Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by chrizree

  1. I don't know if it's a good thing to advise not to buy Hak5 devices on a Hak5 forum, but of course there are alternative paths to glory. Since I own a lot of Hak5 devices, I can just say that they are good. Bugs is always a part of the picture, especially when it's new devices such as the Mk7. Anyway, you could start with a simple PC and a home grade router as well. Learn the basics of networking first and you will be ready to use other tools soon. There are myriads of resources out there to dive into in order to elevate your knowledge. Even though Hak5 stuff is designed to be easy to use, the
  2. I can't answer to why you haven't got any reply from the Hak5 shop, but if your kit included a Mk7 Pineapple, then I'm very sure you have to stand in line and wait. There are also some other products that are out of stock at the moment if visiting the shop, so if your kit included some of those as well, then you will have to wait for those too. Nothing will be shipped until everything in the order is ready. Even though there could be some improvements to wish for when it comes to order status updates, I'm very sure that Hak5 won't trick you, you will get your stuff eventually. I know that ther
  3. Can you ping your local C2 server from your Mk7? Are necessary ports open on the C2 server making it possible for the Mk7 to communicate with the C2 instance?
  4. OK, I can't replicate that scenario sadly. The dates in my PineAP log is the expected date and time.
  5. I quote myself: "Get an ovpn file from your VPN service provider (or Tunnelbear to follow this example). Either it's one file only with certs and keys included, or a client config file along with separate key and certificate files. If the files are not included in one (1) file only, then the other files needs to be referred to in the config file. They probably already are if the VPN provider has chosen to keep them as separate files, but I often want to add absolute paths to those files." In other words... you need to get a relevant ovpn file from ExpressVPN and use that along with y
  6. Have you tried (re)formatting the SD card or tried another SD card?
  7. Can you explain the steps you take to produce the output, exactly what logs that are correct and incorrect, etc. so that it will be easier to track/find the source of your issues
  8. ok, great news, splitting things up to verify each part separately is always a good approach when experiencing issues similar to this situation, I can't see any problems for you to get it all working as intended
  9. ok, but I was primarily interested in your iptables rules, have you run the bb.sh script with success? I.e. gotten the status "found" and the ASCII art that tells you that the Bunny is connected to the internet. You have no route that includes
  10. try to edit the cmd file temporarily and skip the date/time stuff in the folder creation and run it once and see if it works better, that date/time stamp most likely needs to be modified before it can be used, i.e. the script needs to be altered so that it creates a date/time output that can be used without issues, just create a directory in the script called "test" as a subdir to slurp: set dst=%~d0\slurp\test You can also add PAUSE or SLEEP s (where s is number of seconds to sleep) to the end of the script so that you can catch the output I'm kind of rusty when it comes to Win
  11. I'm sitting with my Bunny attached to my PC right now and it's working all fine. I don't think it's something wrong with either the Bunny or the bb.sh script unless you have been doing something special that would have impact. Have you looked through your IP tables rules on the PC?
  12. And if you run the commands "manually" on your victim PC (content of e.cmd), do you get the desired results (I know, it won't be the exact same result since it won't be storing anything on your Ducky, but it will make it possible to catch some errors)? If you're not on a US (or US like system with that kind of date format), the folders created will be named with something that looks like a mess. Not that it should stop anything, but it could need some "remapping" to look proper. I don't really think that you have a missing Documents folder on your "victim" PC, but it could for sure be a reason
  13. On what drive do you store the script? Are you using stock Ducky firmware or have you flashed some alternative variant?
  14. If you only have access to one (1) physical computer, then I would go with an environment of VMs. If you are afraid of "polluting" your ordinary installation, then I would get an alternative hard drive and change the drive when pentesting. If that is too much work, then you can isolate both attacking and victim virtual machines in a virtual network on the PC. The risk all depends on what you are about to do. If it is things that wouldn't harm your host, then I would go virtual. I haven't dual booted since the 90's. There's potential risk of the guest breaking out and accessing the host when ru
  15. The most common way in Windows for an ordinary user is to set it using the GUI, but you could use netsh and it would look something like this: netsh interface ip set address "Local Area Connection" static or netsh interface ip set address name="Local Area Connection" static
  16. You should use the Docs site instead of the old wiki. In this particular case, it doesn't matter that much when it comes to the factory reset procedure since it's the same in both places. https://docs.hak5.org/hc/en-us/articles/360010555853-Factory-Reset However, since you mention bin files, is it really the factory reset that you are doing? A bin file should only be needed in the firmware recovery process. Since you have titled the thread "Firmware Update", I guess you are actually doing the firmware recovery, not the factory reset. And... using a bin file for a Nano on a Tetra is not su
  17. If you use the Cloud C2 web GUI and chose to export gathered loot for a C2-connected Hak5 device, then the exported loot will be stored in the root of your server/device where you run Cloud C2 if you don't specify any path in the export dialog (in the textbox for "Export Path"). However, if you specify a path, it will be stored in that path on the device where you run C2, for example: /home/username/whateverdirectoryyouwantitin It needs to exist before you can export to it. If you try to export to a path/directory that doesn't exist, the web GUI will throw "Error: could not write loot to disk"
  18. Is it mandatory that you need to do the export using a command? I.e. not using the export functionality in the C2 web GUI for a specific device.
  19. Everyone that puts a Mk7 in the cart receives this information
  20. Did you pay attention to the status/information in the cart when placing the order, that the Mk7 is currently backordered? Shipping estimate: 10-15 days. The message has been the same since at least mid November, so my guess is that you will have to wait for quite some time. Can't answer why you don't get any answer from the shop, but I guess there's no idea spamming them.
  21. OK, got it working now with the Owl and an Android phone as the GPS data provider via Bluetooth. So, there's an alternative way if needed. I will walk through the setup once again from scratch and write up a howto and post it if someone's interested.
  22. Are you specifying DUCKY_LANG in your payloads? Not that I think it would make any real difference, but better to try than not
  • Create New...