Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

About Th4ntis

  • Rank

Profile Information

  • Gender

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. So a colleague and I were talking and he says he does most of pentesting engagements from a VM, not only because of an OpSec standpoint but also when you connect to some servers, it logs your hostname so a VM is more easily modified and contained in a VM. When you develop payloads your host machine metadata isn't logged. I personally don't think you need to use a VM in most cases on engagements as you can still modify your hostname and your machine to match the environment of your engagement, and that using your host machine is just as good as a VM. So what do you guys use and why?
  2. No I like to know what I am and am not disabling. I like to have control over my system. Both of these were what I was looking for. Thank you.
  3. So i'm kind returning to the windows world for a little bit and I have a fresh install of windows 10, i'm looking to get rid of off the bloatware and cortana and etc. I read about 2 different ways but not sure if they are trustworthy. 1. Windows10 Decrapifier 2. Windows10 TronScript. Can anyone vouch for these or suggest some others?
  4. That's what I had tried but
  5. So I have my the payload.txt in the /root/payloads directory, I did a chmod +x on the file so it can be run, and it seems to be, according to the payload. Now, I'm slightly confused on what it does. From the description 'Uses mdk4 to beacon non-printable SSIDs and SSIDs that break the 32-byte limit'. Wouldn't that mean the SSID's aren't readable/can't be seen on a laptop looking for WiFi or something or am I misunderstanding what this payload is for/does?
  6. So I'm running a VPS and i've never had to make an SSL Cert for it(Kinda new to this), so I looked up how to make an SSL Cert so I can use it and connect to the C2 securely. So, I found this guide and is essentially says to run this command: sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache-selfsigned.key -out /etc/ssl/certs/apache-selfsigned.crt So I do and I do make the cert. So I run this command: ./c2_community-linux-64 -hostname (VPS IP) -certFile string /etc/ssl/certs/apache-selfsigned.crt It DOES run, but I can still only get to it if I use HTTP(http://(VPS IP):8080). So can someone maybe help me out or point me in the right direction. Much appreciated.
  7. So maybe someone can help see if I can easytether installed so I can tether my phone to my pineapple and use it on the go. I get the correct .ipk file and when I attempt to install it, im running into this: This was working before the 2.6.X update. Downloading the drivers from easytethers official site. I've tried both opennssl and tiny. I also attempted 18.06+ as well.
  8. Time for me to hook mine up and update it it seems.
  9. Th4ntis


    Beautiful! Thank you very much. Now with this I can retire my raspberrypi as my wardriving machine and use the signal owl.
  10. Are you trying to connect the Pineapple to your Hotspot to give your pineapple internet access or are you trying to connect the pineapple to your hotspot to share the internet from the hotspot? As far as I know, you can't share internet through the pineapple with it connected to Wlan2 BUT you can tether your phone. I followed the youtube video on it it works great for me. I just connect the USB cable form my phone to the pineapple, enable it in the app, and my pineapple has internet access as well as shares it.
  11. Th4ntis

    Dark Theme

    I also would like this. Dark Theme is best theme.
  12. Th4ntis


    So basically, I wouldn't be able to use this to Wardrive UNLESS I run a Kismet server on a device, and make my signal owl connect to said device somehow, whether that be via over the internet or another local device, or am I understanding that wrong?
  • Create New...