Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by chrizree

  1. OK, France must have implemented some security measures that the rest of the world hasn't figured out yet 🙂 So, just to be clear about the scenario that you have at hand... You are deauthenticating clients from their intended wireless network, then mimicing the same network (AP/SSID) with your WiFi Pineapple (either it be the Nano or the Mk7) and then you want the clients to reconnect to your spoofed SSID. Right? However, there is not actual guarantee that the clients will connect to your spoofed AP just because they have been deauthed. They might as well connect to the "correct" network
  2. When it comes to firmware recovery, have you followed these instructions? https://docs.hak5.org/hc/en-us/articles/360055166053-Firmware-Recovery
  3. Does it make any difference if you select (and save) "Active" as mode for PineAP instead of "Advanced"?
  4. OK, so how did you configure your filters then?
  5. I'm not in possession of the Mk7 so I can't reproduce the eventual error, but if it works in the same way as the Nano, you need to add filters to get clients to connect if they are supposed to connect to the open AP of the Pineapple.
  6. You need to add filters to be able to get clients to connect to the open AP on the Pineapple
  7. I'm just making "qualified" guesses here (and that's perhaps not the answer you want). To be absolutely sure, Hak5 staff needs to answer the questions. If not getting the answers here, I suggest to contact Hak5 Shop directly by submitting a request ticket. My speculation about question 1 is that it's not Monday, it has passed. It was a time limited offer, hence the code not working anymore. Question number 2, if the offer was time limited to just be valid on, or up until, last Monday, there is no fix other than waiting for any possible upcoming offer (might appear on Friday, who knows). My gue
  8. I wasn't referring to functionality between the different versions, but the right to contact support when experiencing problems.
  9. Not sure what version of Cloud C2 you are running. If being licensed for something other than the community edition, I would ask Hak5 support. But, if running the community edition (that only has community support), I would hope that someone with the correct answers appears in this thread. Preferably someone from Hak5.
  10. OK, no problem! The expected checksum just visually appears as being shorter, but it's just plain "true type font magic" that fools the eye. If pasting the checksums into a fixed width text editor, the length of the checksums are all the same. Sadly I have no access to the checksums (or zip files) myself since I have made in-place upgrades of an existing instance of Cloud C2 from 2.x to 3.0.0 and further on to 3.0.1. To me, only two major options remains as possible explanations. Either that your downloads are actively tampered with along the way (something I would see as highly non likel
  11. No, you are using shasum, I was asking about the result of running sha256sum, a totally different command. However, there is no real reason that the result should differ from running shasum as you have, but I'm not usually using shasum. Instead, I'm always using the command/utility for each kind of checksum type (i.e. md5sum, sha1sum, sha256sum, sha512sum, etc.), I just wanted to do it "my way" when trying to give you advise. How many times have you downloaded the zip file? If just once, then I would suggest to download it several times and compare the checksums. Something might have gone wron
  12. Do you mean to not store it in any way locally on the Packet Squirrel, but instead save it to Cloud C2 only?
  13. I guess the question should be asked in the Mk7 part of the forum. However, the manual says 107 x 93 x 21 mm https://apps.fcc.gov/eas/GetApplicationAttachment.html?id=4650996 or https://fccid.io/2AA52MK7/Users-Manual/User-manual-4650996 (Since FCC seems to be picky about hot-linking)
  14. There is a lot of "Deadpool attitude" needed when it comes to cyber security, it's not just buying some stuff and hope to magically elevate, "Maximum effort" is valid in a lot of areas. One thing that is important to remember is that all areas of cyber sec is based on the everyday use of technology. So, one of the best things is to actually work professionally in the areas that you want to help to defend. I.e. work as a PC tech/sys admin, work as a network tech, work as a software developer, etc. etc. Of course it's not a quick start, but if you want to get really good at security, you have to
  15. To my knowledge, port 22 has nothing to do with the functionality of Cloud C2, i.e. SSH is not a mandatory part to get it all up and running. For instance, I have no active internet facing port 22 on the VPS running my C2 instance and it works all fine for me. Why not just disabling/blocking port 22 and see how it works out for you. Not sure right now about the SSL port thing, have you tried the listenport parameter?
  16. I guess you have better luck getting an answer posting in the MK7 part of the forum instead of here, since it's all about the Nano.
  17. It's a known "issue", has been discussed before in the release thread https://forums.hak5.org/topic/53473-release-hak5-cloud-c2-30x/ I had the same behavior on my Kali box with Firefox just after I upgraded my C2 instance, but for some reason it has miraculously disappeared without me doing anything specific about it. Now it just shows once as I load the Cloud C2 GUI, and after that it doesn't appear.
  18. Have you looked at the Cloud C2 setup videos that Darren has put up? Not explicitly for v3.0.0 but the ports should be the same. Not exactly sure what you mean with "selfhosted vps" but the ports needed should be the same as in the video. https://youtu.be/TIpx_ENurLY?t=378
  19. I just created a fresh VM (VirtualBox) and followed the instructions in the page you linked in your post and it all worked out well. Browsing the info.php file works without any problems and showing the expected results. Not using 20.04 though, but Ubuntu 18.04.4 LTS. Try again from scratch and see if some of the steps where unintentionally skipped and/or look for error messages while installing or restarting services, etc.
  20. Even if I haven't tried (running mine in the famous cloud), I can't see anything that really would stop you from successfully spinning up a Cloud C2 instance on the localhost and access the web interface locally on that specific machine. However, since the IPv4 address range is reserved for host loopback only, it should never be used outside of the current host (read further in RFC 1122). So, it will not be possible to connect any Hak5 devices to the locally hosted Cloud C2 instance which kind of removes the purpose of having a Cloud C2 instance up and running.
  21. What encoder are you using when creating the inject.bin file?
  22. Even though the Rubber Ducky is a useful tool, it wouldn't be my go to solution for this particular scenario. It all depends on the use case, but... even with only a small amount of Chromebooks to enroll, I would most likely select another path to glory than the little duck friend.
  23. Are you using some special character as a part of your password that might not be appreciated by the Cloud C2 instance? (Don't expose your password here though :-) )
  • Create New...