Jump to content
Hak5 Forums

The Power Company

Active Members
  • Content count

  • Joined

  • Last visited

About The Power Company

  • Rank
    Hak5 Fan +

Profile Information

  • Location
    Anywhere With Lights
  • Interests

Recent Profile Visitors

201 profile views
  1. What's your PC's specs?

    Prepare yourselves for my ultimate desktop specs: Pentium III 20GB storage on two 10-gb hard disks unlabeled graphics card with exactly one VGA output brand-new floppy drive, moderately used cd drive as well just upgraded to 384MB of RAM with a third 128MB stick I found sitting around Passive air cooling that sounds like an Asic Miner Windows '98 not one, but two USB ports!
  2. Best wifi usb for kali

    Alrighty, so I had this exact same question a couple weeks ago and it comes up often, so here is my answer: I have an Alfa AWUS036ACH, it is not plug-and-play with Kali. You can get it to work if you know how to manually configure and build drivers, but it is not straightforward. Literally just a couple hours ago, I got one of my friends with more technical knowledge to configure it for me, and I copied down the commands he used to configure it and may try making it into a script soon. I also have a TPlink TL-WN722N, which isn't dual-band, but looks similar to the one in the picture in the link you provide, and was the most popular interface for this task for a long time. However, the newest versions (V2 and higher) do not support monitor mode and packet injection. So this one is a no-go. What I would recommend if you are getting started is an Alfa AWUS036NHA. It has great driver support and range, is relatively inexpensive, is plug-and-play with everything I've tried, and Is just downright neat. I know it doesn't have two antennas, which may be a real turn-off, but dual-band actually isn't very helpful while you are still learning. If you know what you are doing, then you can buy expensive wifi equipment and have it do whatever you want. But there is little reason to spend a lot of money and end up not using the interface because it is difficult to configure. Is there any specific reason you prefer dual-band?
  3. Pineapple Radios

    Greetings fellow humans, Where/How can I figure out which of the radios on a Tetra is associated with which pineapple function? My shallow understanding is that the Wifi Pineapple Tetra has four radios in it, which are each used for different tasks by default (pineAP, open and management APs, etc). Most people are satisfied with using the dipole antennas that come with the pineapple, but imagine for a second that you wanted to use, say, a directional antenna with PineAP, but you only have one. Which knobs are attached to which wifi interface?
  4. Not one of the hak5 products is working properly

    Think about it in terms of the library itself: the various resources are all free and available for public use, but there are limits to what you can do with them. If you try to steal the books, bring a marker and scribble over the pages, burn them etc, you still can face penalties. The bathrooms are free to use but if you bring a wrench and unscrew all the plumbing, dump all the unused toilet paper into the toilets and clog them, install hidden cameras under the toilet seats to take pictures of people's balls, or shit on the floor, you can still face penalties. I am not versed in the computer laws of every country but in the US at least, just because something is available for you to use does NOT make it yours to tamper with, even if you think you are doing a service to the owner by proving it is vulnerable.
  5. Rubber Ducky

    The answer would be no. The Rubber Ducky is essentially just a keyboard that types out whatever program it to. The USB port is simply for keystrokes; the ducky doesn't actually have a way to transfer files from the sd card and back. That is why Mimikatz uses a server (setup outside of the ducky) to store its look. You don't even technically install mimikatz on the ducky, it just types in the necessary inputs to reach the server. The Bash Bunny, on the other hand, can bring its own exploits and store its own loot onboard.
  6. EDC bag

    A lot of the out-of-stock items were taken down from the store page recently, hopefully that means they have a bunch at least some new items coming out soon. I have the Tactical EDC Shoulder Bag, and although it looks like the bag pictured is a bit larger, mine is very similar in appearance. I feel like a smaller form-factor bag is better in a lot of scenarios.
  7. OSINT methods

    My favorite is DNSdumpster, a free recon tool for public domains. It has links to a bunch of other free tools as well. For example, if you enter hak5.org into the search bar, each ip address has a link to get http headers, do an online nmap scan, trace the path, etc. This can be very helpful for bug bounties, as it can give you an idea of how websites are set up.
  8. Best way to stay secure?

    At the base level, there is no danger in browsing the deep web or dark web (even to websites that claim to be run by hackers) as long as you don't download any files. If you plan on downloading files and running software then running a Linux virtual machine or a live OS is safer, since most malware is written for Windows. If you want to learn how to "hack", there are better places to start then random forums on the deep web. I'd start with, say, random forums on the clear web (such as this one, the Kali forums, etc). Maybe read a book or two.
  9. Clients can't connect to my Pineapple Tetra

    Keep in mind: Allow Mode means that only clients with their SSID or MAC in the filter will be able to connect. This means if your set filters to Allow and your filters are empty, no devices will be able to connect. Deny Mode means that clients with their SSID or MAC in the filter will not be able to connect. This means if your filters are set to Deny and your filters are empty, all devices will be able to connect. It took me longer than I care to admit to figure this out, hope it helps
  10. Best way to stay secure?

    Keep in mind that your ISP and potentially others monitoring your network can detect VPN traffic and/or traffic going into the Tor network. They simply cannot trace what you are doing when you are in there. Using a live OS such as tails can prevent them from, say, remotely installing a keylogger or screencap software, since changes between sessions are not saved. If you do use a permanent installation, be sure to keep everything updated to the latest versions to prevent getting Equifaxed (old vulnerabilities biting your ass).
  11. Blockchains use in InfoSec

    Perhaps there could be some sort of system where file integrity is verified through a blockchain sort of decentralized ledger. However, blockchain has largely fallen victim to "cool new buzzword technology must be applied to everything" syndrome. Just because something new is potentially game-changing doesn't mean it will change every other game as well. Really, the best application of blockchain is as a digital currency or token. Almost all blockchain-based technology that has been introduced is either an actual currency or simply takes an existing process and incorporates some token-based algorithm, as if this will magically make the process better. And in some respects, it may be better. But in my opinion, blockchain is a "just because you can doesn't mean you should" technology. Blockchain has its place, but information security is probably not it.
  12. Will you join me ?

    This sounds a lot like its coming from either some random kid in his bedroom watching anime or a good ol' FBI honeypot, but I do love quizzes! I don't do PMs though, so I guess I'll put my answers here. I'll pass on the edgy hacker society though. Q1. What is the most effective way to cover your tracks when attacking a machine (before shell access) Don't attack the machine in the first place and find something better to do Q2. Name an effective program to embed shell code in a program Extremely vague, what kind of program? What kind of shell? Q3. What recent Windows SMB exploit must be manually installed in Metasploit as of 2/11/18? Microsoft Bob Q4. What is the most effective tool to gain a Wifi Password without Brute Force? Social Engineering Q5. What are popular tools to aid in a Social Engineering Attack? Bringing Jayson Street with you Q6. What Deep Web sites are you present on? Include links to account pages. Yeah, as if intentionally identifying one's presence within an anonymous network isn't the dumbest idea ever. Q7. How many years of experience do you have? Time is a flawed human construct Q8. What programming Languages are you proficient in? Mostly just googling hacker buzzwords on the internet and pretending I know what I'm doing in the Hak5 forums Q9. Have you successfully pwned any machines/databases? Elaborate Again, as if self-incrimination is ever a good idea. This is the kind of stuff you shouldn't tell your best friend, let alone strangers on the internet. Q10. How much knowledge do you have in Social Engineering? Social Engineering isn't about knowledge. It's mostly just educated lying. Q11.What do you contribute to society ? I change my bedsheets occasionally. Q12.How would you describe yourself? That's not for me to decide. Q13.Would you be willing to die to achieve your goals? My only goal is to live forever (or at least until the inevitable heat-death of the universe), so no. Q14.Why do suffering and tragedy exist ? We can't appreciate the good times without the bad times. Q15.Do criminals deserve to die? No thanks.

    There is a limit to how many posts new accounts can make per day, if your friend simply cannot post then he may have just hit his limit.
  14. Is this viable?

    Compensating much? I have that interface and I don't see any reason why that wouldn't work, if you don't mind playing around with drivers.
  15. Kali Linux Book?

    I read through it, there's lots of useful information there for beginners. It doesn't go into details about the specific tools Kali has, but everything you could want to know about the OS itself is there. As a matter of principal, I cannot recommend buying anything that can be obtained legally for free, unless you really like paper books (which is understandable). The first chapter is also a bit fluffy, but I still recommend reading it. Although the tools themselves are what makes Kali most appealing to many people, understanding the underlying ecosystem can help you fix all sorts of problems you may encounter later.