpt to download the request headers and can therefore not be seen in chrome. In the script that the website uses, headers.js does someother mean things. It replaces the http connection with a websocket one: getURL().replace(/^http/,"ws") So I want to run the javascript file so I can print out the final url that it creates complete with headers. Right now they don't show up. Maybe a way would be to directly interact with the website, maybe the chrome console? Link to JS if anyone would able to help: https://www.avanza.se/jmvc/production/241897.18/header/header.js
  4. Is your rubber ducky named:_ And have you placed d.cmd in onto your rubber ducky
  5. And why not just use Discord? Everyone has it so why complicate it!?
  6. I know that. But in my experience, smb server upload is not always as reliable as just USB.
  7. I saw Darrens video yesterday and thought how his improvements that could be made to the BashBunny. Sometimes, windows defender removes malicious files and therefore it could be smart to use read only storage. But I He said that you could read only storage and exfiltrate the files via network. But I would like to see an improvement made to the bash bunny, to have an read and write exfil partition on the bunny. So one partition where all the payloads and stuff like that are read only but it will also have an partition to exfiltrate small files without the need of network. Ping: @Darren Kitchen
  8. It's over ssl, TSL because it's WSS WebSocket Secure. Do you have any tips on building a script for doing that job? I don't know if a send/receive conversation would be needed but it maybe.
  9. As said before. I need to automate this process because it's so much data I need to download. Does anybody know if I can use cURL?
  10. Well it's quite a lot of data I want to download so doing it manually won't happen. I have been looking at this: https://github.com/aaugustin/websockets But haven't got it to work as I want it. This could maybe work: https://github.com/novnc/websockify but I don't really understand how to use it. Also, with chrome you can copy the cURL address with all variables. Maybe I could get it to connect that way?
  11. Hi! I am wondering how you download WSS frames to a text file. On chrome you can see all the wss frames and the thing I want to do is to download all the frames locally. On
  12. Just so you know, the nirsoft tools get detected almost right away when trying to execute the program. Maybe look into Accxtract https://github.com/garrett-davidson/AccXtract or LaZagne https://github.com/AlessandroZ/LaZagne which in my experience doesn't get detected so often
  13. Well. Payloads designed for 1.1 is COMPATIBLE with 1.3 so downgrading is completely useless
  14. I have tried using the lan turtle and it doesent seem to work. Anyone had luck with lan turtle as Ethernet adapeter?
  15. Rather, it seems by locking your PC it keeps it safe from HID attack unless you the persons login.
×
×
  • Create New...