Search the Community
Showing results for tags 'mubix'.
Hi, I have written a blog post on using mubix's discovery to grab AD creds using an Evil twin AP and Responder. https://zone13.io/post/Snagging-credentials-over-WiFi-Part1/ pros: • no physical access required • no driver installations.. I can see that Tetra/Nano has Responder modules but not much info on using it. I don't have a Pineapple handy at the moment to try it out. Anyone care to give this a go on tetra/nano? Happy to answer any queries on working. cheers.
Guess who again? :) Here's what's up: Decided to play around with Ozyman. *DUNN Dunn dunnn...* So I'm running Kali Linux on both server (Virtualized on Mac OS X) and on a Netbook (who owns a netbook anymore, common!?) I have my domain set up appropriately (I think so) VIA freedns.alfred and uni.me , it accepted the appropriate namespaces and what not as demonstrated in the original episode with Mubix. On my Virtualized server: In Kali, I have ozyman on the Desktop, so my total bash line looks like this: root@kali~/Desktop/ozyman# ./nomde.pl -i 0.0.0.0 url.uni.me (Obviously it's not rea
So, I was reading Mubix's blog a little while back and he wrote about how PSEXEC shows up in the events log. It got me thinking, why can't I find a list anywhere of things like that which should be red flags in event, and other, logs? Anyone care to help build such a list? I'm starting off with what Mubix mentioned (though, I'm sure it will get changed later) and another obvious one. Windows Server 2003 Event ID 552 - when someone uses something such as RUNAS, it could be a sysad doing their job or an attacker doing something else, but worth looking into. What other things can we all thin
Hey guys!! Ok, so Speaking as a Pineapple no0b, I'm still learning the ways of my Mark IV. I was watching the episode where Mubix explains how to Tunnel your way out of a WiFi Hotspot with DNS (essentially not paying the fee at the hotspot and connecting to your server and bypassing it all). And he started talking about how to incorporate that with the Pineapple. Even though it was on 1st gen Pineapple, It got me thinking: how could something like that be done with the pineapple? Not sure how much could be said obviously (legality and what not) but just my curiosity brewing.