Setup:
http://raspwn.org/documentation
https://www.instructables.com/id/Learn-to-Hack-Ethically-With-RasPwn-OS/
Thursday, September 26, 2019
DV-PI3 Damn Vulnerable Pi setup and hacks
How to install and setup:
https://paulraspberrypinotes.blogspot.com/2019/09/setting-up-vulnerable-raspberry-pi.html
Then ssh to it with putty, ssh pi@192.168.1.48, passwd: raspberry
If you are using rndis (direct usb connection with bonjour), then :
ssh dv-pi3.local using putty
Then:
dv-pi status # Show status of vulnerable applications
dv-pi start # Start vulnerable applications
dv-pi stop # Stop vulnerable applications
Hacking rpi0:
`````````````````
https://www.youtube.com/watch?v=p5QwtYYeZZY [ basic msfconsole and msfvenom ]
https://shaneoneill.io/2018/11/17/hacking-your-own-raspberry-pi-part-2-wordpress-exploits/
https://paulraspberrypinotes.blogspot.com/2019/09/setting-up-vulnerable-raspberry-pi.html
Then ssh to it with putty, ssh pi@192.168.1.48, passwd: raspberry
If you are using rndis (direct usb connection with bonjour), then :
ssh dv-pi3.local using putty
Then:
dv-pi status # Show status of vulnerable applications
dv-pi start # Start vulnerable applications
dv-pi stop # Stop vulnerable applications
Hacking rpi0:
`````````````````
https://www.youtube.com/watch?v=p5QwtYYeZZY [ basic msfconsole and msfvenom ]
https://shaneoneill.io/2018/11/17/hacking-your-own-raspberry-pi-part-2-wordpress-exploits/
Sunday, September 22, 2019
How to adjust screen brightness in kali linux
go to
/sys/class/backlight/intel_backlight
sudo -s
vim brightness
set the integer value, eg 300
ref:
https://www.youtube.com/watch?v=navv_XHysmM
/sys/class/backlight/intel_backlight
sudo -s
vim brightness
set the integer value, eg 300
ref:
https://www.youtube.com/watch?v=navv_XHysmM
Saturday, September 21, 2019
How to install Kali LInux
Download the iso image and use Rufus to burn to pendrive. When prompted select dd image, not iso.
Boot from pen drive and select graphical install.
References:
https://null-byte.wonderhowto.com/forum/fix-failed-detect-and-mount-cd-rom-problem-when-installing-kali-linux-0177158/
Boot from pen drive and select graphical install.
References:
https://null-byte.wonderhowto.com/forum/fix-failed-detect-and-mount-cd-rom-problem-when-installing-kali-linux-0177158/
Friday, September 20, 2019
Wifi Adapters for Kali
https://miloserdov.org/?p=2196
https://shop.hak5.org/products/ralink-usb-wifi-rt5370
[atheros 9271]
https://www.lelong.com.my/150mbps-mini-usb-2-0-port-wireless-wifi-adapter-antenna-winsonyap86-214762007-2021-08-Sale-P.htm
Same seller [ 1 and 2 below]
1. [rt5370]
https://www.lelong.com.my/wifi-rt5370-adapter-freesat-alphabox-5151wornall-206177735-2020-07-Sale-P.htm
2. [rtl8811au - dual band]
https://www.lelong.com.my/600mbps-dual-band-5ghz-wireless-lan-usb-pc-wifi-adapter-802-11ac-5151wornall-I6143827-2007-01-Sale-I.htm [ does not work on Kali Linux ]
Tried below also did nto work:
https://www.youtube.com/watch?v=zZG65GkWGdU [zaid ]
https://unix.stackexchange.com/questions/369045/kali-linux-and-rtl8812au
https://edimax.freshdesk.com/support/solutions/articles/14000041287-how-to-install-ew-7811-ac600-ew-7822uac-in-linux-with-kernel-higher-than-v4-1
Finally this works:
https://www.prado.lt/how-to-install-realtek-8811cu-wireless-lan-802-11ac-usb-nic-on-ubuntu-19-04
cd to /usr/src, then:
rtl8821CU/core
Then,
make
make install
Then:
[switch_usbmode.sh]
#!/bin/sh
usb_modeswitch -KW -v 0bda -p 1a2b
-------------------------------------------------------------
Below is how you switch 1a2b into c811:
``````````````````````````````````````````````````
https://github.com/yklove/rtl8821cu
Works:
https://shop.hak5.org/products/ralink-usb-wifi-rt5370
[atheros 9271]
https://www.lelong.com.my/150mbps-mini-usb-2-0-port-wireless-wifi-adapter-antenna-winsonyap86-214762007-2021-08-Sale-P.htm
Same seller [ 1 and 2 below]
1. [rt5370]
https://www.lelong.com.my/wifi-rt5370-adapter-freesat-alphabox-5151wornall-206177735-2020-07-Sale-P.htm
2. [rtl8811au - dual band]
https://www.lelong.com.my/600mbps-dual-band-5ghz-wireless-lan-usb-pc-wifi-adapter-802-11ac-5151wornall-I6143827-2007-01-Sale-I.htm [ does not work on Kali Linux ]
Tried below also did nto work:
https://www.youtube.com/watch?v=zZG65GkWGdU [zaid ]
https://unix.stackexchange.com/questions/369045/kali-linux-and-rtl8812au
https://edimax.freshdesk.com/support/solutions/articles/14000041287-how-to-install-ew-7811-ac600-ew-7822uac-in-linux-with-kernel-higher-than-v4-1
Finally this works:
https://www.prado.lt/how-to-install-realtek-8811cu-wireless-lan-802-11ac-usb-nic-on-ubuntu-19-04
cd to /usr/src, then:
git clone https://github.com/brektrou/rtl8821CU.gitbefore make, edit the rtw_debug.c file to comment out the __DATE__ line. The rtw_debug.c file is in
rtl8821CU/core
Then,
make
make install
Then:
usb_modeswitch -KW -v 0bda -p 1a2b[switch_usbmode.sh]
#!/bin/sh
usb_modeswitch -KW -v 0bda -p 1a2b
-------------------------------------------------------------
Below is how you switch 1a2b into c811:
``````````````````````````````````````````````````
https://github.com/yklove/rtl8821cu
Works:
If wifi can be detected, congratulations. If not, maybe you need to switch your device usb mode by the following steps in terminal:
- find your usb-wifi-adapter device ID, like "0bda:1a2b", by type:
lsusb
- switch the mode by type: (the device ID must be yours.)
sudo usb_modeswitch -KW -v 0bda -p 1a2b
It should work.
Friday, September 13, 2019
Protection against netcut attacks
https://www.raymond.cc/blog/protect-your-computer-against-arp-poison-attack-netcut/
http://www.linuxandubuntu.com/home/tuxcut-a-tool-to-protect-linux-against-arpspoof-attacks
https://github.com/aarreedd/ARP-Defense
https://www.youtube.com/watch?v=M3l6FRF2KVU
https://www.youtube.com/watch?v=rOeyfG7vq3k [ Good ]
http://www.linuxandubuntu.com/home/tuxcut-a-tool-to-protect-linux-against-arpspoof-attacks
https://github.com/aarreedd/ARP-Defense
https://www.youtube.com/watch?v=M3l6FRF2KVU
https://www.youtube.com/watch?v=rOeyfG7vq3k [ Good ]
Evil Twin Attacks
Hacking starbucks with kali linux and raspberry pi
https://www.youtube.com/watch?v=q7HkIwbj3CM
https://www.youtube.com/watch?v=q7HkIwbj3CM
Wednesday, September 11, 2019
Tuesday, September 10, 2019
DIY Wifi Pineapple
https://oct8l.gitlab.io/posts/2019/54/making-a-knockoff-wifi-pineapple-from-a-gl-inet-ar150m/
http://gerryk.com/posts/using_ghidra_to_reverse_wifi_pineapple_protection/
https://www.lazada.com.my/products/90smart-gl-ar150-mini-smart-router-w-openwrt-16mb-flash-white-i421520687-s613301966.html
Original Wifi Pineapple:
https://www.ebay.com.sg/itm/WiFi-Pineapple-Nano-6th-Generation-Hak5-/182394830532
Kali Linux vs Wifi Pineapple:
https://forums.hak5.org/topic/46147-nano-vs-kali-linux/
http://gerryk.com/posts/using_ghidra_to_reverse_wifi_pineapple_protection/
https://www.lazada.com.my/products/90smart-gl-ar150-mini-smart-router-w-openwrt-16mb-flash-white-i421520687-s613301966.html
Original Wifi Pineapple:
https://www.ebay.com.sg/itm/WiFi-Pineapple-Nano-6th-Generation-Hak5-/182394830532
Kali Linux vs Wifi Pineapple:
https://forums.hak5.org/topic/46147-nano-vs-kali-linux/
Sunday, September 8, 2019
Monday, September 2, 2019
Bad USB
https://mashable.com/2014/10/03/bad-usb/
https://shopee.com.my/DIY-WIFI-Version-Bad-USB-RUBBER-DUCKY-TEENSYfor-Hak5-HiD-Lazy-U-Disk-Arduino-IED-i.78780680.1560641635
https://www.youtube.com/watch?v=hEpk56Qy5W0
DIY Using digispark:
https://www.youtube.com/watch?v=fGmGBa-4cYQ
Additional boards manager: http://digistump.com/package_digistump_index.json
https://hackernoon.com/low-cost-usb-rubber-ducky-pen-test-tool-for-3-using-digispark-and-duck2spark-5d59afc1910
https://www.nixu.com/blog/hidden-gem-low-cost-digispark-usb-now-quacks-duckyscript
https://www.lelong.com.my/digispark-kickstarter-attiny85-usb-development-module-board-sainapse-io-F1625020-2007-01-Sale-I.htm
https://www.youtube.com/watch?v=b5E0u4qNH4s
https://www.youtube.com/watch?v=YXWxEzLHXuw
Lazada with sdcard:
https://www.youtube.com/watch?v=3A53g0j-ugw
https://www.youtube.com/watch?v=ksvo1WDYQ7s (program duckduino onto device, then put duck scripts on sdcard)
Lazada pendrive with keychain:
https://www.youtube.com/watch?v=FChGkR38Eso
https://www.lazada.com.my/products/cfb-badusb-beetle-bad-usb-microcontroller-atmega32u4-virtual-keyboard-i543946575-s1079160374.html
https://www.youtube.com/watch?v=Z93Cp6XkJio
http://www.areresearch.net/2017/12/some-fun-with-bad-usb-devices-not.html
DIY Bad USB With Wifi:
https://www.youtube.com/watch?v=Utq4C9S3-uI
Seytonic's Playlist:
https://www.youtube.com/playlist?list=PL2YepVFF1azFjaLd5PYCYg2lKeB6t1xcj
Buying List for Seytonic's project:
https://www.lelong.com.my/atmega32u4-pro-micro-5v-16mhz-atmega-32u4-arduino-board-nadieleczone-F1646733-2007-01-Sale-I.htm
https://www.lelong.com.my/usb-adapter-type-male-micro-b-male-newfroggyonline-214224512-2019-09-Sale-P.htm
https://www.lelong.com.my/5-unit-mini-tactile-switch-push-button-momentary-arduino-pic-nadieleczone-F1199273-2007-01-Sale-I.htm
https://www.lelong.com.my/microsd-card-module-sainapse-io-F810741-2007-01-Sale-I.htm
https://www.lelong.com.my/dip-switch-2-54mm-2p-3p-4p-5p-8p-littlecraft-I5292329-2007-01-Sale-I.htm
About Arduino Pro Micro:
https://deskthority.net/wiki/Arduino_Pro_Micro
Buying List for Seytonic's DIY Wireless Bad USB:
( based on this: https://www.youtube.com/watch?v=Utq4C9S3-uI&t=11s )
Only need Arduino Pro Micro and microUSB Adapter, you can reuse your existing NodeMCU.
https://www.lelong.com.my/atmega32u4-pro-micro-5v-16mhz-atmega-32u4-arduino-board-nadieleczone-F1646733-2007-01-Sale-I.htm
https://www.lelong.com.my/usb-adapter-type-male-micro-b-male-newfroggyonline-214224512-2019-09-Sale-P.htm ( Optional, can use normal microusb cable )
Another reference similar to Seytonic:
( Supremeduck )
https://github.com/michalmonday/supremeDuck
Raspberry PI Bad USB:
https://www.youtube.com/watch?time_continue=1&v=I_BjCdJlCo4
https://maltronics.com/blogs/blog/exfiltrating-files-with-a-pi-zero
Ducky Script Payloads:
https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads
--------------------------- DIGISPARK ---------------------------------
Ducky Script to Digispark converter:
https://github.com/CedArctic/digiQuack [ C++ Some errors ]
https://github.com/uslurper/digiduck [ Python Not working ]
https://github.com/mame82/duck2spark [ Python ]
https://github.com/toxydose/Duckyspark [ Python - USE THIS]
Digiduck howto:
https://github.com/uslurper/digiduck/wiki/A-Brief-Overview-of-Digiduck-and-Why-It-Isn't-Working-for-You
Warning:
When adding environment variables C:\Python27 need to add a backward slash like this:
C:\Python27\
What works for me for Digispark:
https://0x00sec.org/t/a-complete-beginner-friendly-guide-to-the-digispark-badusb/8002
https://github.com/CedArctic/DigiSpark-Scripts
I downloaded Duckyspark_translator.py from https://github.com/toxydose/Duckyspark and renamed it to duckspark.py
Also followed Seytonic's video:
https://www.youtube.com/watch?v=fGmGBa-4cYQ&list=PL2YepVFF1azFjaLd5PYCYg2lKeB6t1xcj&index=6
DigiKeyboard.h reference:
https://github.com/digistump/DigistumpArduino/blob/master/digistump-avr/libraries/DigisparkKeyboard/DigiKeyboard.h
C:\Users\paul\AppData\Local\Arduino15\packages\digistump\hardware\avr\1.6.7\libraries\DigisparkKeyboard
If you find some keys not defined, then you can include the defines yourself in the .ino code
Try converting some ducky script with duckyspark and you can see an example.
They keys are missing from DigiKeyboard.h and you will need to add them manually:
#define KEY_ESC 41
#define KEY_BACKSPACE 42
#define KEY_TAB 43
#define KEY_PRT_SCR 70
#define KEY_DELETE 76
#define KEY_ARROW_RIGHT 0x4F
#define KEY_ARROW_DOWN 0x51
#define KEY_ARROW_UP 0x52
Upload badusb scripts to http://ezishopper.site/badusb/ for experiments. It is a namecheap ac.
https://shopee.com.my/DIY-WIFI-Version-Bad-USB-RUBBER-DUCKY-TEENSYfor-Hak5-HiD-Lazy-U-Disk-Arduino-IED-i.78780680.1560641635
https://www.youtube.com/watch?v=hEpk56Qy5W0
DIY Using digispark:
https://www.youtube.com/watch?v=fGmGBa-4cYQ
Additional boards manager: http://digistump.com/package_digistump_index.json
https://hackernoon.com/low-cost-usb-rubber-ducky-pen-test-tool-for-3-using-digispark-and-duck2spark-5d59afc1910
https://www.nixu.com/blog/hidden-gem-low-cost-digispark-usb-now-quacks-duckyscript
https://www.lelong.com.my/digispark-kickstarter-attiny85-usb-development-module-board-sainapse-io-F1625020-2007-01-Sale-I.htm
https://www.youtube.com/watch?v=b5E0u4qNH4s
https://www.youtube.com/watch?v=YXWxEzLHXuw
Lazada with sdcard:
https://www.youtube.com/watch?v=3A53g0j-ugw
https://www.youtube.com/watch?v=ksvo1WDYQ7s (program duckduino onto device, then put duck scripts on sdcard)
Lazada pendrive with keychain:
https://www.youtube.com/watch?v=FChGkR38Eso
https://www.lazada.com.my/products/cfb-badusb-beetle-bad-usb-microcontroller-atmega32u4-virtual-keyboard-i543946575-s1079160374.html
https://www.youtube.com/watch?v=Z93Cp6XkJio
http://www.areresearch.net/2017/12/some-fun-with-bad-usb-devices-not.html
DIY Bad USB With Wifi:
https://www.youtube.com/watch?v=Utq4C9S3-uI
Seytonic's Playlist:
https://www.youtube.com/playlist?list=PL2YepVFF1azFjaLd5PYCYg2lKeB6t1xcj
Buying List for Seytonic's project:
https://www.lelong.com.my/atmega32u4-pro-micro-5v-16mhz-atmega-32u4-arduino-board-nadieleczone-F1646733-2007-01-Sale-I.htm
https://www.lelong.com.my/usb-adapter-type-male-micro-b-male-newfroggyonline-214224512-2019-09-Sale-P.htm
https://www.lelong.com.my/5-unit-mini-tactile-switch-push-button-momentary-arduino-pic-nadieleczone-F1199273-2007-01-Sale-I.htm
https://www.lelong.com.my/microsd-card-module-sainapse-io-F810741-2007-01-Sale-I.htm
https://www.lelong.com.my/dip-switch-2-54mm-2p-3p-4p-5p-8p-littlecraft-I5292329-2007-01-Sale-I.htm
About Arduino Pro Micro:
https://deskthority.net/wiki/Arduino_Pro_Micro
Buying List for Seytonic's DIY Wireless Bad USB:
( based on this: https://www.youtube.com/watch?v=Utq4C9S3-uI&t=11s )
Only need Arduino Pro Micro and microUSB Adapter, you can reuse your existing NodeMCU.
https://www.lelong.com.my/atmega32u4-pro-micro-5v-16mhz-atmega-32u4-arduino-board-nadieleczone-F1646733-2007-01-Sale-I.htm
https://www.lelong.com.my/usb-adapter-type-male-micro-b-male-newfroggyonline-214224512-2019-09-Sale-P.htm ( Optional, can use normal microusb cable )
Another reference similar to Seytonic:
( Supremeduck )
https://github.com/michalmonday/supremeDuck
Raspberry PI Bad USB:
https://www.youtube.com/watch?time_continue=1&v=I_BjCdJlCo4
https://maltronics.com/blogs/blog/exfiltrating-files-with-a-pi-zero
Ducky Script Payloads:
https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads
--------------------------- DIGISPARK ---------------------------------
Ducky Script to Digispark converter:
https://github.com/CedArctic/digiQuack [ C++ Some errors ]
https://github.com/uslurper/digiduck [ Python Not working ]
https://github.com/mame82/duck2spark [ Python ]
https://github.com/toxydose/Duckyspark [ Python - USE THIS]
Digiduck howto:
https://github.com/uslurper/digiduck/wiki/A-Brief-Overview-of-Digiduck-and-Why-It-Isn't-Working-for-You
Warning:
When adding environment variables C:\Python27 need to add a backward slash like this:
C:\Python27\
What works for me for Digispark:
https://0x00sec.org/t/a-complete-beginner-friendly-guide-to-the-digispark-badusb/8002
https://github.com/CedArctic/DigiSpark-Scripts
I downloaded Duckyspark_translator.py from https://github.com/toxydose/Duckyspark and renamed it to duckspark.py
Also followed Seytonic's video:
https://www.youtube.com/watch?v=fGmGBa-4cYQ&list=PL2YepVFF1azFjaLd5PYCYg2lKeB6t1xcj&index=6
DigiKeyboard.h reference:
https://github.com/digistump/DigistumpArduino/blob/master/digistump-avr/libraries/DigisparkKeyboard/DigiKeyboard.h
C:\Users\paul\AppData\Local\Arduino15\packages\digistump\hardware\avr\1.6.7\libraries\DigisparkKeyboard
If you find some keys not defined, then you can include the defines yourself in the .ino code
Try converting some ducky script with duckyspark and you can see an example.
They keys are missing from DigiKeyboard.h and you will need to add them manually:
#define KEY_ESC 41
#define KEY_BACKSPACE 42
#define KEY_TAB 43
#define KEY_PRT_SCR 70
#define KEY_DELETE 76
#define KEY_ARROW_RIGHT 0x4F
#define KEY_ARROW_DOWN 0x51
#define KEY_ARROW_UP 0x52
Upload badusb scripts to http://ezishopper.site/badusb/ for experiments. It is a namecheap ac.
Sunday, September 1, 2019
Wifi Hacking
Evil Twin Attack:
https://pikdo.net/p/faisalyahya/2118124885757667190_187669594
Wifi Pineapple:
https://shop.hak5.org/products/wifi-pineapple
https://www.lazada.com.my/products/1pcs-wifi-pineapple-wireless-network-wifipineapple-wireless-security-auditing-hak5-high-quality-i557402589-s1108500118.html
https://pikdo.net/p/faisalyahya/2118124885757667190_187669594
Wifi Pineapple:
https://shop.hak5.org/products/wifi-pineapple
https://www.lazada.com.my/products/1pcs-wifi-pineapple-wireless-network-wifipineapple-wireless-security-auditing-hak5-high-quality-i557402589-s1108500118.html
Wifi Jammer with Raspberry PI
https://dephace.com/how-to-make-a-wifi-jammer-with-raspberry-pi-3/
https://www.evilsocket.net/2018/07/28/Project-PITA-Writeup-build-a-mini-mass-deauther-using-bettercap-and-a-Raspberry-Pi-Zero-W/
https://www.shellvoide.com/wifi/how-to-turn-raspberry-pi-into-wireless-jammer/
https://www.hackster.io/mehedishakeel/make-a-wifi-jammer-using-raspberry-pi-3-fb73dd
https://www.evilsocket.net/2018/07/28/Project-PITA-Writeup-build-a-mini-mass-deauther-using-bettercap-and-a-Raspberry-Pi-Zero-W/
https://www.shellvoide.com/wifi/how-to-turn-raspberry-pi-into-wireless-jammer/
https://www.hackster.io/mehedishakeel/make-a-wifi-jammer-using-raspberry-pi-3-fb73dd
Subscribe to:
Comments (Atom)