Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by SpragginsDesigns

  1. What exactly does this do? I also get extremely tired of opening it up and putting the MicroSD card in my Bash Bunny Mark II to change inject.bin and duckycode.txt files. I have written and rewritten so many and have so many stored on a Google Drive link for everyone and myself, but it does get annoying AF. Any hardware workaround to this? I know the button you hold down on the ducky before you insert it, but that was to flash the TwinDuck firmware on once. Does that put it in Mass Storage Mode too? Either way, I hope this script sets it in Mass Storage Mode. Otherwise, I would love to know how to easily swap out the MicroSD for scripts. I will try this out when I have some time. Thanks.
  2. I use my router (Internet connection Mode) exclusively and have no issues doing anything on it. Whenever I try to share access with it (go to network connections, find the Pineapple (AXIS something) and share it with my ethernet (I am directly connected, not to Wi-Fi), and it breaks my internet.
  3. @deuce022 Solution: Use the firmware recovery found here. This fixed mine, but export all your handshakes and data because it will wipe it all. Now mine is just turning off after several hours even though I have captured almost 200 handshakes so far, so I love this thing. My suggestion: Reinstall the firmware from that guide, it's easy. Set it up again and that will go away, mine did.
  4. Mine always works, but just to show you I will go ahead and remove those from my settings and see if there is a difference.
  5. There is a setting somewhere to "Do not show duplicates" Find it for sure it helped me a lot.
  6. And yes, I checked my Windows 11 Pro group policies and the power plan. USB and Internet devices etc., are never supposed to be suspended, or on some power plan, everything stays on except the monitor after 3 hours. Otherwise, I know when to turn something off. For now, my WiFi Pineapple works flawlessly, and I have captured over 150 handshakes and cracked almost 100 of them. But I fear I may need to contact support and possibly get a new one. It is only two months old. The attachment files are so small; here is a drive link with pictures of it running fine today and has not turned off in about 6 hours so far.
  7. I have not seen what you are speaking of. But yes, I enjoy the standard 'login to Kali, open Terminal Emulator, sudo apt update -y && sudo apt upgrade -y'. But I suppose Mark VII does not need this. It works fine without manually upgrading everything through the shell, but I would like the ability to. I am looking at writing scripts for it (I assume bash), more modules, main, just more of everything to make the most out of it. I have read my previous posts. I have successfully captured over 107 handshakes and cracked most of them via hashcat. I am just messing with it, same with the Bash Bunny Mark II and Rubber Ducky Deluxe. Last night, I did use Kali Linux 2021.3 to flash the ducky for TwinDuck, as I work in my college's IT department, and I have stated many times that I have Windows 10/11, macOS, and Linux Virtual Machines, PC's and laptops to test payloads and general Hak5 gear on. I image the desktops and laptops before and after, bypassing Sophos and Windows Defender or imaging without and trying them anyway. But only one person listened and responded on Discord, and we have been writing a lot together lately.
  8. I am a professional React Developer. You can check out my portfolio here and more work here, I am willing to help redesign the interface in React if @Darren Kitchenwants to.
  9. Edit - DO NOT DO THIS - it will force you to do a firmware recovery on your WiFi Pineapple. I keep trying to find a way to upgrade --all and this is not it First: opkg update Then: opkg list-upgradable | cut -f 1 -d ' ' | xargs -r opkg upgrade
  10. I was about to do this but I instead just clicked on WiFi Pineapple Mark VII from the main dashboard and it instantly downloaded the config file. Thanks.
  11. okay, so here is opkg update: opkg update Downloading https://downloads.hak5.org/pkgs/mk7/stable/1.1.0/packages/Packages.gz Updated list of available packages in /var/opkg-lists/mk7_community Downloading https://downloads.openwrt.org/releases/19.07.3/targets/ramips/mt76x8/kmods/4.14.180-1-d92769dc5268e102503ae83fe968a56c//Packages.gz Updated list of available packages in /var/opkg-lists/mk7_kmods Downloading https://downloads.openwrt.org/releases/packages-19.07/mipsel_24kc/base/Packages.gz Updated list of available packages in /var/opkg-lists/1907_base Downloading https://downloads.openwrt.org/releases/packages-19.07/mipsel_24kc/packages/Packages.gz Updated list of available packages in /var/opkg-lists/1907_packages Downloading https://downloads.openwrt.org/releases/packages-19.07/mipsel_24kc/routing/Packages.gz Updated list of available packages in /var/opkg-lists/1907_routing root@mk7:/pineapple# opkg upgrade only shows me a list of commands. I cannot find a documentation that lists all the commands with snippets and more detailed instructions on how to use it. If I could get some help I would write it myself. Here is a screenshot as well as several others I originally included: https://drive.google.com/drive/folders/1ZcrAeFqJh01-AqBCEu2Z1iSKgRnlHYfz?usp=sharing I can say opkg upgrade kismet but not opkg upgrade --all like winget, apt etc.
  12. Thank you for your detailed response. I found cutting the rockyou.txt down to 8-24 characters was enough to crack them using Hashcat and using the online converter for .pcap files. Otherwise, I run Windows 11 with Defender and allow all ports coming in and out that I want and know it needs, so that is not the issue. Okay, so when I run opkg update, then opkg list, why is there no opkg upgrade or opkg upgrade --all? How can I upgrade the ones I get from opkg update? Thank you so much once again for your detailed and considerate response.
  13. 1. Nothing, I just love the device since I have gotten almost 100 cracked handshakes from it. And @Darren Kitchennever even responds to me or on GitHub, so why would they be paying me anything? 2. A lot of tweaking. That goes with ALL Hak5 gear. I own the Bash Bunny Mark II, Rubber Ducky Deluxe, Mark VII Pineapple and several other newer devices. All of them require payload modification or creating your own. 3. Raspberry Pi's are amazing, but my VMware Workstation 16 Pro running Kali Linux rolling 2021.3 is WAY better than both, my Raspberry Pi is there to run PiHole. 4. I just had to opkg update / create a campaign that is aggressive, set PineAP to advanced, install all the modules and packages etc. And tweak with it, like all Hak5 gear. None of them work out of the box.
  14. I noticed another post where you cannot get all the Ducky payloads, so I went through the pain of downloading all the good ones, there are some missing I will add to, or you can if possible, and added them to Drive and Mega folders for everyone. Use https://ducktoolkit.com/ to encode the txt files, otherwise just download the ones that are encoded. https://drive.google.com/drive/folders/13Y1AlQ7YOASCHxDTcjRcr3jFtfb8DzNA?usp=sharing Mega won't let me so I added a .zip to the drive folder you can unzip and use as well in the folder in Drive above. Hope this helps. I got these from the Hak5 GitHub and Ducky Toolkit, and tried to encode them all but I am tired and will try to update this but I have been insanely busy lately so remind me, thanks.
  15. Yes! What is this? I keep getting this out of nowhere and I have made no changes. I have captured 107 handshakes and cracked almost 90 of them, I made a post about it here. I am confused as I have made no changes. And I cannot even find my handshakes but they are being captured.
  16. I personally have both, and I believe you should have both. The Rubber Ducky works instantly and is only $45. Well worth the purchase. I dislike how I cannot easily take out the MicroSD card and put a new payload in it because none of my PC/work laptops support MicroUSB plugging in but overall, once I get a payload and modify it a little bit, that thing takes off so fast and works fantastic. The BB is great, but it has a 7-second boot. And it is obviously not a flash drive. Huge differences, but yeah, the BB can also run ducky scripts.
  17. I also SSH into it from time to time to do: opkg update && opkg upgrade <package-name> Or, just use the web shell on the top right, and install packages, keep it up to date, and install the modules/dependencies from time to time. Keep it running healthy and strong, it is a beast! And I have most of my neighborhood's/passerbys/neighbor's friends passwords now, and other network/device identifiers, but luckily for them, I will and never would do anything illegal, immortal or unethical to them or anyone else. I want to help make the online world safer for everyone, not less safe. Like I said in my OP, just let me know if I am doing anything redundant, or is there more that can be done with this? If so, what? Anyway, back to finishing this React.js web app, super excited about it. Here is a small preview: Link
  18. The Pineapple Mark VII Is A Beast by AgtShadow | Shadow Gaming So, I have so far collected 107 handshakes and cracked a lot of them in Kali Linux. It is scary how powerful this device is. Long read, but I hope you do. TL:DR: Powerful device, google drive folder with redacted screenshots included below this paragraph, how to limit long wordlists when cracking handshakes, converting them and more Opening Thoughts: The screenshots are too big to include here, so here are some I had captured before the update wiped everything, and the ones I took this morning (this Google Drive folder is not from my business account, so it should not ask for permission to view this folder) Google Drive Link I have no plans to do anything with them after cracking them, either. I just wanted to see how powerful this device is. It seems running the Enterprise Client while making a campaign in Active Mode and having the PineAP-Open appears to provide some insane amount of data leaked and near almost constantly connected clients. I live in the suburbs of a city in California Central Valley, so the traffic is low, and the neighbors are limited, but someone getting powerful results with this. I am working on a React.js web app to deploy by midnight tonight, so I am losing time to Kali/Pineapple to work on this, so I will resume more research on this device, as well as the Rubber Ducky and Bash Bunny Mark II, after I deploy my new website/web app. I am a Web Designer and Developer first, penetration testing has just been this 14 month passion/hobby of mine, and watching/buying Hak5 gear has been essential, as I carry my Bash Bunny/Rubber Ducky/Work Laptop and WiFi Adapter on me everywhere I go now. The Handshakes Captured, How and the Results: I wanted to spend a few hours or so yesterday looking over the insanely long HTML reports, the over 100 handshakes I have had (this screenshot is after I went from beta to stable release, so it erased everything, but I downloaded everything before it being wiped from the update to stable). I also included a screenshot of my pineapple-handshakes directory in my 6TB external HDD, where I keep all my VMs and store pictures/screenshots/downloads, etc., instead of clogging up my 1TB NVME C:\ drive. I do this with several SSDs and external SSDs as well. All I ever do with this thing is keep it running in a pinned tab on my Windows 11 machine (64GB of RAM, Intel i9-9900K 5Ghz 8 cores, NVIDIA RTX 3060, Windows 11 Beta Insider Preview Build, etc.), keep it in active mode. From time to time run a campaign I made where it runs inactive. Reports plaintext and HTML reports, and eventually Cloud C2 once I get the time to set it up through the command line, it seems. Still, every time I open Windows Terminal through that directory, I download the Cloud C2 files or cd to it. It does not open like it does when I just double-click it, even running Windows Terminal in Admin Mode or using cmd.exe.) Limiting the characters of the rockyou.txt file from 14m passwords to about 1m, and limiting the characters to 8-32 characters/digits/symbols, cracked them much faster. To do this, just do this as it helped tremendously (and hopefully will help others newer to this as it took me some time to figure this out after over a year in Kali Linux): (to see the 14 million lines of text in the rockyou.txt file: wc -l rockyou.txt I then copied the rockyou.txt to my documents/pinelists directory: cp /usr/share/wordlists/rockyou.txt rockyou.txt Only keep passwords that are 8 to 34 characters in length, and make that copied rockyou.txt file to a new file, just make sure you are in that directory with the copied one, I use wpacracks1 as I have made a new one after cracking over 80 passwords from these handshakes to include into them). sudo grep -x '.\{8,34\}' rockyou.txt > wpacracks1.txt wc -l whatevernameyouwant.txt You can use Hashcat, or the utility in Hashcat, or on their website here to convert the .pcap file to something hashcat can work with, or use the 22000 files as well. However, I converted my .pcap files, and I believe the pineapple provides you with .cap files, but I converted them anyway, super fast and straightforward. Main Conclusion: Anything else I am missing here? Or should we do better or differently? And what else can be done with these? I am 100% ethical about this stuff. I mainly use my Rubber Ducky and Bash Bunny to automate tasks at my current IT job at my college, where they have authorized me to use them to test payloads, as long as all sensitive data is destroyed upon clocking out. They never check, but they know I am an honest person that is mainly a Frontend Web Designer and Developer. So, if I check my notifications from @Darren Kitchen GitHub repos from Rubber Ducky, Bash Bunny, and Ducky Toolkit. Side note, for anyone who has more available time than I or is better suited for/experienced in pentesting than I, please keep adding to and fixing these repos and payloads. Most of them I have tried on Windows/Mac/Linux desktops, laptops, tablets, phones, FireTVs, etc., from work to school (with permission). Many of them do not work or must be modified, especially the DELAY and other things, as my work uses Sophos. When I image laptops/PCs/Macs, I have removed anti-virus from them to test as well, and many still have some sort of conflicted issue I just, unfortunately, have no time for at the moment. Surprisingly, the USB Rubber Ducky Deluxe works amazing, modifying the delays and they work better than my Bash Bunny Mark II somehow, and of course the 7 second boot, but I am not doing in the field social engineering tests anymore, I did with a few coworkers and it is shocking how easy it is to pop one in, either or, and get results and unplug before they notice. I of course tell them later, and show them the loot directory, with only two of them, and they thought it was cool, but those were the ones that worked. I need to get back to work finishing my react web app. I am working hard to land this React Developer position soon and get an interview with them in 4 days after a phone interview, so I am really excited but incredibly overworked now doing all of this. Plus finishing my Associate Degree in Web Design this fall semester as well. And my wife and kids need time with them more than ever after all this work/school/etc. So, any tips, tricks, or helpful advice moving forward would be greatly appreciated as I do not have any time to work on this anymore. And the handshakes, connected clients, reports, and everything just keep flowing in, so I am leaving it in passive mode and disabling the campaign until I get back to pentesting. Also, my wife and kids hate me being on my PC all day, so I spent the weekend mostly with them, but I am back to post and finish my web app and deploy it. Anyway, attached are the screenshots and included here. It is already time-consuming redacting private information on these screenshots poorly, I don't even want to fire up PhotoShop, faster to load up Paint and do it dirty, but it works. Windows 11 vs Windows 10 mini-rant: And yes, Windows 11 for the past two weeks on my machine, in my experience, has been much smoother, faster, better, and the new interface/UI/GUI improvements, as well as WSLg. Hence, all your WSL Linux apps are standalone in Windows 11 (like setoolkit or hashcat or CherryTree, etc., can all be run as a standalone app within Windows 11, instead of firing up VMware Workstation Pro 16, Kali Linux, then opening the tools, I just Windows Key + S > <kali Linux app name>, click on it, it loads up, no terminal needed for every app within Kali Linux, Debian, Ubuntu, Git Bash, Azure, literally all the WSL subsystems I have installed on my machine that I usually would access through Windows Terminal Preview (can be downloaded and highly customized in the Windows Store, and you can get Winget, windows package manager. On top of all of this, gaming has been much better, CPU/GPU utilization, the list goes on and on with why I installed Windows 11 over Windows 10. Much more beautiful (please Microsoft, tabs on Explorer.exe, and dark mode integrated into ALL Windows apps and utilities like Control Panel, etc and beautify those as well as keeping the Windows 10 skin.) Sorry for the long read. I type fast and probably talk too much outside of the topic. It is a flaw I am working on.
  19. Yes, I apologize that it was not sharable in the first place. I have edited it again to make sure it is now. And accepted all the invites to it as well. The odd thing is, before I created that link, I created the link to share with others under "Editor", as it is only a few screenshots.
  20. Well, this thing is fantastic. I am running it on Windows 11 Beta Version, which I installed over my Windows 10 main NVME about a week or two ago, and it runs great. I would give it 4/5 stars for sure, if I knew how to operate it better, probably 5. I thought, "what can this thing do that a Kali Linux VM with wifite, wifite2, airmon-ng, etc cannot do?" Well, so far, it seems to provide this: An excellent frontend web UI display and interface that I love to use. An access point that has collected my neighborhood's wireless data near flawlessly. Although, I am a little unsure what to do with it all. I have no malicious intent, just curiosity on what can be done with all this data collected? Able to run Red Hat Enterprise, SSH into a web interface for a terminal/shell command. Plugs directly into my PC via USB, or through an Ethernet/USB Adapter, or sharing internet access, 3 different ways, and they all work pretty efficiently. My main question after having this for about a month is this: What else can be done with this thing? I am so used to Kali Linux, and I have been away from it for almost a month now and barely did wireless auditing with it, to begin with, as I am a Frontend Web Developer. Anyway, I am mainly asking a barrage of questions, so I apologize. 1. What are the best ways of using these handshakes (22000 files and Hashcat files) in Kali Linux to crack them? I assume Hashcat and Wireshark can accomplish everything. I just need to actually look into it more. 2. All these other tools and what they really do. Just mainly a bunch of broad questions of, wow, I have so much, and so many handshakes and acquired MAC/IP Addresses, and I do not want to do anything unethical with them. What else can be done with this device? Also, I have tried to get the Cloud C2 working, but it never seems to work, even though Windows Terminal, through Powershell, Kali Linux, etc. I have included a ton of screenshots (and google drive link included here) for this post to better help illustrate what I am asking and what I have been able to do with this. Essentially, are there any packages/modules I am missing that I should have? Are there any commands I should be running (or installing) other than "opkg update or opkg install <package name>"? I have this device, and it is doing so much. I am just a little unsure of what to do with it all, but essentially this device is fantastic. It always works, I rarely have issues with it, and I can always access it. I am just confused on what to do with it after doing my own campaigns and recon, and what else can be done with it, or recommended to install onto it or do with it? Sorry everyone, I rushed this post as well. I am working on a new react app, finishing some school work, and getting kids to bed, should have waited, will re-edit this soon. Thank you Agent Shadow
  21. I can bring it in for work tomorrow. I am authorized to bring in any and all Hak5 merchandise into work. What are you looking for exactly? I haven't brought it in for work since I just got it, and also because I am unsure what that will solve bring it to work.
  22. I keep getting this as well when I use Putty to serial into BB. Could someone possibly explain to me what I am doing wrong with the Kali Linux / Linux version of this? sudo bash ./bb.sh Bash bunny is detected and everything seems right, but then what? How do we access the console after setup and it is detected and in ECM_Ethernet mode? Otherwise, I keep trying to apt-get install <package name> to BB and it either fails or something like this happens. Hopefully someone out there can figure out what the issue is.
  23. Hello everyone. My name is Austin, and my name AgtShadow comes from a mix of my YouTube Channel, Shadow Gaming, and my Kali Linux username, agtshadow. I am a husband and father of two children, an 8-year-old boy and a 4-year-old girl, and my wife and I have been together for ten years this September 14th and married for 4 of them. I am a Frontend Web Designer & Developer. Used to be a truck driver and then a local truck driver here in Fresno, CA, but by the time I turned 27 or so, I decided I could no longer be a truck driver. I began truck driving to support my wife and children and afford our property taxes and bills after selling the property I inherited when I was 18 years old to have a home with no mortgage and raise our children safely without too many issues. I managed to support my family through YouTube / Google AdSense Revenue and Financial Aid from my college. At the same time, I attended and received my Certificate in Web Design & Associate Degree in Web Design / Information Systems. I currently work at my college in two departments, IT & Web Design/Marketing. I love it here and really enjoy helping the students and all my coworkers are lovely people, and the college is near our home. Hence, our lives circle around in this good suburb of Fresno, CA, and I have never been happier in my life, minus a few significant issues going on right now. For pentesting, I got into Linux virtual machines shortly after experimenting with Node.js / Vue.js and eventually React.js frameworks and more like Git Bash, etc. I then tried Windows Terminal and loved it, then tried VMware Workstation Pro 15 at the time and absolutely fell in love with Kali Linux in particular as my first attempt at learning the Linux Environment. I know I should have tried Ubuntu or something else). Still, it worked out regardless, as I am about 10 months into learning pentesting. I now have my Bash Bunny Mark II, Panda PAU06 WiFi Adapter for Monitor Mode / Wireless Pentesting. I am just here to keep learning more and more as a passion of mine. I want to contribute to this community and the cybersecurity community to make the online world safer as we become so reliant on online use every day of our lives. Here are some links to possibly understand me a little better or follow me if you are interested. I plan on making some videos on my channel regarding the Bash Bunny and Pentesting once I get better at it and am able to write my own payload. YouTube Channel: https://www.youtube.com/c/ShadowGaming99 Portfolio: https://www.austinspragginsportfolio.xyz/ Main Website: https://www.shadowgaming.network/ Please give me feedback on anything I share or converse with everyone about. I am here to learn and use that knowledge to help people and need constructive criticism and help from time to time. Thank you all for reading this and thank you to @Darren Kitchenand everyone at Hak5 for what you do. Sincerely, Austin / Shadow Gaming / AgtShadow / root@agtshadow
  24. Hey @Darren Kitchen It is wonderful to see you are still highly active in the forums and everywhere within Hak5. I highly respect your character, attitude, personality, and intellect and how much you have accomplished in the pen-testing / cybersecurity world. Plus, your show is fantastic as well. Overall I have become a fanboy of Hak5, haha. So, first off, I should test this at home when I have the time, but hopefully, you can just possibly answer my question before I even get home. I have my BB Mark II plugged into my Kali Linux virtual machine on my work laptop in arming mode, and the interface seems to not detect it. Neither does it if I put it in Switch 1 or 2 with payloads using Ethernet/Mass Storage. Here is a link to an image of me attempting this on my lunch right now: https://imgur.com/gallery/3WifEOM Also, I have been given permission and authorization to test payloads on our machines at work. So, I have been looking out for new payloads, pull requests, and more on these forums, as well as payloads that work or ones that are obsolete since I have full access to Windows 10, Mac, Linux PCs, laptops, and all sorts of hardware and network switches, etc. As long as I do not leave the campus with sensitive data, I am fine. Anyway, I am using my Kali Linux VMware Workstation Pro 16 to arm payloads, write my own, use the BB Manager, and everything else with the Bash Bunny Mark II since I am mainly on Kali Linux anyway. Windows 10 loves to mark everything as a virus, and it is much easier to just use it in Linux for arming mode. I need to learn more about PowerShell and more so I can write some payloads that would be a great asset to the Hak5 community. I believe in everyone here as they all seem to be white hat pentesters and work hard to make this device and the rest so much better. I am a Frontend Web Designer & Developer but looking to get my OSCP certification and learn penetration testing in the meantime over these past 10 months or so but still new to it after nearly a year. Especially the password cracking but eventually figured it out in time to image all the computers in that cybersecurity classroom and move onto the next assignment for our IT Department, and the instructor is still unreachable. I managed to dump the credentials of our AC1-145 classroom at CCC, where I work in the Web Design/Marketing and IT Departments at my College. As much as I love designing web pages, web applications in Vue, React, and the triad of standards, I am just too passionate about pentesting and the Linux environment to ever give up on learning it. I hope to be a great asset to cybersecurity and the Hak5 forums and GitHub Repositories, etc. We needed to get the Onboard NIC password and eventually the instructor's station since he is on vacation until the campus is back open. We have been unsuccessful in contacting him still. Still, because I had the Bash Bunny Mark II, over 60 computers and students will have their computers ready to use next week for their cybersecurity courses. So, thank you for everything you have done in the cybersecurity community and world. I was able to get the password from the student's computers (Dell OptiPlex) which I never had attempted before but got it. Then, I was able to get the hash string and use Hashcat to get the instructor's password. Not only was it a wonderful learning experience and exciting, but I also was paid to do it since I was on the clock working that day. I hope to be helpful to Hak5, our community, and the cybersecurity community, in general, to make the online world safer as I learn more, but I need to get past some of these beginner hurdles first. My main questions are more than likely quite simple ones, but I am still learning the Bash Bunny Mark II, Ducky Language, Bash/Shell Payloads, Python (still find Vue/React easier somehow), and overall the Linux pentesting tools. I still struggle to find the correct listening port for Metasploit payloads and exploits and other simple pentesting tools, but overall I am here to learn and help eventually. I am going to finish my lunch and get back to work. Hopefully, I can figure out how to make the Internet connection sharing with the BB on Windows and Linux, keep testing older payloads and newer ones, write new ones, and help others that are contributing to the more recent payloads. I have found many of the payloads to not work that I want to get working again. Especially Browser Data and the credential ones. I noticed simple Sophos pre-installed antivirus software from our college to protect our machines from the BB, but I am trying to find ways around it, especially after finals are over this week. I also have a YouTube Channel I used to do gaming on but I might do some videos on the Bash Bunny Mark II once I learn it more but maybe a setup video? Thinking about it all and learning it all still though. https://www.youtube.com/c/ShadowGaming99
  • Create New...