Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by kuyaya

  1. Wow, I just saw that lazassword got accepted. Just wow. I still can't belive it. My payload is on the official Hak5 github repository. That's a huge achievement for me. Thank you so much โค๏ธ Due to covid-19, the grammar school I'm at also closed, and now I have ~1 week leisure time (1 week till distance learning starts). I have plenty of time to review all of the pull requests. I don't have writing permissions but I can still review them๐Ÿ˜‰. When I say "add a readme to your repository" you already know that the readme is missing. You should be much faster to go through them. That should take a bit of work from your shoulders. I mylself have to update the readme on lazassword. Forgot something. Shame on me....
  2. How long does it usually take the hak5 team to review/accept/decline your pull request?
  3. Okay, update out! Now the payloads fully bypasses UAC and still runs lazagne as admin. Creds go again to PoshMagicCode, for his powershell UAC bypass. Thank you, it's really useful. Check it out! I made a pull request, so if it's good enough it would be published to the official repository. I would love to see it there!
  4. I'm updating the lazassword payload based on that. Give me a few days and you'll have lazagne running as admin without the UAC prompt.
  5. The error sais it itself. Try "load bulletins from Hak5" on the main page of the pineapple web interface. If that doesn't work, the pineapple isn't online.
  6. kuyaya

    Is HAK5 dead?

    Damn Corona makes the whole economy crumble.
  7. Nice! I just flashed it now. Works perfectly ๐Ÿ™‚
  8. I think I may found the solution: PoSHMagiC0de mentioned the local administrators group. The script also didn't work for me, then I went step by step throught the script and that is exactly what brought me the soultion. I checked the groups by running that in powershell: Get-LocalGroup And then I checked what users in the group "administrators" are by running that: Get-LocalGroupMember "administrators" That's what brought me the solution. It gave me an error, the group 'administrators' don't exist. Then I ran Get-LocalGroup again and saw that the name wasn't "administrators", it was "administratoren", which is administrators in german. You probably are in the local administrators group, it just doesn't work because it isn't "administrators" in your language. The rest is really easy. Go to line 42 of the script and change "administrators" to <administrators in your language>. That should fix it. Posh, I would recommend you to write that to your readme just to make sure nobody gets this issue again๐Ÿ˜‰
  9. I ran Responder for about ~13 minutes on a locked screen. I added a few words to the payload so it saves the output of Responder in a .txt file Open a shell, cd to the directory where you saved it and type "cat respondertext.txt", so you can view it correctly. Anyone has ideas how I get to the hashes? It looks like it just finds nothing. respondertext.txt
  10. Okay, I want to keep this thread about Respashes, but I posted something in the QuickCreds [payload] topic.
  11. Why do you ping Darren... Why do you say "agree". How can you agree to an answer to a question you asked. What do you mean with "locked computer" problem? It is not a "problem" that the computer is locked. It is a requirement, because we assume that the computer is locked and we want to have a payload that works with locked computers.
  12. The question is more, what tool should we use to get it to work. I mean, it's not "not working", in fact it does work, it just dumps the logs from responder to a lootfile. It doesn't grab the hashes. I'm searching for some tools that could grab hashes from locked computers.
  13. Oh, nice. Didn't knew about that site. I think I will use that for semi-stupid questions in future. But don't get me wrong. Whenever you have a question, ask it. I'm not blaming and I never will blame someone for asking basic/"noob" questions. I'm against people, who don't even think of doing something by themselves. They just ask something and hope somebody will answer them, they don't even google it. If you show effort, you'll get your answers, I'm sure. You know, I would surely post a more detailed answer to a question like "I don't understand how <something> works. I googled it and tried troubleshooting by myself, here's what I already did: <examples>. Could somebody please give me some hints?" than to a question like "can somebody explain <something>".
  14. Ah, I understand now. It has a "\\" because the first \ escapes the second \, so the bunny should print it and not use it as an escape character. And the $ then obviously doesn't get escaped because there are only two backslashes, and the first escapes the second, so it get printed out, as I wrote above. Thank you
  15. What my QuickCreds payload does? Nothing. I waited +40 minutes and it stayed in LED ATTACK forever. It looked like it wouldn't find the hash I guess. I'm thinking about making a video of showing my setup and everything and then run it. Maybe that would help troubleshooting, because you could see what I'm doing wrong. To your side note: lazagne also dumps the login hashes, besides other plaintext passwords. That's why it wouldn't make sense if you had to unlock the computer to successfully run QuickCreds. But as you wrote, QuickCreds works from a locked computer, so everything is fine.
  16. https://www.just-fucking-google.it/?s=what is ntopng
  17. I would be glad if you would do this for me ^^
  18. @Bob123I have a question to the QuickCreds payload: are you getting the hashes from locked machines? Or do you have to open a browser or something? Because the idea of the payload is that you get the hashes from locked machines (I think so). On unlocked machines you could just run LaZagne and you get the hashes + many other plaintext passwords. Could you please empty the responder.db file and run the QuickCreds payload at a locked machine? I wonder if it still works.
  19. You'll learn nothing if you just copy-paste the payloads. And yes, they work on windows 10. And also, we can't help you if you just say "it doesn't work", please describe your problem first. Like idk where the problem is, when you don't describe it. I shouldn't even answer you because you are at the wrong part of the forum as jtyle6 already said. Please make another post.
  20. Also Mark V ist die 5te Generation und Nano/Tetra ist die 6te (neueste) Generation
  21. kuyaya

    Is HAK5 dead?

    I totally agree with you. Nicely said again ๐Ÿ™‚ A bit off topic: Nice that you have a cool boss like that. I'm studying so it's a bit different in my case. I once asked the administration if I could make a "pentest" (not really a pentest in my opinion, that's why it's in ""). I would set the Wifi Pineapple somewhere on the campus where the most people are and would let it run for 7 days. I would name it "KF-Campus" (the ssid of our real campus wlan) and the captive portal would also look the same as on the normal KF-Campus (obviously, it would be an evil portal). So there wouldn't be a difference, there would just be 2 KF-Campus. Anyways, they didn't allow it ๐Ÿ˜ข.
  22. You added the ejection of the bunny in this post
  • Create New...