Jump to content

Search the Community

Showing results for tags 'SSH'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

  1. I have followed Hak5's YouTube instructions in LAN turtle basics of how to setup auto SSH. I have a remote server. SSH works if the lanturtle is plugged into the device sshing into it. However auto ssh does not work unless I type iptables -I INPUT 1 -i eth1 -p tcp --dport 22 -j ACCEPT But if I reboot the LAN turtle cannot ssh into it from my remote server, unless I rerun the iptables command Putting iptables -I INPUT 1 -i eth1 -p tcp --dport 22 -j ACCEPT in /etc/firewall.user does not help any ideas?
  2. Hi, Just looking for some advice on using python pickle to create an authentic looking filesystem for cowrie, has anyone experience of this? I have run the createfs.py script from the cowrie utils folder and created a fake filesystem based on the systems filesystem, however this wont be great as their are a fair few clues that it is a honey pot (the user called cowrie, the cowrie folder etc etc.). Thanks in advance.
  3. Hey guys, i was checking the System Log as I saw the following entries: auth.err sshd[2499]: error: Could not load host key: /etc/ssh/ssh_host_ecdsa_key auth.err sshd[2499]: error: Could not load host key: /etc/ssh/ssh_host_ed25519_key I recently made a fresh factory reset and update to 1.0.6. SSH into the pineapple is possible, but I wonder why the keys were not generated. Anyone else with this error message?
  4. Hi all, How would you go about setting up a stand-alone Raspberry Pi, which would; Be powered by solar, battery, or any other method. At least a few days power, if possible. Have some sort of internet connection available, so one can SSH / NetCat to it. (Dongle?) Be as small and discreet as possible, so it doesn't get stolen. *edit* Think weather monitoring station, but too far away to connect to the same WiFi network as your home PC, and not in range of any free WiFi hotspots.
  5. (please notice that this is being conducted as a security evaluation in my own company, nothing in here can get me in legal trouble since I own the network and all the computers connected to it) Hi, I need to create a relay server for my pineapple to ssh to when I deploy it in position. The thing is, I need it to be completely untreaceable back to me, otherwise my IT guys would find it too easily. They know they're going to be tested, they agreed to it and to not knowing when this is going to happen. My question is, how would you guys go about: buying the hosting/remote server/vps so that it cannot be connected back to you? what kind of server would you use for a relay server? what security measures would you take so your anonimity is preserved? Thanks a lot!
  6. Hello! After reading about the LanTurtle and watching the videos for it i have a few questions about the product before i purchase it. Lets make the example that i have successfully installed the LanTurtle on a targeted computer. I've got remote SSH connection to Turtle and a meterpreter session active. As i've understood correctly the lanturtle is the only equipment on the network i have access to and not even the computer it is attached to! So if i want to get access to computers on the network i could use the meterpreter session and launch attacks to the computers from the turtle and get a new meterpreter into the new computer and work from there? If there is a vulnerable computer on the network of course. Can the Turtle which is connected to the network also visit network folders/disks? Let's say there is a computer/Server sharing files and its accessible by anyone on the network. Can the Turtle access these network folders if they are open for the network the Turtle is connected to and transfer these files to the SSH server forexample? I'm pretty new to metasploit but still learning how it works and how it would work out with the LanTurtle the practical way. Also a great tool when i perform pentest for the local companies (FYI: legal and paid work, i don't plan to abuse this if someone were to ask ) i mostly do physical testing and assesment and this would be a really good tool for me as my other co-worker do the software/web part.
  7. Hi everyone . Im new here. Let em introduce ,my name is Alexandre , im from brazil I have been learning a lot about penetrating and hack mods here i have a test im tryng to made and im not pretty sure how to complete this The scenario is this. i need to be able to connect to my work network to work from home i work in a support 7/24 , some times i don't want to come to work because is just me alone in the front of the computer some times i spend all week whit no issue so i want to be able to open a intranet site in my house. how is the best way to accomplish this? Can i create a vpn between my house connection and turtle module? then in my browser be able to open a local intranet webpage? Maybe a raspberry pi whit some tools? i can provide my own credentials to the box , so i think will have same privileges as me. how this can be done? mitmproxy ? how can i act like im on work ?? is this possible? is just a dream? sorry my english is not that good thanks in avance
  8. Hi all! Just wanted to share something that might help other Lan Turtlers out there. One of the things I wanted to do with my lan turtle was to pivot my tools from my local box through the turtle. One such way is to use proxychains to proxy your local tools through your VPS in the cloud, and out through your turtle. My setup: [Local Kali box] --> (Router) --> [VPS] --> [turtle, which is inside victim network] I ran into trouble trying to figure out how to setup an SSH proxychain to it...found this article which worked right away: https://superuser.com/questions/332850/ssh-as-socks-proxy-through-multiple-hosts I used the first line, which was this command: ssh -f -N -D $PORT -oProxyCommand="ssh -W %h:%p machine-b" machine-c Here, machine-b would be the username@ip_of_VPS_in_cloud and machine-c would be the turtle, which should be root@localhost -p 2222 By replacing the "$PORT" with whatever you want (I used 9050, the default in the proxychains.conf), it would work flawlessly. Basically, what we are doing here is creating a Socks Proxy through SSH that goes through our VPS in the cloud, and then logs into the turtle (which already connects back to that VPS, through AutoSSH). With this tunnel, all you need to do is open up your proxychains.conf (/etc/proxychains.conf) and edit the last line to reflect the port you used. After that, you are all set! In Kali, just prepend "proxychains" before the tool you want to use.....for example! I wanted to be able to use Veil-Pillage from my local Kali box to get a SMBExec shell (because I already had credentials). So, by setting up the tunnel above, I ran root@kali#proxychains ./Veil-Pillage Which would take me to dialogue screen, I chose number 25, set my target (which was, a win7 VM) and my creds, and just hit ran! Veil-Pillage: post-explotation framework | [Version]: 1.1.2 ========================================================================= [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework ========================================================================= [*] Executing module: Smbexec Shell... [*] Type 'exit' to exit the shell Trying protocol 445/SMB... Creating service SystemDiag... |S-chain|-<>-***.***.***.***-<><>-<><>-OK [!] Launching semi-interactive shell - Careful what you execute C:\Windows\system32> And there you have it!! I thought this should be useful for everyone out there. Another way of doing it is to use your metasploit/armitage instance in the VPS, use the meterpreter module, setup the Socks4 proxy, and then setup proxychains to reflect your VPS instance. Don't forget to add route! Let me know your thoughts! TL;DR: SSH socks proxy -- root@kali#ssh -f -N -D $PORT -oProxyCommand="ssh -W %h:%p VPS-in-cloud" turtle-in-VPS then change proxychains.conf, then "proxychains tool"
  9. root@Pinebox:~# nano .test Error opening terminal: xterm-256color. I ssh'd into my pineapple today after doing a factory restore, and started getting this error. Anybody gotten this before?
  10. Hi guys, I recently started learning more about ethical hacking and stumbled upon metasploit. It is a great tool but I am having an issue on a pen test, which is the following. I am trying to exploit my IPad Air- IOS 8.1.1 Jailbroken and I am using the exploit "exploit/apple_ios/ssh/cydia_default_ssh". Also the OS I am running is Kali Linux. I am able to setup the RHOST with my IP Address ( and the default port 22. This data is confirmed and accurate as I did a nmap scan just before that showed me that the port 22 was open on that IP. Everything seems fine until i try to run the exploit, what happens is this: [*] - Attempt to login as 'root' with password 'alpine' [-] SSH Error: Net::SSH::Exception : could not settle on kex algorithm [*] - Attempt to login as 'mobile' with password 'dottie' [-] SSH Error: Net::SSH::Exception : could not settle on kex algorithm I have left the root:alpine login as per default in my ipad. I had even changed the password in my Ipad's terminal and tried to login via Armitage with SSH Login and the updated credentials. Still, I am always getting the same error and not sure what is going on. Can anyone help here? Cheers
  11. I am running an ssh server on my Ubuntu server but I don't like to use the default port of 22. I have the relay server working with auto ssh on the pineapple using port 22. Is there a way that I can use a different port with the Auto ssh? Thank you Mark.
  12. Hello, I have successfully enabled AutoSSH on my Pineapple so I can remotely access the web interface (e.g. However, I am having trouble SSH'ing into it via command line. I am trying to SSH into the exact same address which is working from the browser GUI (, but it is not working. When I try: ssh root@ I get this error: ssh: Could not resolve hostname Name or service not known Is there a different address I'm suppose to SSH into or some other setting I need to configure? Thanks.
  13. I understand how to connect to the Pineapple via SSH, what I do not understand is how to set up things such as the keys and what should go where. Specifically for the Mark 5. I would be grateful as well as other newbro's that might be too shy to ask if someone could explain how to use this feature? In the mean time i'm off to scour the net for answers !
  14. I don't know if this is a stupid easy question but I was wondering, is it possable to add a non-root user on the Pineapple Mark V. The reason why I want to be able to do this is to add another secure messure for when I have my SSH Tunnel set up to my server. For example, someone discovers my wifi pineapple and if they get my password from my Pineapple and SSH into it and then they would be able to SSH into my server without a password, that's what I am worried about since when they do, they have root privileges. Unless I am setting it up wrong... Any ideas?
  15. Do any of you guys have any experience with kippo ? I'm looking to set up my first honeypot. You know just to see and test out. And i'm wondering if any got some tips / tricks they might want to share. Kind regards, GuardMoony
  16. Hey Dudes, I was thinking, they duck would be a good way to physicly enable or disable the SSH service on my headless ubuntu server when i need access to it. im not much of a scriptor but i was wondering if someone could write a short bash script for me that does the following: 1. Check to see if the ssh service is enabled or disabled 2. If enabled, then disable, if disabled then enable. (Im running ubuntu 14.04 LTS) if i now script my ducky to automaticly log myself in as root and call the bash script, I should be able to access the machine remotley simply by plugging in the duck (inserting once will enable ssh, reinserting again should disable ssh) Seems to me like a pretty full proof idea, can anyone help, or see any holes in this idea? Cheers guys :)
  17. New here, I just got my Mark V, and discovered I understood the AutoSSH thing wrong. The purpose of buying the Wifi Pineapple was actually the opposite of its existence. I want to use it to create a private network wherever I am, and let the box connect to a public AP or mobile phone, while tunneling all traffic through an SSH (or VPN) tunnel to my home server, so the AP only sees one outgoing SSH. And so I discovered that this isn't provided out of the box and I couldn't find any topic on it. Given a few pointers I probably might come up with an infusion that adds this cool feature to the set. My first idea was a socks proxy as I sometimes use on a computer, but ideal would be to tunnel everything (DNS and all). So, pointers and comments welcome ;) Peter
  18. I'm trying to configure AutoSSH to connect to my relay server, which happens to be an Ubuntu 12.04 instance hosted by Amazon's EC2 service. They use .pem certificates. I like them; they're easy. I don't have to mess around with public keys and private keys and Bob and Alice. Sadly, though, the MK5's web UI no longer allows me to specify the command line for AutoSSH, where it seems (at least in previous versions of the UI) I would have been able to replace the "-i /etc/dropbear/id_rsa" with "-i key.pem" and have it work all the same. I followed all the instructions in episode 1112 and (the relevant parts of) Chris Haralson's tutorial. I hoped that doing so would obviate the need for the "-i key.pem" argument when autoSSHing with Amazon's EC2. It did not. When I try to test AutoSSH, it does not connect to the EC2 instance. I need your help. As I see it, there are at least three avenues for solutions: 1) Change a config file in the pinapple's bowels to use an "-i key.pem" argument for AutoSSH (such as I have used successfully when setting up manual SSH sessions - no password required). I prefer this option, for what it's worth. 2) Make the EC2 instance accept whatever crypto the pineapple wants to serve it (what do we call it? an RSA key?). This is basically what I've tried to do so far, by following the instructions given in Darren and Chris's tutorials. It hasn't worked so far, but maybe there's more monkeying around in the server's "sshd_config" or "authorized_keys" that I can still do? 3) Convert Amazon's .pem key into an RSA (public?) key (or whatever it's called) format? Then maybe replacing the contents of the some key file deep in the pineapple's bowls with the output of the pem->rsa conversion? I am not sure this can actually be done; results of preliminary googling are all above my head. Can you folks help me work this problem, walk me through steps for solving it? Thanks in advance.
  19. Has anyone set the dip switches to autostart randomroll? If not is there another way randomroll could be started wirelessly via ssh?
  20. Hello All, I'm trying to get my MkV to start airmon/airodump and ssh to my relay server. The airmon portion seems to be working swimmingly. The SSH/and HTTP proxy through my relay do not seem to be initiating however. Below is the line I have added to the configuration for dip 010. ifconfig wlan1 up; airmon-ng start wlan1; airodump-ng --write /sd/airodump.pcap --output-format pcap mon0; option ssh '-i /etc/dropbear/id_rsa -N -T -R 9434:localhost:1471 root@666.666.666.666'; option ssh '-i /etc/dropbear/id_rsa -N -T -R 999:localhost:22 root@666.666.666.666' Any ideas why it is not auto-connecting to the relay? Thanks in advance!!
  21. If I copy (2 MB+) files via SCP I encounter time-outs where the transfer stalls. I use WinSCP to transfer the files from the sd card in the pineapple to my local machine but I encounter the same by using scp on the CLI. The transfer freezes each 10-15 seconds and immediately before it resumes (taking another 10-15 seconds) I see the following in the pineapples log: Pineapple kern.info kernel: [75367.090000] usb 1-1.4: reset high-speed USB device number 4 using ehci-platform the output from lsusb is: Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 001 Device 002: ID 058f:6254 Alcor Micro Corp. USB Hub Bus 001 Device 003: ID 0bda:8187 Realtek Semiconductor Corp. RTL8187 Wireless Adapter Bus 001 Device 004: ID 058f:6366 Alcor Micro Corp. Multi Flash Reader I guess this might be a problem with the sd card or reader. I formatted the delivered sd card from the web interface. Did anyone encounter this issue and/or has a solution for this?
  22. So after a week of everything I could possibly try I've come to the forums to discuss my Autossh Relay connection problem. I'm trying to reproduce Daren's relay server and Chriswat's tutorial and manage the gui remotely. Contents: MkV Virtual Ubuntu Server LTS 12.04 External Box Ubuntu Server LTS 12.04 Windows Putty Ubuntu 13.10 Virtual Phone Hotspot for External IP for MkV Ports: VM Ubuntu Server -p 7000 External Box Ubuntu Server -p 50456 MkV 1471:localhost:1471 First I have a Ubuntu Server 12.04 LTS box setup at work as a file server but it also has openssh-server installed. Then I setup port forwarding on the router and modem for 50456 to internal 22. I've tested this from hom and I can ssh just fine. I generated my public key for my MkV through putty and then ssh through the external IP to the port 50456 and it is now connected. root@Pineapple:~# ssh -p 50456 root@externalip I copied the pinapple public key to the authorized_keys for the server. I added the "AllowTcpForwarding yes" and "GatewayPorts yes" lines to the sshd_config, "service ssh restart". Then I logout. I do "ssh -p 50456 root@externalip -i /etc/dropbear/id_rsa" but for some reason I still have to enter the password. I don't know if I have to install dropbear on this particular server. But then I move on to installing my virtual ubuntu server. I do all the previous steps but this time I use 7000 as the forwarding external port and port 22 as the internal. I also have a ddns provided by asus as I have the Asus N66U router. "ssh -p 7000 root@externalip -i /etc/dropbear/id_rsa" This time I did not need to enter the password and now have an ssh connection from my pineapple to the server. I exit the ssh session. I then go to my web gui on the MkV then to the AutoSSH config and put in Host: root@externalip(VM) (I've also tried adding -p 7000) Port: 4567 Listen Port: 1471 I exit the configuration page and click connect for AutoSSH. Then I setup my phone for Mobile Hotspot and connect my MkV in client mode to my phone. I disconnect my ethernet cable connected to the MkV. I wait a few minutes for my pineapple to make a connection via AutoSSH. Next I power up my ubuntu 13.10 VM and make an SSH connection to my relay server "ssh -p 7000 root@externalip". I pull up a browser and type in externalip:4567. This does not work so I then try externalip:1471. This still doesn't work. I've tried to nail this down to a science before I posted on the forums about this. Please help. Thanks.
  23. Hey! The page that is used is not created by me , its made by the maker of <snip>! i have only made it work for the pineapple!! Requirements: 1.Evil Portal infusion 2.putty or an other way to ssh into your pineapple 3.win scp or an other way to scp into your pineapple 4. internet connection on your pc and pineapple Installation: 1. Download: <snip - link removed> 2. Scp install.sh into the root ("/") directory on your pineapple. 3. Ssh into your pineapple and navigate to your root folder : cd / 4. type : bash install.sh and then hit enter. 5. when it says "installed , have a nice day" then its finished. 6. now go to the WebUI of your pineapple and go to the large tile of NoDogSplash/EvilPortal 7. Follow The Instructions it gives you and once everything is set up click on "start nodogsplash" 8. Your done happy phising! ThroubleShoot 1.if you go to any page and it loads normally or it gives an error go to the configuration tab on the WebUI and click DNSSpoof and if anything is in there delete it and then put : * in there and enable DNSSpoof. 2. it is supposed to only give an "incorrect login" message because you then have more chance that people go back and type their facebook login in and if its wrong they do it again but then with gmail and you have both! :) Disclaimer: I am not responsible for any malicious activity you do with this page ! I am not trying to encourage malicious activity i made this out of curiosity if it would work ! If anything is wrong or if you have any questions please leave them below!
  24. I'm having some issues that began immediately after performing a factory reset. My issues pertain primarily to connectivity, client mode, and AutoSSH. Connectivity issues: 1) I cannot connect to my Pineapple AP when I use my Alfa AWUS036NHA (ar9271) USB network adapter with Kali Linux; however, I am able to connect with my Netgear (rtl8187) USB network adapter with Kali Linux. I'm also able to connect with my MacBook Pro, MacBook, and iMac's built-in network adapters. Only when trying to connect with my Alfa, I receive the error- "Unable to obtain an IP address." I've rebooted Kali, rebooted the Pineapple, factory reset the Pineapple, enabled/disabled the radios, changed my Alfa's MAC, and various other things. 2) Prior to performing the first factory reset, I did not have any problems with client mode. After the reset, however, I had the following problems: As soon as I'd use client mode, wlan0 would stop broadcasting permanently and wlan1 would not connect to the wireless network that I selected. To get wlan0 up again, I had to perform a factory reset. Eventually I found that both radios had the same MAC address, so I changed the MACs (in /etc/config/wireless) and the radios began to function again. Now the issue is that all of my Pineapple clients, with the exception of Mac OS X clients (VERY STRANGE), are disconnected immediately after enabling client mode. Issues with AutoSSH: 1) AutoSSH doesn't start on boot or remain persistent 2) If I manually use client mode to connect to a network after a fresh reboot, AutoSSH will not connect to my server although it indicates that it's connected. To get AutoSSH working, here's the procedure that I have to perform: a- Use the client mode tab to connect to the wireless network that I need for internet b- Reboot the Pineapple c- The Pineapple will automatically enable client mode and reconnect to the wireless network that I connected to prior to reboot. d- Click Connect in the AutoSSH tile This gets me connected to my server. However, when managing the Pineapple remotely, I depend on AutoSSH to start on boot and automatically connect after switching between networks in client mode. These issues are very frustrating. Insight is appreciated. Thanks.
  25. Hey Guys, Need a little help understanding ssh proxy forwarding, otherwise known as ssh pivoting. I Have read a few tutorials that were very vague, seen a few videos from Hak5, but It still hasn't hit home yet. Here's my lab setup; I have a few static IP's. I am testing a real world scenario using a remote ssh box to pivot and scan the remote internal network. I am also using Metasploit. Remote network: 75.xxx.xxx.x96 My local Public IP: 75.xxx.xxx.x98 .x96 is behind a pfsense firewall I have setup. Port 22 is fowarded to a Metaspolitable2 box I Have there, lan IP (no worries, I have it setup to only accept connections from .x98 for security reasons) Also behind that pfsense firewall is a Proxmox VM server running various windows images on the same lan subnet as Metasploitable2. on .x98 I am running a standard nat router device, with my Kali linux VM on the DMZ. the local lan IP of the kali machine is so in Kali, I do the following; ssh -D msfadmin@75.xxx.xxx.x96 - This should setup my ssh proxy to msfadmin on x.96 I added in socks4 8001 in proxychains.conf I have confirmed this works by doing: proxychains nmap -sT -Pn (the winxp box on .x96 with lan IP and this works, nmap returns results. One of the windows boxes on that remote lan is and it's Vulnerable to the ms08_067 netapi exploit. I can confirm this in msfconsole after I setg Proxies socks4: and run the check command against - returns Host is vulnerable. However, when I fire the exploit in question, it almost seems like nothing is returning. Say I setup the exploit and payload with bind_tcp to use port 4444. Since I have the Kali linux box on the dmz, no NAT port forwarding should need to happen, right? I would assume, since my above examples of nmap and check in msfconsole return results for the remote lan IP of that the tunnel is working bi-directional, but still why isn't anything returning? The exploit identifies the machine as windows xp pro, etc, but still my payload never gets sent to that machine. I'm probably missing something, so I am asking you guys for some guidance. Thanks in advance!
  • Create New...