Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Flatlinebb

  1. "LANO208B" LAN to USB2.0 adapter. Shows up in Windows 10 as "ASIX AX88772B USB2.0 to Fast Ethernet Adapter". No special drivers installed.
  2. Thanks @REDD! I was just throwing out ideas, each one more crazy than the last. And the SharkJack kit I bought actually included a USB LAN adapter that works quite nicely. Not gigabit, but I doubt the Shark can saturate it anyway. If that USB-C port could do something besides charging, THAT would open up possibilities. Might even solve your low space issue, REDD.
  3. You can't really answer Q2 without answering Q1, since you don't know what penetration methods can be used. You just threw out some tech jargon and common tools, kinda "let's see what sticks" approach. And it sounds like you have no ideas for Q1, so why should you get this job? I would suggest you brush up on penetration techniques, specifically related to Windows and Active Directory. The following Google search yielded some really interesting articles that seem pertinent to what you are looking for: https://www.google.com/search?q=pentest+find+user+machine+from+employee+name&oq=pentest+find+user+machine+from+employee+name&aqs=chrome..69i57j33.9488j1j7&sourceid=chrome&ie=UTF-8 I especially enjoyed the article from https://hausec.com, which walks you through the process from the beginning. I'm not going to give you direct answers, since that would make me more qualified for this job than you. I also don't claim to have all the answers, but I'm not the one interviewing for a infosec job, as much as I would love a career change. I wish you luck on your job search and I hope you can gain the knowledge you need to do your job well and impress the interviewers.
  4. https://lmgtfy.com/?q=wireless+adapter+kali+linux
  5. Did you seriously post in 4 different boards with the same request? WTF?
  6. I have a couple of wishes for C2, not sure how difficult they would be to implement. 2FA - self explanatory. It would be great if it can be used with Duo, or Authy, or Google Authenticator or Microsoft Authenticator. SSH to the local server that C2 is running on. Sometimes it might be useful. Disk space check for the server that C2 is running on. Since we can upload our Loot to the C2 server, might be good to keep an eye on disk space easily in the web interface. Anyone else have any more ideas?
  7. I'm still having an issue using the C2 Terminal to connect to my SharkJack, even after the C2 upgrade. The Shark shows up as online in C2, it uploads Loot, but the terminal connection never connects. I can SSH into the Shark from a local computer, so I know that the SSHD is running. I have tested with several Signal Owls and I am able to connect to them from C2 using Terminal, so I don't think the problem is on the C2 end. All devices are running latest available firmware, and C2 is version 2.1.2.
  8. Try upgrading your C2. A couple of patches have come out that address some of the Terminal connection issues.
  9. systemrescuecd <--- has all the tools you need for data recovery (http://www.system-rescue-cd.org/) Can install additional tools from the repository. Can boot from CD and USB. I recently used it to recover photos from a dying hard drive using systemrescuecd. UBCD <- another good option for data recovery tools (https://www.ultimatebootcd.com/)
  10. There has been some updates to C2 since you've originally posted, which may fix your stability issues. I would try that first. And then maybe expand a little more on what kind of issues you are seeing and some more info about your setup, etc. Personally, I only use the Signal Owl and the SharkJack and both connect fine and upload loot without issues. The Terminal connection to the Owl works perfect, but I'm not able to connect to the Shark Jack via Terminal from C2, so it seems to vary by device.
  11. Download the ISO file and use Rufus if you are on Windows. Rufus will also read the USB image file and help you write it to the USB stick.
  12. Ubiquity has some fine long-range access points and an online tool to figure out line of sight and power and the right equipment.Try their website: https://link.ui.com And how to use the tool: https://help.ubnt.com/hc/en-us/articles/204952224-airMAX-Planning-an-Outdoor-Wireless-Link
  13. According to an email I got from Customer Service: "I'm so sorry about this! The promotion is actually listed incorrectly, which is why you're not seeing free shipping.... I have notified the team of this error." No word on when it will be fixed tho. The same ad is on the website and in a promo email I got, so seems unlikely that it was an oversight about the free shipping. At least they are aware and hopefully working on that, but with the holiday it may not be any time soon. Just irks me a bit, because the shipping is kinda expensive.
  14. You may want to check the correct forum section: https://forums.hak5.org/forum/43-security/ and particularly this post: https://forums.hak5.org/topic/913-hacking-where-to-begin/ It seems that you are not just a "new hacker", you are a new "forum user" and "searching user" as well. Next time, do a little research, do a little Googling, watch some youtube videos, (Hak5 youtube channel is a good place to start) instead of just asking people to tell you how to get started. That is not even how people get started in this field. If you have to ask, you are probably not the right person for hacking. If you think it's an easy way to make money, it's not - you will be competing with people much smarter than you and more experienced. If you truly have the passion for hacking and hardware and experimenting and all that, you would have found some sources along the way, because your passion and unquenchable taste for computers would lead the way for you. I'm not trying to be mean, just telling it like it is. Better to be honest with you up front, than spoon-feed you answers.
  15. You should invest in some security software. The police might not be interested, but these people should be: https://www.cert.govt.nz/ It's literally their job. From their website: "Responding to cyber security threats in New Zealand, CERT NZ is your first port of call when you need to report a cyber security problem. We support businesses, organisations and individuals affected by cyber security incidents, and provide trusted and authoritative information and advice." If you do not contact these people and don't follow their advice, instead of some random forum on the Internet, I call bullshit on your post and I will recommend the staff lock your post. We've had a rash of these similar "been hacked" posts and they all smell of b.s.
  16. Looks like my wish was answered and the Black Friday Sale has started! Much rejoicing! However, I'm not seeing the free shipping option while trying to check out. ☹️
  17. @nikmel420 Are you asking about step 7? You put the IP address of the server where you will be running the C2 server. If you only want to access it on the local LAN, you put in the private IP address (which may or may not be 192.168.blah.blah depending on your network). If you plan on accessing the C2 server from the public Internet, you will need to put your public IP address.
  18. If you are concerned with how USB devices are used on the computers in your network, then disable access to the USB ports. On most business-class computers, you can disable USB ports in the BIOS, or using Group Policy (I think) if you have a Windows domain environment. Some antivirus programs also allow you control to USB ports, or manage which types of devices can be used in them. I know Sophos and ESET do for a fact. Glueing the ports shut also works. Or, use some firewall rules to restrict access to the website. I'm sure others on this forum can come up with some other good ideas. As far as a device that could do even that, the Rubber Ducky comes to mind.
  19. I think he just called you petty and disagreeable, despite walking into this saloon a stranger. I'm with @Jtyle6 on this one. ALL CAPS are rude and unnecessary. If you don't feel like using the shift key, just type in all lowercase - it's far less disagreeable. Oh, and please read all available documentation and search the forums first before pleading for help and then calling people petty. It's how you learn.
  20. Thank you so much for the update! We appreciate your time working on fixing bugs. I upgraded mine manually, and it worked fine. I haven't tested the auto-cert creation with the new ACMEv2 yet, because I'm using a standalone copy of certbot. Needless to say, it works fine with my existing certificates.
  21. Can you give us some more details, or what you are trying to test/accomplish? Does it have to go inside a computer, or can it be plugged into the external USB ports? Does it have to be USB, or can it be a networked device? HTTP/HTTPS access to the LAN is a little ambiguous as well. Are you just trying to encrypt traffic between a computer and the rest of the network?
  22. Unfortunately, Ookla have not released the source code. Maybe they will in the future. I did find this on the OpenWRT forum, maybe it could work? https://forum.openwrt.org/t/speedtest-new-package-to-measure-network-performance/24647
  23. This post is very reminiscent of this post, including the lack of punctuation: I do not think this is a legitimate post and the topic should be locked by the staff, like the one above. @digininja, thoughts?
  • Create New...