Jump to content

chrizree

Dedicated Members
  • Posts

    804
  • Joined

  • Last visited

  • Days Won

    69

Everything posted by chrizree

  1. It would be good to get a more detailed feedback on how it was solved. Other users could benefit from that when visiting and reading the forum threads.
  2. What does df -h or sudo fdisk -l or mount tell you? Does the Bunny seem to be mounted? This shouldn't be a problem. I use my Bunnies all the time on Ubuntu/Debian based systems.
  3. With the autossh module stopped in the Turtle "text based GUI", try running the following directly from the terminal on the Turtle (change user@address to something relevant for your setup and ports as well, if not "default") autossh -M 20000 -i /root/.ssh/id_rsa -R 2222:localhost:22 user@address -p 22 -N -T If that works (it should), change the following line in /etc/turtle/modules/autossh from: uci set autossh.@autossh[0].ssh="-i /root/.ssh/id_rsa -N -T -R "$autossh_remoteport":localhost:"$autossh_localport" "$autossh_host" -p "$autossh_port" " to: uci set autossh.@autossh[0].ssh="-i /root/.ssh/id_rsa -R "$autossh_remoteport":localhost:"$autossh_localport" "$autossh_host" -p "$autossh_port" -N -T" Furthermore... to get the module itself working, change the lines in the "configure" function of the autossh module from: autossh_host=$(uci show autossh.@autossh[0].ssh | awk '{print $7}' | sed "s/'//g") autossh_port=$(uci show autossh.@autossh[0].ssh | awk '{print $9}' | sed "s/'//g") autossh_remoteport=$(uci show autossh.@autossh[0].ssh | awk '{print $6}' | sed 's/:/ /g' | awk '{print $1}') autossh_localport=$(uci show autossh.@autossh[0].ssh | awk '{print $6}' | sed 's/:/ /g' | awk '{print $3}') to: autossh_host=$(uci show autossh.@autossh[0].ssh | awk '{print $5}' | sed "s/'//g") autossh_port=$(uci show autossh.@autossh[0].ssh | awk '{print $7}' | sed "s/'//g") autossh_remoteport=$(uci show autossh.@autossh[0].ssh | awk '{print $4}' | sed 's/:/ /g' | awk '{print $1}') autossh_localport=$(uci show autossh.@autossh[0].ssh | awk '{print $4}' | sed 's/:/ /g' | awk '{print $3}') Also change the line in the "start" function of the autossh module from: autossh_host=$(uci show autossh.@autossh[0].ssh | awk '{print $7}' | sed 's/@/ /g' | awk '{print $2}') to: autossh_host=$(uci show autossh.@autossh[0].ssh | awk '{print $5}' | sed 's/@/ /g' | awk '{print $2}') Done!
  4. I think you have mixed something up and made settings that isn't needed (or shouldn't be there). 2222 has nothing to do with the local sshd on the vps. Just skip any settings for the local sshd on the vps and see it from the Turtle perspective.
  5. Was that default settings or did you change the file yourself? Why add the vps to 2222?
  6. Did you use the correct port?
  7. There are reverse shell payload scripts for the Ducky. However, they use netcat and that is blocked by Defender nowadays so it needs to be altered or obfuscated in some way in order to work (or disable Defender/AV).
  8. Well, if it's still not solved, how can it be too late? As I understand it, there is work being done on getting the Croc to better accept different types of keyboards. It has for sure been a bit picky this far.
  9. Tried any of this? https://technicallysane.blogspot.com/p/using-tcpdump-with-netcat.html
  10. Well, it's a fact that the Mk7 has the hardware setup it has, right?! What is Hak5 going to do about it? Asking the question won't add those things to the product. It is what it is.
  11. Try it then. This is about the USB Rubber Ducky, not the Malduino W
  12. Remember that most of the Mk1 payloads available are years old and the landscape is constantly changing and evolving. It's a cat and mouse game and if the payloads aren't updated (or new ones are created based on recent vulnerabilities or functionality), they most likely turn obsolete.
  13. They most likely had the absolute majority of regular Windows users in mind that doesn't even have a clue of what a bin file is
  14. Everything is relative, but not long at all I would say if we are talking about a firmware recovery of the Mk7, haven't clocked it though
  15. Yeah, since that redirection is Windows related
  16. Do you really get redirected to http://www.msftconnecttest.com/redirect on Parrot and the Pixel? That sounds strange!
  17. I guess you are using a Windows PC, have you tried any other client type, such as visiting the portal using a phone?
  18. This is a portal you made yourself, right? Have you tried any of the premade ones by kbeflo just to verify that known working portals are executing as expected?
  19. The only mistake I can spot is the fact that ppl get their traffic sniffed without them allowing it to happen. Other than that... there is no mistake. The module works as intended. The question to ask is: "How many ppl are using web services in 2021 that is based only on http?" My answer is, "not many" and probably the reason why nothing gets caught in the net.
  20. What computer do you have? Mac? Running Windows (version?)... Linux?
  21. As Rkiver suggested, there's a Bunny section of the forums that should be used, so I guess this thread should be moved. Anyway, there are some bits and pieces that could render possible problems in the original code (i.e. the first post, which seems based on the "official" nmapper payload and then adjusted). For starters how nmap is spelled, with a capital "N" that will throw a "Nmap: command not found". Regarding the latest submitted code suggestion; what is <yOur IP> supposed to be replaced with? The victim is in most situations a "black box" when it comes to knowledge about device details, such as the IP address. I would rather stick to the original idea of using GET TARGET_IP instead of having to know the "victim" IP before I write the payload. I also need to elevate my knowledge about SYNC. It seems to be a part of the Ducky language that I haven't seen before. I get if "sync" is used so that the information is saved to disk in a proper way, but SYNC and sync isn't the same thing and SYNC must therefore refer to something else that I don't know about but happily would get more info on.
  22. Is your password containing uppercase letters? Try to type them all as lowercase and see if it works. I seem to remember that it was an "update feature".
  23. When is this going to be solved? It's almost to the day one year ago that this thread was created (with a following promise to solve it), but I still get the Hak5 repo error when running opkg update on the Shark. Perhaps the Shark is out of development so that the Hak5 repo is of no relevance any longer.
  24. Do you mean to not store it in any way locally on the Packet Squirrel, but instead save it to Cloud C2 only?
×
×
  • Create New...