Jump to content

Search the Community

Showing results for tags 'data'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

Found 8 results

  1. tl;dr- Add logic to the RD to monitor key lock values. Use this for functions like file transfer. Because I wanted to see if I could, I wrote a VBScript to transmit a file using the Scroll lock, Caps lock, and Num lock keys. As it turns out, if you record the data with a fast enough camera you can decode the bits and reproduce the transmitted file. Unfortunately, to make it feasible for a camera to pickup the LED fluctuations and and then for a human to interpret the blinks, the transfer rate is very slow. In fact, if you have the time and ability to use a camera to record the computer, you should really just take a picture of the screen. If only there was a technical means of monitoring these LED statuses that could increase the rate at which this could operate... (Note: In the above video, you have to view at 60fps and set the playback speed to 25% to even have a chance of decoding it manually) Fast forward a couple days and I saw another demonstration of the Rubber Ducky on Hak5. As I understand it, the RD interprets a compiled script and primarily acts as an output only HID. Because of this, payloads from the RD have only two ways of currently gathering information. One is to exfiltrate the data over a network connection (bad because it may be logged by a firewall or proxy), and the other is to switch to USB storage mode (bad because systems may monitor or block USB Mass Storage Devices). However, by utilizing Caps/Num/Scroll lock, payloads could potentially communicate any type of data back to the Rubber Ducky (without tripping any host system security/monitoring). I'm suggesting that some logic be added to the RD to monitor the Key Locks and use them as a way of receiving data. In the video demonstration demonstration, I used sendkeys to flip the status on the three LEDs. Every-other-bit is sent to Num Lock and Caps Lock with Num Lock being bit one, Caps Lock being bit two, and Scroll Lock always being the timing. For efficiency's sake, every transmission of two bits is indicate by alternating Scroll Lock. This means that with SL turns on, two bits were sent and when SL turns off, 2 more bits were sent. This timing is necessary to indicate to the interpreter (be it human or RD) that the other two bits are current (even if they haven't changed in value). The script currently lacks any intelligence- it just blindly sends the contents of a file. But, if the script were to know it was talking to the RD, it could wait for acknowledgements from the RD before sending a file. Furthermore, since this technique would allow two-way communications with the RD, we could incorporate useful file transfer features like CRCs and the inclusion of the file name. As I mentioned in the beginning, using this technique to visually send information via the LEDs is too slow to really be of any value. But, this same technique may have value when the thing observing the LED value changes is a Rubber Ducky. I estimate that this technique would allow binary data to be sent to the RD at around 1.5 kB/s. Granted, this is a far cry from USB Mass Storage Device speeds and network transfer speeds, but this method doesn't require a system to be on-line and wouldn't leave any trail on the host system*. Of course, in addition to file transfers, two-way communications with the RD can open up more possibilities. For instance, the RD could run a script on the host system to see what version of the OS is running and then send the OS version back to the RD. From there, the RD could send a different script based on the version. Granted, you could just put this logic in one payload file that is executed on the host, but there may be cases where you want to keep some secret sauce on the RD and never written to a host machine. The Duck Whisper *- Okay, some key-loggers might record the key presses. But if the system has a key-logger, it would have recorded the entire RD session anyway.
  2. Greetings, Recently, Mozilla sponsored an "art show" in NYC called "The Glass Room." The topic was privacy and data. One of the exhibits, by "Critical Engineering Working Group", had yagi-uda antennas passively scanning and collecting wifi enabled devices (phones, laptops, etc), that were looking to connect to a network. The data they were able to collect were things like device name, MAC address, preferred network list, and location. I want to recreate this exhibit. Ideally, the collected data would dump into a database where it could be interpreted later to establish a pattern. In the community's mind, what is the best way to complete this project? Here's the link to "The Glass Room" https://theglassroomnyc.org/artists-2/ Any information would be huge! Cheers
  3. I'm building a robot as a school project, the brain is a RPI with a wifi dongle, and I need a compass reading from an android phone at all times. I'm sure sooner or later someone will screw me with a deauth attacker, so I figured, as a backup system I would try sending the data inside a 802.11 frame and listening for it in monitor mode on the client end with a script using scapy. My question is: 1- In which type of frame is the best to embed the data (at least a byte)? 2- How fast and reliable would it be? alternatively: How to protect myself against deauth attack (Not plausible as far as I know). I know that I'm not meant to use 802.11 frames like this but it seems like an interesting idea ... Thanks for the help in advance!
  4. What can I add to my config to make it stop collecting packets (Kismet), connect to an AP, send the data it just collected, and go back to sniffing? My current dip config to get the packets I want is ifconfig wlan1 down && iwconfig wlan1 mode monitor && ifconfig wlan1 up && kismet_server && ifconfig wlan0 down What can I add to this so that every x number of hours it can connect to an AP, send some data, and go back to the above configuration? Thanks
  5. Hey hak5 forums! I lurk more then post but since this is a community of like minded people i figured i would post this campaign i found on Indiegogo. The campaigns idea is that 4.3 billion people do not have access to the internet, so how do we fix that? Satellite communication, this form of internet is call "The Outernet" Its already up and running and by July of 2015 it will cover the entire world. They are running a campaign also to sell a small a "Tower" that communicates on several Frequencys for later use and to be future proof. Take a look at this project and let me know what you think! Iv already bought a tower ($99 + $15 shipping) and i must say im excited to see what this version of the internet will bring especially during major events. http://igg.me/at/outernet/x/9291781
  6. Well with the latest news floating about, I have to wonder if I should look at reworking my home network plans or just keep moving foward as is. So for my own little setup, I am behind a Linux hardware firewall, and have two Seagate Cloud NAS boxes, along with a 2.4/5Ghz Wifi Router and a Gigibit switch on my network, all the computers I have connected over lan are gigibit, I'll explan why soon. What has me trubbled, is this whole cloud thing. My Seagate NAS boxes are the GoFlex Home, my problem is they require access to the web, to get the bloody things up and running. Well I have done that and then in my (Hardware) Firewall blocked them. Now seagate has this whole access your files anywhere app for the iOS and Android devices, which sadly dosn't work for me, even when I am at home. Why, because it still requires the internet to connect, even when the NAS's are local. I was able to get around this with a 3th party app that is able to access SMB network shares. These NAS boxes are for holding all my data, so that I can access any of my files from the network drive, without having to use a USB flash drive or what not to use them on a second computer, because I also use my NAS for backup, its nice to have the extrea speed when coping large files or even accessing large files accross my network. (Like streaming hak5 from my NAS) --- Sadly I still want to have WIndows on one computer, mostly to jump on Second Life and play Left for Dead 1/2. But I am taking a wild guess that someone will tell me that both are on Linux and now are far easer to setup now. I'm wanting to slowly draw myself into a place where on my local network, I have access to my all my data from a NAS and run OSX, Windows and Linux. Also in time, run both iOS and Windows Phone/Tablet (But with what is comming out, o hell no) Or if I should start a freash Firewall, redo my network, with a FreeNAS (I did have a freeNAS setup a long time ago, but I had issues with useing only HDDs and the OS wasn't realy stable, this is before it was handed over to the new guys. The Seagate NAS'sI have, well two have a 3TB SATA drive each) system linked with my iMac running OSX any my main PC rinning Mint. Get an iPhone 5 or one of the new iPhones, so I can access the 5GHz Wifi, my iPhone 4s well can't. And turn off my 2.4 Ghz network. And go back to scanning my http logs and block any URL's that I am connecting to that I do not know of or don't want to have access too. (ATM I just look at the ads that are loaded and block them as they come up) And two laptops as backup systems, and one as a server. (I have picked up a number of thrown out laptops, moslty banged up, but nothing really wrong with them) --- Urg I never should have started backing up too DVD and bluray, I have fallen behind. (Update) Sorry I forgot to add, that I am using both a software firewall and an Antvirus on my windows system.
  7. Got a question for you all. I'm wondering if you know of any good datamining tools that I can use on a web page. Namely, yes, facebook. A good buddy of mine is getting in a lot of trouble because someone made a fake account with his name, and is basically ruining his good name with it. I'm just trying to find out where they're logging in from to get a better idea of who it could be. Any other info I can find with this account is a bonus. I'm not trying to "hack their fb" or anything like that, I'm just curious as to what info I can find so I can help my buddy out. Thank you in advance, and sorry for being a complete noob.
  8. Hi everyone! It's my first time on the forms here so somebody please correct me if I'm doing everything wrong. I have an Asus EEE PC, and I just installed Backtrack 5 R2 on it the other day, and I seem to have a problem with my Wi-Fi. I am able to connect to Wi-Fi access points, however whenever I try to browse the Internet or do a simple Sudo apt-get, it's like it's not even connected to the Internet. It just shows no Data Packet sent or received at all but at the same time I'm able to get an IP address and everything through ifconfig. The weird thing is, if I connect hard-line, it works just fine. Any suggestions would be appreciated. Apologies for the lack of code or any misspellings, I'm using the dictation feature on my iPad to post this question. Thanks in advance!
×
×
  • Create New...