aethernaut

@psydT0ne Spooky, I was just about to ask this. They'll soon have to drop the "weekly dose of technolust" bit... 😀

I am having trouble seeing what you are trying to do. You have gone to a VPS provider and got yourself a VPS and then installed the Kali toolset on it You have then run a wireless monitoring tool and the tool asked for monitoring mode on a wifi adapter You have found that VPS does not have access to a wifi adapter You are then trying on find a way to add a hardware device to a VPS You have tried to add a wifi hardware device by using "apt-get" and it hasn't worked So you want to sniff the wifi traffic in the data centre of the company that provides your VPS?

@LivingL393nd Wow, now that's what I call a "cover all eventualities" delivery window ......

Just don't try it. It's pretty much certain that wherever you are on the planet, accessing someone else's account without their consent or installing "spying software" without any legal authority (or being Microsoft / Facebook / Google) will be against the law. No-one here should really help you with that. Anyone even considering illegal activity has to be very careful how they go about things and how they may be caught out; like the email alert you mention. They must also consider any traces they leave even as they prepare their action. Take your above post for instance. If you are a careful person even at this early stage you are using a one-off account name (Skier780) just for this thread. This is because your post (above) will probably get captured by Google at some point. So (assuming you are not using a one-time name and your post is not an attempt to induce sympathy to get help to do something else) your girlfriend gets suspicious because you seem to know too much. She tries to find anything you may have posted online, she types in the name you often use into Google and "Boom!"; your post on the Hak5 forum. After that people in uniform get an urge to talk to you. You end up in court. Of course I bet the most likely way something like this is discovered is the pair of you have a full-on argument. She says, "No I didn't!" and, all angry, you shout as loud as you can, "Yes you did!, I hacked your Snapchat account!!!". Once again people in uniform get an urge to talk to you. You end up in court. <advice style="Dear Abby";> During difficult times people can make quick and very bad decisions and find their life FUBAR. Many years ago a telecoms company had adverts with the tagline, "It's good to talk". Sage words. </advice>

With reference to my posting above, I thought I would mention (just this once) that today's (31OCT18) "free learning" non-DRM PDF eBook at Packt Publishing is Kali Linux Cookbook - Second Edition (2017). The advertised price on Amazon today for the Kindle version is £23.39 GBP / $29.92 USD. The book changes to something else at midnight.

Well I would suggest that you have now learnt your second lesson, "don't try to run before you can walk"... ?

The Bunny looks a bit too "custom" for you to be able to find one off the shelf. However, if you're looking for just a dust cap type cover you can pick up 10 on eBay for 99p. If you are looking for a full cover to protect against shearing off the plug you would likely have to make one. It would have to cover the USB A but also probably lip over the edge of the Bunny itself so as to give a bit of shear protection. There is a plastic lip around the base of the USB plug on the Bunny but I doubt that using that to support a cap would offer any greater protection against a clout heavy enough to harm the USB plug. Personally, I got some Shadow Foam and fitted out a toolbox to store all my wi-fi / HAK5 stuff when not in use. It's just to stop everything rattling around and smashing into everything else.

Forgot to mention: It has Windows, Mac and Linux desktop clients as well as Android & IOS clients.

Do you also have to open up port 2022 on the firewall? I was guessing that that was how the devices phoned home.

Are you trying it today with the same target as yesterday (i.e. the one that worked)? Are there any clients (which will be deauthed from the access point) within the range of your wifi card (wlan1mon)? If there are not, connect a phone or tablet or something else to the access point (using its wifi password) before undertaking the monitor / deauth.

For those not aware, Kali books occasionally come up on Packt Pubishing's site as one of their daily "free-learning" ebooks. All of Packt's output is tech-related. https://www.packtpub.com/packt/offers/free-learning Kali ebooks I have picked up so far are: Kali Linux - An Ethical Hackers Cookbook Kali Linux Social Engineering Kali Linux Wireless Penetration Testing Essentials Kali Linux – Assuring Security by Penetration Testing Kali Linux Cookbook Instant Kali Linux I can't really rate any of the above as I downloaded them on the day they were free "just in case" I ever needed them. The offers do repeat so the above may come around again. You need to sign up for an account but the books are PDF downloads and not DRM or on-line viewing only. They also have quite a few permanently free ebooks. They can vary in content quality but being free you can just delete those you don't like and not feel cheated...

Everyone, This is how I see it. Please correct me if I am wrong.... orrin, Its the IP (or DNS name if you have such a setup on an internal 192.168.xx.xx network) of the box you have put c2_community-linux-64 on. As I see it Cloud C² does not call up your devices, your devices call "home" to Cloud C². This will be the address that forms part of each device.config file so when your device goes online it knows where to call. If you are testing Cloud C² on an internal / home network you could use sudo ./c2_community-linux-64 -hostname 192.168.0.10 if 192.168.0.10 is the computer running Cloud C². Of course if the device is not in your network a 192.168.xx.xx address will not be reachable over the Internet. You then access the Cloud C² GUI using http://192.168.0.10:8080. Then (once each device has had its device.config file generated and placed in the /etc/ directory on the device it was generated for, and the device is equipped / set to connect to the network) you can view the connections as they come in. If you then later start up c2_community-linux-64 using different settings (like a different IP) you will need new device.configs for all the devices. Same applies if you later point your external IP address to your Cloud C² box and start using a DNS name like cloudc2.example.com (where example.com is replaced by your domain) and https. Basically once you have created device.config files for your devices you should use the same start-up settings for c2_community-linux-64 every time until you are finished, get all your devices back and can start all over again with different settings /options selected.

Thanks for responding Darren, It may seem a bit petty but could I suggest that at some point "Wipe" is considered for relabelling? It's just that "Wipe" suggests a delete / overwrite security process rather than a normal factory reset.

Dear All, If you would like to use a note system such as Evernote but don't want to lose control of your data could I suggest you have a look at the free and open-source Joplin? https://joplin.cozic.net/ It is still in development and does not have all the extra fancy bits of Evernote but it does sync the data to the server (and store it on the server) encrypted. You can use your own Nextcloud instance so you get more control. Also the clipper works very well. A plus is that as it uses Markdown it makes quite a good stab at code-highlighting (```html```bash etc.) I do not have anything to do with this project apart from being a user and donating some cash to the dev. I have been impressed so far, hence this post.

Also is "wipe" supposed to clear the SD card as well? I just tried wiping a Pineapple (that would sound SO odd out of context). After setting the Pineapple up again the module manager still showed what modules I had previously installed. They were not working but I assumed that the Pineapple was picking up something from the SD card? I did not have the foresight to take the card out and check it before putting the modules back again. I only ask as it is possible to save scans, the pool and all other stuff to the SD card rather than the Pineapple itself, so if the wipe is a security feature should it not try to nuke as much of the SD card data as it can?