Jump to content

Covert tools are not that covert


Recommended Posts

So first of all I think the Hak5 team have made some awesome stuff.  I own pretty much everything that's out except for the most recent Wifi Pineapples.  And I purchased everything with the idea of doing POC and just having fun in my own controlled environment.  I am not a pen tester, not a hacker, I just enjoy tinkering.  So my confusion comes in on the main selling point for these tools.  Again if I had to buy them all over again I'd do it in a second.  These are cool tools.  But they are meant to be covert...covert in pen testing or...other things...  Yet almost every device needs a driver to work when plugged into a fresh computer.  And almost ever script needs to be tweaked in one way or another depending on the computer environment.  I understand every computer is different and every network is different but how are these tools really used in a pen test environment?  Has anyone actually had luck walking into a company, plugging in one of these tools and having it do what you want on the first try? 

Link to comment
Share on other sites

Darren himself has mentioned he had, two or three hak5 episodes ago specifically.


And I know of others who have, but I cannot disclose more than that.


Of course full disclosure I am biased as the EU reseller.

Link to comment
Share on other sites

I expect that if you want a gadget to work on a real engagement, you do the 'tweaking in one way or another' on a test system which emulates the target system first. Similarly, you ensure that you're emulating devices which you know to work in the target environment, to reduce the friction. You don't necessarily just stroll in, slap a gadget into the nearest port and watch it rain shells, although I guess sometimes you get lucky, too.

Link to comment
Share on other sites

I think one of the benefits of having a solid open source Community, is so that you have a lot of people making tweaks and giving input so that the payloads work best in as many environments as possible. Payloads are meant to be tweaked to fit the environment you're targeting. All that being said, as someone with a software development background, typically you won't release a piece of software with only one version and have it work perfectly right out of the box. This is why normal programs that you run on your computer need to be updated often. Recon is a huge part of any engagement. You always want to know your target, So you know which attacks you need to bring to the table. 

Ive had great success with the Rubber Ducky, the Pineapple, and even the latest Bash Bunny; however these tools have a tendency to be picked up by script kiddies who just want these to work without little or no effort, so they can be "hackers". Like Mr. Robot... on TV.

Edited by Decoy
Link to comment
Share on other sites

If you want to hack a car, you practice on one of those cars. Same make, model, computer.

If you want to hack a computer, you practice and create your exploits on a VM of that exact same OS and system.

To have a device that is Plug n Play on every system would be lovely, but is not really a possibility. That's where good recon and prep come in.

Preparation is always 90% of a successful hack. Always.

These devices work brilliantly for set scenarios. But it's down to the Human to decide what device to use in what scenario.

Edited by haze1434
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...