Search the Community
Showing results for tags 'credentials'.
Ding ding, it's payload time This is a two stages payload. First you use the 'injector' that will install a small bash script which is a wrapper for sudo. The script will store the passwords. Second, you use the 'cleaner' to get the passwords back and clean the backdoor. So basically, you get access to a computer running MacOS or Linux (you can config the payload by setting mac=true) and you install the backdoor. A couple of hours/days/weeks later you comme back, grab the passwords and erase traces. Easy Link: https://github.com/oXis/bashbunny-payl
First off, my web dev skills are greatly rusty these days. It's been a while since I've had the chance to work on anything. Anyway, I was thinking about a way to use the MKIV for a targeted phishing attack. The Idea: A captive portal for harvesting domain credentials of a targeted company (for legitimate pen testing engagements). Using Karma (and possibly a deauth flood), clients connect to the MKIV. DNSSpoof forwards all requests to the local index.php which checks if the client has a valid session. If session is valid, it redirects the client to their requested URL. If session is NOT v
Hi! Today I recieved a new Alfa Ap121u and a USB UART TTL adapter. I went this route as I am not in the US and the shipping / customs was just too much. I would love to donate tho if possible. So, by using the awesome Wiki pages and Mr-Protocol's video guide I was up and running within the hour.! Not bad from delivery to pineapple.! :P Had the issue in Putty that was getting no output from the router on com port, but changing out the TX and RX order got things on the way. I done the clean flash, with firmware 1.1.1 and upgraded to 2.5.0 using the pineapple update from the webpage. Easy.