Jump to content

Aaron Outhier

Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Aaron Outhier's Achievements

  1. First step will be to find an uncompromised work area and an uncompromised computer. Put your phones and other devices into airplane mode, and reinstall the latest software onto your phones. For an iPhone or iPad, use iTunes for PC or a fresh, new Mac. You are going to need to backup, erase, and reload the OS/firmware/etc. on all of your devices. Clear your calendar one weekend. Do not restore any backups at first - wait until they can be checked an scanned for problems. That'll come later. Understand that a remote attacker needs access to something inside your home, or whatever in order to launch his attacks. If a single compromised device remains when you're done, you'll be doing all of this again in 6 months. Be thorough. You will need a small collection of empty flash drives, 16 GB or better. You will also need at least one high-capacity, external hard drive to hold your backups. If you use Windows PCs at home, go to Microsoft's website and grab the Media Creation Tool. Run it, and and select the option to download a copy of windows for use on another pc, or whatever the wording says that is similar. Also select to save directly to your USB disk. Make sure you have a blank usb drive to use. The windows installation files are about 8 GB, so plan to be there a while. Use a USB 3 port + drive if possible to speed up the file copy process. Find and install a good backup program. AOMEI has a decent free one that I've used for years, but get what works for you. https://www.ubackup.com/ for AOMEI. There are many great alternatives. Backup your home folders on each computer at least. If you have enough room, you may opt to make a full image backup of the internal drive. Unplug your router and any other Internet connections/devices. Restore each device one-by one. Grab another flash drive, and download the WSUS Offline tool to your desktop, etc. and extract. https://www.wsusoffline.net . Extract and run. Download updates for the Windows OS' you use, and then select to copy them to your flash drive. Also grab the latest firmware for everything you can find, starting with wireless routers, and also including security cameras, printers, TV set-to-boxes, et. al. When you reflash the router, be sure to unplug the uplink to the outside world temporarily. As for drivers, Windows installer has many of the essential network drivers bundled, and from there, windows update can get whatever else you might need. Failing that, try snappy driver installer. It can be loaded, along with the updates, onto, you guessed it, a flash drive! https://sdi-tool.org . If you happen to be in the greater Los Angeles area, send me a DM, and I can help you directly, if desired. Otherwise, we can discuss this more after daybreak. My eyes are getting heavy now. It's 3 AM.
  2. Managed to fix the problem, without a serial terminal or any jtag stuff. Fortunately, the filesystem corruption was minor. I was able to locate the recovery partition and run fsck on it to repair. Then, I forced a factory reset to format the main partition and unpack the version 1.1 firmware. I of course then updated the Croc to the latest version. Issue seems to be solved.
  3. Sounds to me like he wants a network equivalent of a "continuity tester". Something to broadcast a continuous data stream, and then check on a remote device if he is receiving that stream. OP: Although that may seem like a simple enough task, I suspect it will actually be harder to implement this than you might think. Your receiving device can be set to continuously check the signal strength and quality and log that info to a file, possibly with GPS coordinates thrown in for good measure. (GPS receiver require for that last part, of course).
  4. English Translation: In other words: It's the UAC prompt.
  5. Yeah, I'll say it's not as active! 158 views, but only 1 response. I don't think the site has had 150+ bots/web crawlers in the last month, but less than 10 users. Someone's been looking. Don't get me wrong, I'm not getting butt-hurt over it or anything. I realize it would be a boat-load of work for the devs to implement. Would just like some feedback as to whether or not this would be useful to anyone here. As for Discord, I read much too slowly... Messages scroll off the screen before I can finish reading them.
  6. Still corrupted in the same locations after factory reset. 😩😭
  7. Update: I figured out how to do a factory reset. Re-added my config.txt and device.conf. Then shut it down. I'll have to test it at some point. More to come.
  8. The response here is much more eh, underwhelming, than I expected. Oh well? Seemed like a great idea to me. 🤷‍♂️
  9. Hypothetical situation: What if someone had a Bash Bunny, a LAN Turtle, a Packet Squirrel, a Key Crock, and a WiFi Pineapple, all connected to Cloud C2, and all deployed at a remote location? Would that gain that person anything more than having them at separate locations, or having them without C2? These are Linux boxes, so why not? Why not? Because nothing major has been implemented here? What if a Bash Bunny, Key Crock or maybe even a Signal Owl, could grab the Preferred Network list from a computer and send it say, over a VPN to C2, and then use that to communicate that info to the rest of the devices planted on site for a Pen Test? That raises the question: How would the Key Crock Signal Owl, and Screen Crab obtain that info, if the WiFi key isn't known prior to the deployment of those devices. Yes, they can all store their loot offline, but they couldn't participate in a coordinated attack that way, could they? Well, what if the Pineapple could act as a secure WiFi gateway? This would require WPA2 or WPA3 protected AP support on the Pineapple, and verification that the device connecting is a real Hak5 product. It would also require a USB LTE dongle, Cell Phone, or other long-range wireless uplink, but I think it's very possible to do. Imagine keeping the Pineapple with you, and walking up (or driving up) outside the building. Alternately, the Pineapple could be planted inside along with the other items. Granted, this would be quite a bit of work to implement. I do have a few ideas about to authenticate devices to the Pineapple, to help ensure someone isn't trying to "hack your hack".
  10. Well, I got my Mark 7 in the mail yesterday, after waiting 10 days for it to arrive. (I should know better than to order late on a Friday, but I digress)... I got it up and running, but I must say I was just a bit disappointed in a few things. Overall, I do like it! Just a few minor things I don't like. I am a bit disappointed in the lack of plugins. I must put credit where credit is due however. I first came into the Hak5 & WiFi Pineapple scene about 2 years ago. The Mark VI Nano and Tetra were more established then than the Mark 7 is now. I kind of suspect there were similar delays getting plugins last time around also. Good things come to those who wait. Then there is the issue of the Pineapple doesn't work locally if the C2 platform is configured on it. I hope that is a temporary workaround for another issue and gets fixed soon. I have an idea for the Pineapple that I think will be awesome! It will require some extensive software modifications however, and would be quite an undertaking for the Hak5 team. More on this in another post. What would be really incredible, however, is a plug-in system that could be accessed in the C2 system. Like, so that plugins could be accessed & triggered from the C2 panel
  11. Ahh, now I understand. Thank you, but I don't have any shortage of Raspberry Pis right now. I have a 2b, a 3b, 2x 3b+, and a 4 with 4GB model. I haven't ever bothered with the W series. I haven't checked, but I suspect you can grab a older model, like the 3b or 3b+ for under $30. for the bare board. I've been able to setup a cron job to update the system in the middle of the night in past projects, when I don't want to mess with manual updates. Not as many people awake between 2 & 4 AM, and since it is automated, I don't have to be either.
  12. Looking back at your original post, I see you answered the questions I just asked. I would absolutely use a Raspberry Pi. Do you need to access/view/edit specific files from a list, ie. "live access" of the flash drive data, or are you trying to grab a copy of all of the data from the remote drive and get it to a local machine? If the former, try nextcloud server for Raspberry Pi. If the latter, use rsync from the command prompt or equivalent. Both options will require port forwarding on the remote router. If no port forwarding, setup an openvpn cloud server on Linnode, Vultr, or Digital Ocean, and connect both the remote Pi and your local machine to it, then connect to it over the OpenVPN interface.
  13. Ok. Does it matter where the data ends up, so long as you can access it? I mean, does it have to go through a key croc? Have you heard of something like NextCloud? I admit I'm not sure if that would work for your specific purpose, but might be worth looking into. I am guessing the data is at a remote location?
  14. No. I believe those are all for video cards. The letters 'fb' at the end would indicate "frame buffers". I also recognize several name brands of old video cards mentioned. Leave the blacklists alone. Good job being thorough in your research. If you want to know about a specific module, try 'modinfo <modulename>'
  • Create New...