thoregem
-
Posts
34 -
Joined
-
Days Won
2
Posts posted by thoregem
-
-
If you haven't done so already, I'd save common passwords into a database, so when people search for a hash you can just spit the plaintext right back out.
-
Before even opening it up, I'd recommend port scanning it. Some devices have open telnet ports that you can connect to, sometimes with no password or a factory preset one. You could try bruteforcing it, but opening it up might be easier. I'd recommend searching the net before attempting to brute force it; most of the time, somebodies tried to get into it before you.
Next, open it up. Look for serial connections (rx, tx and gnd). You're going to need some tools. Me and a few of my friends compiled this list of electronics from china. You want the CP2102 or the usb to serial adapter. They're the same thing, and you can pick one up for around $2. Often, when you connect over serial, you'll get a root shell on the device.
From there, it's up to you. IIRC, samy kamkar has a pretty good talk on this at Hackaday Superconductor.
-
1
-
-
Yeah I got the part about supporting the show. I really like the work that Darren and you guys do but I'm pretty strapped for cash. I've built similar devices before, but I was just wondering the difference between a device like the interceptor and the packet squirrel.
-
From what I've gathered reading through this forum for the past 20 minutes, the interceptor is the community project that birthed the Packet Squirrel. What I want to know is, why even bother with the Pi/Packet squirrel?
In Irongeek's implementation, he used a pi zero with an ethernet-usb adapter. Now, in 2018, we could use a pi zero and an usb/ethernet hub along with another ethernet adapter to achieve the same functionality. But, what was stopping them from using an arduino pro mirco/nano with 2 ethernet adapters and just logging everything to an SD Card?
I may just be pandering, but I don't really have the money for a $50 mitm packet capturing device, so I was just wondering why it didn't work out when implemented using just an arduino, 2 ethernet adapters, and a micro sd adapter. I think that'd be a lot cheaper than a packet squirrel. Correct me if I'm wrong, but isn't the interceptor just collecting packets, or is it forwarding them across the net?
-
Those adapters are about $2 each from aliexpress. I wouldn't buy them off the HakShop. Check out a list of more cheap stuff here.
The adapter should be under wifi adapters on that list.
If you want long range, I recommend an Alfa NHA and a Yagi
-
On 2/28/2018 at 12:38 PM, PixL said:
My guess is somewhere bigger like this?
https://s-media-cache-ak0.pinimg.com/originals/79/00/61/7900617a056645aca77d9d0291770a7a.jpg
Rubber Duckies with frickin laser beams!
-
Then, it's really up to you. As I said, it does run a bit slower, which is actually quite a lot slower since it's older hardware. Bootup takes about three times as long as it used to, as it has to load all the packages on boot. However, you do get a sweet app developed by the offensive security folks that lets you execute a plethora of attacks from within it.
There are tradeoffs. If you want to turn your phone into a mobile pentesting station, then I'd say go for it. If you're worried, I'd wait until you upgrade devices and then do it. My nexus isn't my main phone (it's a tablet) so I don't have to worry about bricking it and then being screwed. I think it's pretty cool, but I don't know how much use you'd get out of it. If you do pentesting professionally, then it'd be a great thing to be able to bring with you on jobs.
It's up to you dude.
-
I have nethunter installed on my nexus 7. It's like standard android, but it runs a bit slower. You do have a full kali shell, so that's pretty cool.
If you want to, I say go for it.
-
1. The library computer likely has protections against people doing this sort of thing, which is why it isn't working
2. It's illegal, which is why everyone else (including myself now) are telling you to stop. So stop trying to break other people's property, whether it's intentional or unintentional.
-
Yes, you do have to put an IP in your reverse shell. However, you could buy a server in a country with lax internet laws and send your traffic to that in a screen session, then just ssh into that through tor and you're pretty much untraceable, as long as they can't trace the money you've spent. There are ways to remain anonymous when doing these kind of attacks, but for most pentesting jobs, a raspberry pi running a server is pretty much golden, since you're on contract with the company and don't need to remain anonymous. You'd use the same technique (seriously, look into screen), and the setup would be pretty much identical.
-
ooh I want one too.... I already have an NHA, but you can never have too many wifi adapters
-
I'm going to bump this, since it's been a while since it was posted. I still need help on this issue, as I'm rather stuck
-
22 hours ago, unbredworm said:
Do you have a link to setting this up? Just got mine and I'm super excited to test the range.
Can it be configured to use with a Mac?
Yes, the drivers work on all unix based systems, so they will work on a mac. I'd recommend installing linux, as you'll get far more use out of it in an OS that you can customize and change settings to your liking. You could increase the txpower, which will increase the range. If that isn't far enough for you, look into 2.4Ghz Yagi-Uda Antennas. They're really fun, as they can give you wifi ranges of over a mile. Hak5 has a video talking about it.
-
This is more of a legal question. The way I look at it is: If I have to ask if I'll get into trouble doing something, I shouldn't do it.
Only hack on your own network, and nobody elses. DO NOT bring your pineapple to school, or try to show off what you can do there. It's good that you're getting into this field early, but you have to understand that there are limits if you want to pursue this legally.
I'd recommend installing linux on your computer and customizing it. Learn the CLI, and teach yourself how it works under the hood. This will come in super handy when you learn server exploitation in the future. Not to mention, Open Source is superior to windows.
-
4
-
-
The problem with most windows backdoors (including reverse shells) is that they need the window open to function. Your best bet is going to be to try and hide that window, so I've linked some stackexchange answers that explain how to do exactly that below. Most of these involve making the script into a vbs object, which by default run in the background on windows systems.
-
The Pi is a small arm linux box, so this is very feasible. You'd want to use software like GQRX to listen to signals, and there is plenty around for decoding. I've used my Pi 3 and Pi 2 with my RTL-SDR, and I haven't had any problems. I don't see how this would be any different. The yardstick one has linux drivers available, and this project shouldn't take too long to complete.
-
Yes you can, but you need an antenna for the specified frequency. Some standards are encrypted, so you won't be able to read the traffic, but you'll be able to capture it. You will probably need an HackRF, because no RTL-SDR receives in the 850/1900 Mhz bands used by GSM. IIRC, 2G uses a weak encyption protocol, so you could probably crack it with a good enough GPU in under an hour with Hashcat. 3G is a bit better, and you won't be cracking 4G unless you have a LOT of processing power.
You can read up on an attack done around 2010 at CCC Here.
Edit: After looking around a bit more myself, I found this. It looks like you can sniff GSM with RTL-SDR. Go figure.
-
Yes you can, but not at the same time. They way the RTL-SDR is designed makes it only able to process one input at a time, so you can have flightaware running, or you can read ADSB. Because of this, you can't "split the signal."
Btw, the flightaware dongle is really just an RTL-SDR with a focus on ADSB reception. For anyone else reading this, I recommend the dongle kit from RTL-SDR.com. I'm not paid by them or anything, but it's the one I use, and the dipole antenna works great. You can use it for ADSB too, but you end up paying a bit less because it's not marketed as for a specific application.
-
First off, there are plenty of resources for things like this out there, not to mention numerous threads.
Personally, I'd recommend the Alfa AWUS036NHA. It's the flagship of WiFi hacking, and will do everything you need it to. It's also only around 40 dollars. It can do monitoring, packet injection, and much more, not to mention you have the capability of attaching multiple antennas.
Not to sound like an infomercial, but I love my alfa.
-
On 1/22/2018 at 5:23 AM, Nonamed said:
Hello,
Can somebody help me with using THC-Hydra on Windows 7, please? I managed to download and run it on cmd.exe but I'm completely newbie in bruteforcing. My aim is to crack passwords in online browser game gokickoff.com. I found some tips in google, watched some videos in youtube but still can't run it. I have downloaded this large password file https://weakpass.com/wordlist/1802 renamed it to wordlist.txt but when I attempt to use it in cmd.exe it's showing me ''file for passwords not found''. Where I'm wrong? It will be much appreciated if somebody can help me.
1. You should be running linux, it's far superior, but we're not going to get into that today.
2. You need to make sure you're using the entire filepath, or that the password file is in the same folder as the executable program. Windows is really finicky with this. The entire filepath starts with C:\\ , make sure that's the one you're using. You can find it by navigating to the folder where the wordlist is and clicking where it shows you the folder you're in in File explorer.
-
Just now, Dave-ee Jones said:
Packet Squirrel is probably the better option, and it is highly configurable compared to the LAN Turtle - but they can both do what you want.
Then again, this'll turn into another LAN Turtle vs. Packet Squirrel argument so let's just sit on the fence and say "both can work".
I agree. They both have their upsides and downsides, and better use cases. Either one works for this application.
-
It looks like there's one for the packet squirrel and ducky, but I couldn't find a high res image.
Here's an image of four books, with the packet squirrel one
Here's 5 books, with the 5 different images.
It looks like her instagram only has 3 out of 5. You could try enlarging that image, and then clearing it up in a photo editor. Or you could just ping darren or someone that works at Hak5 and see if they'll give you the photos.
-
I think what you want is the lan turtle. It gives you some of the capabilities of the bash bunny, but it also gives you the ability to plug it into a network and let it be, and have it create a reverse shell back to you. I don't think the bash bunny can create a vpn/access point. IIRC, it's just a heavily enabled rubber ducky.
-
I really like the term "magic hack sticks." That just found it's way into my vocabulary.
Long Range USB WiFi Adapter
in Hak5
Posted
This.
Don't broadcast on any frequencies you're not allowed to. If you're in the US, you can't turn the tx power beyond I believe 22. If the feds catch you doing so, you'll be fined pretty heavily, and possibly jailed. It sounds stupid, I know, but there are certain ranges you're not allowed to mess with.