Jump to content

Search the Community

Showing results for tags 'mac'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

  1. Hey all, I spent last night coming up with a fun prank that Runs a script in background that will download pictures of my little pony (or whatever else you'd like, just change the urls to the pictures) and randomly sets that as their desktop background every 45 minutes - 5 hours. You can change number in for loop to decide how many times it will change their background. Hope y'all have fun with it! EDIT: Link to PR: https://github.com/hak5/bashbunny-payloads/pull/236
  2. Hello I’m sure I overlooked it but can someone please point me to a document / pdf / or even better a video of how to configure Tetra with Mac OS ??
  3. Reverse Shell Mac for Bash Bunny Author: 0dyss3us (KeenanV) Version: 1.0 Description Opens a persistent reverse shell on victim's mac and connects it back to host attacker over TCP. Targets MacOS (OSX may work but has not been tested) Connection can be closed and reconnected at any time Deploys in roughly 30 sec (working on making it faster) Works well with NetCat as the listener Requirements Have a working Bash Bunny :) and a victim with MacOS STATUS LED STATUS Purple Setup Amber (Single Blink) Installing connect.sh script Amber (Double Blink) Creating cron job White (Fast Blink) Cleaning up Green Finished Installation and Execution Plug in Bash Bunny in arming mode Move files from MacPersistentReverseShell to either switch folder Edit the connect.sh file and replace the placeholder IP with attacker's IP and the port with whichever port you like to use (I use 1337 ?) Save the connect.sh file Unplug Bash Bunny and switch it to the position the payload is loaded on Plug the Bash Bunny into your victim's Mac and wait until the final light turns green (about 30 sec) Unplug the Bash Bunny and go to attacker's machine Listen on the port you chose in the connect.sh file on whichever program you'd like (I use NetCat) If using NetCat, run the command nc -nlvp 1337 (replace the port with the port in connect.sh) Wait for connection (Should take no longer than 1 minute as the cron job runs every minute) Once a bash shell prompt appears...YOU'RE DONE!! ? and you can disconnect and reconnect at any time as long as the user is logged in Download Click here to download.
  4. Hi, Is it possible to spoof MAC address of my LAN turtle (by setting a specific MAC address). I don't want to clone the MAC address of the computer where i am plug-in, i want to set specific MAC address ? Do you know if it is possible ? Cordially,
  5. Hello Guys, I'm new to Pineapple and I need some help please :)) I got the NANO and it works great on my windows machine but when it gets to my macbook pro I can't get it to run (with Internet connection) :( I tried some step by step tutorials but they didn't work :( Plug the NANO in and get the connection and setup the gui no problems but I can't download the modules or the bulletins :( I'm connected to my home wifi and shared the internet connection with the Pineapple-adapter but it won't work :( anyone got some ideas or tips for me :)) THX :)
  6. I recently updated to the 2.2.0 update. Everything is working as expected using Firefox on my laptop, but I am having a lot of problems using the web API on my cell. Its an old cell, using Android 5.0.1. I can not open the PineAP module's page, and on the Recon module's page, when I pause or stop the scan, there are no drop down ( carets? ) next to the MACs. I haven't seen any other reports about this, is there anything else needed to help resolve this?
  7. Whenever I go into the Network tab and try to set a new MAC or Set Random MAC the radio that I try to change shuts off and becomes unusable. I have waited for them to become usable for up to 5 hours with no success, it doesn't matter if I do just one at a time or all of them, and doesn't matter how patient I am. And once this happens they are permanently unusable unless I preform a factory reset, which I've done several times. And I've also performed one Firmware Recovery, to no avail. Any ideas of what I can do?
  8. Hi everyone, I just got my first Nano and finished the setup. So far I have used airodump-ng etc. as part of my Kali setup, now I try to get familiar with the Nano. I am trying not to ask some obvious things. Currently, I am mainly reading through the wiki. However, there are two things right now I don't really get. I was playing with the Recon feature and downloaded the OUI file. However, every mac address is still displayed as "unknown mac prefix". What is it that I am missing here? Can the file be re-downloaded? Another thing is that the wiki talks about Log Probes and Log Associations (https://wifipineapple.github.io/wifipineapple-wiki//#!management.md). I would assume that this can be enabled through the web interface under PineAP. But either I am totally blind or I am missing something. Really appreciate any hint into the right direction. Cheers Tom
  9. Hello all, With MAC's (and Linux) you have to know the device of course to serial into it. To make it quicker for me I wrote the below script to search the MAC for the bash bunny (If you have multiple modems this may not work for you) and prompt you to connect to it. Feel free to use and modify as desired. #!/bin/bash # # Title: Mac Serial Connect # Author: NightStalker # Version: 1.0 # # Finds the Bash Bunny in the /dev/cu.* location and # prompt you to connect to it. clear bunnyloc=`ls /dev/cu.* | grep usbmodem` echo "Bash bunny is located at: $bunnyloc" read -r -p "Would you like to connect to it? (Y/N): " connanswer echo $connanswer if [ "$connanswer" == "N" -o "$connanswer" == "n" ] then exit 0 elif [ "$connanswer" == "Y" -o "$connanswer" == "y" ] then screen $bunnyloc 115200 fi
  10. Trying to make a payload for a password grabber for mac osx having trouble with it while using the bash bunny. Can anyone help with my code? $filecount = ((Get-ChildItem -filter ($filter + "*") -path $dest | Measure-Object | Select -ExpandProperty Count) + 1) Start-Process -FilePath ((-f 'label=''BashBunny''').Name+'payloads\switch2\laZagne.exe') -ArgumentList 'all -oN' -RedirectStandardOutput (( -f 'label=''BashBunny''').Name+'loot\PasswordGrabber\computer_' + $filecount +'.txt')
  11. I see lots of unanswered questions about layouts and foreign languages for mac os: And close to zero support nor answers, nor anything in fact, so here's my take on it since I spent quite some time getting it worked ! There is this thread to bypass the keyboard assistant, well this is half the solution in fact. You need to get the PID of the right layout AND have the correct json. So for instance, to have working payloads on a french mac, you'll need that fr-mc.json AND use DUCKY_LANG fr-mc ATTACKMODE HID VID_0X05AC PID_0X0250 { "__comment": "All numbers here are in hex format and 0x is ignored.", "__comment": " ", "__comment": "This list is in ascending order of 3rd byte (HID Usage ID).", "__comment": " See section 10 Keyboard/Keypad Page (0x07)", "__comment": " of document USB HID Usage Tables Version 1.12.", "__comment": " ", "__comment": "Definition of these 3 bytes can be found", "__comment": " in section B.1 Protocol 1 (Keyboard)", "__comment": " of document Device Class Definition for HID Version 1.11", "__comment": " - byte 1: Modifier keys", "__comment": " - byte 2: Reserved", "__comment": " - byte 3: Keycode 1", "__comment": " ", "__comment": "Both documents can be obtained from link here", "__comment": " http://www.usb.org/developers/hidpage/", "__comment": " ", "__comment": "A = LeftShift + a, { = LeftShift + [", "__comment": " ", "CTRL": "01,00,00", "CONTROL": "01,00,00", "SHIFT": "02,00,00", "ALT": "04,00,00", "GUI": "08,00,00", "WINDOWS": "08,00,00", "CTRL-ALT": "05,00,00", "CTRL-SHIFT": "03,00,00", "ALT-SHIFT": "06,00,00", "__comment": "Below 5 key combinations are for Mac OSX", "__comment": "Example: (COMMAND-OPTION SHIFT t) to open terminal", "COMMAND": "08,00,00", "COMMAND-CTRL": "09,00,00", "COMMAND-CTRL-SHIFT": "0B,00,00", "COMMAND-OPTION": "0C,00,00", "COMMAND-OPTION-SHIFT": "0E,00,00", "q": "00,00,04", "Q": "02,00,04", "b": "00,00,05", "B": "02,00,05", "c": "00,00,06", "C": "02,00,06", "d": "00,00,07", "D": "02,00,07", "e": "00,00,08", "E": "02,00,08", "f": "00,00,09", "F": "02,00,09", "g": "00,00,0a", "G": "02,00,0a", "h": "00,00,0b", "H": "02,00,0b", "i": "00,00,0c", "I": "02,00,0c", "j": "00,00,0d", "J": "02,00,0d", "k": "00,00,0e", "K": "02,00,0e", "l": "00,00,0f", "L": "02,00,0f", ",": "00,00,10", "?": "02,00,10", "n": "00,00,11", "N": "02,00,11", "~": "04,00,11", "o": "00,00,12", "O": "02,00,12", "p": "00,00,13", "P": "02,00,13", "a": "00,00,14", "A": "02,00,14", "r": "00,00,15", "R": "02,00,15", "s": "00,00,16", "S": "02,00,16", "t": "00,00,17", "T": "02,00,17", "u": "00,00,18", "U": "02,00,18", "v": "00,00,19", "V": "02,00,19", "z": "00,00,1a", "Z": "02,00,1a", "x": "00,00,1b", "X": "02,00,1b", "y": "00,00,1c", "Y": "02,00,1c", "w": "00,00,1d", "W": "02,00,1d", "&": "00,00,1e", "1": "02,00,1e", "é": "00,00,1f", "2": "02,00,1f", "\"": "00,00,20", "3": "02,00,20", "'": "00,00,21", "4": "02,00,21", "(": "00,00,22", "5": "02,00,22", "§": "00,00,23", "6": "02,00,23", "è": "00,00,24", "7": "02,00,24", "!": "00,00,25", "8": "02,00,25", "ç": "00,00,26", "9": "02,00,26", "à": "00,00,27", "0": "02,00,27", "ENTER": "00,00,28", "ESC": "00,00,29", "ESCAPE": "00,00,29", "BACKSPACE": "00,00,2a", "TAB": "00,00,2b", "ALT-TAB": "04,00,2b", "SPACE": "00,00,2c", " ": "00,00,2c", ")": "00,00,2d", "°": "02,00,2d", "-": "00,00,2e", "_": "02,00,2e", "^": "00,00,2f", "¨": "02,00,2f", "$": "00,00,30", "*": "02,00,30", "`": "00,00,31", "£": "02,00,31", "m": "00,00,33", "M": "02,00,33", "ù": "00,00,34", "%": "02,00,34", "<": "00,00,64", ">": "02,00,64", ";": "00,00,36", ".": "02,00,36", ":": "00,00,37", "/": "02,00,37", "=": "00,00,38", "+": "02,00,38", "CAPSLOCK": "00,00,39", "F1": "00,00,3a", "F2": "00,00,3b", "F3": "00,00,3c", "F4": "00,00,3d", "F5": "00,00,3e", "F6": "00,00,3f", "F7": "00,00,40", "F8": "00,00,41", "F9": "00,00,42", "F10": "00,00,43", "F11": "00,00,44", "F12": "00,00,45", "PRINTSCREEN":"00,00,46", "SCROLLLOCK": "00,00,47", "PAUSE": "00,00,48", "BREAK": "00,00,48", "INSERT": "00,00,49", "HOME": "00,00,4a", "PAGEUP": "00,00,4b", "DELETE": "00,00,4c", "DEL": "00,00,4c", "END": "00,00,4d", "PAGEDOWN": "00,00,4e", "RIGHTARROW": "00,00,4f", "RIGHT": "00,00,4f", "LEFTARROW": "00,00,50", "LEFT": "00,00,50", "DOWNARROW": "00,00,51", "DOWN": "00,00,51", "UPARROW": "00,00,52", "UP": "00,00,52", "NUMLOCK": "00,00,53", "MENU": "00,00,65", "APP": "00,00,65" }
  12. Hello! Thought some of you might find this useful. It is simply a script that retrieves the iMessages archive and sends it over email. The code is a bit long and can probably be sized down and made "better". I would love some feed back on it as this is my first script. Enjoy -wiredbrother https://pastebin.com/XZrcJu0s
  13. Mirothor

    USB-C Ports

    How will Hak5 deal with USB-C ports if they spread to Microsoft, Dell, and more? Also, is Hak5 just going to stay with adapters or make new devices with USB-C capability? I would stick with adapters, but I want to see others opinion.
  14. I am not sure if this is the right bored to be talking about this I am willing to code Trojans,Viruses,Bots and any other type of malware in exchange for bitcoins. It could do just about anything you want example: Backdoor a system, Destroy the entire computer, Delete files, Record video and audio, etc pm me if your interested
  15. I decided to put together a payload to get myself familiar with the bunny. This was inspired by SudoBackdoor and borrows heavily from it, but uses python because I'm more fluent in that than bash. I'm hoping to have this thing completed by the end of this week or possibly the weekend. The code under development is on my github at https://github.com/michael-weinstein/bashbunny-payloads/tree/darkCharlie/payloads/library/credentials/darkCharlie
  16. Hi everybody, I'm chatting on an IRC Website (That not allows simple users to connect by an IRC Client, but only Browsers ...). When spamming or flooding, I've been being banned with 3 Types of bans : 1. Banning the IP address (I simply Bypass this ban by rebooting my Wi-Fi Router because I have a dynamic IP address); 2. Banning the MAC address (I'm again capable of bypassing this by changing my MAC address with the freeware '' TMAC Changer '' ); 3. Banning the Browser connection (Here comes my problem, in other terms, even if I do a clean uninstall / install of my browser '' After changing IP + MAC addresses '' and keep changing my browsers Mozilla, Chrome, Chromium, Safari, Opera; I keep getting banned every-time ... So when I have no browser left to install, I MUST WIPE + FORMAT my PC to connect again to this site). My question is as so : what is the specific parameter in the browser that allow Operators and Admins in this IRC Website to catch me every-time, and how can I bypass this ?! Thank you in advance, and I hope you can help me !
  17. I am traveling so to pass the time i have been watching alot of talks given at some of the most recent Cons and i noticed that there are a lot of Security Professionals that i see using MACs, anyone have any idea why? is it a convenience thing? or just preference? I have used a Mac in the past and the only thing that i liked about it was Parallels had a very smooth transition between OSs but that was it.
  18. Hi guys, I'm new here and need a bit of help regarding special characters along with the de.properties language file. My Ducky code requires the > sign (greater than), however by using the -l de.properties parameter my Rubber Ducky always writes a degree sign ° instead of >. In the properties file there is the following entry which should be fine: ASCII_3E = KEY_NON_US_100, MODIFIERKEY_SHIFT // 62 > On Windows this is working well, and that's why I'm thinking the properties file is correct. However, I need to get this work on my Mac as well. Do you have any tips? Thanks, David
  19. Here is my new payload to attack a Mac without using terminal. I got this idea after seeing how using good management software, an administrator can remove an app from a Mac (one such application being terminal). This eliminated a lot of the attacks I have previously made to work against a Mac. So I got to thinking and poking around inside of applications, and it turns out you can replace the contents of certain files in a Mac application and you can run scripts. You simply open the right file and replace it with your code, and then run the application. The app no longer functions normally, but by making a duplicate app in another folder and editing that one you can run your attack code without completely losing the original files and all without terminal. I used Grab.app for this but almost any app could be used, I wanted to find one that was not likely to have anything similarly named around it because of the way I selected the application to copy it. Here is the code, its outcome is to simply "say hello" (so if you test it have the volume up a bit). I have not really played with the delays yet, they are all over the place and some are to high but it makes it a bit easier to see what is going on. This is not a final project but rather a starting point to spark some new ideas. Have Fun, but please use this responsibly. DELAY 2000 COMMAND SPACE DELAY 300 STRING /Applications/Utilities/ DELAY 200 ENTER DELAY 400 STRING g DELAY 500 COMMAND c DELAY 300 COMMAND SPACE DELAY 300 STRING /Users/Shared/ DELAY 400 ENTER DELAY 400 COMMAND v DELAY 2000 COMMAND SPACE DELAY 300 STRING /Users/Shared/Grab.app/Contents/MacOS/ DELAY 600 ENTER DELAY 500 TAB DELAY 500 COMMAND o DELAY 500 COMMAND a DELAY 500 STRING #!/bin/bash DELAY 400 ENTER DELAY 300 STRING say DELAY 300 ESCAPE DELAY 300 SPACE DELAY 300 STRING hello DELAY 300 COMMAND s DELAY 400 COMMAND q DELAY 500 COMMAND SPACE DELAY 300 STRING /Users/Shared/Grab.app DELAY 400 ENTER COMMAND w COMMAND w COMMAND w
  20. Hi there, This simple script doesnt seem to work: DELAY 3000 GUI SPACE <-- This doesnt open the Spotlight search bar DELAY 500 STRING texteditor.app DELAY 500 ENTER DELAY 750 STRING Hello World!!! ENTER Any ideas? Thanks! :-)
  21. Hi, I'm new to both this forum and the rubber ducky. I wonder if anyone here has a script for retrieving ifconfig-information and mailing it to myself. I've seen this been done easily on Windows with e.g. Gmail. Is there a similar way for Mac OS X?
  22. Hi Forum, I have a question regarding function keys on Mac. Basically what I want to do in one of my scripts is to enable "Full keyboard access" this setting can be found under preferences->Keyboard->Shortcuts. There is a keybind to change this and by default that is set to control+F7(however it is actually fn+control+f7). Is there a way to utilize the function keys so that I can do this keybind? Or is there another way for me to enable this via rubber ducky that you guys and girls can think of? All help is appreciated!
  23. I am trying to launch Kali Linux on my Macbook Pro and when I launch it using refind I get this error: "No bootable device -- Insert boot disk and press any key." My USB is working fine on other Macbooks, even older than mine. MPR Specifications: Macbook Pro 13" Early 2011 i5, 4 RAM Model Identifier: MacBookPro8,1 Hardware UUID: 1BC47169-1046-5052-B58F-F736330B7B6
  24. Hi all, I know this topic has been covered in the past but I did not find anything specific to mac. I am having problem with network connectivity. When I run the script, on step 3 it prompts me to connect pineapple, however even after I connect pineapple to my mac, the script the keeps running with nothing happening. I cannot load bulletins from wifipineapple.com. I have shared the internet to ethernet on my mac. I tried almost everything I could think of, resetting, changed default gateway to 172.16.42.1. My routing table looks like: Destination Gateway Genmask Flags Metric Ref Use Iface default Pineapple.lan 0.0.0.0 UG 0 0 0 br-lan 172.16.42.0 * 255.255.255.0 U 0 0 0 br-lan Any help is much appreciated.
×
×
  • Create New...