Jump to content

Search the Community

Showing results for tags 'signal owl'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • New USB Rubber Ducky
    • WiFi Pineapple
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
    • WiFi Coconut
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • Legacy Devices
    • Classic USB Rubber Ducky
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 11 results

  1. ok, so I'm new to this, but if I want to combine a couple of the payloads that's available at hak5 GitHub, can I for example make one payload that has wifi connect payload and the open ap Nmap my thought was to copy the payloads into a single payload and make the individual payload a function! Any tips or tricks would be nice! My goal is that if it connects to a specific network when it boots up, it will dump the loot to C2, but if it doesn't connect, it will automatically start the Open AP Nmap Scan this is what I have so far: ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- #!/bin/bash # This is a test to see if my network is in range, it will connect home and export the loot to C2 # if my network is out of range or can't connect to it, it will do the Open AP Attack! # Title: Simple WiFi Connection Example # Author: Hak5Darren # Version: 1.0 function Home() { # WiFi Client Setup WIFI_SSID="SSID" WIFI_PASS="Password" LED SETUP WIFI_CONNECT # optionally start SSH server # /etc/init.d/sshd start LED ATTACK C2CONNECT && C2EXFIL } function OpenAP() { # Title: Open AP Nmap Scanner # Author: Hak5Darren # Version: 1.0 # # Description: Scans for open access points, then connects to each and runs an Nmap scan saving logs to the loot folder # # LED SETUP: Scanning # LED ATTACK: Connected, running nmap scan # # See nmap --help for options. Default "-sP" ping scans the address space for fast host discovery. NMAP_OPTIONS="-sP" LOOT_DIR=/root/loot/open_ap_nmap_scan MAX_CIDR=20 DEBUG=1 function scan_wifi() { [[ $DEBUG == 1 ]] && echo Scanning for open access points | tee -a /tmp/payload.log iwlist wlan0 scan > /tmp/wifi_scan cat /tmp/wifi_scan | grep "Encryption key:off" -A1 | grep ESSID | sort | uniq | cut -c 28- | sed "s/.$//g" > /tmp/open total_aps=$(cat /tmp/open | wc -l) [[ $DEBUG == 1 ]] && echo Found "$total_aps" open access points | tee -a /tmp/payload.log } function check_ap() { current_ap=$(sed -n "$on"p /tmp/open) [[ $DEBUG == 1 ]] && echo "-------------------------------" | tee -a /tmp/payload.log current_ap_mac=$(cat /tmp/wifi_scan | grep "$current_ap" -B5 | grep Address | awk {'print $5'} | head -1) [[ $DEBUG == 1 ]] && echo Selected AP MAC: "$current_ap_mac" | tee -a /tmp/payload.log if grep -i -q "$current_ap_mac" /tmp/nmap_scanned; then [[ $DEBUG == 1 ]] && echo Skipping - Already scanned AP: "$current_ap" with MAC: "$current_ap_mac" | tee -a /tmp/payload.log else connect_wifi scan_network fi } function connect_wifi() { LED STAGE1 [[ $DEBUG == 1 ]] && echo Connecting to Open WiFi AP: "$current_ap" | tee -a /tmp/payload.log ifconfig wlan0 down iwconfig wlan0 mode Managed essid "$current_ap" ifconfig wlan0 up while(iwconfig wlan0 | grep Not-Associated); do sleep 1; done [[ $DEBUG == 1 ]] && echo "Connected to AP number $on with SSID $current_ap" | tee -a /tmp/payload.log udhcpc -i wlan0 while [ -z "$SUBNET" ]; do sleep 1 && find_subnet done APMAC=$(iw wlan0 link | grep Connected | awk {print'$3'}) [[ $DEBUG == 1 ]] && echo "AP MAC Address/BSSID: $APMAC" | tee -a /tmp/payload.log [[ $DEBUG == 1 ]] && iwconfig wlan0 | grep ESSID | tee -a /tmp/payload.log [[ $DEBUG == 1 ]] && ifconfig wlan0 | grep inet | tee -a /tmp/payload.log } function scan_network() { LED STAGE2 find_subnet [[ $DEBUG == 1 ]] && echo "Found Subnet: $SUBNET" | tee -a /tmp/payload.log CIDR=$(echo $SUBNET | cut -d '/' -f 2) [[ $DEBUG == 1 ]] && echo "CIDR: $CIDR" | tee -a /tmp/payload.log if [ "$CIDR" -ge "$MAX_CIDR" ] then [[ $DEBUG == 1 ]] && echo "Starting network scan" | tee -a /tmp/payload.log nmap $NMAP_OPTIONS $SUBNET -oN "$LOOT_DIR/$current_ap-$APMAC.txt" &>/dev/null else [[ $DEBUG == 1 ]] && echo "Network too large - skipping scan" | tee -a /tmp/payload.log fi echo $APMAC >> /tmp/nmap_scanned } function find_subnet() { SUBNET=$(ip addr | grep -i wlan0 | grep -i inet | grep -E -o "([0-9]{1,3}[\.]){3}[0-9]{1,3}[\/]{1}[0-9]{1,2}" | sed 's/\.[0-9]*\//\.0\//') [[ $DEBUG == 1 ]] && echo "Found subet for network $current_ap as $SUBNET" | tee -a /tmp/payload.log } function run() { while true; do setup scan_wifi while [ "$on" -le "$total_aps" ] do if [ "$on" -ge 1 ]; then check_ap; fi let on=on+1 done sleep 5 [[ $DEBUG == 1 ]] && echo Completed recon. Restarting... | tee -a /tmp/payload.log done } function setup() { LED SETUP mkdir -p $LOOT_DIR touch /tmp/nmap_scanned on=0 killall wpa_supplicant } # Run payload run } Home && poweroff || OpenAP
  2. I recently bought a WIFI Pineapple Nano and FINALLY got the signal owl to work! I'd like to do a project that combines both of them and C2, however I am not knowledgeable on what I can do with both, any thoughts are welcome!
  3. Or it will be pass through to the device / computer it has been connected to.
  4. Ok, so a while back I updated the owl and now I can't seem to get it to do anything! I'm trying to connect it to wifi, but it won't work! It goes through the boot process, then it stops blinking all together! I don't know why it won't work, I don't know how I can erase it to start over in case it was something I did trying to get it to work... when I push the button on the back, it does work to put it into arming mode. Any help would be fantastic!
  5. After hours of running into the same issues as everyone else (aka arming mode) I reformatted the USB to FAT32 and it seemed to fix all the issues. Booted and loaded a payload off FAT32 USB, went into attack mode. Pressed the button on the bottom (about 1 second) and it went into arming mode Was able to connect to Owl_XXXX and SSH into the device. Hope this helps everyone. - MY
  6. Wasnt sure if anyone has gone about password protecting their owl when in arming mode. Ive been searching around the owl's directories and cant seem to find where the config file is located to do just that (ie. change the default open AP from owl_XXXX, and password protect it). Any pointers would be greatly appreciated, or if this is simply a dumb question then by all means point that out as well haha! Happy hacking!
  7. I was having an issue with the signal owl where it was not firing payloads. It appears that it does not auto execute in attack mode. The way I resolved this was to: 1.) ssh into the owl 2.) execute payload with ./payload.sh This will fire payload and kick your ssh. Hope this helps people having issues. Wondering if there is a more permanent fix for this.
  8. sic6

    LED faint glow

    Hi, I do hope someone can help me out or clarify what the issue might seem to be. Out of the box the SignalOwl LED seems to perform nothing more than a faint glow. When first connected it was, besides the faint LED glow (blinking rapidly), performing as expected in terms of LED status indications. When upgrading the firmware, the LED became a faint steady glow. In preperation, I've watched Darren's instructional video and I when first using the SignalOwl have followed the instructions here: https://docs.hak5.org/hc/en-us/articles/360033611914-Setting-up-the-Signal-Owl-for-the-first-time The SignalOwl is (properly) hooked up to my laptop for power, has the USB drive (FAT32 formatted) connected and contains the 'upgrade-1.01.bin' file. Current upgrade time is plus 25 minutes. Is my SignalOwl D.O.A.?
  9. I have tried (and tried) to get the Signal Owl into arming mode, now after a 1.0.1 upgrade (which seemed to be successful) and trying to load the arming-mode payload the Owl shows no lights after the initial boot. Anyone else experience this or have any ideas what to do to fix this? - MY
  10. Hi I'm currently playing around with the signal owl. I'm trying to include it into my c2 instance which doesn't work. The Signal Owl is connecting to my open wlan but it looks like it isn't connecting. I copied the device.config to the /etc/directory to configure the C2 server. This worked on the pineapple before. Anyone experience the same issues? The c2 server is running on TCP 443 with SSL (letsencrypt). BusyBox v1.30.1 () built-in shell (ash) .___. {o,o} /)__) Hak5 Signal Owl " " Version 1.0.1 ======================================= Built on OpenWRT 19.07 =======================================
  11. I do not claim to be an expert in the Signal Owl, Linux, scripting, etc; but hope that someone will be able to find this information helpful. There are multiple ways to accomplish some tasks. The commands listed below are what I used to get my Signal Owl up and running with a simple payload (first one was WiFi Connect). First, I highly recommend everyone check out Darren's Signal Owl - Getting Started video. It's very helpful to understand the Signal Owl setup and most important (for me) the LED sequence and when to push the button for Arming Mode. I've seen several posts which indicate their Signal Owl does not copy payloads/extensions from a USB Drive. Currently my Signal Owl is behaving in a similar fashion. I'm using a FAT32 formatted drive with the payload in the root of the drive but so far, no success. My Workaround: Manually copy the file from the USB drive to correct location on the Signal Owl (/root/payload). Steps: 1. Power on the Signal Owl. 2. Push the button during Select Mode (Red fast blinking) 3. Connect your device (compute, phone, etc) to the Owl_xxxx Access Point 4. Connect to Signal Owl ( via Putty (or some other SSH terminal utility) as the root account. 5. type: df -h (This should list the volumes mounted by the Signal Owl. My USB drive was /mnt/sda1). 6. type: cd /mnt/sda1 7. type: ls -l (if you want to list the files in the directory) 8. type: cp <payload file name> /root/payload 9. type: cp extensions/<filename> /root/payload/extensions (Optional: Only if extensions need to be copied also) 10. type: cd /root/payload 11. type: ls -l (if you want to list the files in the directory) 12. Verify the payload file has execute permissions (At least for the owner). If not, type: chmod 744 <payload file name> 13. type: cd /root/payload/extensions 14. type: ls -l (if you want to list the files in the directory) 15. Verify the extension file has execute permissions (At least for the owner). If not, type: chmod 744 <extension file name> Personally, I check a couple times to make sure I've updated everything correctly. That will be up to you. At this point, you should be ready to test the payload. Power off the Signal Owl, ( I count to 10) then power on the Signal Owl and watch the boot process. Depending on the payload, the LED should indicate when the payload has been successfully executed. Alternate Transfer Method: An alternate method to copy files from your system is to use (if using a Windows OS) the Putty utility PSCP or PSFTP. Linux should have those SCP or SFTP already loaded. Once the files have been transferred to the Signal Owl, I recommend verifying the file(s) have the correct permissions for execution. Rotating Payloads: Personally I prefer to not constantly copy files to and from the device when which switching payloads. I connect to the Signal Owl and rename payloads not in use. Which ever payload I want to be active is renamed to payload.txt (or payload.sh or payload.py; whichever fits best). Example: WiFi Connect: /root/payload/payload.txt is renamed to /root/payload/payload.txt_wifi_connect Garbage SSID: /root/payload/payload.txt is renamed to /root/payload/payload.txt_garbage_spammer Extending USB Ports: I used a Anker USB 4-port hub (plugged into the USB 2.0 port on the Signal Owl) to extend the available USB ports. This allowed me to have an additional WiFi adapter (RT5370) and a USB Drive connected to the Signal Owl simultaneously. In the future, I'm hoping to test running an extra WiFi adapter and a GPS module from the USB hub connected to the Signal Owl.
  • Create New...