Jump to content

X00Gendo

Active Members
  • Content Count

    12
  • Joined

  • Last visited

1 Follower

About X00Gendo

  • Rank
    Hackling
  1. Tested the fix on Mac pro Catalina 10.15.3 and the fix works flawlessly.
  2. I haven't tried this, but surely this is something you could check by SSHing into the croc?
  3. 1. Did you set the SSID and password for the network you want to connect to in the configuration file? 2. Did you unplug and re-plug in the croc after doing this and see the LED colour corresponding to WIFI connection?
  4. Apologies, this was a mistake on my part. Working as expected now!
  5. Another issue, unrelated to this topic, but worth flagging, is that once you SSH in and view croc_char under loot, the croc will stop recording keystrokes. Is this intended behaviour? Is there a way to get it to resume recording keystrokes after viewing the log?
  6. Let me caveat that by sying this is still a great product. But if it stops working when a computer sleeps, that makes a long-term engagement more difficult. Is there more guidance on how I can do this: "adding the PDCAP_WAKE_FROM_D3_SUPPORTED setting and removing the PDCAP_D2_SUPPORTED"? Thanks!
  7. I have the same issue with mac. When the mac sleeps, it the keycroc will not deliver keystrokes. Even after unplugging the keyboard from the croc and plugging back in, it doesn't take input. However, unplugging the croc and plugging back in sorted it. This needs a patch. This makes the keycroc practically useless for any serious pentest engagement.
  8. Has anyone come across a compatibility issue between the croc and a keyboard? When I use the croc with my wireless Arteck, keystrokes are not recorded, nor do keystroke insertion payloads work - the hello world one, for example. However, I have tested it with a couple of other keyboards I own, and it seems fine. I want to know if this is an issue with Arkeck specifically, or whether others have encountered this with, say, mac keyboards, etc.
  9. Yeah there is no way I would take this into an engagement. I REALLY want to Pineapple to work, and I really wish it would. But it can't do 50% of the things it is supposed to out of the box, and I am not talking about 3rd party modules, The bread and butter of what the Pineapple should do is: 1. Enumerate APs and clients associated to those APs 2. Capture and broadcast the SSIDs of the APs it has discovered 3. Deauth clients in order to get them to connect to the Pineapple's rogue SSIDs. It does point 1 perfectly. Points 2 and 3, not so much. 2. It can't even properly take an SSID and load it into the pool without corrupting the name. This is just poor coding. 3. It cannot dauth anything. I mean nothing. I made a small deauther using a Nodemcu Amica, and it works better than the Pineapple, and it didn't cost 200USD. I own several Rubber Duckies and those are excellent pentesting tools, so long as you write your scrips and customise your attacks depending on your target. I cannot say the same for the Pineapple. Much hype, little delivery. It's actually disappointing that Darren refuses to acknowledge this problem.
  10. Hi all, N00b here, but not to pentesting and wifi pentesting in general. Decided to eventually give in and get the tetra to add to my pentesting arsenal. But I am really disappointed. It seems like this is an expensive version of a regular wifi card's promiscuous mode, and my old lenovo's wifi card was able to broadcast deauth packets for as long as I wanted, and this seems to be a better approach to how the pineapple does it - seems the multiplier doesn't really do anything. I did message Darren about this directly over Twitter, and he came back with a nice, though not very helpful response, saying to use a multiplier in the mid-region, he suggested 5. So far, by using a multiplier of 10, I have managed to deauth one laptop device on my network once... once in 24 hours of trying to deauth anything on my network. Does anyone here have a similar experience / any advice?
×
×
  • Create New...