Jump to content

Search the Community

Showing results for tags 'mkV'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 15 results

  1. Hey all has there been any updates for the Mark5 I currently have the 3.0 beta installed, but for some reason doesn't seem to be working fully anymore. has there been anything new up or can I add firmware from the nano to it ?
  2. I'm looking to sell my MKIV and MKV to move to a Nano, please keep in mind I don't know if I still have all of the original cables but I'll do my best to look for them. Both devices work just like the day I bought them, they'll be flashed with the latest firmware before being sent. Either reply back here or PM me for more information and pictures, this is from the UK so shipping is limited to Europe (for now at least).
  3. Disclaimer: This script is intended for LEGAL purposes ONLY. By downloading the following material you agree that the intended use of the previously mentioned is for LEGAL and NON-MALICIOUS purposes ONLY. This means while gaining client side exploits, you have the correct documentation and permissions to do so in accordance with all US and International laws and regulations. Nor I nor any associates at Hak5 condone misuse of this code or its features. Responsibility Disclosure: Hak5 has no affiliation with this code base. This code is not reviewed or verified by Hak5; therefore they do not take any responsibility for any of this code and its functionality. If you are paranoid (good!) - then look over the code yourself to be safe. Description This script is intended to increase attack vector consistency and stability by automating the process. For penetration testers, the most important thing is having a stable and well prepared attack vector - because you only get one chance. This script provides exactly that, a way to prepare and automate advanced and complex attack vectors in the lab, and then use them in the field. Compatibility / Troubleshooting Script Requirements: Pineapple [MK4 3.0.0] [MK5 1.0.0] - Debian based Linux. Tested Configuration: Pineapple MK5 1.0.0, Crunchbang Linux | Kali Linux Battery - Pineapple (Router: wlan0 | ICS: wlan1) -> Alfa (DeAuth) Attacker IPs: (2 man red-team) - Configuration Picture: Setting up the Script: Open up jasagerPwn in your favorite text editor. Look over all the variables in this file and read my comments; they should clearly explain what is what.Adjust the variables based on your pineapple setup. If anything is unclear, feel free to ask me and I can clarify. After you setup the script, connect to a stable internet connection and run the script - this will prompt you to install dependencies. This will take a few minutes, after that is completed you can connect to the pineapples network (either via wireless or ethernet) and relaunch the script. Thats it. You should be able to use the attack modules. Dependencies Installation: Dependencies will attempt to install automatically if they are not detected on your system, f this fails for you - please look at the src/system_modules/dependencies.sh and just install it yourself. I've tested installation processes on Debian, Crunchbang, and Kali Linux. Infusion dependencies are also required for attack modules. Please refer to the list of attack modules below and their corresponding "Requirements". Included Attack Vector Modules browserPwn - Redirect LAN to Metasloits auxiliary module browser_autopwn. This will be detected by AV. Victim Support: Mac OSX, Windows, Linux. Requirements: Metasploit, DNSSpoof Infusion browserPwn iFrame - Inject an invisible iFrame into the victims browsing session that points to metasploit browser_autopwn. Victim Support: Mac OSX, Windows, Linux. Requirements: Metasploit, Strip-N-Inject Infusion ​BeEf - Inject a BeEf JavaScript hook transparently into victims browsing sessions. This is a form of Man-in-the-browser and will not be detected by AV.​Victim Support: Mac OSX, Windows, Linux Requirements: Strip-N-Inject Infusion Fake Update - Redirect LAN to a realistic fake update page with a [custom] payload download. Victim Support: Mac OSX, Windows. Requirements: Metasploit, DNSSpoof Infusion Click Jacking - Hijack the entire DOM with an injected <div>. No matter where you click, it downloads a payload. Victim Support: Mac OSX, Windows. Requirements: Metasploit, Strip-N-Inject Infusion Java Applet Injection - Transparently injects an OS agnostic java applet into the victims browsing session. Victim Support: Mac OSX, Windows, Linux. Requirements: Metasploit, Strip-N-Inject Infusion Java Applet Redirect - Redirects users to a Java page with an OS agnostic java applet payload. Victim Support: Mac OSX, Windows, Linux. Requirements: Metasploit, DNSSpoof Infusion SSLStrip - Remove SSL from the victims connections and sniff credentials. Victim Support: Mac OSX, Windows, Linux. Requirements: SSLStrip Infusion Aireplay-ng [local] - DoS APs and try to make them join yours via custom aireplay-ng script on the attacker machine. This script will run aireplay-ng against the AP broadcast, note that this works best if you are closer to the AP than the client MDK3 [local] - Deauths nearby clients from their APs and try to make them join yours via MDK3 from the attacker machine. This script will run MDK3 to deauthenticate clients from an AP directly note that this works best if you are close to the clients. As a result, this will have slightly better average range effectiveness. Included Payloads (w/ Source & Documentation) I have included some of my most successful and efficient payloads for your use. One for Mac OSX, and one for Windows - both will completely bypass signature based anti-virus and most behavioral HIPS as well. Apple_MacOSX_Update.pkg Description: This is 4 lines of BASH stuck in an apple postinstall script. No signature AV can ever detect this because it uses system commands and contains no binaries in the package. This will spawn 2 root shells to the following addresses: 6446 6446 Persistence: It will also add a persistent backdoor that will spawn these 2 every 3 minutes (sudo crontab -l) Metasploit Listener: use exploit/multi/handler set PAYLOAD generic/shell_reverse_tcp set LHOST set LPORT 6446 set ExitOnSession false set AutoRunScript "" exploit -j powershell-https.exe Description: This is an implementation of "Invoke-Shellcode" from Matthew Graeber's PowerSploit modules. It was stripped down then minified and implemented into a standalone python script then compiled into an executable. It is not detect at the time of this writing. If the signature becomes detected, just make a new one. This will spawn 2 meterpreter shells to the following addresses: 587 587 Persistence: It will also add a persistent backdoor to Windows that will these 2 shells every 3 minutes (schtasks /query /tn winupdate) Metasploit Listener: use exploit/multi/handler set PAYLOAD windows/meterpreter/reverse_https set LHOST set LPORT 587 set SessionCommunicationTimeout 0 set ExitOnSession false set EXITFUNC process set AutoRunScript "" exploit -j shellcode-tcp.exe Description: This is a windows meterpreter shell that was encoded into base 64, embedded into a python script that preforms basic shellcode execution, and then compiled into an executable. It is not detect at the time of this writing. If the signature becomes detected, just make a new one with some random data in it. This will spawn 2 meterpreter shells to the following addresses: 587 587 Persistence: It will also add a persistent backdoor to Windows that will these 2 shells every 3 minutes (schtasks /query /tn winupdate) Metasploit Listener: use exploit/multi/handler set PAYLOAD windows/meterpreter/reverse_tcp set LHOST set LPORT 587 set ExitOnSession false set EXITFUNC thread set AutoRunScript "migrate -f -k" exploit -j Included Resources I have included a few resources that I find useful on pentests with the pineapple. Metasploit Scripts: These are resource scripts that can be executed from msfconsole or in meterpreter. Creates a nice way to automate post-exploitation at your fingertips. In order to run them use "resource resources/metaspoit_scripts/file_collector.rc". file_collector.rc: Automatically search for documents on the system and download them. enum_app_data.rc: Enumerate passwords and other data from browsers, putty, etc. keylog_recorder.rc: Start a keylogger that will poll and automatically collect keystokes. You can use this then CTRL+Z to background the session. mimikatz.rc: Dump cleartext passwords from memory. Hashses are great, but why deal with cracking when they are sitting in memory in clear text? payload_inject.rc: Inject a meterpreter session into explorer.exe. This is like "duplicate" but you can send it to your red-team and not ever drop a binary on the system. listeners.rc: This is useful for the other members of the red-team not running JasagerPwn. They can just "msfconsole -r listeners.rc" and be ready to receive shells web_clone.sh: This is a simple wget command that I love to use to clone websites for phishing. It will put everything into a single index.html file.Note: If you're preforming a MITM attack then you need to download all the resources that are hot-linked in index.html and then modify them to local, relative paths. This can be tedious but is what I have used to do every template in JasagerPwn airdrop-ng: This was an airdrop-ng attack module that I made before MDK3. I think MDK3 works better so I took it out and plopped it here. Developing Attack Modules This script was created in a modular architecture, allowing for relatively simple expansion of attack vectors. Use the "attack_module_example.sh" located in the resources directory for an example reference. There are just a few requirements when developing the modules: If you're making a local de-authentication module - use "deauth" or "dos" in the description string. You must have a "start_myname" and "stop_myname" function in that format (myname is arbitrary). You must have a unique "title", "description", and "bindings" variables. I recommend editing the src/system_modules/utility.sh - cleanup() function to cleanup after your module. Module Submission: If you develop an attack module that you would like to have added into JasagerPwn, that is great! Just let me know and send me the code. If its a good idea; I'll code review it and add it into the script. Questions / Problems Google Code: https://code.google.com/p/jasagerpwn-reborn/ Bug Submission: https://code.google.com/p/jasagerpwn-reborn/issues/entry Changelog: https://code.google.com/p/jasagerpwn-reborn/source/list Questions: Feel free to ask here or in IRC (irc.hak5.org #pineapple). Download / Update Download via Subversion (sudo apt-get install subversion): svn checkout http://jasagerpwn-reborn.googlecode.com/svn/trunk/ jasagerPwn-Reborn Update Script to Latest Revision: ./jasagerPwn -u Enjoy!
  4. So I have the AP setup with Karma on, PineAP on, Dogma, Beacon Response, Harvest SSIDs -- all on. Under Networking -> Access Point I have "Open Access Point" called q2 on channel 6 and it's not hidden. Under Networking -> Access Point I have "asdf" with WPA2 Password set (because 'password must be atleast 8 characters' no matter what -- I can't seem to delete the password...) and the "Disabled" box checked. Q2 is still showing up, however, as an encrypted network. Shouldn't it be unencrypted since, after all, it's the "Open Network" ? There's a warning that says "If you've enabled encryption, Karma will not work" -- I'm guessing somehow I enabled encryption? How do I turn this off?
  5. Nbt Scan is a UI Front End for the nbtscan tool which performs netbios name scanning. Change Log: 1.1 Added ability to clear results Added ability to view routing table Added a link to forum support topic Small tile no longer checks for internet connection A few UI changes Fixed a command injection vulnerability 1.0 - Initial Release ​Ability to use NBT Scan from the web interface Ability to install dependencies from the webinterface Ability to scan other networks rather than just the pineapples network Ability to review and delete previous nbt scans https://www.youtube.com/watch?v=YoUEACISRpw
  6. Hey everyone, I've created a new infusion called Crafty that functions as an interface for hping3. Along with the normal hping3 features I have included the ability to save commands which can be executed quickly from the small tile. I just submitted it to the Pineapple Bar so it should be available within a few days.
  7. Connect Version 1.1 Features Connects to networks with the strongest signal Save preferred networks with -W option (Open and password protected) Add commands to be run by the pineapple after the script completes. Upon successful connection, failed connection or both run specified commands Macchanger support Upon connection, start karma (PineAP not yet supported) Prevent connection to certain access points with blacklists Check Internet connection status with -s Monitor internet connection status with -m and specify how many failed attempts to retry. 0 = infinite Auto retry tries to connect to an access point if the connection fails. Use -a and specify the retry amount Internet connection monitoring pings a few times every 30 seconds. After 5 successful ping attempts, connection testing occurs every 5 minutes. After 3 more successful ping attempts, connection testing occurs every 10 minutes. If pings fail the access point is disconnected, temporarily blacklisted and a new access point is located. After 3 failed attempts to connect to a new access point, the temporary blacklist is removed and the pineapple reconnects to the original access point. Note: Only open access points and whitelisted access points work with internet connection monitoring. Commands can now be added therough the infusion. Use -C to add commands. Script variables can also be passed to commands to be run. Possible variables that can be passed: "$ESSID" "$PASSWORD" "$PWD" "$WIFI_BSSID" "$WIFI_CHANNEL" "$WIFI_INT" To add an access point to the whitelist after a successful connection use: pineapple infusion connect -w "$ESSID" -p "$PASSWORD" Usage pineapple infusion connect [-BRWckrs] [-i Interface] [-e ESSID] [-p Password] [-t Interface] [-b SSID] [-w SSID]... OPTIONS: -B Backup /etc/config/wireless -C Add commands to be run upon successful, failed or all connections -R Restore /etc/config/wireless from backup -W Checks for and connects to networks specified in the whitelist -c Run commands specified in commands.txt upon successful connection -k Start Karma -r Random MAC -s Check internet connection status. -a num Auto retry. Specify how many failed attempts to try to connect -e essid ESSID of target wifi -i iface Interface. Default wlan1 -m num Monitor connection and reconnect. Specify how many failed attempts to retry. 0=infinite -p pass Wifi Password -t iface To interface for ICS. From interface is specified with -i -b essid Blacklists AP by SSID. Scans with first available interface if no interface is specified -w essid Whitelists AP by SSID. Prompts for password when required. Password can also be set with -p Future plans Disconnect from access point Bug fixes and general optimizations Connection monitoring with -e If you encounter any errors please report them here. Also feature requests or improvement suggestions are always welcome! If you would like to use parts of this script for a script or infusion of your own, contact me by a PM. -SymPak
  8. Hello Pineapple community and thanks for the wonderful tool I got my pineapple and i am pretty new to this, i am trying to do some pen test on my firm network. So i upgraded to the latest firmware, format sd, put eth0 in client mode. all fine until there then i install ALL the infusions, but at some point it gets into a boot loop. i do not understand why. so, 1) can the pineapple support to have ALL the available infusions installed? 2) can it be the sd card formatting? (i am not able to format it via pc, only with the pinapple and the message confirms the succesfull format of the card) 3) can it be some infusions only creating the problem? (it usually occurs after ssl split, wps and notify, but i am not 100% on this) 4) are there some infusions that must be installed only on system rather than sd? thanks in advance for your time kzipp
  9. im trying to mess with SMSer but when I install it i get the message "You have unmet dependencies! A USB flash drive is needed!" Is there any special way I need to install an USB drive?
  10. Hello, I've been using the pineapple's client mode quite happily on my routers in location 1, but am having no luck with any in location 2 - something I must assume is due to encryption types. I had read a few topics here regarding the issue (in particular one from 2013 mentioning a config alteration) but haven't had any luck. If someone could point me to existing topics on the matter or tell me what logs to post here for diagnosis that'd be great. Cheers, HP
  11. I just got my MKV this week and I keep finding myself scouring the forums for specifics commands, settings, definitions etc, so I thought I would come up with a cheat sheet, something you could maybe print on a Letter or A4 paper to keep with you. I have a few ideas and started a Google Doc spreadsheet. Please if you would like to contribute to this sheet you can give me some ideas and I will add them. This is the first time I'm making one of these so of course if you have any formatting suggestions for the sheet/layout let me know too! https://docs.google.com/spreadsheets/d/1OskKEEOMDZxi25SqvEnUdRn0oUIu6K99YpH8QeT_byI/edit?pli=1#gid=0 - mzac
  12. Hello peoples. I recently purchased the Mark V and am trying to get it set up and download some infusions but pretty much any time I start to do almost anything* (slight exaggeration) with the web interface my computer BSOD's. This has been occuring when I attempt to load the pineapple bar list of infusions to download mostly. The error I receive is DRIVER_IRQL_NOT_LESS_OR_EQUAL (bwcW8x64.sys). What research I have done points towards my network card drivers being the issue (my research could be wrong lol) but I have uninstalled and reinstalled the newest drivers to no avail. Thanks in advance for any and all help, Pineapple Noob / Sad Guy With BSOD
  13. So I was messing around with dsploit on my Nexus 7 running CM11 and probing my pineapple which I set up as a temporary signal repeater connected to my back up router in client mode when it found an exploit that (near as I can tell as I am a little rusty and very tired) allows auth bypass for root access. I've attached below two screen caps of dsploit one of the vulnerability finder and another of the exploit list in the hopes that someone better than myself can either confirm or deny it's validity Thanks Archer
  14. Hey everyone, I would like to sell my Wifi Pineapple Mark V. What you will get - Everything that you would get if you bought it from the hakshop . - The original box. For € 70,- its yours . Email me : jesseizeboud@gmail.com or message me here . i will only send in the benelux! - Jesse Izeboud
  15. I purchased a MKV Travel Bundle about a week or 2 ago and it arrived a few days ago, I left the battery on charge overnight (making sure to leave the switch in the OFF position) and I woke up this morning to find out that the battery lasted about 5 seconds when I plugged it into the Pineapple, I though maybe it didn't charge properly so I left it again for a few hours just to see if it wasn't faulty but I took it off charge and it didn't even turn on, I think it might be dead. Anyone have any ideas? Has anyone else's battery not been working?
  • Create New...