Jump to content

Search the Community

Showing results for tags 'packetsquirrel'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • New USB Rubber Ducky
    • WiFi Pineapple
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
    • WiFi Coconut
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • Legacy Devices
    • Classic USB Rubber Ducky
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 7 results

  1. Hello all, I have a C2 instance on the public internet and its reachable via the PS when in arming mode. The issue is when I run C2EXFIL I am getting an error and I cannot find any information on it specifically on the forum and the net. Any help is appreciated. The error I get is: root@squirrel:/mnt/loot/tcpdump# C2EXFIL /mnt/loot/tcpdump/dump_2022-02-07-180824.pcap Starting C2 Exfil Tool Configuring C2 Connection Preparing Loot for Exfiltration Loot Path: /mnt/loot/tcpdump/dump_2022-02-07-180824.pcap Sending Loot to C2 terminate called after throwing an instance of 'std::bad_alloc' what(): std::bad_alloc Aborted I get the same error no matter if I am in arming mode or switch1 mode with the PCAPs dumping to the SD card. (See attachment from C2 server)
  2. Hello, I would appriciate help running the squirrel TCPDUMP payload in CLONE mode packet squirrel version the squirrel is running on: 3.2 Downloaded payload from github: packetsquirrel-payloads/payloads/library/sniffing/tcpdump/payload.sh When running the script in TRANSPARENT mode it runs OK. When changing the mode to CLONE - can not have network connection. Thx
  3. I installed cURL on my Packet Squirrel with 3.2 firmware using opkg update && opkg install curl which succeeds without errors. However when using cURL from the command line it throws the error: "Error relocating /usr/bin/curl: curl_multi_poll: symbol not found". I tried to opkg upgrade curl but this didn't help. Anyone ran into the same issue and got it solved? Any help is welcome.
  4. Hi all, several months ago I wrote a guide on how to seamlessly connect OpenVPN clients to the PS' LAN (e.g. your laptop from your home connection connecting to a printer in the same LAN as the PS, without having to use SSH as a proxy), but due to OpenWRT's preconfigured firewall I missed some iptables configurations to make it work properly (thank you @m3t4lk3y for pointing this out). So I figured I'd write a new, corrected standalone post. This is useful to manage remote subnets from anywhere with more than one VPN client (as this OpenVPN AS feature is paywalled, also this is completely headless, no clunky web interface required) A word of caution: since we're going to push routes to your computer and 90% of common subnets are either or I advise you change your home/most used network to something a bit more uncommon, like, as to avoid overlapping. I'm going to assume an OpenVPN server is already set up and running. So, let's say that my home network is and I want to use a PS to manage target network Let's also assume my VPN subnet is something like, and that your computer and PS when connected to the VPN have the IPs and respectively. On my VPN server I need to create a new folder to contain client specific directives. mkdir /etc/openvpn/ccd In this folder I'm going to create a file that's named exactly like the client name I used when I created a certificate for the PS (this is important, if you don't otherwise it's not going to work). I'm going to assume it was packetsquirrel echo "iroute" > /etc/openvpn/ccd/packetsquirrel This tells OpenVPN that the route is going to flow through this specific client. Then you need to edit your openvpn's server.conf client-to-client # allows VPN clients to communicate with each other client-config-dir /etc/openvpn/ccd/ # specifies the folder we created earlier as client-config-dir push "route" # pushes the route to every connected client route # adds this route to the OpenVPN server itself Once you've done that restart your OpenVPN server. If everything went smoothly you should be able to SSH into the PS directly with "ssh root@". Do that, and from inside the PS run this commands (assuming your WAN interface in the PS is br-lan, if not it should be eth1, depending on your PS' network configuration): # Packets flowing from (tun0) to (br-lan) should be accepted and forwarded iptables -I FORWARD -i tun0 -o br-lan -s -d -m conntrack --ctstate NEW -j ACCEPT # Masquerade packets coming from as coming from the PS' WAN IP iptables -t nat -I POSTROUTING -o br-lan -s -j MASQUERADE If everything went smoothly you should be able to seamlessly reach every device on the target's LAN (e.g. for the router). Keep in mind that iptables rules are volatile, meaning they will be reset should the PS get rebooted. I could have put the configurations on the config files but seen the portable/multifunction nature of the device I'd rather run it by hand than possibly breaking the defaut network configurations intended by Hak5.
  5. Hey Hak5 Forums, New to the product line, looking to either build out something to capture the executables on the wire. Would be useful for extracting unprotected printouts and transfers. I do have some familiarity with Bro and Snort and the SecOnion suite.
  6. used this guide to try to setup the squirrel to mangle the traffic that passes through. oddly, seems like the TTL --ttl command is unrecognized. As i understand it, this means the module is missing. https://stuff.purdon.ca/?page_id=472 iptables -t mangle -A FORWARD -s -j TTL --ttl-set 64 this is the command i tried to run. it works on ubuntu, but not on the squirrel. maybe missing a module? Does anyone have a deeper understanding of this issue? Thanks, Ion
  7. If it is, it has a button and a LED at least :)
  • Create New...