Jump to content

Bob123

Active Members
  • Posts

    182
  • Joined

  • Last visited

  • Days Won

    6

Everything posted by Bob123

  1. It would be nice to sell this all together for $400 plus shipping. All items in perfect condition. Will try to include whatever stickers and documentation I have as well. US only please. Unless you can guarantee the money and take responsibility for the shipping and customs charges. 1x wifi pineapple mark v 2x rubber ducky 1x lan turtle 1x bash bunny 1x packet squirrel All are in perfect condition and only used a few times to answer questions on here and test a few of my own scripts.
  2. Ok I really hope your take away from my helpful hint wasn't to only do what you did above. There are several payloads that you mentioned didn't work. Several of those use ducky script or have many commands tight together which is why I mentioned adding some delays between the commands. You do understand that what you did above will do absolutely nothing right? Did you see the part where I said verify the code works? USB exfiltrator by itself copies only pdfs and works just fine. Do you have pdfs in your documents folder? Did you try doing an xcopy from your bb to see if you could even copy those pdfs to your bb? Comment out or delete the hidden commands in the files and watch what powershell does. Are you getting errors? You could also remove the whole caps lock blinking. I usually do. Makes it a bit more stealthy.
  3. @Xyvir Sorry I just noticed your post. I don't visit here much anymore as the forums are pretty much dead. 😞 But here's the link that SelfTaughtDude was talking about: https://github.com/hak5darren/USB-Rubber-Ducky/blob/master/Encoder/resources/keyboard.properties
  4. You need to modify the delays and add delays. Take a payload you want to run, make it painfully slow, and verify each step. Then when it works, start to speed it up until it no longer works. 99% of these payloads are too aggressive and never work for me out of the box. I always have to slow them down a bit. If you search around in this section of the forums or even the rubber ducky part, you'll see me say that a bunch of times.
  5. Bob123

    red led

    Have y'all tried a different firmware on the duck? Try twin duck and see if that helps at all. Mine are on that firmware and I've never run into this issue.
  6. Dumb question but did you take that notpad file and convert it into an inject.bin file? https://docs.hak5.org/hc/en-us/articles/360010555093-My-USB-Rubber-Ducky-shows-a-solid-red-LED-now-what-
  7. I know I didn't mean to. This one was more directed towards justLooking but then thought others might not see my general question. Let me know if you want me to remove any or all.
  8. Hello everyone. I have an interesting question that I hope someone can answer. Basically what I'm after is, a standard 64bit Kali or Parrot VM that you can download that comes with all the pentesting tools like metasploit...can you actually hack a Win10 64 bit box with it? I'm asking because I went through the cyber mentor's online class, I follow hackersploit's youtube videos, and there seems to be something wrong and I'm just not so sure it's me anymore. I have two Win10 VMs and now the same but physical, on two networks and all I want to do is pivot. I have usernames / passwords. I've dumbed them down to accept msfvenom payloads...They just don't want to work. My findings so far have been: a 64bit payload and listener work, but then meterpreter, getsystem, and other commands don't seem to work. A 64bit payload and 32bit listener don't work. A 32bit payload and listener work, commands work, but I don't get anywhere. The commands don't error out or stall...but they just don't give me proper info and I think they are trying to tell me that I need 64bit payloads and listeners. I'm assuming Armatige is only 32bit since I can't get anything 64bit to work. Psexec doesn't want to work even though the usernames / passwords are mine since I created them. I'm just stuck. And what makes it very interesting is I never had this issue with WinXP back in the day. So I get that Win10 could be a road block because it's different...but are Kali and Parrot with their version of metasploit also a potential road block? Am I missing something? Will this only work with the paid version of metasploit pro??? It just bugs me cause the cyber mentor never had an issue. Hackersploit did a video on pivoting. He didn't show what was behind the scenes but I followed his commands to the T and it still wouldn't work. I've followed several Medium posts and it hasn't helped... Any help would be great. Thanks.
  9. So I'm going to ask a question here and maybe even make my own topic on it cause this ones a bit interesting... So the issues I'm running into seem to really stem from the architecture. The win10 VMs from cyber mentor and now my physical win10 boxes that I'm practicing on are all 64bit. The vanilla style (if you will) metasploit that comes with both Kali and Parrot can do both 32bit and 64bit...but can it really do 64bit? Or is this really something that is more tailored for metasploit pro which is paid for? I'm about to start testing on win10 32bit just to see if any of these issues go away. Cause with my kali and parrot VMs, I'm to the point where I can't even get psexec to work. Which makes no sense since I know the username/password...since I created them for the box. Anytime I'd create a 64bit payload through msfvenom my listener would crash very quickly. And that was due to using a 32bit listener. A 64bit listener would work but then none of the commands or options seem to work. A 32bit payload and listener work best...but then it seems like "getsystem" and trying to get the hash don't seem to work. And I had zero problems back in the day when I had a winxp setup...
  10. I started to mess with GNS3 then like you said, got sidetracked. For cyber mentor it was chapter 19 post exploitation. He talked about pivoting, modified the VMs a bit and showed it working. I did the same but couldn't pivot for some reason. I tried multiple Kali and Parrot VMs with and without armitage all with no luck. I did however try it on some older xp VMs and I could pivot just fine. So either I missed a step or he left a step out. But either way I would like to get it to work. I'm going to start messing with them again now.
  11. Hey justLooking. If your doing the The Cyber Mentor course where he has you create VMs and a domain and all that, when you get to pivoting between the two VMs could you let me know if you get that to work? I couldn't and couldn't figure out why. I'm going to try again today or tomorrow using a different approach but I could pivot between some of my old winxp VMs like nothing...I just can't seem to do it using the VMs I created for his course. Thanks.
  12. Can you give me a few examples and I can try to repeat the process with mine? I've only done a packet capture a few times and it seemed like it was all there...but that was several years ago. Thanks.
  13. Naw I'm not going to smash it. I reformatted it as NTFS for now. Still probably won't trust it. I'll give the sdcard formatter a go. The Bus Pirate v3 looks interesting. Bit pricey but cool. Thanks everyone!
  14. Well never mind. I tried reaching out to both the creator of the vulnhub vm and jackk neither of them are probably around. Anyways I ended up using a different exploit to gain root, then using the python SimpleHTTPServer I was able to rewrite the passwd file like it showed in jackk's video. So I'm happy.
  15. Hey quick question. I know all of this is quite dated but I just thought I'd play around and see what happens. So I have the basic pentesting 1 vm from vulnhub. I'm watching Jackk's ctf walkthough and at the end he wants to modify the passwd file and then send it back through meterpreter to the ctf vm. His works and he becomes root. Mine spits out core_channel_open: Operation failed: 1 which according to what I found on google means I don't have permission. How did he get permission and I didn't when we both did the exact same thing??? Just wondering. Thanks.
  16. Thanks guys. I don't know though...it was already binned. I'm thinking smashing it might be my next order of business.
  17. So check this out. I attached a pic so I'm not crazy. But I have a 16GB thumb drive. It's a POS that I pretty much had given up on. Recently I was going through my jar of pooped out thumb drives and I found it. I inserted it, formatted it, and attempted to give it a new mission in live. I through a bunch of video files on it and also used it to move some work stuff around today. So later today I had it plugged into my laptop, closed the laptop and walked away. I came back to the laptop and saw the drive flashing away. I opened my laptop and found my files all jacked up. The attached image shows what the files look like. It was about a dozen or so video files. Windows explorer states I have 756MB used and 14.2GB of 16GB free. However again from the attached pic there are at least four files that are almost 4GB in size! Has anyone ever seen this before? Look at the file extensions. It's crazy. There's nothing wrong with my laptop and no hacking or crypto/ransom going on. It's just a straight up messed up drive. Guess it's going back in the jar. Pretty damn cool though! Some how my work files survived earlier today...
  18. Nicely put Struthian! I've tried to help out in other parts of this forums when someone is unhappy with a product and I typically get crickets. So I don't think they are truly looking for help. They're just not happy that it doesn't work out of the box. And if I'm wrong by saying that then let's all work together and make it work the way we want. JeffP, if it's still in the garbage can I have it? Thanks.
  19. You know to a point I do feel your pain. I myself have had some pains with Hak5 over the years. But I guess the question really becomes, what did you expect, and what are you aiming for? A $5 rpi zero can do everything the duck can do. Does it look as good as the duck? No. Is it as easy to program as the duck? Big No. But then again why are you buying a duck if you don't at least know some programming? The idea of the Hak5 tools were never meant to be plug in play. I think they started going in that direction because we as humans have gotten to that point of expecting things to just work. But a true hacker would never expect that, nor want that. For me, I got these to mess around with and they have all worked flawlessly. Maybe not painlessly at first. But they all worked. And I've learned so much from them over the years. Because of them I've learned to make a $5 rpi act like a duck. Or a $15 micro router act like a packet squirrel or lan turtle. The whole point of these hak5 tools are to help you to learn. So what would you like to learn about today?
  20. Man I'm really not a fan of reliving the past but someones going to have to tell me what they are doing to their Win10 1903 boxes. I have a Win10 1903 with defender on by default. I have a Win10 1903 VM (several) with defender on by default. Granted when I have a payload with mimikatz or anything defender sees it as questionable and instantly deletes it on me which is a huge pain in the... But I have never seen windows defender prevent my inject.bin from running. I'm not even sure how it would see it as it's code execution from within the duck (keyboard)... So I'd like to help but someone needs to explain what's different from their environment compared to mine. Unless something physically changed in the ducks. I have two. A blue one and a green one. I know they went through several small changes back in their prime but both of mine work exactly the same. Course one other thing to point out. What are all of you trying to do? I'd suggest taking a step back and create a payload that opens notepad and says hello. Can your duck do that? Start there. Let me know what you had for results. Then we can go from there. I just got a Malduino and it itself comes with nothing. So first payload was notepad. They my favorite payload which is to show all of the wifi passwords. And then I have done more from there. But all of which were based off the duck and still to this day work on the duck.
  21. Windows has to install drivers to get the duck to work. Are you sure they are being installed during the OOBE? Can you get the duck to do anything during this? Like type your name or anything? If you can get it to do at least something then it's probably a timing issue. Throw a few second delay at the beginning to make sure windows has time to load up the drivers.
  22. The Mark V makes a new TV appearance? It's funny too cause I just dusted mine off yesterday. I'm watching TV today and saw Angie Harmon come on and talk about identity theft. Then Leno appears and talks about something...then they show the bad guys and sure enough they are using a Pineapple Mark V! Thought it was pretty cool. Looonnnggg commercial though. DVR FTW! Guess it was some combo through Norton, Lifelock, and some VPN.
  23. So your kidding me if I type airmon-ng I get command not found. If I type sudo airmon-ng the command runs just fine. Rather than the good old days where you get a small reminder to be root or to use sudo...nowadays we just say command not found? Dumb...
  24. Ok am I missing something? I'm using the latest 2020 VM version of Kali just for testing and helping others. Aircrack-ng is installed but when I type airmon-ng or airodump-ng it says command not found. I've uninstalled aircrack and reinstalled aircrack and still nothing. I built my own VM with kali 2020 and install all tools and airmon-ng and airodump-ng DO work. So what am I missing in the prebuilt VMs? Why is this so hard all of a sudden? Side note but I've noticed over the years the VMs seems to have less and less or less and less work out of the box. Is there a reason for this? I typically use 2018 or very early 2019 versions as the newer versions seem to be purposely broke. Any input would be great. Google seems to understand my question but gives me no sites that have any worth while answers.
×
×
  • Create New...