Jump to content
Hak5 Forums

Search the Community

Showing results for tags 'windows'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • WiFi Pineapple
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapple University
    • WiFi Pineapples Mark I, II, III
  • Hak5 Gear
    • Bash Bunny
    • Packet Squirrel
    • LAN Turtle
    • USB Rubber Ducky
  • Hak5 Shows
    • Hak5
    • HakTip
    • Metasploit Minute
    • Threatwire
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 44 results

  1. jafahulo

    [PAYLOAD] UnifiedRickRollWindows

    In the spirit of april fools, I ported the original UnifiedRickRoll to windows, so you can easily switch between apple and windows computers and still get the same effect. https://github.com/hak5/bashbunny-payloads/pull/139
  2. WDuckyFlasher This is a ducky firmware flasher with all firmwares built in. It is handy in case you only have a nearby windows computer because this is made in batch! I'm always open for suggestions! Have fun. Download link [ZIP]
  3. Harun

    PacketSquirrel

    Hi, I just checked the tutorials on how the PacketSquirrel works and what it does and I've decided to purchase one myself to have a play around with it. I've captured traffic on the device, recorded and analysed the TCP dumps on WireShark. The only part I'm struggling on is how to get the dns spoof to work. I have switched to Arming mode and edited the 'spoofhost' file to 'facebook.com' with the ip address being my victim's ip address on the Windows machine. I'm wondering how it's possible to create a fake web page and harvest the victim's usernames and passwords via my fake facebook page and have them redirected back to the original facebook login
  4. Lets say we have a win 7 computer with non-admin access. There is a particular registry setting we want change. And we dont have permissions to any cool stuff like regedit, gpedit, etc. And lets say any registry setting we do manage to save, through something like chntpw, gets reverted on boot/profile load to its original setting. Computer is on a domain system. And lets pretend creating a new windows admin user might be a little too invasive for a vigilant System admin ignore. What methodology would you guys use to permaset a reg setting?
  5. So heres whats going on i made a shell, using reverse_tcp. And i put it on victims computer and opened it everything went smoothly in the process of opening the exe, anyways after i opened it, the shell didnt send a tcp connection back to me. Im doing this on a LAN network, both computers are right beside each other connected to ethernet. I made the exploit in a vm then uploaded it to mediafire and downloaded on other pc. But when i ran it, i didnt get a connection back it was like it was never ran. Heres all my console output currently even after opening i didnt take a screenshot but i did copy and paste. And put it on pastebin, so heres the link hopefully one of you can help me i would also like to say the the target pc had antivirus disabled. LINK: https://pastebin.com/R9G5nQGB I used port 4444 and my local ip. That link shows the whole process of setting up the payload and handler thats what all i did. Thanks to everyone who takes the time to read this i really need help.
  6. Windows Persistent Reverse Shell for Bash Bunny Author: 0dyss3us (KeenanV) Version: 1.0 Description Opens a persistent reverse shell through NetCat on victim's Windows machine and connects it back to host attacker. Targets Windows 10 (working on support for older versions) Connection can be closed and reconnected at any time Deploys in roughly 15-20 sec Works with NetCat Requirements Have a working Bash Bunny :) STATUS LED STATUS Purple Setup Amber (Single Blink) Installing and running scripts Green Finished Installation and Execution Plug in Bash Bunny in arming mode Move files from WindowsPersistentReverseShell to either switch folder Edit the persistence.vbs file and replace ATTACKER_IP with attacker's IP and PORT with whichever port you like to use (I use 1337 😉) Save the persistence.vbs file Unplug Bash Bunny and switch it to the position the payload is loaded on Plug the Bash Bunny into your victim's Windows machine and wait until the final light turns green (about 15-20 sec) Unplug the Bash Bunny and go to attacker's machine Listen on the port you chose in the persistence.vbs file on NetCat Run the command nc -nlvp 1337 (replace the port with the port in persistence.vbs) If using Windows as the attacker machine, you must install Ncat from: http://nmap.org/dist/ncat-portable-5.59BETA1.zip and use the command ncat instead of nc from the directory that you installed ncat.exe. Wait for connection (Should take no longer than 1 minute as the powershell command runs every minute) Once a Windows cmd prompt appears...YOU'RE DONE!! 😃 and you can disconnect and reconnect at any time as long as the user is logged in Download Click here to download
  7. Struthian

    Windows Powershell resource

    I just discovered this book. For the next 3 days it's .99. I wish I had it sooner, it's answered some questions that I prior got answered painfully. His sample code is quite worthwhile ... One example is enumerating network interfaces and changing their properties. http://mikefrobbins.com/2017/12/27/my-new-powershell-book-is-on-sale-for-99-cents-until-the-end-of-the-year/ http://mikefrobbins.com/2017/10/19/configure-internet-connection-sharing-with-powershell/ https://github.com/mikefrobbins/PowerShell PS: Never heard of the guy before today. I'm not spamming for him.
  8. Hi, I was looking online to get more in depth with my brand new WiFi Pineapple Nano and while looking into details about some modules, I've noticed many people actually using Kali Linux instead of Windows for projects with this device. Now I've always assumed that the OS didn't matter since they all used PineAP which is it's own software and features. But it has still got me wondering: does linux still benefits this product a lot more? If so, please explain how in depth. I actually do have Kali Linux as a VM and haven't yet been able to connect to it using my host machine (Windows 7) and have so far only succeeded to connect to it using my Android phone. Will this product's capabilities change with each OS or does it all stay the same as it is PineAP? Thanks!
  9. Mirothor

    USB-C Ports

    How will Hak5 deal with USB-C ports if they spread to Microsoft, Dell, and more? Also, is Hak5 just going to stay with adapters or make new devices with USB-C capability? I would stick with adapters, but I want to see others opinion.
  10. shiveredwolf

    getting mac withi python?

    I need some help in writing some code to automate some of my jobs and I can't figure an efficient way to just get the wireless card and ethernet mac addresses. im trying to use something similar to this ips = subprocess.check_output(["WMIC", "NICCONFIG", "where", "IPEnabled=true", "get", "IPAddress"], universal_newlines=True).strip().split("\n\n")[1:]
  11. NodePoint

    [PAYLOAD] RevShellBack

    Discussion thread for the RevShellBack payload. I've seen quite a few Rubber Ducky projects to do with getting a reverse shell running on a PC so that the shell can be accessed remotely on a different computer. But what got me thinking is this: the Bash Bunny is a full-on Linux ARM computer, right? It has netcat and it can do HID and ethernet simultaneously. So.. why not use that instead? At first, this payload will use a bit of HID trickery to hide itself from an observer as best as it can. As soon as it has done executing the final PowerShell command, HID is no longer used. User-defined commands will be sent to the computer in the background. By default, 4 commands are executed as a demo: Write file (with content) to the desktop Eject CD/DVD tray (if it exists) -- thank PowerShell for making that possible Open calculator application Message box -- powered by PowerShell For information about the payload, the payload script itself and how to configure it, it can be found at this GitHub repository: https://github.com/NodePoint/RevShellBack
  12. Testing the BashBunny for use on a physical pentest/red team engagement but noticing a huge problem with using this device for a real world assessment. Mainly, on a Windows 7 x64 desktop, the initial driver install process took over 2 minutes to install. After initial drivers are installed, my payload initializes and finishes within 10 seconds which is great if only I didn't have to install the drivers first... What makes this issue even worse is that the BashBunny doesn't wait until the drivers have been installed before executing the payload which means you need to unplug/re-plug the device in after waiting 2 minutes to execute the payload. Ideally, it would be nice to build some code into the BashBunny to automatically detect when the drivers are installed and then run the payload. Has anyone had any issues with this and is there any way to improve the speed here? 2 minutes is wayyy to long to wait around at an unlocked workstation. I would be better off typing out the payload by hand if it meant only taking 20-30 seconds max.
  13. deck_bsd

    QuickCreds

    Hi everybody, I just flashed my bash bunny to the new 1.3 version of the firmware. I would like to test the QuickCreds payload on my windows 10 Enterprise. It seems to be stuck in yellow mode (LED ATTACK) forever. Responder is correctly installed into the tools folder. In loot/QuickCreds i have a good folder name but nothing into it. I m doing something wrong ? i have noticed some few thins like, in the payload , it is using the -P option but responder.py doesn 't have it, i erased it, but nothing change. Any ideas ? The thing is, before i just change the LED color , when i tried QuickCreds, after the setup light it was directly the blinking green ligh (i didn't get the yellow one, that's why i would like to test it). After i modified those LED instruction (juste the LED i promes) , the payload always stay in yellow mode. Thanks in advance for your support :-)
  14. Hey, i'm reading a book Metasploit The Penetration Testers Guide and in it the author mentions that in general you should not set the THREADS value in Metasploit to more than 16 on Windows machines and more than 128 on UNIX style machines. I'm just curious as to why, and also why so little on windows? Later in the book the author also uses 255 threads for a port scan. Thanks
  15. When I connect the Bash Bunny with ATTACKMODE RNDIS_ETHERNET it sets itself as a default network interface, which is desired in most cases. However, I would like it to show up as a secondary interface as part of my payload requires actual internet. Since the Bash Bunny doesn't have internet itself, it can't provide internet to the windows box. It would be nice if I could configure the Bash Bunny to show up as a non-default interface. It is possible to change the metric in powershell, so if my payload uses powershell, I can do this to change it: Get-NetAdapter | Where-Object -FilterScript {$_.LinkSpeed -Eq "2 Gbps"} | Set-NetIPInterface -InterfaceMetric 100
  16. So I literally just finished copying this tutorial ... https://www.youtube.com/watch?v=fmRRX7-G4lc And everything went smoothly... Apart from when I plugged in the duck... Nothing happened on my Kali MSF... No shells were caught? I should first off mention that my target machine was actually a 64 bit windows, so i had to change the msfvenom -a to x64 and change the payload to windows/x64/meterpreter/reverse_tcp... But besides that everything went ok... So because the shell wasnt being caught, I decided to open up powershell my self, and manually type in the code that the ducky inject.bin is trying to run in powershell.... and i got this error... So I think the reason nothing happens when I plug the duck in, is because in the background (because obviously it is commanded to be hidden in the inject.bin) this is happening... making MSF not catch a shell... Please could anyone take a look at this and help me overcome this error please. I would be forever grateful! Thank you hak5 enthusiasts! <3
  17. nicthejack

    Windows Internet Connection (again)

    Hi All, I know this one seems to have been done to death on the forum but I am not sure what else to do. I have read all the posts that I can find on trying to get an internet connection on the BB. I have set, reset the different permutations with regards to RNDIS device, IPs, Drivers etc and get the same results. No internet. Ive tried on Windows 10, 8 and 7 and its the same. Ive tried deploying the payload to the different switches. Ive tried sharing the WiFi and Ethernet connections on the laptop. Okay, so I have updated the firmware to the latest. Storage and HID are fine. The payload is the simple ATTACKMODE RNDIS_ETHERNET. internet sharing is set on the laptop, IP address of BB is 172.16.64.1. IP address of windows side is 172.16.64.10 (have also tried 64). I have also tried disabling and enabling the lan devices as per some of the advice. I can Putty in both serial (arming mode) or SSL in on either the attack switches. When running ifconfig on the BB side, i get the expected 172.16.64.1 IP so all seems ok there. Ive set some LEDs to track the payload going through its motions but i get a red LED and no internet. Its the same for every configuration of the BB on all windows machines. This must be something so silly thats staring me in the face but for all the trees in the woods, i just cannot see it. Any help will be greatly appreciated.
  18. I am trying to stop service MsMpSvc but it dosen't seem to work. I have tried following : 1) net stop MsMpSvc 2) sc config MsMpSvc start= disabled It gives me following error : [SC] OpenService FAILED 5: Access is denied. And I do have admin privileges.
  19. I am trying to setup wifi pineapple nano but when I get to the part with load bulletin it crashes my PC and gives me the error in this picture. Also when I try to do "firmware upgrade" to also check if it's working I get this error: "Error connecting to WiFiPineapple.com. Please check your connection." Any Help?
  20. I am trying to setup wifi pineapple nano but when I get to the part with load bulletin it crashes my PC and gives me the error in this picture. Also when I try to do "firmware upgrade" to also check if it's working I get this error: "Error connecting to WiFiPineapple.com. Please check your connection." Any Help?
  21. Hrishikesh Somchatwar

    How to make a USB hacking tool?

    How to make a USB hacking tool? how to hack into systems with a usb just by inserting and creating a backdoor of it?
  22. https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/recon/InfoGrabber It has been a while since my script was updated so if anyone want to want to help make it more effective or make it faster it would be much appreciated :D
  23. calin42

    BrowsersCreds 1.3 win7-10

    Hello, i just got my bash bunny yday, and i tried fews payloads straight after setting up languages & tools. I only managed to run, with the 1.3 firmware, the PasswordGrabber exploit with the lazaro.exe on a windows 7 computer. All others scripts claming "browsers creds" and other, are actually not working, on the 1.3. I can read that many people managed to make it work on a 1.2 or 1.1 version. If any of you, could actually tell me if this is a known problem, or tell me if you managed to run a creds grabber on a win8 or 10, with the 1.3 firmware. Thx for your answers :)
×