One mitigation that works - disable automatic USB device installations. It pisses off users as they can't connect their iPhones, USB sticks, etc. but if security is a concern it's worth doing.
@jaybreeze20333 жыл бұрын
UPnP is actually pretty standard, also makes the rubber ducky useless. an in-line hardware keylogger works nicely still.
@ahmedifhaam7266 Жыл бұрын
most ADs have this as a GP usually
@ralph17p Жыл бұрын
@@ahmedifhaam7266That's not been my experience and I've been an IT consultant for quite a while. Most of my customers are in finance (hedge funds, insurance etc.) and most of them don't block USB device installation. Those companies that do often end up rolling it back after the execs have a moan and get themselves an exception. Then the marketing team gets an exception because they have to connect to random devices in customer boardrooms and, before you know it, the whole thing has more holes than a sieve and it's fairly pointless. Mostly, we've moved to next-gen anti-malware and HIPS, designed to detect anomalous behaviour and hopefully catch the payloads delivered by these sort of devices. Also, it seems the latest Rubber Ducky is utterly unphased by USB blocking as it can be configured to circumvent most basic endpoint restrictions by emulating a different, permitted, USB device.
@alexsacco19487 жыл бұрын
At 2:22 the time on the computer is 2:22
@sneilson117 жыл бұрын
Omg wat
@emmanuelserrato78056 жыл бұрын
Alex Sacco sick
@kevinportillo19715 жыл бұрын
It was already 2:22 on that pc before the vid--- never mind why am i even bothering....🙄
@zirizo4 жыл бұрын
@@kevinportillo1971 ??? Yea it's cool
@uniquelycommon22448 жыл бұрын
Great ground-up explanation of how this sweet method actually works. Subscribed. Have to get me a LAN turtle post-haste and start playing around with this.
@hak58 жыл бұрын
Hope you enjoy it.
@over00lordunknown126 жыл бұрын
Back when this was new, and I took a tour of a Microsoft center near me (with my High School), I asked the tour guide (who is a seasoned MS worker, who mainly worked in the MS Office Suite) why Windows just sends the NTLM hashes over the network without ensuring it is a server that is valid. Their response was: "Windows doesn't." but he looked *VERY* confused, and my class mates were all happy I stumped the guy because he was so sure of him self in the beginning that he could answer ANY question... XD
@ahmedifhaam7266 Жыл бұрын
that's not really a victory or whatever lol.
@davidmaxey34408 жыл бұрын
perfect amount of time to fill in the last half hr of work :P
@nickt48795 жыл бұрын
what a disapointment, got a device to test it out for myself, i mean come on it's really straight forward, plug, update 6.1, install quick creds, config, and pouff no more space on device... dosn't work as advertised either.. now i have to factory reset bullshit and waste time reading post of a TON of people having hte same issue all the way 2 years back... man seriously i should have google it before buying, what a waste of time
@ThatNateGuy8 жыл бұрын
Both of you guys have awesome shirts!
@LakeVermilionDreams8 жыл бұрын
I love this show! I learn a bunch here, then get to wow my coworkers with security stories and get them excited about how something as simple as MITM attacks work.
@dosluke8 жыл бұрын
very cool. Ill be buying a lan turtle soon, I already have the ducky :P. btw, Shannon, you are a beauty :)
@rhettro_6 жыл бұрын
First time peepin' the channel, I am officially in love with Snubs
@ViolentOrchid8 жыл бұрын
if the rubber ducky had a clock that keeps track of seconds or milliseconds, just use that to pulse the led. seconds/60 * 255 or milliseconds /100 * some number to keep it from being crazy fast * 255. there
@ahmedifhaam7266 Жыл бұрын
Doubt
@rumpelstiltskin97293 жыл бұрын
This Crip is very skilled with computers.
@RawApeFromAlbion9 ай бұрын
🤣🤣🤣 yo dog!
@h.i.13598 жыл бұрын
Basically a ~30 y/o attack is still working fine and all it takes to mitigate it is to use a static route. Security and comfort never go together.
@mikvance7 жыл бұрын
My turtle likes Shannon.
@AholicKnight4 жыл бұрын
same
@lnteI6 жыл бұрын
is this still working? i heard microsoft released patch to fix this
@AliciaSykes4 жыл бұрын
Not working anymore, 2020
@datsuprakidbackup82 жыл бұрын
@@yuck871 still working?
@alicoolman1xx8 жыл бұрын
The solution: Switch user(put a note 📝 on screen saying pc in use) Use an anti virus so it block internet from new network cards.
@mircoheitmann7 жыл бұрын
But why isn't it a camera? in case you don't understand, take a look at the beginning
@zaggery8 жыл бұрын
What about the whole private, public lan? It will trust this network device?
@matthewsummers65458 жыл бұрын
testing in my environment and pulled the hash off a test machine but its a much longer hash then old NTLM is there certain areas that are the hash and the rest isnt? curious how to get ophcrack or something to work with the format
@grimssouls38975 жыл бұрын
Whenever I attempt this on myself, it takes too long, so I never get to finish. It rapidly blinks for hours. I left it in for hours. Didn't finish. When I check the folder it's empty.
@Badminkey78 жыл бұрын
Does it need to always have a cat 5 cable plugged in or does it still work just plugged in via USB
@AllYourDubStep7 жыл бұрын
I'm able to get NTLMv2 hashes, but how do I crack it? I'm not sure what to do with the NTLMv2 hash. Thank you! Also great toy this thing is.
@AllYourDubStep7 жыл бұрын
Alright perfect. Thanks man
@ahmedifhaam7266 Жыл бұрын
@@AllYourDubStep ?
@goustune8 жыл бұрын
I'm not sure I get it but, this work only if Windows is configured to use an AD ? Because there is no reason that Windows will send creds over the network on a simple home network
@LakeVermilionDreams8 жыл бұрын
Isn't there some sort of work group sharing in Windows still? Or is that managed by our use a different protocol or procedures?
@AlexKennedy478 жыл бұрын
I'm assuming DHCP sends WPAD option in response. This forces windows to do an HTTP request for the WPAD. The HTTP server is set up to require NTLM-Auth. Hence Windows sends NTLM... Just a guess but I think this is correct.
@danmac49696 жыл бұрын
what is the benefit of buying a land turtle vs a rubber ducky?
@ale-lx9gp8 жыл бұрын
Yo dawg, tell me more about these leds and that inside joke
@Anonymouspock8 жыл бұрын
Hey! I'm just curious why you don't have local dynamic DNS and instead use IPs everywhere.
@alvaroelloco247 жыл бұрын
would it work as well if the computer is unlocked? i mean logged in? thanks i keep waiting for your answers!
@kdnew78778 жыл бұрын
sadly it doesnt work for me. responder.log says "starting attack" and the amber LED blinks fast and doesnt went solid :-/
@Chubbza58 жыл бұрын
Couldn't you implement a "process counter" or something into the hash code that counted the clock cycle during the compilation and completely nullify this kind of attack?
@jarisipilainen38756 жыл бұрын
pc is there locked or unlocked you own it allready
@jameshersee1697 жыл бұрын
does it only run on Linix as i would assume it could run on a mac as the UI on terminal looked similar and macOS and Linix are practically the same thing
@gabrieltaggart7 жыл бұрын
So i’m confused. You can snag the creds from the locked machines into hashes... But can’t decrypt the hashes, or at least quickly? I apologise, I’m not a very good listener, and I lose concentration very easily. Can someone please briefly explain what this actually does? Like for example: -You configure the Lan Turtle to Quickcreds -Plug it into the locked machine -Wait until the amber light is solid -Unplug it and plug it back into your machine -FTP to /root/loot -Find the hashes... What do I do with the hashes? And how do I get the passwords?
@Cr4ntz5 жыл бұрын
Decrypt them with programs such as john the ripper
@aquatrax1237 жыл бұрын
that's why you disable ntlm and move to kerberos only.
@sandortakacs5467 жыл бұрын
Certificed Checkbox Unchecker.. I died 😂
@RawApeFromAlbion9 ай бұрын
Yep come get your CCU certificates!
@Anonymouspock8 жыл бұрын
What's with the repeated opkg invocations? Shouldn't you store that output in a variable then use that? Actually, that should be a function because it's a bunch of repeated stuff.
@ahmedifhaam7266 Жыл бұрын
function or static variable, choose 1
@fahdadni8 жыл бұрын
i always wanted one of your devices(usb rubber ducky, lan turtle...)but i can't afford it hahaha
@kodiererg6 жыл бұрын
Real hackers build and program their own. Look into raspberry pi and arduino, and learn C
@zach36648 жыл бұрын
I think the lan turtle is awesome. I was wondering if you guys have thought of doing a lan turtle that plugs in via Ethernet instead of USB. Some companies have enacted no USB use so that would mitigate that attack. Do you think there is a way to do Ethernet in from the switch to Ethernet out to the computer so you wont have any unauthorized USB device setting off alarms? If there is a way to pull power from the NIC of the computer to power the turtle I think that would be another great attack vector. Then you could just say "oh yeah that's just a insulator" or something to that effect to make them not question what it really is. I'm not sure if it is possible but just an idea just in case said company or entity has enacted no USB policy. Like always love watching your channel and hack the planet!
@JeffereyDembinski8 жыл бұрын
Does this hack rely on the use of DHCP? What if it's a desktop with a manually set IP address?
@veryfrozen32716 жыл бұрын
Shannon has a really nice t-shirt
@hellsguardian20047 жыл бұрын
Can the LAN Turtle be used to get creds from a linux system?
@Babyfacemcgill8 жыл бұрын
You guys keep talking about NTLM but what about NTLMv2? Anyone doing basic Windows security should be refusing LM and NTLM.
@stevesmith25538 жыл бұрын
what about Kerberos
@grave0x8 жыл бұрын
they speak about NTLMv1 and v2 after 16:30
@pj11068 жыл бұрын
How to you view the creds form the Lan turtle?
@jblackops997 жыл бұрын
what Linux distribution was used on the laptop.
@navjotsingh22516 жыл бұрын
MJGC-Jonathan kali Linux I think
@KyletheKReep926 жыл бұрын
Kali.
@TeganBurns8 жыл бұрын
8:30 what is PWM for 500 please
@hak58 жыл бұрын
Pulse width modulation - shannon
@TeganBurns8 жыл бұрын
No like Jeopardy lol :P But yeah, I was saying you can use PWM for fading the LED in and out by changing the duty cycle from 100% - 0% (and vice versa) with a for loop.
@davetriplett47797 жыл бұрын
Tegan Burns Oooo, )))
@davetriplett47797 жыл бұрын
Yeah, ...I'm lost. .
@bearwolffish7 жыл бұрын
What do you mean Glenn, there is a 0-100% duty cycle. Do you mean because that is either on or off? From AVR datasheet on using timer capture: "While this implementation plan will produce generally reasonable results, there are some boundary conditions which must be considered. The first is that it is possible to have a PWM duty cycle of 0%, or of 100%. These both have meaning, but they are anomalous, since the former cycle consists only of a (constant) inactive signal, and the latter only of an active signal. In neither case, there is any edge for the ICP to trigger on. "
@Chris-ze3ic6 жыл бұрын
would this work on a machine if had all its files encrypted ?
@tonycheung76242 жыл бұрын
If this is a local account we can boot from PE to unlock all of the accounts. Is it this tool can unlock domain accounts?
@evilplaguedoctor51588 жыл бұрын
so.. what are Creds?
@hak58 жыл бұрын
credentials - like username / password. - Shannon
@evilplaguedoctor51588 жыл бұрын
Hak5 ah, makes sense, thank you!
@tgyk15688 жыл бұрын
I just noticed the @HunterHonda sticker behind Mubix at 11:49. Fuckkin aweeesssooome.
@DarrenKitchen8 жыл бұрын
I love that guy! @HunterHonda is the man!
@tgyk15688 жыл бұрын
Do you regular any other motovloggers? Hunter and Dan are definitely a couple of my favorites.
@hitmansnipes64457 жыл бұрын
nothing shows up when i cat the .log file do i need to configure responder too?
@andrewel53838 жыл бұрын
im wonderinf if you would please do a vid on hack os's i mean there are several linux based hacking os im specifically focused on blackarch and kali
@tehtron8 жыл бұрын
+Hak 5 I think i have another method to Snag creds for entire active directory domain that I have theories about
@ahmedifhaam7266 Жыл бұрын
no, you dont.
@becouso9h8 жыл бұрын
do you need 2 turtle to do the job?
@TMusicLis5 жыл бұрын
Whats the name of the Documentary.
@SoundsFantastic8 жыл бұрын
Green beginning....HULK!
@mysticsilent8 жыл бұрын
thnx :) nice tutorial and excellent explanation!
@ronniepalmer98138 жыл бұрын
is there a way I can buy your stuff in the UK
@AlexKennedy478 жыл бұрын
So how did the autologin work? Or can someone point me to good information to pass the hash?
@bseverance53908 жыл бұрын
Too Cool! One more thing I can do with my LAN Turtle!
@edwinkania52863 жыл бұрын
What is up with the wrist wrap............
@joshuaott28004 жыл бұрын
So... it doesn't do anything you advertised? big surprise haha
@nitinmeena85898 жыл бұрын
can you tell how to break speed limit on a lan ?
@RoyalTurnips3 жыл бұрын
Beirut go boom
@williammartens70377 жыл бұрын
Hello Hak5, i have seen a bounch of videos about the lan turtle, But, if you just connect it to the Home's /work's ethernet (and NOT a computer, just to a powersource like a powerbank,outlet,etc) can you acces everything on that network that are connected to the ethernet??? + is the lan turtle 's tools (msf-meterpreter,scan networks,MITM-attacks, etc) fully undetectable? Please answear this as fast as possible!
@ahmedifhaam7266 Жыл бұрын
ooh
@speedcorefreak72388 жыл бұрын
@hak5 Echo in the audio
@hotfreshrider8 жыл бұрын
Shipping estimate: September 27 but we want it nooowwww
@glitchtheanarchist55896 жыл бұрын
Can c++ work for this. Or is it just python and bash.
@ahmedifhaam7266 Жыл бұрын
anything works prolly,
@fahdadni8 жыл бұрын
i got an idea, it's called lanpi, it's a box with raspberry pi with 3g or lte modem shared over Ethernet with lan turtle and it's portable and usable anytime please respond hahahah
@karelorigin46498 жыл бұрын
connect your phone with the raspberry pi using the usb port, enable usb tethering, problem solved.
@fahdadni8 жыл бұрын
Yep or that Lol hahaha
@forskern5 жыл бұрын
Can you do this with bash bunny?
@Q_208 жыл бұрын
What? I don't think it would work if I prevent installation of driver.
@ahmedifhaam7266 Жыл бұрын
does it install anything?
@Antonio-yp3tj5 жыл бұрын
He looks like he’s from florida
@OSHA_Inspector4 жыл бұрын
Florida Man (Hacker Version)
@dpatt61755 жыл бұрын
Puff puff pass the hash
@Nismo10198 жыл бұрын
Does this attack work using a pi zero??
@andrewhennessy6204 жыл бұрын
it could if you put in the time to build it
@briankelleher56497 жыл бұрын
Hi could you possibly make your videos more concise because they drag on a lot.
@ericmin60557 жыл бұрын
but that's why i like it if they make it concise I think it will become boring like most other hacking vids.
@ThereWillBeCake3 жыл бұрын
bob is another name for kate
@virtualevan8 жыл бұрын
Hey! Listen!
@pablorodriguez1968 жыл бұрын
great stuff guys!
@sureal8088 жыл бұрын
Anyone able to get this working? Have a lan turtle and a fresh Windows 10 install but no luck.
@bwagenberg Жыл бұрын
So how unlock a logged off pc?
@croquis246 жыл бұрын
wayt i just realise you can do theis atac from the network room lol
@ericmin60557 жыл бұрын
But most of all, Samy is my hero.
@slimshady41266 жыл бұрын
Didn't know darren was reppin
@Calm_Energy5 жыл бұрын
I too 🧡 the directory name /root/loot lol
@CodeBeasty8 жыл бұрын
WOOOOOO
@zirizo4 жыл бұрын
Creds?
@pcbreezejp6 жыл бұрын
I want that pineapple shirt
@aidenblanchard71574 жыл бұрын
rip Lebanon... F
@j0ltc0lajunki38 жыл бұрын
Damn Darren, That shirt
@QasimSeeha8 жыл бұрын
Nice hat mubix د
@geekinginandout8 жыл бұрын
nice shirt
@prod.treyxoldd5 жыл бұрын
hak5 how do create my own physical access hacking device
@lifeisaadventure99485 жыл бұрын
I’d 😍 to be able to hack our wireless printer 🖨 👩🏼💻
@tomerkane84247 жыл бұрын
Hi guys im totally new to the hacking world even tho i know some html css and python. Where i can start learning the lenguage the use on the trrminal and the explanation of what are hashes and all that cool stuff.
@fatcunt67657 жыл бұрын
learn to code first. i started off with c# to make bots for discord and other cool stuff, just look something up
@millipeace868 жыл бұрын
I love your content, and the contents of your shirt but can I be real with ya? You look like you should be in a ska band.
@hak58 жыл бұрын
Don't judge a book by it's cover. The way a person dresses doesn't necessarily constitute what they are into. Food for thought. - Shannon
@RawApeFromAlbion9 ай бұрын
yo dog!
@phreaklulz8 жыл бұрын
I have noticed with the lanturtle, if the user does not have access to the internet, OR if the computer does not allow Microsoft to search for drivers outside of the computer, then the LanTurtle only shows up as a 10/100 Ethernet device with no function. So my question, wouldn't something like this mitigate the attack? support.microsoft.com/en-us/kb/2500967
@eddietours37288 жыл бұрын
Link !!!! BOTW coming
@fahdadni8 жыл бұрын
great guys
@MajikCatSecurity5 жыл бұрын
Shannon....(sigh) =)
@ITpanda8 жыл бұрын
She has an awesome shirt. Also cool episode
@PeterPan-fl1lp4 жыл бұрын
no your adorable!!! pretty self!
@Oper8or6 жыл бұрын
I'll buy a LANturtle right now if snubs will bit it before its sent to me!!!!