Jump to content

Aaron Outhier

Active Members
  • Posts

    139
  • Joined

  • Last visited

  • Days Won

    5

Posts posted by Aaron Outhier

  1. Managed to fix the problem, without a serial terminal or any jtag stuff. Fortunately, the filesystem corruption was minor. I was able to locate the recovery partition and run fsck on it to repair. Then, I forced a factory reset to format the main partition and unpack the version 1.1 firmware. I of course then updated the Croc to the latest version. Issue seems to be solved.

  2. Sounds to me like he wants a network equivalent of a "continuity tester". Something to broadcast a continuous data stream, and then check on a remote device if he is receiving that stream.

    OP: Although that may seem like a simple enough task, I suspect it will actually be harder to implement this than you might think. Your receiving device can be set to continuously check the signal strength and quality and log that info to a file, possibly with GPS coordinates thrown in for good measure. (GPS receiver require for that last part, of course).

  3. English Translation:

    Quote

     

    Make the user account control system.

    Do you want to allow this Ap p p to change your installation?

    LOGIN EDITING PROCESS

    Verified by: M i c r o s o f t W i n d o w s

    Show more detailed information. materials are available.

     

    In other words: It's the UAC prompt.

  4. On 3/18/2021 at 12:08 AM, kuyaya said:

    Well, that could be because the forum isn't as active as it used to be. Check out the Hak5 Discord, people are quite active there (me included) 🙂

    Yeah, I'll say it's not as active! 158 views, but only 1 response. I don't think the site has had 150+ bots/web crawlers in the last month, but less than 10 users. Someone's been looking.

    Don't get me wrong, I'm not getting butt-hurt over it or anything. I realize it would be a boat-load of work for the devs to implement. Would just like some feedback as to whether or not this would be useful to anyone here.

    As for Discord, I read much too slowly... Messages scroll off the screen before I can finish reading them.

  5. Hypothetical situation: What if someone had a Bash Bunny, a LAN Turtle, a Packet Squirrel, a Key Crock, and a WiFi Pineapple, all connected to Cloud C2, and all deployed at a remote location? Would that gain that person anything more than having them at separate locations, or having them without C2? These are Linux boxes, so why not?

    Why not? Because nothing major has been implemented here? What if a Bash Bunny, Key Crock or maybe even a Signal Owl, could grab the Preferred Network list from a computer and send it say, over a VPN to C2, and then use that to communicate that info to the rest of the devices planted on site for a Pen Test? That raises the question: How would the Key Crock Signal Owl, and Screen Crab obtain that info, if the WiFi key isn't known prior to the deployment of those devices. Yes, they can all store their loot offline, but they couldn't participate in a coordinated attack that way, could they?

    Well, what if the Pineapple could act as a secure WiFi gateway? This would require WPA2 or WPA3 protected AP support on the Pineapple, and verification that the device connecting is a real Hak5 product. It would also require a USB LTE dongle, Cell Phone, or other long-range wireless uplink, but I think it's very possible to do. Imagine keeping the Pineapple with you, and walking up (or driving up) outside the building. Alternately, the Pineapple could be planted inside along with the other items.

    Granted, this would be quite a bit of work to implement. I do have a few ideas about to authenticate devices to the Pineapple, to help ensure someone isn't trying to "hack your hack".

  6. Well, I got my Mark 7 in the mail yesterday, after waiting 10 days for it to arrive. (I should know better than to order late on a Friday, but I digress)...

    I got it up and running, but I must say I was just a bit disappointed in a few things. Overall, I do like it! Just a few minor things I don't like.

    I am a bit disappointed in the lack of plugins. I must put credit where credit is due however. I first came into the Hak5 & WiFi Pineapple scene about 2 years ago. The Mark VI Nano and Tetra were more established then than the Mark 7 is now. I kind of suspect there were similar delays getting plugins last time around also. Good things come to those who wait.

    Then there is the issue of the Pineapple doesn't work locally if the C2 platform is configured on it. I hope that is a temporary workaround for another issue and gets fixed soon.

    I have an idea for the Pineapple that I think will be awesome! It will require some extensive software modifications however, and would be quite an undertaking for the Hak5 team. More on this in another post.

    What would be really incredible, however, is a plug-in system that could be accessed in the C2 system. Like, so that plugins could be accessed & triggered from the C2 panel

  7. 24 minutes ago, Omar01 said:

    I bought them cheaper but from amazon you can buy them for 20 dll
    https://www.amazon.com/Argon-Forty-Raspberry-Barebones-Audio-Video/dp/B075FRRVLR/

    https://www.adafruit.com/product/3400

    or you can also do the complete system as shown here:
    https://www.tomshardware.com/uk/how-to/kvm-over-ip-raspberry-pi

    The bad part of this is that you have to do everything by hand and give support, but in my experience of 1 week trying to get this going is that there is more support and documentation if you go for the cheap option

    In rpizeroW I have it working with kernel 4.14.180-178, what I don't like is trying to update to have everything safely and having to fix what breaks, but the keycroc has kernel 3.4.39 like this that I do not win much :S

    Ahh, now I understand. Thank you, but I don't have any shortage of Raspberry Pis right now. I have a 2b, a 3b, 2x 3b+, and a 4 with 4GB model. I haven't ever bothered with the W series. I haven't checked, but I suspect you can grab a older model, like the 3b or 3b+ for under $30. for the bare board. I've been able to setup a cron job to update the system in the middle of the night in past projects, when I don't want to mess with manual updates. Not as many people awake between 2 & 4 AM, and since it is automated, I don't have to be either.

    • Like 1
  8. 2 minutes ago, Omar01 said:

    I am in a remote area, I cannot trust the internet, the cell phone does not work many times. I have a way to do it with an RPI but I didn't want to dedicate myself to maintaining the operating system. But I am seeing that this system does not have good maintenance or updates so .. I think that the option of 20 dll is much better sadly

    What is "option of 20 dll"?

  9. On 3/2/2021 at 1:05 PM, Omar01 said:

    I want to use the input USB port to mount it on linux and then share the contents of the usb via the internet, so that I can see the contents of the usb remotely but the operating system can see it transparently

    I'm trying to get it to work for the moment as a memory in a demo /mnt/USB folder

    any ideas?

    at the moment I am testing with trial and error script

    ATTACKMODE SERIAL STORAGE
    LOOTDIR=/mnt/USB
    LED ATTACK STAGE1

     

    Looking back at your original post, I see you answered the questions I just asked. I would absolutely use a Raspberry Pi.

    Do you need to access/view/edit specific files from a list, ie. "live access" of the flash drive data, or are you trying to grab a copy of all of the data from the remote drive and get it to a local machine?

     

    If the former, try nextcloud server for Raspberry Pi. If the latter, use rsync from the command prompt or equivalent. Both options will require port forwarding on the remote router. If no port forwarding, setup an openvpn cloud server on Linnode, Vultr, or Digital Ocean, and connect both the remote Pi and your local machine to it, then connect to it over the OpenVPN interface.

  10. 2 minutes ago, Omar01 said:

    I have many computers with linux, I want to mount a memory in the keycroc to have more than 2gb of loot, since that is very little for these times. I have the need to backup several GB and transfer it slowly via the internet. but i need to copy it to disk first

    Ok. Does it matter where the data ends up, so long as you can access it? I mean, does it have to go through a key croc? Have you heard of something like NextCloud? I admit I'm not sure if that would work for your specific purpose, but might be worth looking into. I am guessing the data is at a remote location?

  11. 4 minutes ago, Omar01 said:

    Do you think any of these modules are necessary?

    root@usbbackupmachine1:~# cat /etc/modprobe.d/fbdev-blacklist.conf
    # This file blacklists most old-style PCI framebuffer drivers.

    blacklist arkfb
    blacklist aty128fb
    blacklist atyfb
    blacklist radeonfb
    blacklist cirrusfb
    blacklist cyber2000fb
    blacklist kyrofb
    blacklist matroxfb_base
    blacklist mb862xxfb
    blacklist neofb
    blacklist pm2fb
    blacklist pm3fb
    blacklist s3fb
    blacklist savagefb
    blacklist sisfb
    blacklist tdfxfb
    blacklist tridentfb
    blacklist vt8623fb

     

    No. I believe those are all for video cards. The letters 'fb' at the end would indicate "frame buffers". I also recognize several name brands of old video cards mentioned. Leave the blacklists alone. Good job being thorough in your research.

    If you want to know about a specific module, try 'modinfo <modulename>'

  12. Hello. after months of bizarre problems with my KeyCroc, I finally realized that my flash filesystem is corrupt.

    root@croc:~# e2fsck -fn /dev/nandd
    e2fsck 1.42.12 (29-Aug-2014)
    Warning!  /dev/nandd is mounted.
    Warning: skipping journal recovery because doing a read-only filesystem check.
    Pass 1: Checking inodes, blocks, and sizes
    Pass 2: Checking directory structure
    Pass 3: Checking directory connectivity
    Pass 4: Checking reference counts
    Pass 5: Checking group summary information
    Free blocks count wrong (505705, counted=505574).
    Fix? no
    
    Free inodes count wrong (168264, counted=168259).
    Fix? no
    
    /dev/nandd: 44728/212992 files (0.1% non-contiguous), 346263/851968 blocks

    Is there any way I can force an e2fsck during boot, or perhaps cause a complete rewrite/replacement of flash data? I have already tried reinstalling the latest firmware. I have also tried erasing the entire udisk and then copying over the flash file, before rebooting. The firmware does complete 100%, or at least it appears to. I also verified the sha256sum before applying it. It seems that my entire /lib/modules folder is missing.

  13. Just now, Omar01 said:

    I am testing with different memory models and manufacturers, at the moment they all detect them but none show them in "fdisk -l"

     

    # lsusb
    Bus 006 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
    Bus 005 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
    Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
    Bus 003 Device 002: ID 0bda:f179 Realtek Semiconductor Corp.
    Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
    Bus 002 Device 003: ID 0951:1666 Kingston Technology
    Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
    Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
     

    
    root@usbbackupmachine1:~# modprobe usb-storage
    root@usbbackupmachine1:~# mkdir /mnt/USB2
    root@usbbackupmachine1:~# mount /dev/usbdev2.3 /mnt/USB2
    mount:  /dev/usbdev2.3 is not a block device
    root@usbbackupmachine1:~#

     

    fdisk -l isn't going to work. I suspect you need another module before it will. It would seem that I have problems of my own. My KeyCroc filesystem is corrupt. I suppose it is my turn to ask for help...

  14. 36 minutes ago, Omar01 said:

    I also had thought that it would be a little easier to mount a USB, today I will try more to try to mount it, I am not sure why the limitation of the USB port is to save disk or because the processor cannot handle the speed of transfer

    It won't appear there, because modprobe can't load the usb-storage module. Seems like the entire modules folder is missing.

  15. 7 minutes ago, Omar01 said:

    I also had thought that it would be a little easier to mount a USB, today I will try more to try to mount it, I am not sure why the limitation of the USB port is to save disk or because the processor cannot handle the speed of transfer

    I suspect it is more of a mistake/oversight from Hak5 people. Their products don't have every feature imaginable when you open the box, but it is supposed to be easier to add the stuff you need. Usually, a flash drive shows up as /dev/sdX, where X can be different for different people.

  16. Agreed. It would take much more than leaving it running to make it burn up/burn out/whatever. If you're leaving Open APs turned on, however, you might be inviting your neighbors to free WiFi. Keep your filters on, and check for unknown clients. If you want to be sure of that when you're not home, you can setup a C2 server in the cloud. A cloud server can be had for about $5/month these days. Then again, it might also be overkill. Depends on your needs.

×
×
  • Create New...