Jump to content

Search the Community

Showing results for tags 'Python'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

  1. Can someone guide me to become a Ethical Hacker. I am just new to this and I know little bit of python and Java. I have always been interested in this field and I am looking forward for a career in it.
  2. Can someone tell me how can we guess password using python
  3. Hi Everyone, I am currently writing my first script for the Bash Bunny. I am done with it and I know it works locally. I think there is a disconnect somewhere with me locating where on the Bash Bunny the payload is located? My log turns up empty when run from the Bash Bunny. I also noticed my light is turning Green (finished) before I even show it as a connected network device. Is that possible to start running the script before having the internet? I thought it waited until it received an IP. Anyway - any help would be greatly appreciated. Thanks in advance. LOOTDIR="/root/udisk/loot/brutebunny" # Setup Ethernet LED R B # ATTACKMODE RNDIS_ETHERNET ATTACKMODE ECM_ETHERNET # Need Switch Position source bunny_helpers.sh # Setup loot directory and working directory mkdir -p $LOOTDIR # Bruteforce LED G R 100 python /root/udisk/payloads/$SWITCH_POSITION/BruteBunny.py >> $LOOTDIR/log.txt # Finished LED G I am testing this on Ubuntu. Thanks, Decoy
  4. Does anyone have this book "Introduction to Python for the Computer and Data Sciences: Learning to Program in a World of Big Data and AI Harvey Deitel" I look for it almost everywhere! I would really appreciate if you share it with me !
  5. I need to install pyinstaller for Python 2.7 but it is not working. It worked for Python 3.4, but in this case I need it for python 2.7. C:\Python27\Scripts>pip install pyinstaller Collecting pyinstaller c:\python27\lib\site-packages\pip\_vendor\urllib3\util\ssl_.py:369: SNIMissingWarning: An HTTPS request has been made, but the SNI (Server Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings SNIMissingWarning c:\python27\lib\site-packages\pip\_vendor\urllib3\util\ssl_.py:160: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings InsecurePlatformWarning Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '_ssl.c:499: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version'),)': /simple/pyinstaller/ Could not fetch URL https://pypi.org/simple/pyinstaller/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/pyinstaller/ (Caused by SSLError(SSLError(1, '_ssl.c:499: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version'),)) - skipping Could not find a version that satisfies the requirement pyinstaller (from versions: ) No matching distribution found for pyinstaller I keep on getting this error. It goes away when I use Python 3.7 but I want to use it for python 2.7. I cannot install anything with pip without getting this error. Does anyone know another way to get pyinstaller for python 2.7 or how I should fix pip?
  6. Phil.P

    Python Tools

    Hi, I can see from the requiretool.sh that you can see REQUIRETOOL impacket if you wanted the impacket tool to be installed. So to install python3 I assume it would be REQUIRETOOL python3 now say a tool requires pip install, how would this work? pip install xxxx Any help greatly appreaciated.
  7. Super noob here, so please let me know if I need to move my questions to another place in these forums. I just got my nano, and have been a long time raspberry pi enthusiast, so I'm super stoked to start joining the two. I've already got it connected and am listening on the open SSID. It's easy to see the power of the pineapple. My specific curiosity right now is how to write a program to perform GPIO tasks on the raspberry pi based on events occurring on a wireless LAN broadcast by the pineapple. An example would be to turn an LED on if a specific MAC address is detected, and within some power threshold. My lack of knowledge at this stage is how the pineapple fits with the pi (or other "host" for that matter). Specifically, do I write my program (probably python) and host it on the pi? If so, how does it interact with the pineapple to get the MAC address and connection power dB? If not, do I host it on the pineapple? If so, how does the program interact with the pi to utilize its GPIO pins? How would I compile my code so that the pineapple can use it? Are the modules already available that can get me most of the way to my goal? Mostly "big picture" type questions of how the two powerful tools can interact with one another to harness the full power of each device. Any help or sources for further reading would be greatly appreciated. I've found when learning things like this that I don't even have the correct vocabulary to properly search the forums and internet, so even simple help with search terms would be a great place to start.
  8. Hello community, Nice to be hear. I just wondered is their a more effective way of email bombing than I am currently doing? I have a simple home made python script which allows me to connect to a Google account I create ( Basic I know ) I am trying to work on over Email provider support. But anyway... I can't get past the " Text only input " is there a way to send files in email bomb attacks? Also how would this be done and is there a way to get past the terminal from cutting out due to the server closing the connection? is this due to the email service closing due to the volume of emails? if so is there a way I could logically delay the time between messages? Lastly all my emails come through to the same email. How can I get it to create a new email ( conversation ) each email? would it be a simple character var and change on each send? how would i implement this?
  9. On our devices it is possible to run Python code, but even a simple "Hello World" Python script can take up 6-8 seconds to run, at worst! Investigations seems to show that all Python modules are kept in .py source code, and is compiled in memory on each run. (To save space i guess) Due to having alot of modules and that we're using small embedded devices, this causes delays in even the simplest of Python-related code! Example: Alot of the python scripts on my Mana Toolkit is slow, and causes the CPU-usage to sky-rocket. So what can we do do 'fix' this? Open a SSH terminal to your Pineapple and issue this command: python -m compileall This causes python to pre-compile all your python modules to .pyc-files. Which is located at: /usr/lib/python2.77 This fix is relative straight-forward on the TETRA. On the NANO we're better of moving that directory to the SD-card and issue a sym-link from that directory to: /usr/lib/python2.7 before we run the commmand. (Saves internal storage) For example like this: mv /usr/lib/python2.7 /sd/usr/lib/python2.7 ln -s /sd/usr/lib/python2.7 /usr/lib/python2.7 python -m compileall You can also pre-compile the python files within the directory you're inside by using the same command, but adding a dot at the end, like this: python -m compileall . This was a huge improvement for me. Hope it can be of usage for you guys :)
  10. I need some help in writing some code to automate some of my jobs and I can't figure an efficient way to just get the wireless card and ethernet mac addresses. im trying to use something similar to this ips = subprocess.check_output(["WMIC", "NICCONFIG", "where", "IPEnabled=true", "get", "IPAddress"], universal_newlines=True).strip().split("\n\n")[1:]
  11. I want to build a USB rubber ducky simulator using python. How Can I simulate keyboard presses in python? Can someone point me in the right direction please? In an ideal world I would love to develope a suite of tools that can be accessed from a GUI to configure/test and monitor Hak5 gear, but sadly this maybe beyond my capabilities :-(
  12. Taking the idea (again, mad props to sudoBackdoor) a bit further with some python scripting, I scared myself (and unintentionally pwned myself a few times as well) with this thing. How it works: The user's .bash_profile or .bashrc gets tweaked to point to ~/.config/sudo A python script called sudo is installed there. [Patience is required here, as you need to wait for the user to sudo some command now] This will take their password, validate it by running its own sudo command (literally just echoing something) and seeing if it works Once it confirms a good password, it stores the password for later retrieval and executes the intended sudo command in a subshell that the user shouldn't even notice a difference in After executing their command, it will use the password to sudo open up a reverse https meterpreter session on the machine. It will do this every time sudo is run. I unintentionally self pwned a few times, because the meterpreter session is being run as root, and one must sudo kill to get rid of it. Sudo killing it will get rid of the existing session as expected, but then will open up a shiny new session as its last step (unless the python script is gone). Because antivirus tends to recognize the base64-encoded meterpreter payload as malicious, I also wrote a script called "shellSmuggler.py" to go with it. If you use the msfvenom command I supply here, you should be able to pipe the output to the shellSmuggler and scramble the payload enough that antivirus doesn't alert on/block it anymore. You will need to know your listening machine's IP and listening port (obviously).
  13. I decided to put together a payload to get myself familiar with the bunny. This was inspired by SudoBackdoor and borrows heavily from it, but uses python because I'm more fluent in that than bash. I'm hoping to have this thing completed by the end of this week or possibly the weekend. The code under development is on my github at https://github.com/michael-weinstein/bashbunny-payloads/tree/darkCharlie/payloads/library/credentials/darkCharlie
  14. I was going to make some mods to the QUACK Python code. I'm an old Perl guy so decided to use the REPEAT command as a guide to the Python syntax and style. After a lot of hair pulling, I discovered that the REPEAT command does not work in the first place, so my mods based on REPEAT don't either. The Python QUACK code attempts to save previous line state in the "context" list variable (actually an immutable tuple), but it also appears to re-initializes it to empty for every new line, eliminating any state for REPEAT to ever act on. I'm not really a Python guy, so I guess my first question is: Does REPEAT work on the 1.3 firmware?
  15. WhiteDNS WhiteDNS is something I've been working on for a few days now. It's basically a small DNS server that only serves domains it knows/has listed. A whitelisting DNS server, hence WhiteDNS. Link to the Github repo is here. Instead of explaining everything it can do, I'll just provide examples of queries to this DNS server. The main documentation is in the python script itself and there is a bit on the Github. If I query "test" using nslookup.. [ SERVER SIDE ] # test isn't in ROUTES therefore only responds with a preset IP if query not in ROUTES then return 127.0.0.1 [ CLIENT SIDE ] QUERY: nslookup test 127.0.0.1 # Assuming server is hosted on local PC OUTPUT: Non-authoritative answer: Server: test Addresses: 127.0.0.1 If I give "test" a corresponding IP then query "test" using nslookup.. [ SERVER SIDE ] # test is in ROUTES therefore responds with corresponding IP test. -> 192.168.1.10 if query not in ROUTES then return 127.0.0.1 if query is in ROUTES then return query's set IP (192.168.1.10) [ CLIENT SIDE ] QUERY: nslookup test 127.0.0.1 # Assuming server is hosted on local PC OUTPUT: Non-authoritative answer: Server: test Addresses: 192.168.1.10 What if the querier is under a company domain or some other domain? Won't it come up with this super long domain name that the server can't recognise? Well, yes, you are correct. However, you are also not.. Example: If I query "test" and my PC is under the domain "company.local" this is what happens: [ SERVER SIDE ] # test is in ROUTES therefore responds with corresponding IP test -> 192.168.1.10 # notice how I removed the '.' here as well string = first bit of query (test.company.local.) if string not in ROUTES then return 127.0.0.1 if string is in ROUTES then return query's set IP (192.168.1.10) [ CLIENT SIDE ] QUERY: nslookup test 127.0.0.1 # Assuming server is hosted on local PC OUTPUT: Non-authoritative answer: Server: test.company.local Addresses: 192.168.1.10 This server can potentially be made into a payload and served on the Bunny for all your DNS pentesting needs. That was my end goal and now that I've done the hard part I figured I would release this as a python server and let others create payloads on it. Because it is a whitelisting server you can set the primary DNS server on a PC to the Bunny (which is hosting the server) and block any phone-homes made by the PC allowing you to basically ignore the rest of the network's hostnames. Or you could collect them all or change them all to go through the Bunny instead..or reset all the hostnames to go to a specific IP (does that already, really..). Possibilities are as far as a DNS server goes! :P I hope this helps someone achieves their DNS pentesting dreams or even helps you understand how a DNS server works. Keep in mind though, this is a very simple DNS server and only responds with generic answers. It can't handle ridiculously complex DNS queries - not that many internal queries require that.
  16. TLDR: https://github.com/ThoughtfulDev/PyDuckGen Hey, since the Simple-Ducky Payload Generator is discontinued i think.. i just wanted to create an easy way to generate existing payloads and move the needed files to the Rubber Ducky. PyDuck is a Python Script which helps you to get your once written USB Rubber Ducky Payloads onto your Duck's SDCard quickly. You can even change variable components by using a simple set <attribute> <val> command. All of this is made easy with a Metasploit like interface. Simply choose your payload with use <payload> configure it and there you go :) Have a look into the bundled modules in the module folder to understand the attributes but here is a quick explanation. Your duckscript is: ... STRING <replacable_text> ... In your module.json just add you attribute to the attributes tree like this: "attributes": { "replacable_text": "The default value" } If you know load your payload with 'use <your_payload>' you can now use the following: set replacable_text Hak5 is awesome :) If you then generate the inject.bin using: gen or generate the <replacable_text> will be replaced with Hak5 is awesome. Isn't that...awesome? :D You can even add folder/files to your module.json which are needed for you payload (have a look at the mimikatz_lazagne payloads to see how this works.) I really suggest that you have a look at the existing payloads to figure out how this works :D More Information can be found on the Github Repo: https://github.com/ThoughtfulDev/PyDuckGen Let me know what you think.
  17. I'm stuck while working on a prank payload. While the target computer is locked or logged off, I'm trying to find a way or see if it's even possible to copy a single file from the BB onto the target computer either into multiple Users folders or searching for a specific named file and replacing them with the file on the BB. Since the target computer would be locked or logged out, using the command prompt or powershell scripts is out of the question. I'm thinking that anything done would have to be solely done on the BB side, setup as say the SMB_Exfil payload only in reverse with the BB setting up as an SMB server, copy the file from the BB to an SMB temp folder, pulling the targets IP, and either copying the file over to the target computer or searching for a file name within the target computer from the IP address and replacing it with file. I'm just thinking out loud since I'd started working on this and using a CMD script to do the job (which works so far, but I'm still testing it), but wanted to see if it was possible to remove the CMD script for this to be accomplished without needing to be logged into the computer. If it takes learning python to write a script for the BB to be able to do this I'll do it, but I'd rather ask if anyone else thinks or knows it would be possible. Any thoughts?
  18. Hey all, I've got a problem with my python server. The Bash Bunny doesn't want to handle it forever, so it seems to stop handling after about 5 seconds (or shutting it down, can't tell which). The exact same code works locally on my computer (python script that runs a simple SocketServer), and it runs forever (using httpd.serve_forever()), however the BB doesn't want to run it forever. Any ideas why the BB stops handling? EDIT: Just for those that are interested, the browser error says "Site cannot be reached; connection was reset (ERR_CONNECTION_RESET)".
  19. Hello, do you guys know if it's possible to capure Client(s)-to-WifiRouter(s) probe request, just like Karma does, but without "answering" to any of those requests by using python? I mean, to passively monitor surrounding devices' probes and log them in to a text file or something, but be invisible in their wifi network list. Any python libraries suggestions would be appreciated!
  20. Once I deploy the LAN Turtle, SSH into it using my own VPS, is it possible to run my own custom python scripts using the LAN turtle terminal. For example: I write my own python keylogger script and SCP it onto my LAN Turtle. Is there a way to run this? I'm unsure if this will work as this is connected via ethernet, not necessarily a normal USB stick. Thanks for your time.
  21. CrackMapExec is a fantastic tool developed by Byt3bl33de3r and can be found here: https://github.com/byt3bl33d3r/CrackMapExec As stated in the repo's README, it's powered by Impacket and takes queues and inspiration from several other tools targeting SMB, WMI, and Windows in general. I recommend reading up on it if you are unfamiliar. For now, it's worth mentioning that CrackMapExec (CME) is also a Python library that can be installed with pip and used like a standard tool, i.e. you can type "crackmapexec" and use it without needing a Python script to act as a vehicle. I installed it on the Bunny and have used it for some network based attacks using RNDIS_ETHERNET mode. If you'd like to do the same, I encourage you to install pip. Connect to the Bunny via SSH and use curl with the "insecure" and output file options, like so: cd /pentest curl -k -O https://bootstrap.pypa.io/get-pip.py Now check your Bunny's current system date and time. If it's not current then you need to update it or Python and SSL will throw a fit because the date/time is wrong. Then use Python to run the script: python get-pip.py That may take some time to complete, but pip will open up a lot of possibilities and assist with Python tools and dependencies. Once that's done, you'll need to install packages required for supporting OpenSSL/PyOpenSSL. You'll need to have shared your internet connection with the Bunny for this to work. apt-get install build-essential libssl-dev libffi-dev python-dev Once those packages have been installed successfully, you should now be able to successfully use pip to install CME. If something goes wrong with this next step, it's almost certainly related to the cryptography library and a missing dependency. Read the error carefully and Google it. You can be certain there will be several GitHub and StackOverflow hits at the top. Run pip: pip install crackmapexec Once that is done, you can test everything by just running "crackmapexec" in your terminal and you should see CME spit out its help text and version information. You're now ready to include CME commands in your Bunny payloads. CME is a network attack tool, so you can use it against locked PCs. A very basic example of this is: crackmapexec $TARGET_IP That command tells CME to connect to the target's IP address via SMB. If that much can be done, CME will return a hostname and the target's operating system build. This is a fast "attack" and can be used to, let's say, fingerprint a machine quickly to prove you had access and collect some information. You can go a step further with this: crackmapexec $TARGET_IP -u "" -p "" That tells CME to try a Null session with SMB. If the target disallows Null sessions nothing bad happens. You still get the basic OS details. If the target allows for a Null session to be initiated then you can check for success and then potentially proceed with something like running CME again with the addition of "--shares" to enumerate network shares and gather additional information. If you happen to have a password hash or credentials from an earlier attack (perhaps phishing or passed to you from a teammate), those creds can be used with CME and any CME-based payload can be easily edited to include the credentials for a much wider variety of attacks.
  22. Hello everyone! I'm currently trying to make the script "fakeAP" work on my Pineapple. This script simply creates a fake AP, I let you imagine what for. The problem is: This script require Scapy to work. I tried to install it but when I run the setup script, It says that it can't find "distutils.core". Distutils is used to install python package. I searched a way to install it but, when I try to install it (via OPKG or from source), it says: * pkg_write_filelist: Failed to open //usr/lib/opkg/info/python-distutils.list: No space left on device. * opkg_install_pkg: Failed to extract data files for python-distutils. Package debris may remain! * opkg_install_cmd: Cannot install package python. * opkg_conf_write_status_files: Can't open status file //usr/lib/opkg/status: No space left on device. So, my Pineapple don't have enough space left. I tried to tweak the opkg.conf so it can install it on my sd card (mounted on /sd) but it fails everytime. I deleted a bunch of my modules and temp files, but the result is the same. Has anyone a solution ? Thanks and sorry for bad english! :)
  23. Hi, As a starter project for messing around with TK, I made a replacement for the wp6.sh script with a GUI. It's a bit basic to say the least, but it should be functional. I'm aware that I should really be using classes to build my application, but this is just an excuse to code something. Hopefully, someone might ind this useful. Anyway, the code (such as it is) is located here: https://github.com/phpsystems/PineappleSetupGui Phpsystems.
  24. Hi, I've been crunching away at this python3 script(s) for the past month and I would like some input on how to make it better. I based this bot off of Paul Mutton's work from the book “IRC Hacks.” Threading, having less hard coded variables, self healing, and making this code less dyslexic is definitely on the to do list! Let me know what you think :3 https://github.com/notpike/PikeBot
  25. Hi all, I was looking at trying wifite2 on the tetra mainly for the 5ghz addition over the std wifite which works reasonably well. It seemed to require stty, so I installed coreutils-stty and that got me a little further so it runs and finds networks. But as soon as you specify a target it hits an issue with :- WPA-handshake attack: waiting for handshake... [!] Error: global name 'err' is not defined [!] Full stack trace below [!] Traceback (most recent call last): [!] File "./Wifite.py", line 171, in <module> [!] w.main() [!] File "./Wifite.py", line 34, in main [!] self.run() [!] File "./Wifite.py", line 120, in run [!] attack.run() [!] File "/root/wifite2-master/py/AttackWPA.py", line 80, in run [!] if handshake.has_handshake(): [!] File "/root/wifite2-master/py/Handshake.py", line 61, in has_handshake [!] if len(self.tshark_handshakes()) > 0: [!] File "/root/wifite2-master/py/Handshake.py", line 127, in tshark_handshakes [!] if not Process.exists('tshark'): [!] File "/root/wifite2-master/py/Process.py", line 51, in exists [!] if stdout == '' and err == '': [!] NameError: global name 'err' is not defined At first i thought this was to do with STDOUT & STDERR so I looked at libdaemon from opkg but that doesn't seem to make a difference. Did anyone already try wifite2 and if so did you get any further? would love to hear from you. Cheers all
×
×
  • Create New...