Jump to content

Search the Community

Showing results for tags 'WINDOWS'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

  1. My first payload, wanted to make something simple and cross-platform to try and learn the platform. Please give any feedback (I can't test on OSX myself) you may have to help me improve my payload writing! Features I'm looking to add that I need help with in a future version: - Loop so that the video opens multiple times before ending payload - Ability to crank up device volume while executing payload ######## INITIALIZATION ######## LED SETUP # Use RNDIS for Windows. Mac/*nix use ECM_ETHERNET ATTACKMODE RNDIS_ETHERNET #ATTACKMODE ECM_ETHERNET ######## ATTACK PHASE (WINDOWS
  2. Hi All, I know this one seems to have been done to death on the forum but I am not sure what else to do. I have read all the posts that I can find on trying to get an internet connection on the BB. I have set, reset the different permutations with regards to RNDIS device, IPs, Drivers etc and get the same results. No internet. Ive tried on Windows 10, 8 and 7 and its the same. Ive tried deploying the payload to the different switches. Ive tried sharing the WiFi and Ethernet connections on the laptop. Okay, so I have updated the firmware to the latest. Storage and HID are fine.
  3. Hey guys and gals. I need to crack a password for a very very old piece of software (its over 20 years old at this stage and the dev is no longer supporting it). Pretty sure it was developed in Windows 98. The software gets activated with a 6 digit number. The apps way around brute force is to shut down the app after every failed attempt. This is the code i need to loop... 1 million times (with the second string increasing by 1 digit every time) 😂. GUI r DELAY 100 STRING C:\app\software\app.exe ENTER DELAY 1000 STRING 000001 ENTER ENTER What's would be the fastest way for me
  4. Will a payload targeted at a Windows 7 OS still work on a Windows 10 OS, or are they completely different?
  5. Will a payload targeted at a Windows 7 OS still work on a Windows 10 OS, or are they completely different?
  6. Windows Persistent Reverse Shell for Bash Bunny Author: 0dyss3us (KeenanV) Version: 1.0 Description Opens a persistent reverse shell through NetCat on victim's Windows machine and connects it back to host attacker. Targets Windows 10 (working on support for older versions) Connection can be closed and reconnected at any time Deploys in roughly 15-20 sec Works with NetCat Requirements Have a working Bash Bunny :) STATUS LED STATUS Purple Setup Amber (Single Blink) Installing
  7. One of the problems I had with the ducky is that when typing a script on a target's pc it's really hard if there is a person in front of it. Instead of trying to create the command screen as small as possible so the targets won't see the screen, I've made it so big that they will think the monitor crashed or the cable fell out. The only thing you see now is a black screen and black text so the targets won't see any strings the ducky types. It also doesn't matter if the user clicks on somewhere on the screen with the mouse, because te whole screen is the command line. Here is the payload:
  8. HoldEmUp Private Encryption Locker By REDD (aka Ar1k88) Fork from: https://github.com/private-locker/Private-Encrypted-Locker GitHub URL: https://github.com/private-locker/bashbunny-payloads/tree/master/payloads/library/general/HoldEmUp (Waiting on Official Hak5 Merge) This Script was previously released on here, then taken down. I had decided to release it on here again since we have also released the Source on our Community GitHub. Features: Use 256 AES Encryption to encrypt and secure files with a Uniquely Generated AES Key. Edit "settings.db" to change the fi
  9. In the spirit of april fools, I ported the original UnifiedRickRoll to windows, so you can easily switch between apple and windows computers and still get the same effect. https://github.com/hak5/bashbunny-payloads/pull/139
  10. I've had two BashBunny payloads fail on me (USB_File_Exfiltration and SmartFileExtract_Exfiltration) when I ran them in the morning, after working on them for a full day trying to get them to work (the night before). Debugging the scripts on Windows, I found out that the date/time stamp formatting for the filename was causing the issue. The hour is left-padded with a space in the AM. I found the following hint for creating Windows Batch Script variables that are properly formatted with the date/time. My modified code to match the format in the payload scripts is below: @echo of
  11. Hello there, i´m writing my first payload for the USB Rubber Ducky . I'd need a key combination to hide a window, the only problem i have is that i need to do something IN the window so i can't just ban it to the task bar. I hope you could help me. Greetings Ares
  12. Hi, Based on the powershell script written to extract creds from Google Chrome, I made a script to read the SQLite database where the cookies are stored and extract Facebook session cookies. It uses no library, like in the ChromeCreds payload, I use regex to search for the cookies. I haven't written any payload, and I also want to do the same with Firefox. http://pastebin.com/25Z8peMb Enjoy
  13. I have been working on a small little virus to mess with some friends, when you start up the program it will ask you what file type you would like to shuffle, after inputting that it will do the rest of the work for you! Any ideas on what I could add to the program? (You can find it here https://github.com/SkullScript/Puffle-Shuffle)
  14. WDuckyFlasher This is a ducky firmware flasher with all firmwares built in. It is handy in case you only have a nearby windows computer because this is made in batch! I'm always open for suggestions! Have fun. Download link [ZIP]
  15. Harun


    Hi, I just checked the tutorials on how the PacketSquirrel works and what it does and I've decided to purchase one myself to have a play around with it. I've captured traffic on the device, recorded and analysed the TCP dumps on WireShark. The only part I'm struggling on is how to get the dns spoof to work. I have switched to Arming mode and edited the 'spoofhost' file to 'facebook.com' with the ip address being my victim's ip address on the Windows machine. I'm wondering how it's possible to create a fake web page and harvest the victim's usernames and passwords via my fake facebook pag
  16. Lets say we have a win 7 computer with non-admin access. There is a particular registry setting we want change. And we dont have permissions to any cool stuff like regedit, gpedit, etc. And lets say any registry setting we do manage to save, through something like chntpw, gets reverted on boot/profile load to its original setting. Computer is on a domain system. And lets pretend creating a new windows admin user might be a little too invasive for a vigilant System admin ignore. What methodology would you guys use to permaset a reg setting?
  17. So heres whats going on i made a shell, using reverse_tcp. And i put it on victims computer and opened it everything went smoothly in the process of opening the exe, anyways after i opened it, the shell didnt send a tcp connection back to me. Im doing this on a LAN network, both computers are right beside each other connected to ethernet. I made the exploit in a vm then uploaded it to mediafire and downloaded on other pc. But when i ran it, i didnt get a connection back it was like it was never ran. Heres all my console output currently even after opening i didnt take a screenshot but i did co
  18. Mirothor

    USB-C Ports

    How will Hak5 deal with USB-C ports if they spread to Microsoft, Dell, and more? Also, is Hak5 just going to stay with adapters or make new devices with USB-C capability? I would stick with adapters, but I want to see others opinion.
  19. I need some help in writing some code to automate some of my jobs and I can't figure an efficient way to just get the wireless card and ethernet mac addresses. im trying to use something similar to this ips = subprocess.check_output(["WMIC", "NICCONFIG", "where", "IPEnabled=true", "get", "IPAddress"], universal_newlines=True).strip().split("\n\n")[1:]
  20. Discussion thread for the RevShellBack payload. I've seen quite a few Rubber Ducky projects to do with getting a reverse shell running on a PC so that the shell can be accessed remotely on a different computer. But what got me thinking is this: the Bash Bunny is a full-on Linux ARM computer, right? It has netcat and it can do HID and ethernet simultaneously. So.. why not use that instead? At first, this payload will use a bit of HID trickery to hide itself from an observer as best as it can. As soon as it has done executing the final PowerShell command, HID is no longer used. User-de
  21. Testing the BashBunny for use on a physical pentest/red team engagement but noticing a huge problem with using this device for a real world assessment. Mainly, on a Windows 7 x64 desktop, the initial driver install process took over 2 minutes to install. After initial drivers are installed, my payload initializes and finishes within 10 seconds which is great if only I didn't have to install the drivers first... What makes this issue even worse is that the BashBunny doesn't wait until the drivers have been installed before executing the payload which means you need to unplug/re-plug the de
  22. deck_bsd


    Hi everybody, I just flashed my bash bunny to the new 1.3 version of the firmware. I would like to test the QuickCreds payload on my windows 10 Enterprise. It seems to be stuck in yellow mode (LED ATTACK) forever. Responder is correctly installed into the tools folder. In loot/QuickCreds i have a good folder name but nothing into it. I m doing something wrong ? i have noticed some few thins like, in the payload , it is using the -P option but responder.py doesn 't have it, i erased it, but nothing change. Any ideas ? The thing is, before i just change the LED color , when i tr
  23. Hey, i'm reading a book Metasploit The Penetration Testers Guide and in it the author mentions that in general you should not set the THREADS value in Metasploit to more than 16 on Windows machines and more than 128 on UNIX style machines. I'm just curious as to why, and also why so little on windows? Later in the book the author also uses 255 threads for a port scan. Thanks
  • Create New...