Jump to content

Aaron Outhier

Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Aaron Outhier

  1. I am not aware of there being any internal web page or web server. AFAIK, the only access is via SSH and that is a Linux command prompt only.
  2. I have this adapter also. It comes in the SharkJack “kit”, available when you purchase your SharkJack from Hak5. You won’t get it if you just purchased the SharkJack ala carte.
  3. First of all, the unit gets very hot whenever I try to charge it. I don’t think that is supposed to happen. In less than a minute after plugging in, I have to unplug it, because it is uncomfortable to hold. Also, I did manage to charge it up (took me about 20 minutes of plugging and unplugging), and connected it in arming mode to my laptop. Is it normal to receive a SharkJack and have an Nmap log file in the loot folder dated 7 months prior to my purchase? Something seems off here...
  4. Hi, I have been wanting to pick up a WiFi Pineapple and a SharkJack for a while - I am short about $45 US. Imagine my joy when I see I can get a free SharkJack with my purchase! Then, imagine my dismay, when I add the Tetra and SharkJack to my cart, and try to apply the coupon code...
  5. 2 options for this: 1. Setup a Cloud C2 Server, and run an on-demand ssh connection from the web interface, or 2. Enable SSH using the line in the WiFi-connect payload, which can be found here on the forums.
  6. In order to stay connected to your network, the Signal Owl needs wlan0 to stay in client mode, however, running airmon-ng switches it to monitor mode. Monitor mode causes the wireless radio to go into a passive scanning mode. The wlan0 radio can’t be in both client and monitor mode at the same time. This is why your ssh connection drops. Either connect a second WiFi Adapter to the Owl, and use it for your network/Internet connection, or write/change your payload script to run airmon -ng at boot up and log the results to the flash drive.
  7. The flash drive was not ejected properly. Load the flash drive directly into a computer and repair the file system. In the future, make sure you tell the computer to eject the drive before you physically pull it out of your system.
  8. What!!?? I bought a Signal Owl specifically to run a packet capture with Kismet. Now, I find out support is incomplete?? Any word from Drag0rn on whether he plans to finish his plugin??
  9. I've made some progress tracking a possible cause. I am still double-checking some things to make sure. So far, I believe it is caused by a particular module. @fw0: Could you please list the modules you have installed? Also, if you're willing & able, try doing a backup of anything important, and formatting your SD card (if any), and doing a factory reset. Then test if pineapd stays running before installing any modules.
  10. Well, I just ordered my key-croc and screen-crab combo. In anticipation of their arrival, I am trying to add them to my c2 portal. Unfortunately there is no option for a Key-Croc on the device-add screen.
  11. No, not possible. Apple locks-down their security. Currently not possible to run anything not approved by Apple. Incidentally, it is possible to run this on certain Android phones and tablets: https://www.kali.org/kali-linux-nethunter/
  12. Update: I've been running now for almost 2 weeks. No signs of my being hacked. Looks like a false alarm. My sincere apologies if I worried anyone.
  13. Oh, I forgot: 4th, put the SD card back into the Pineapple, and then try to format the card from the menu. Should work now. Cheers!
  14. When the SD card gets corrupt, it seems it is best to scrub clean the SD card in another PC. 1st, power off the Nano, and remove the Micro-SD card. 2nd, insert the microSD card into a computer running Windows, macOS or Linux. 3rd, if you're running Windows grab and use the SD format tool (google it). ---OR--- if running macOS or Linux, find the device name, and issue the below command - WARNING! THIS COMMAND COMPLETELY OBLITERATE ALL DATA ON THE DEVICE YOU SPECIFY!! Be 100% sure you specify the correct device, and have backed-up any important data from it. You HAVE been warned!! dd if=/dev/zero of=[name of device] bs=4096 Obviously, replace [name of device] with the actual device name, which starts with /dev/ and varies from system to system. If you don't know the correct device, please ask, but specify the name and version of your Operating System. The command will take a while to complete, and you won't see any progress while it runs. Let it finish.
  15. Hello! I'm running my Nano on firmware 2.7.0 and having the most bizarre issue. It's been happening since at least 2.6.2. I try to start the PineAP daemon, but it immediately stops. If I ssh in, and run pineap get_status I get: Failed to connect to socket at path: /var/run/pineapd.sock: No such file or directory Further, a directory listing of /var/run confirms the socket file is missing. Should I attempt to recreate this file manually, and if so, how?
  16. Follow-up: I somehow missed the end of your message the first time through. I would concur with your statement, that the lack of data to support my concern is more likely to cause panic amoung users than to be helpful. I am going to create another VPS, just as I did before, just for the sake of evidence gathering and fact-finding. I will say, that I was able to detect the hacks with the netstat command. If anyone is concerned about whether or not they have been hacked in this manner, they can run netstat | grep ssh and that should show you all ssh connections open on your system. There should be one ssh connection open if you are connected to your cloud server via ssh. This is not a conclusive test to see if you have been hacked or how, but just gives an indication as to a possible hack. PLEASE DO NOT POST RESULTS WITH IP ADDRESSES ON THE FORUMS. If you find anything suspicious, just say so, without details. unless Darren or another admin says otherwise. @Darren KitchenI was not aware of any official channels to report such concerns. My apologies for causing any trouble. I AM trying to help, not hinder. The last thing I want to do here is cause a panic. I am a advocate of the concept/idea that one can't fix a problem if one isn't aware it exists. Let me know, either here or via PM/DM what I should check next. I will make certain that my passwords are secure, and report back in a few days the status. If you want a copy of any logs, or even access to the VPS I am about to create, let me know. I think I am going to create daily snapshots of my VPS also for comparison. Thank you HAK5, for creating such great products!
  17. Darren, I have all incoming SSH connections blocked at the VPS firewall. The only ports that I had open to the public, were 443 TCP and 1194 UDP. i used the openVPN setup script you talked about on one of your shows, and your C2 server running. Everything else running was “stock” Ubuntu software. Further, those were the only two things exposed to the Internet. Somehow, someone got access to my machine via one of those two services, and opened an outgoing reverse ssh connection to somewhere in China. Once again, there is no way they could have made an initial connection via ssh, since the VPS firewall would have blocked it. Since the connections were being initiated by my server, I was unable to block the connection, and had to scrap the server all together. I may try again when the problem is fixed. I did backup my database file before scrapping it. Incidentally, my home router running OPNSense firewall software was also hacked shortly after posting that. it would seem that everyone having to stay home has some side effects.
  18. Is anyone else seeing any additional SSH connections? This can be determined by typing: netstat | head -n 20 The head command just cuts the output to the first 20 lines of output, if you are wondering. Should be plenty enough to see if there are any ssh connections or connections on port 22. I trust you all can figure out how to read the table.
  19. Edit: My concerns appear to be unfounded. I've since reinstalled with no problems. Hello, I'm running on an Ubuntu 18.04 VPS. I keep getting hacked! Only ports open on my firewall is tcp:443 and UDP:1194. Only web server running on the box is the C2 Community Linux 64 executable. I am running OpenVPN for remote admin access. Initial setup is done with all incoming traffic blocked at the VPS firewall and all updates are immediately applied first thing. I access the system via the VPS console. I then extract and unzip the community zip file, and run the linux 64 executable. I check my box a few hours later, and netstat is reporting reverse ssh connections from the box to an IP address that I've traced to a server in china. I have reinstalled several times with the same result. There seems to be a security vulnerability in your web server. I am running another Ubuntu 18.04 VPS, with only UDP:1194 traffic exposed, and do not appear to be hacked as of yet, so I don't think the problem is in OpenVPN. I used the same OpenVPN_install.sh script to install on both boxes.
  20. There are such things as USB HDMI capture cards. They are usually kind of expensive. What you might not realize, is that the audio jack on the side of your Pi is actually a composite video adapter. Although regular speakers and headphones will also work, that round jack can take a special a/v plug that provides video and stereo audio, which can then be fed into a composite video input card, either PCI/PCIE or USB. Try something like: https://www.ebay.com/itm/264665541205 Please make sure that it says it is compatible with Raspberry Pi, because some of those cables aren't (wired differently).
  21. Very possible. Just get your backup disks, and restore your files...
  22. I must say, at 40 years old, I've always been a computer enthusiast. Started on an Apple ][e (2 E) at the age of 8. I've always been the curious type. People used to ask me if I've ever done any hacking. At first, the answer was always an emphatic "no"! Then it was a "not really - I just experiment and hack my own stuff". Then I tried out Kali Linux, and from there, NetHunter. Now, by extension, hak5 gear. After about 30 years of using, programming, and then repairing computers, I'm just discovering all of these golden goodies at Hak5.org ! I'm going to try to grab an elite kit when my US stimulus check comes in. I started out hacking my PSP, then my PS3, then my Vita. I've also hacked an original Xbox. Any who, a bit off topic, but my point is: this community can't die yet, as I just found it!! I hereby forbid the hak5 community to die! There, I said it. Incidentally, instead of sitting around worrying about Hak5 going away, try telling a few friends about it. Be an doer, rather than a complainer!! P.S.: I was starting to get into the podcasts. Then the one where Darren and Mubix started talking about the new service called "spotify" came on, and I'm like "how are they just discovering Spotify??". I can be a tiny bit slow sometimes...
  23. I believe this is the same problem that I was having. I fixed it on my Kali Box by typing: route add -net netmask -dev eth1 For myself and the OP, this should be the correct command, for everyone else, you might need to replace the last parameter, 'eth1' with a different value - it should always be the interface of your WiFi Pineapple. After that, try running wp6.sh again, and hit 'c' to connect.
  24. @Darren Kitchen @Foxtrot Could someone please confirm this behavior and update the script, if confirmed?
  25. Hello, I'm expecting to get my stimulus check sometime this week. Highly considering buying an elite kit. Trying to figure out the exact contents and what each item does? I mean I know about the main shop items, like the Pineapple, the Packet Squirrel, Lan Turtle, and Bash Bunny, etc. It's the accessories and small items I'm not clear on. Are there more pictures available, preferably with labels saying what each item is? The pics on the shop page are either too far away to see details, or so close-up, that you can't see context. Thanks..
  • Create New...