Jump to content

Aaron Outhier

Active Members
  • Posts

    139
  • Joined

  • Last visited

  • Days Won

    5

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Aaron Outhier's Achievements

  1. Managed to fix the problem, without a serial terminal or any jtag stuff. Fortunately, the filesystem corruption was minor. I was able to locate the recovery partition and run fsck on it to repair. Then, I forced a factory reset to format the main partition and unpack the version 1.1 firmware. I of course then updated the Croc to the latest version. Issue seems to be solved.
  2. Sounds to me like he wants a network equivalent of a "continuity tester". Something to broadcast a continuous data stream, and then check on a remote device if he is receiving that stream. OP: Although that may seem like a simple enough task, I suspect it will actually be harder to implement this than you might think. Your receiving device can be set to continuously check the signal strength and quality and log that info to a file, possibly with GPS coordinates thrown in for good measure. (GPS receiver require for that last part, of course).
  3. English Translation: In other words: It's the UAC prompt.
  4. Yeah, I'll say it's not as active! 158 views, but only 1 response. I don't think the site has had 150+ bots/web crawlers in the last month, but less than 10 users. Someone's been looking. Don't get me wrong, I'm not getting butt-hurt over it or anything. I realize it would be a boat-load of work for the devs to implement. Would just like some feedback as to whether or not this would be useful to anyone here. As for Discord, I read much too slowly... Messages scroll off the screen before I can finish reading them.
  5. Still corrupted in the same locations after factory reset. 😩😭
  6. Update: I figured out how to do a factory reset. Re-added my config.txt and device.conf. Then shut it down. I'll have to test it at some point. More to come.
  7. The response here is much more eh, underwhelming, than I expected. Oh well? Seemed like a great idea to me. 🤷‍♂️
  8. Hypothetical situation: What if someone had a Bash Bunny, a LAN Turtle, a Packet Squirrel, a Key Crock, and a WiFi Pineapple, all connected to Cloud C2, and all deployed at a remote location? Would that gain that person anything more than having them at separate locations, or having them without C2? These are Linux boxes, so why not? Why not? Because nothing major has been implemented here? What if a Bash Bunny, Key Crock or maybe even a Signal Owl, could grab the Preferred Network list from a computer and send it say, over a VPN to C2, and then use that to communicate that info to the rest of the devices planted on site for a Pen Test? That raises the question: How would the Key Crock Signal Owl, and Screen Crab obtain that info, if the WiFi key isn't known prior to the deployment of those devices. Yes, they can all store their loot offline, but they couldn't participate in a coordinated attack that way, could they? Well, what if the Pineapple could act as a secure WiFi gateway? This would require WPA2 or WPA3 protected AP support on the Pineapple, and verification that the device connecting is a real Hak5 product. It would also require a USB LTE dongle, Cell Phone, or other long-range wireless uplink, but I think it's very possible to do. Imagine keeping the Pineapple with you, and walking up (or driving up) outside the building. Alternately, the Pineapple could be planted inside along with the other items. Granted, this would be quite a bit of work to implement. I do have a few ideas about to authenticate devices to the Pineapple, to help ensure someone isn't trying to "hack your hack".
  9. Well, I got my Mark 7 in the mail yesterday, after waiting 10 days for it to arrive. (I should know better than to order late on a Friday, but I digress)... I got it up and running, but I must say I was just a bit disappointed in a few things. Overall, I do like it! Just a few minor things I don't like. I am a bit disappointed in the lack of plugins. I must put credit where credit is due however. I first came into the Hak5 & WiFi Pineapple scene about 2 years ago. The Mark VI Nano and Tetra were more established then than the Mark 7 is now. I kind of suspect there were similar delays getting plugins last time around also. Good things come to those who wait. Then there is the issue of the Pineapple doesn't work locally if the C2 platform is configured on it. I hope that is a temporary workaround for another issue and gets fixed soon. I have an idea for the Pineapple that I think will be awesome! It will require some extensive software modifications however, and would be quite an undertaking for the Hak5 team. More on this in another post. What would be really incredible, however, is a plug-in system that could be accessed in the C2 system. Like, so that plugins could be accessed & triggered from the C2 panel
  10. Ahh, now I understand. Thank you, but I don't have any shortage of Raspberry Pis right now. I have a 2b, a 3b, 2x 3b+, and a 4 with 4GB model. I haven't ever bothered with the W series. I haven't checked, but I suspect you can grab a older model, like the 3b or 3b+ for under $30. for the bare board. I've been able to setup a cron job to update the system in the middle of the night in past projects, when I don't want to mess with manual updates. Not as many people awake between 2 & 4 AM, and since it is automated, I don't have to be either.
  11. Looking back at your original post, I see you answered the questions I just asked. I would absolutely use a Raspberry Pi. Do you need to access/view/edit specific files from a list, ie. "live access" of the flash drive data, or are you trying to grab a copy of all of the data from the remote drive and get it to a local machine? If the former, try nextcloud server for Raspberry Pi. If the latter, use rsync from the command prompt or equivalent. Both options will require port forwarding on the remote router. If no port forwarding, setup an openvpn cloud server on Linnode, Vultr, or Digital Ocean, and connect both the remote Pi and your local machine to it, then connect to it over the OpenVPN interface.
  12. Ok. Does it matter where the data ends up, so long as you can access it? I mean, does it have to go through a key croc? Have you heard of something like NextCloud? I admit I'm not sure if that would work for your specific purpose, but might be worth looking into. I am guessing the data is at a remote location?
  13. No. I believe those are all for video cards. The letters 'fb' at the end would indicate "frame buffers". I also recognize several name brands of old video cards mentioned. Leave the blacklists alone. Good job being thorough in your research. If you want to know about a specific module, try 'modinfo <modulename>'
  14. Was I dreaming, or did I see you say somewhere that you're trying to recover data from a flash drive? If so, don't mess with the key croc for that. Use an actual computer! There are some custom linux distros that can run direct from a CD or (a different) usb drive, so you don't need to permanently install anything on the computer.
×
×
  • Create New...