Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by kuyaya

  1. Hm, I know that hashcat is able to set up a server where I PC acts as the server and the others act as clients and crack together, but I don't know if that's what you're looking for.
  2. 1. https://www.google.com/search?q=change+name+of+usb+device 2. What do you mean with "define a folder which is shown to the user in attack mode"? Can you explain what you want to do? If you want to show it as a mass storage just do ATTACKMODE STORAGE
  3. That is probably a bunny or ducky thing, and not a couldc2 thing, so you are in the wrong section here. What do you exactly mean with "connect to c2"? Just go to the web interface or...?
  4. Don't ping him pls...
  5. besides, the omg cable doesn't attack phones
  6. My name is kuyaya and not elliot. My "rank" is hak5 elliot because I'm a fan of Mr. Robot. No need to get mad my boy. I just thought that you could do a little googling before asking the questions. Have a nice day and stay safe :). btw 200th post yaaay
  7. Das scheint die Lösung zu sein👍
  8. kuyaya

    Key Croc

    As I said above, I don't think the authorized reseller sites are worth it. I had to pay 106$ including shipping and everything (to switzerland). I know that the shipping may be more expensive in certain countries, but even with taxes and everything, it'll never ever cost 159$. If you buy it on the authorized resellers sites you still have to pay taxes. It's a bit less, but you still have to. I always hear people complaining about the prize, but that's obvious when they buy it on amazon or some other sites for like 70$ more (without shipping!). The official shop is always the cheapest option. I don't understand why some people don't buy it from the official shop.
  9. http://www.just-fucking-google.it?s=make an exclusion powershell&e=finger
  10. Are you sure you run it as admin? If you do so and it still doesn't work, I recommend you to make an exclusion
  11. I don't even know what you are talking about
  12. Ayyy your 100th post🎉🎉
  13. Nein, das habe ich beides nicht gemacht. Ich lösche einfach die Zertifikate und mache sie nochmal neu. Ich glaube ich habe ein paar Sachen falsch gemacht: Es werden ja Fragen gestellt, z.B. Unter welchem Namen soll das Zertifikat signiert werden soll oder wo ist dein Standort und so. Was soll man da eingeben? Ich habe da einfach meinen eigenen Standort angegeben und so. War das falsch? Muss man von den erstellten Zertifikaten etwas kopieren und dann importieren? Ich habe alles auf dem Pineapple gelassen und einfach das Zertifikat vom Web genommen, wie ich das oben beschrieben habe. Wie du siehst mache sowas zum ersten Mal😅, danke für deine Hilfe nochmals :).
  14. I do not know exactly how many of the private users use a ms account, but what I know, is that almost every company uses local accounts for their employees. That means, if you'd use it on the field, depending on where you use it and in which environment, you'll probably be successful.
  15. Hallo, hat super funktioniert! Danke :). Ich kenne mich mit Zertifikaten nicht gut aus und habe noch eine Frage. Es hiess bei mir "nicht sicher" (oben beim Browser), ich habe das Zertifikat auch noch nicht Importiert. Ich klickte dann auf "nicht sicher > Zertifikat > Details > In Datei kopieren" und habe es dann so auf den Desktop kopiert. Dann habe ich das ganze in Chrome importiert und chrome neu gestartet. Leider hat das ganze nicht funktioniert, es heisst immer noch "nicht sicher". Ich versuchte dann noch ein zweites Zertifikat zu erstellen, falls ich beim ersten vielleicht etwas falsch ausgewählt hatte, doch auch hier bekam ich das gleiche Resultat. Was mache ich genau falsch?
  16. @Bob123 I think I got the solution finally. I have a Microsoft account as account on both my laptop and PC, so I can synchronize with OneDrive between them. As I said, I left it for 20 minutes and it didn't work. OK, so here is the solution: I tried it on another computer with a local account and not a microsoft account and guess what, after it booted up it instantly grabbed the hashes, like literally instantly. So for anyone who had the same problem as me, it only works on local accounts. But it still works. I'm so happy I finally found the answer.
  17. Hm, hard to tell, since I don't know when exactly this pops up. I need to know at which point of the payload this pops up. What parts of the payload did successfully execute?
  18. kuyaya

    Key Croc

    Wow, may I ask where you live? I also live in europe (switzerland to be exact), but I only had 10$ shipping, no 'handling' costs by customs and if I'm lucky I don't get taxed, if I'm unlucky I have to pay maybe around 25$ more.
  19. kuyaya

    Key Croc

    Why don't you just order it on the official site? It's cheaper there ime
  20. I'm honored and always glad to hear that it works, thank you 🙂 if you have another question, feel free to post it here :).
  21. kuyaya

    Key Croc

    Probably in a few hours
  22. Hey there 1. If the keyboard layout is the default USA one, you should be fine with the us.json file. You don't even have to do "DUCKY_LANG=us", you can just delete the line because the default language is us 2. On line 23 in the payload.txt: delete the whole line and replace it with: Q GUI r Q SHIFT ENTER # If it is shift-enter, you can leave it like that, if it is enter-shift, you have to switch shift with enter. Q STRING "powerShell -windowstyle hidden -ExecutionPolicy Bypass .((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\bypass.ps1')" Q ENTER 3. Your computer language is in Chinese, that means it should also be in chinese. Try replacing it with something like "管理員" (got this from google translate). If you are not sure wether it is in english or chinese, go to powershell and execute "Get-LocalGroup". Here you should see the different groups. If they are in english, "administrators" should work, if they are in chinese, "administrators" won't work. To be 100% sure, you can execute {Get-LocalGroupMember "administrators"} (without the {}). If it returns you an error, it is not in english. If it executes successfully, it is in english.
  23. Bezüglich des Webzugangs über https:// Ich habe nur ein nano und leider noch keine SD Karte -> zu wenig Speicherplatz. Ich bin auch den Anweisungen gefolgt aber ich konnte libopenssl und openssl-util nicht installieren (wegen dem Speicherplatz). Ich werde mir noch eine sd karte holen, bis dann kann ich das aber selber leider nicht testen.
  24. kuyaya

    Key Croc

    Looks like we are gonna get a new tool 🙂 It isn't out yet (around 20 hours left). I guess it's gonna be something like a keylogger with CloudC2 access? Maybe with some more features like different kind of "payloads"🤔. I don't really know, but I'm hyped. You can order it at 12 midnight (around 8 hours left), so I guess I'll make my paypal ready till midnight 😉
  • Create New...