Jump to content

Asterix

Active Members
  • Posts

    8
  • Joined

  • Last visited

  • Days Won

    1

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Asterix's Achievements

Newbie

Newbie (1/14)

  1. Hi I found the following portals on GitHub useful. https://github.com/kbeflo/evilportals I first unzipped the file on my Windows 10 PC then used WinSCP to move the portals into the root/portal folder on the Pineapple MkvII these then show up in the Portal Library section of the Evil Portal page. Once you have a sample portal, its easy to clone one and make the amendments you need in the PHP and HTML elements. Stay safe
  2. This is my first post for absolutely ages to the Hak5 community, and was prompted after I discovered an issue whilst following the various set up guides within the community, and having read some really negative and unfounded comments from others having a go at Hak5 for set up issues. [disclaimer] From the very start, let me say that the issues were caused by my Virtual Server hosts here in the UK (Fasthosts) and by there system built in Firewall policy. Kudos goes to Hak5 Darren for pointing me in the right direction as I thought I was losing the plot. With hindsight, I should have checked the default firewall policy offered by my VPS hosts first and not assumed that everything was taken care of by the control panel gui.... Having created a new Debian VPS I followed the installation and setup guide https://docs.hak5.org/hc/en-us/articles/360012947614-Installation-and-Setup which appeared to work, I was able to connect to my new Cloud C2 control panel and add the generated setup token and licence key, and then add my WIFI Pineapple Mark VII using the downloadable device.config file generated by C2, however my Pineapple VII was unable to communicate with C2 and the connection status showed "last seen: never" which was odd considering the port used showed on the server as "open" and was listed as such in the VPS firewall settings. I tried again using different ports, each time with the same results. Turns out that my VPS host (Fasthosts) automatically block ports opened using the ufw utility which I used during the set up process. ufw allow 22,2022,80,8080,443/tcp ufw enable ufw reload ufw status The results showed:- To Action From -- ------ ---- 22,43,80,2022,8080/tcp ALLOW Anywhere 22,43,80,2022,8080/tcp (v6) ALLOW Anywhere (v6) And so I believed that the firewall was created correctly and working as expected. But as the Pineapple could not see the VPS I needed to dig a little deeper. So next I verified that the ports were closed using Netcat / Nmap First I scanned for open ports :- (**replace 192.168.1.1 with the IP of your server) nmap 192.168.1.1 The results were:- PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 443/tcp closed https 2022/tcp closed down As I expected the ports to be open, I then asked nmap to check if the host was protected by a firewall nmap -sA 192.168.1.1 PORT STATE SERVICE 22/tcp filtered ssh 80/tcp filtered http 2022/tcp filtered down 8080/tcp filtered http-proxy Then I asked nmap to scan the host protected by a firewall nmap -PN 192.168.1.1 PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 2022/tcp closed down 8080/tcp closed http-proxy The results were exactly the same after I disabled the ufw firewall ? and so I spoke to the tech support guys at Fasthosts who told me that they automatically block certain ports and using ufw and their built in firewall could cause various problems. One of the VPS setting options with Fasthosts is to create a firewall rule, opening (or closing) various ports. The default settings already included 22, 80, and although I had added 2022 & 8080 and they showed as "open" in the Fasthosts GUI they were in fact "closed" as Fasthosts were themselves blocking the two ports (and some others). Enabling and disabling the ufw firewall didn't have any affect but by enabling the Fasthosts firewall and closing all ports, then enabling the ufw firewall allowed the Pineapple MkVII to finally connect to the C2 server. Lesson learned. Don't believe what the VPS host GUI tells you. Here are all of the steps I used to spin up the Cloud C2 server from a completely fresh Debian install which did not have any networking tools enabled, the steps include the changes to the filenames to version 3.0.0. I realise that you can string commands together using && and automate confirmation using -y flag First I installed all of the tools that I wanted to have on my new VPS, you may have different ideas, also I had given myself root permissions, but you could use the sudo command. apt install vim apt install netcat apt install net-tools apt install unzip apt install ufw apt install wget Then I opened the ports ufw allow 22,2022,80,8080,443/tcp ufw enable ufw reload ufw status Next, collect the setup file from Hak5 wget https://c2.hak5.org/download/community -O /tmp/community Then unzip it unzip /tmp/community -d /tmp The version I used (v 3.0.0) creates a folder in the temp directory called C2-3.0.0 (note capital C) and places the setup files inside. I'm going to be using c2-3.0.0_amd64_linux in my example. First move the unzipped files to the bin folder mv /tmp/C2-3.0.0 /usr/local/bin Then create a new directory mkdir /var/hak5c2 Then create a service using Vim or your favourite text editor. vim /etc/systemd/system/hak5.service Then enter the following (or cut and paste) replacing xxx.xxx.xxx.xxx with the IP address of your virtual server. This example uses https. [Unit] Description=Hak5 C2 After=hak5.service [Service] Type=idle ExecStart=/usr/local/bin/C2-3.0.0/c2-3.0.0_amd64_linux -hostname xxx.xxx.xxx.xxx -https -db /var/hak5c2/c2.db [Install] WantedBy=multi-user.target You can cut and paste into vim 1. copy the content of the text from the text file (Ctrl-C or right-click & copy) 2. open the file you want to edit with the vim editor. 3. type 'i' to enter the insert mode ( check at the bottom for — INSERT –) 4. hit this key combination: Shift + Right-click & choose the 'Paste' from the menu. To save and quit vim, press the escape key followed by : w q ( colon write quit) Now reload, enable and start the hak5 service systemctl daemon-reload systemctl enable hak5.service systemctl start hak5.service Check to see if the service is running systemctl status hak5.service You should get a confirmation that the service is running, along with a setup token which you will need to enter into the Cloud C2 setup page along with your License key and account information. It will look something like this:- Oct 28 14:15:51 localhost c2-3.0.0_amd64_linux[1665]: [*] Initial Setup Required - Setup token: ABCD-2EF3-G45H-6IMN Now open up your favourite web browser and enter the IP address of your VPS https://192.168.0.1/#/setup Fill in the blanks needed to validate your license etc You should now be able to add Hak5 gear. See https://docs.hak5.org/hc/en-us/articles/360014295634-Adding-Devices-to-Cloud-C2 I'm don't profess to be a Linux expert nor am I the best teacher, but hopefully someone will benefit from some of the information provided. Keep Safe
  3. UnLo Ive pretty much given up on this, as all THREE of the Bash Bunnies I have received died either directly after the firmware updates or shortly afterwards and OK I may have cocked up the first one during the update process by doing exactly what you did and unplug the bunny whilst the green light was still on, but not a chance with the second and third units which I attempted to update using the advice from Darren in his post of 8th March. I now have three dead bunnies and no way of recovering firmware on any of them, let me know if you solve the problem or hear of a fix MM
  4. From what I can see, the firmware update is not affected by the addition of unpacked contents of the .gz to the root, but then again I am unable to comment further as my 3rd Bash Bunny replacement died after I updated the firmware and I can not elicit any response from the guys in Hak5 Support who have been ignoring my emails for the last 3 weeks or more. Just_a_User gave me some great advice when I was attempting to update my first BashBunny and the update then went without any problems. Let me know how the update goes for you will you please. MM
  5. Hi Having successfully used the Factory reset procedure on a couple of occasions, and then updated the firmware to the latest version I have now run into a problem that I can not solve on my own. I wrote a couple of payloads and copied these into Switch 1 & Switch 2 and tested each on a Windows PC, then wanting to make some changes I plugged Bunny back into my Linux Laptop. The green led lights up as per normal but then nothing (no blue blinking). I tried to connect via Serial / Screen bb.sh etc but without any success so I decided to Factory Restore the Bunny once more. Same process as before, wait for the green led to go out and then unplug, did that 3+ times, Bunny flashes the expected Blue/Red Led for ages but then nothing. Lights go out and the Bunny is Dead ! After the Reset process, the Bunny becomes very hot to the touch, with a faint whiff of toasted circuit boards, I unplug and leave it to cool down for 20mins or so, then try the Reset process once more. Bunny is still dead... Is there anything else I can try, or is this a very deceased Bunny? All suggestions welcome. M
  6. Thanks very much for the explanation. Saved me several more hours of frustration... Bunny Flashed and displaying RED flashing LED so success I think. Much appreciated. MM
  7. Hi Bunny Fans....this is my first post so please be gentle with me! Can someone help clarify something for me please? I've been experimenting with my new Bash Bunny for a few days now, and apart from having to restore it back to factory settings a couple of times I think this will become one of my favourite exploit tools. Today I decided to FLASH the Bash Bunny Firmware to v 1.3. I followed the download link, and the flash instructions but have not been able to get bunny to update the firmware (Police LED Red/Blue etc). So here is my question. (Please don't tell me i'm being stupid or should know better !) This is what the instructions tell me to do:- Step by Step Firmware Upgrade Instructions So I did all of that. I use Kali-Linux with Midnight Commander as my visual file manager/explorer. Step 4 says copy the firmware upgrade file downloaded in step 1 to the root of the Bash Bunny flash drive.... Q. Does that mean copy the entire "FOLDER" called "/upgrade" or the individual FILE called "uImage" within the "/upgrade" folder ? Q. If I browse to "media/root" then I find a FOLDER called "/BashBunny" this is where I have "Switch 1 / Switch 2 etc" so not what I would class as the ROOT of the USB device... Or am I getting totally mixed up with terminology caused by years of exposure to MS Windows file structures ??? Any help would be welcome. Thanks MM
  8. I had problems trying to restore the Bunny using the method suggested by Darren (as above). Firstly I did not READ the original posting carefully enough and was unplugging Bunny whilst the green light was on and not as soon as it went out ! (Human Error), but having kicked myself for not reading instructions (its a man thing) I still could not get Bunny to restore itself. I unplugged Bunny from my Kali-Linux machine, and did exactly as the original post suggests, but this time simply plugged into a USB Power Source (not my Linux laptop) and behold... Bunny restored itself exactly as Darren said that it would. I have no idea why this is (other than subtle USB voltage differences).... but its maybe worth a try if you have exhausted all other options.
×
×
  • Create New...