Jump to content

j4mm3r

Active Members
  • Content Count

    7
  • Joined

  • Last visited

About j4mm3r

  • Rank
    Newbie

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I was planning to upgrade mine to 1.1.3. Should I wait for the new one?
  2. Thanks for the additional info. Seems to be working as I described, so I will keep messing with it. I have several packet captures to do for work in the next week, so the PS will get a workout. Will let you know if I have other questions.
  3. OK, so I swapped the cables (contrary to the diagram on the hak5.org website) and it does seem to work. The laptop now gets a DHCP address from my network (with NETMODE TRANSPARENT set in the SWITCH1 payload) and I can both browse the web and hit my network as well as capture packets. Interestingly, when I switch back to arming mode, I also have to swap the cables back (like the diagram shows) to SSH into the PS. Not a huge deal, but I definitely must have misunderstood the diagram. I will continue to experiment. Thanks for all of your help.
  4. Thanks Philip. I did not explain my issue correctly. I put the PS in-line with my laptop and had the PS set for NETMODE TRANSPARENT and the laptop was not able to communicate with anything beyond the PS. I assumed it would since this is the default NETMODE setting for this payload. The laptop does not get an IP address from DHCP (I assumed the DHCP request would be passed through to the DHCP server). The PS does capture packets, but since I can't do anything on the laptop, it only captures broadcast traffic, etc. on my local subnet. I also tried NAT and BRIDGE mode, with much the same result (no IP address assigned to the PS or my laptop). In arming mode, my laptop does get a 172.16.32.212 address and I can SSH to the PS and access my network and the Internet. Clearly, I am doing something wrong, but I haven't been able to figure out what it is. Seems simple enough. I'd like to use this device to troubleshoot network issues without having to install Wireshark or some other packet capture software and/or port mirroring. Any ideas? Thanks.
  5. Hi All, Recently bought some Hak5 gear and joined the forums. Here is my story: My name is Rich a.k.a j4mm3r Favourite game: Command and Conquer, chess Favourite OS: Debian Favourite console: Wii Nationality: American Accent: Native New Yorker (Bronx) Sex: Male Race: White Height: 5’8” Build: Pretty good for 50 Favourite band: AC/DC, Home Free Favourite book: Sh*t My Dad Says Favourite author: Tom Clancy Favourite movie: Goodfellas Favourite director: None Favourite TV Show: Right now it’s Mr. Robot Favourite actor: Morgan Freeman Favourite actress: Amy Adams Favourite Pinup: Hmm . . . Favourite Comedian: Lewis Black, Chris Rock Other hobbies: Hiking, astronomy, auto mechanics, reading Car: 2000 Toyota Camry Occupation: Information Technology
  6. So, reading further in the documentation, I see that there are multiple NETMODE options: NETMODE is a squirrel script command which specifies which network mode to use in a given payload. These network modes determine how the Packet Squirrel will route traffic. NETMODE BRIDGE This creates a bridge between the two Ethernet interfaces. This means that both the Packet Squirrel and it’s target device get IP addresses from the target network’s router. NETMODE TRANSPARENT This mode is similar to the bridge network mode with the exception that the Packet Squirrel does not get an IP address from the target network’s router. This means that the Packet Squirrel will not have network (typically Internet) access, however it will be able to sniff the packets across the wire. NETMODE NAT In this network mode the Packet Squirrel obtains an IP address from the target network’s router and the target device gets an IP address from the Packet Squirrel. NETMODE VPN This network mode is the same as NAT with special VPN interface setup specific for client tunneling. The default payload has this set for NETMODE TRANSPARENT, which by the above definition (if I am interpreting correctly) does not allow access to anything on the network or Internet. Trying to understand why this would be the default for packet capture, but I must be missing something. Seems that you would want the target PC to operate as normal and capture what it is doing. I am new, so please tell me what I am missing. I will modify the payload to try the other options to see result. Thanks.
  7. When I set PS to packet capture mode, I cannot reach anything on the network. Cables are all plugged in correctly. If PS is invisible (no IP address assigned to it) and it is acting as a passthrough, not sure what is happening. Any thoughts?
×
×
  • Create New...