Jump to content

Didier Stevens

Active Members
  • Content Count

    21
  • Joined

  • Last visited

About Didier Stevens

  • Rank
    Hak5 Fan

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. You don't need programming skills to achieve this. Open payload.sh, and search for this line at the beginning: NMAP_OPTIONS="-sP" Customize it with the nmap options you want.
  2. I'm experiencing issues with the various WiFi payloads on my Signal Owl with firmware 1.0.1. They don't work (BTW, the Bluetooth payload does work). The reason is that the wlan0 interface is missing. I have to add it and turn it on by adding the following commands to the beginning of the payloads: Do you experience the same issues? Or do these payloads work unmodified with firmware 1.0.0?
  3. After one hour running inside coat pocket, Bluetooth payload.
  4. I guess that with "the suggested tool that is missing", you mean the following script: https://github.com/hak5/sharkjack-payloads/blob/master/sharkjack.sh Looking inside this script, the upgrade process is essentially: copy firmware to /tmp/upgrade.bin sysupgrade -n /tmp/upgrade.bin
  5. Here are 2 thermal imaging pictures of my Shark Jack after fully charging. Top pic:
  6. Confirming it is random. First I have this: Then after Shark Jack reboot this:
  7. I just did some packet captures of a Shark Jack nmap scanning (using my Packet Squirrel 🙂 ), and to me it looks like the MAC address of the Shark Jack is randomized.
  8. I tested my Shark Jack and found 3 scans that, AFAIK, were not initiated by me. Looks like 3 test scans that were left in the loot folder and got shipped with the Shark Jack. Just wanted to known if other owners of a Shark Jack observed this too? To be clear: I'm not worried about this, just curious.
  9. Don't know if this is the right place, but here goes ... In the recon page, I would like a comment field, allowing me to add/edit a comment per scan (this is not a request just for the Nano, but other pineapples too). I have too many scans now in my recon.db, I can't remember where they were done exactly, and I would like to be able to identify them with a comment. For example: "Brussels office". I looked for the source code to add this myself, but AFAIK, this is not open-sourced. I can find the modules and openwrt on GitHub, but not the WiFi Pineapple code.
  10. No, it's actually 10,000,000 bytes and not 1,048,760 bytes. From the tcpdump man page: http://www.tcpdump.org/tcpdump_man.html And it's 1024 :-)
  11. I don't really like it when packet captures are written to a single file, unless I know the capture file will be kept small. A network capture can create very big files, that take a long time to read and display with Wireshark. And with the PS, you run the risk that the PS is improperly shutdown (e.g. loss of power) and that the capture file on the USB stick gets corrupted. That's why I prefer to configure tcpdump (or dumpcap) to rotate files and create files with a size limit. I changed the sniffing/tcpdump payload as such (bold): -C 10 sets the maximum pcap file size to 10.000.000 bytes. When that size would be exceeded, a new file capture file is created and the old one is closed. -z sync executes the sync command each time a capture file is rotated. This should guarantee that the rotated capture file is actually flushed to the USB disk. I will use my PS with this mod for a couple of weeks, and report back here.
  12. The command is reformat_usb. Remark that this will format the USB stick with the EXT4 filesystem: Hence not natively readable on Windows 10.
  13. I updated with a USB stick formatted for NTFS on Windows 10. No problems.
  14. Yes, it is. Although I had to do this twice. First time I did not pay attention to the time, and I (wrongly) thought the solid blue LED indicated that the firmware upgrade was finished. So I unplugged. And my PS was no longer booting (no LED). I had to use the recovery console to install the recovery firmware, and then do the upgrade again. This time waiting longer. But no problem, it was an opportunity to test the recovery procedure, and also find a small bug in the recovery console (created GitHub issue for this: https://github.com/hak5/packetsquirrel-payloads/issues/24).
×
×
  • Create New...