Jump to content

Jackalope


kuyaya

Recommended Posts

Posted

You did the nmap on the wrong port. It is port 445 and not 455 ^^

Posted

Okay, then do that in admin powershell:

netsh advfirewall firewall add rule name="445ForJackalope" dir=in action=allow protocol=TCP localport=445

then do the nmap again and look if it still outputs the same results

 

 

Posted

that worked thank you.

But the payload still doesnt work for me. it says 'Payload failed, no logins found...' in the log file. and the msfconsole file is empty

Posted
5 hours ago, Cookie said:

ok i just noticed that metasploit is somehow not installed, i'll try that again

ok - let me know how you go

  • 5 months later...
Posted

trying to install metasploit on firmware 1.6_305 ... followed the original guide which is below... i know it said 1.6 would make bundle install work however its not working... i get this:

 

root@bunny:/tools/metasploit-framework# bundle install
Don't run Bundler as root. Bundler can ask for sudo if it is needed, and installing your bundle as root will break this application for all non-root users on this machine.
Fetching gem metadata from https://rubygems.org/.........
byebug-11.1.3 requires ruby version >= 2.4.0, which is incompatible with the current version, ruby 2.3.3p222
root@bunny:/tools/metasploit-framework#

 

so now i cant install ruby 2.6.6... using rmv i get this...

 

root@bunny:/tools/metasploit-framework# rvm install "ruby-2.6.6"
Searching for binary rubies, this might take some time.
No binary rubies available for: debian/8/armhf/ruby-2.6.6.
Continuing with compilation. Please read 'rvm help mount' to get more information on binary rubies.
Checking requirements for debian.
Installing requirements for debian.
Updating system....
Installing required packages: bzip2, gawk, g++, gcc, autoconf, automake, bison,                                                                                                                                                              libffi-dev, libgdbm-dev, libncurses5-dev, libtool, libyaml-dev, pkg-config, sqli                                                                                                                                                             te3, libreadline6-dev...
Error running 'requirements_debian_libs_install bzip2 gawk g++ gcc autoconf auto                                                                                                                                                             make bison libffi-dev libgdbm-dev libncurses5-dev libtool libyaml-dev pkg-config                                                                                                                                                              sqlite3 libreadline6-dev',
please read /usr/local/rvm/log/1601949941_ruby-2.6.6/package_install_bzip2_gawk_                                                                                                                                                             g++_gcc_autoconf_automake_bison_libffi-dev_libgdbm-dev_libncurses5-dev_libtool_l                                                                                                                                                             ibyaml-dev_pkg-config_sqlite3_libreadline6-dev.log
Requirements installation failed with status: 100.
root@bunny:/tools/metasploit-framework# 

running apt-get to install these packages i get this:

 

root@bunny:/tools/metasploit-framework# apt-get install bzip2 gawk g++ gcc autoconf automake bison libffi-dev libgdbm-dev libncurses5-dev libtool libyaml-dev pkg-config sqlite3 libreadline6-dev                                            Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 libncurses5-dev : Depends: libtinfo5 (= 5.9+20140913-1+deb8u3) but 6.0+20161126-1+deb9u2 is to be installed
                   Depends: libncurses5 (= 5.9+20140913-1+deb8u3) but 6.0+20161126-1+deb9u2 is to be installed
                   Depends: libtinfo-dev (= 5.9+20140913-1+deb8u3) but it is not going to be installed
 libreadline6-dev : Depends: libtinfo-dev but it is not going to be installed
 libyaml-dev : Depends: libyaml-0-2 (= 0.1.6-3) but 0.1.7-2 is to be installed
E: Unable to correct problems, you have held broken packages.
root@bunny:/tools/metasploit-framework#
 

 

It appears hak5 may need a new firmware upgrade...

 

 

Posted

Seriously??? Read the post from darren again. What does it say on the third line? Exactly. 

This post is made pre firmware v1.6

You said you want this to work on firmware 1.6_305. So you're following a guide for an older firmware.

To install it on your firmware, just get the metasploit firmware from here. Copy it to the tools folder and then replug the bunny. Then you're done :).

Then you can SSH into it, cd /tools/metasploit-framework, ./msfconsole and you're presented with the msfconsole

And for god sake, please stop with the "....", it pisses me off.

In case you think there's something wrong with it (you wrote like 8 comments < 24h):

No, the device is not broken. No, it's not a 'scam device' or anything. If you ask friendly, people will answer you friendly.

If you seriously think there's something wrong with the bunny, you can open up a ticket and they may send you a new bunny.

  • 1 year later...
Posted
On 8/30/2019 at 12:59 PM, kuyaya said:

 

so if I copy and paste jackalope to the payload in BB, take it out plug it back in that it wouldn't instantly get the password and sign in?

  • 6 months later...
Posted

Currently having the same issues. This is what my log file says.

PAYLOAD_DIR: /root/udisk/payloads/switch1
MSF_DIR: /tools/metasploit-framework
LOOTDIR: /root/udisk/loot/Jackalope//*************
TARGET_IP: 172.16.64.10
TARGET_HOSTNAME: *************
Executing nmap...

it immediately flashes red, even though I've only put my username and password in. If anybody has any help, I'd appreciate it.

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...