b0N3z Posted September 9, 2016 Share Posted September 9, 2016 So i have setup a raspberry pi zero with gadet mode (g_ether) and used raspbian jessie light. I followed mubix tutorial for setting up the usb armory because they are both linux, it shouldn't be any different because of the device. So I got the whole thing configured and I plug it into my macbook (also tried with windows) and I get nothing. The pi powers up and runs responder and I get a log from that but It only tells me what responder has done. I can ssh into the pi from the static IP set during configuration. When I run sqlite3 /root/responder/Responder.db 'select * from responder' to get the results, it shows "Error: no such table: responder". So im a little confused or im just overlooking something important. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted September 9, 2016 Share Posted September 9, 2016 Try this and show me the results: sqlite3 /root/responder/Responder.db at the prompt: .tables then .exit to exit the prompt. What are the tables there? Quote Link to comment Share on other sites More sharing options...
b0N3z Posted September 10, 2016 Author Share Posted September 10, 2016 root@TheFYGS:~# sqlite3 /root/responder/Responder.db SQLite version 3.8.7.1 2014-10-29 13:59:56 Enter ".help" for usage hints. sqlite> .tables sqlite> .exit root@TheFYGS:~# So it shows no tables at all, which is probably why its not working? Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted September 10, 2016 Share Posted September 10, 2016 I would say so, the database has no info. Check for text logs in the logs directory? Quote Link to comment Share on other sites More sharing options...
barry99705 Posted September 10, 2016 Share Posted September 10, 2016 Yea, I have no tables in that location on my turtle. Not sure where else to look. Quote Link to comment Share on other sites More sharing options...
b0N3z Posted September 10, 2016 Author Share Posted September 10, 2016 (edited) i made a logs directory for screen and I get logs but it just shows responder has run. this is what all my logs show. ^[[1;33mNBT-NS, LLMNR & MDNS Responder 2.3^[[0m Author: Laurent Gaffie (laurent.gaffie@gmail.com) To kill this script hit CRTL-C ^[[1;32m[+] ^[[0mPoisoners: LLMNR ^[[1;32m[ON]^[[0m NBT-NS ^[[1;32m[ON]^[[0m DNS/MDNS ^[[1;32m[ON]^[[0m ^[[1;32m[+] ^[[0mServers: HTTP server ^[[1;32m[ON]^[[0m HTTPS server ^[[1;32m[ON]^[[0m WPAD proxy ^[[1;32m[ON]^[[0m SMB server ^[[1;32m[ON]^[[0m Kerberos server ^[[1;32m[ON]^[[0m SQL server ^[[1;32m[ON]^[[0m FTP server ^[[1;32m[ON]^[[0m IMAP server ^[[1;32m[ON]^[[0m POP3 server ^[[1;32m[ON]^[[0m SMTP server ^[[1;32m[ON]^[[0m DNS server ^[[1;32m[ON]^[[0m LDAP server ^[[1;32m[ON]^[[0m ^[[1;32m[+] ^[[0mHTTP Options: Always serving EXE ^[[1;31m[OFF]^[[0m Serving EXE ^[[1;31m[OFF]^[[0m Serving HTML ^[[1;31m[OFF]^[[0m Upstream Proxy ^[[1;31m[OFF]^[[0m ^[[1;32m[+] ^[[0mPoisoning Options: Analyze Mode ^[[1;31m[OFF]^[[0m Force WPAD auth ^[[1;32m[ON]^[[0m Force Basic Auth ^[[1;31m[OFF]^[[0m Force LM downgrade ^[[1;31m[OFF]^[[0m Fingerprint hosts ^[[1;32m[ON]^[[0m ^[[1;32m[+] ^[[0mGeneric Options: Responder NIC ^[[1;35m[usb0]^[[0m Responder IP ^[[1;35m[192.168.2.201]^[[0m Challenge set ^[[1;35m[1122334455667788]^[[0m ^[[1;32m[+]^[[0m Listening for events... Setting up watches. Watches established. The logs in the responder folder under logs are all blank except Responder-session.log but it only seems to show responder settings and paths for logs to be saved but not the results were looking for. Edited September 10, 2016 by b0N3z Quote Link to comment Share on other sites More sharing options...
barry99705 Posted September 11, 2016 Share Posted September 11, 2016 Hey dude, check /etc/turtle/Responder and see if your Responder.db is there. I found mine there on my lanturtle. Quote Link to comment Share on other sites More sharing options...
b0N3z Posted September 11, 2016 Author Share Posted September 11, 2016 mine is in the responder folder /root/responder im using raspberry pi zero in gagdet mode with g_ether enabled Quote Link to comment Share on other sites More sharing options...
th3s3cr3tag3nt Posted September 30, 2016 Share Posted September 30, 2016 Just delete the responder.db that comes with the git package. When you grab the responder script from git it comes with an empty db file which the script assumes has the table already created. The script will recreate it correctly. I'm halfway through creating a walk through of making this on the raspberry pi zero, i can post it if you are interested. Quote Link to comment Share on other sites More sharing options...
kerravon Posted October 1, 2016 Share Posted October 1, 2016 On 30/09/2016 at 4:28 PM, th3s3cr3tag3nt said: Just delete the responder.db that comes with the git package. When you grab the responder script from git it comes with an empty db file which the script assumes has the table already created. The script will recreate it correctly. I'm halfway through creating a walk through of making this on the raspberry pi zero, i can post it if you are interested. I would be interested in that myself as well. cheers Quote Link to comment Share on other sites More sharing options...
b0N3z Posted October 2, 2016 Author Share Posted October 2, 2016 On 9/30/2016 at 10:28 AM, th3s3cr3tag3nt said: Just delete the responder.db that comes with the git package. When you grab the responder script from git it comes with an empty db file which the script assumes has the table already created. The script will recreate it correctly. I'm halfway through creating a walk through of making this on the raspberry pi zero, i can post it if you are interested. thats good to know and I followed mubix and another guys tutorials for the raspberry pi zero and it was going great till my Mac quit recognizing my pi as a rndis device and now im lost on trying to get it working agian. I have install hordnis for mac and that still didnt help and my linux box wont pick it up either as an ethernet device that i can ssh into via pi@raspberrypi.local. I have changed the dhcp settings for the pi and the mac and still no luck getting it to connect so now im wondering how effective this will be for me. Quote Link to comment Share on other sites More sharing options...
th3s3cr3tag3nt Posted October 2, 2016 Share Posted October 2, 2016 On 01/10/2016 at 4:57 PM, kerravon said: I would be interested in that myself as well. cheers I've put it up at https://th3s3cr3tag3nt.blogspot.com although it still needs a bit of work, I'll upload the video of it working when I can. Let me know of any difficulties or anything that's not clear and I'll update it. Apart from some funky dnsmasq config the main area i deviated from the other tutorials was in using ethernet to configure the Pi, but using the usb0 interface for the attack. Quote Link to comment Share on other sites More sharing options...
b0N3z Posted October 3, 2016 Author Share Posted October 3, 2016 On 10/2/2016 at 11:24 AM, th3s3cr3tag3nt said: I've put it up at https://th3s3cr3tag3nt.blogspot.com although it still needs a bit of work, I'll upload the video of it working when I can. Let me know of any difficulties or anything that's not clear and I'll update it. Apart from some funky dnsmasq config the main area i deviated from the other tutorials was in using ethernet to configure the Pi, but using the usb0 interface for the attack. This looks great. I finally got my pi zero working with my mac to ssh into and i also ordered another pi zero to do this. Why use DNSmasq for the pi zero? I never saw that with the usb armory or the lan turtle. Anyways, awesome write up im looking forward to trying it out when i get my new pi zero Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.