Jump to content
Hak5 Forums

Leaderboard


Popular Content

Showing content with the highest reputation since 05/18/2018 in all areas

  1. 3 points
    Kismet - Pineapple Edition - With WEB-UI I just saw the video uploaded by Hak5 to youtube the other day, where they used an array of Tetra's running Kismet to scan ALL channels at all times. After that, i just had to get it working! Today i finally managed to compile the latest source-files for kismet, which also has a working web interface. I've tested it all day on my Tetra, but it should be working on the Nano as well. It might complain about the version of libmicrohttpd , so i recommend to also download the version of libmicrohttpd on my repo. (links to ipk's below) All the other libs should work (downloaded under installation), if you just remember to run opkg update before installing them. I've updated the version of Kismet (26.05.2018). So the "issue" with libmicrohttpd should be fixed, and it should now be content with the version on openwrt's repos. which it downloads under installation. Also tried adding support for libpcap and pcre, please test it out. 🙂 Kismet Kismet-remote After installation: Run "kismet" inside a SSH terminal to the Pineapple. Kismet should launch. You should now be able to access the web-interface on TCP-port 2501. (Eg: http://172.16.42.1:2501) Another tip: run airodump-ng-oui-update on the Pineapple When completed, run: ln -s /etc/aircrack-ng/airodump-ng-oui.txt /etc/manuf This will make Kismet use Aircrack-ng's OUI database. 🙂 Ask questions, or whine about issues here. I'll try my best to keep it up to date. Makefiles needed for the OpenWRT-SDK can be found on the repo. mentioned above, if you want to compile it yourself.
  2. 2 points
    its a weird one, as the kismet info says it can share wiresharks OUI db and thats similar format as aircrack by the looks of it :- https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob_plain;f=manuf Ahh wait, the aircrack-ng db has (HEX) appear between MAC and Manufacturer. Confirmed - i copy paste the link above to a manuf file in /etc/ and Kismet picks it up and works. @b0N3z maybe try that. manuf
  3. 2 points
    Updated Kismet just now. It should now use the "correct" older version of libmicrohttpd, please test it and confirm if possible. I've also tried adding support for libpcap, and pcre, as some users got some errors relating to that. Please check if those "errors/warnings" are gone. 🙂
  4. 2 points
    Yes. As long as the Tetra manages to map the device to eg: /dev/ttyUSB0 (or whatever device it gets mapped as.) Then if the Tetra manages to read from it, Kismet should also be able to read from it. I have an iPhone (yeah, i'm getting it replaced with an Android device in the future), and been having great success "wardriving" with the App: GPS2IP ($6.99 USD @ AppStore (URL)). So here's how do use it: Method 1: Using the command below on the Tetra will make netcat listen on TCP port 11123, and then forward the data to the device /dev/ttyUSB0 nc -l -p 11123 | tee /dev/ttyUSB0 & You then setup Kismet to use /dev/ttyUSB0 it should be receiving GPS data perfectly. (Remember: Socket must be marked in GPS2IP. The iPhone and Tetra has to be on the same network. Make sure to mark the correct network in GPS2IP, if not; no connections can be made) Method 2: Or you can setup GPS2IP to use Socket-mode, instead of using "TCP Push" as we did above. Using the command below on the Tetra will make netcat connect to your iPhone's IP and PORT, and then forward the data to the device /dev/ttyUSB0 nc 192.168.1.15 11123 | tee /dev/ttyUSB0 & You then setup Kismet to use /dev/ttyUSB0 it should be receiving GPS data perfectly. (Remember: Socket must be marked in GPS2IP. The iPhone and Tetra has to be on the same network. Make sure to mark the correct network in GPS2IP, if not; no connections can be made) This is on my todo-list! For example, the kismet version now is compiled "without" python support (for plugins). But as python most definitely does work on OpenWRT, i don't see why it shouldn't be able to work here. It might need some customized tweaking to get it working, but it's definitely on my todo-list. And should be doable. Hell, i got sslstrip+ working on these devices 😄 I recommend every one of you to watch this awesome video uploaded to YouTube by Hak5. (Wifi Cactus) Where they tested Kismet with like 20+ Pineapple Tetra's in a huge array. To cover every 2.4GHz + 5GHz channels, with no hopping! Each Pineapple ran a client, and they all reported back the WiFi-traffic to a main kismet-server, which you could access the web-ui on. Even with all these devices, and all that WiFi-traffic, it used quite low memory! But still, kinda limited RAM on the Pineapples. 64MB on the Nano, and 128MB on the Tetra. So my gut-feeling says to use swap on the Nano at all times. But on the Tetra; only if you experience issues. I have medium amount of traffic around my house, some neighbors , and a lot of bypassing cars, buses, etc. It only used about 8MB RAM in the beginning, and then scaled minimally. About libpcap, i'm gonna try to implement libpcap into this version. It's also on my todo-list 🙂 Last tip is to: Transfer the captures to a laptop, or thumb-drive. They can get quite big. Especially if you leave it running for a long time, in a high-WiFi environment.
  5. 2 points
  6. 2 points
    Call the police, that's what they're for.
  7. 1 point
    Hak5 is proud to announce the release of firmware version 2.1.0 for the WiFi Pineapple NANO and TETRA! Usually we would write a longer post highlighting some of the cool new features, but I think the changelog speaks for itself this time. ♥ - The Hak5 Development Team Edit: A fix for a small bug inside of Recon has been fixed by pushing an update to the PineAP module. You can download the update via the Module Manager. Changelog Setup It is now possible to configure the timezone, wireless country code, firewall rules, and filters during Setup. The changelog and other important information is displayed on first setup. Recon There is now a live mode, allowing recon results to be streamed directly to the browser. No more waiting for a scan to complete before viewing the landscape. Recon results are now much more accurate due to the smarter scanning behavior of PineAP. OUI lookup has been improved and MAC addresses are verified to check if they have been randomly generated. The last seen column has been added, showing when an AP or client was last seen. PineAP The PineAP suite has been completely re-written to be more robust and provide better results. Added options to enable or disable client (dis)connection notifications. An issue has been fixed where SSIDs in the PineAP pool, which contained non-ascii characters, were corrupted. Clients Connections and disconnections are now shown as notifications. Filters Fixed an issue where SSID filter modes would not persist across reboots. Fixed an issue where connections to the Management network were denied. Tracking Fixed an issue where variables would not resolve on the WiFi Pineapple TETRA. Module Manager Users will not be asked to confirm a destination on the WiFi Pineapple TETRA. Configuration Users can now run a custom script on reset button press. Advanced Upgrades will now be able to hotfix some issues before an upgrade. Networking On the WiFi Pineapple TETRA it is now possible to allow SSH and webinterface access over the WAN port. OUI Lookups Added the ability to look up the OUI of a MAC address. Added the ability to download and clear the OUI lookup file. Logging The PineAP log is now sortable by clicking on the column headers. The PineAP log now displays the number of times a MAC has probed for an SSID. Reporting The reporting module has been refactored. Notes It is now possible to take notes on BSSIDs, SSIDs, and MAC address (via the recon modal). Profiling This module has been removed for the time being. Help Updated help text where appropriate. More comprehensive debug script output. General LEDS can now be controlled using the led command. CLI capable modules can now be controlled using the module command. AutoSSH now defaults to disabled when not setup. libnet0 and libnet1 are now built into the firmare (fixes issues with ettercap, reaver, etc). Aircrack-ng has been updated to the latest version. Various other fixes.
  8. 1 point
    Pretty crappy employer if they believe rumors... might not feel like it now but maybe better off without them 😞 As always bud, Family first! No rush.
  9. 1 point
    You aren't going to get any meaningful experience or do a good job for clients if you go out on your own straight away. You need to work with someone who knows their stuff to pick up the real world stuff. I'd say you need at least a couple of years working with others before trying to do anything on your own. The type of company is up to you, someone big like NCC would probably have a graduate, new starter training program that would get you up to speed quickly but would also be fairly generic or a smaller boutique firm which would get you more hands on with skilled testers but probably a little less breadth.
  10. 1 point
    Greetings bro I really hope there is a simplest way to bypass the OTP cuz i have search so much without a credible answer.
  11. 1 point
    I didnt just move out i moved to a different country
  12. 1 point
    @Tesla I figured out the button script LED. Stupid mistake lol
  13. 1 point
    There was a very simple bug in PineAP that is responsible for this. I just finished fixing it and it will be available in the next update. In the meantime, there isn't anything you can do to fix it. My apologies.
  14. 1 point
    Im almost finished a themes module for those still interested!
  15. 1 point
    Hey kbelfo, can I get a hold of your Dark css files / monotone pineapple icons? If you dont mind I can add your theme as default theme named 'kbelfo-dark' Here are some other themes i have added so far
  16. 1 point
  17. 1 point
    Hey everyone, We just released firmware 2.1.0-RC2 with a lot of fixes and a couple of new features. Please test as much as you can, we really want the 2.1.0 release to be as stable as possible. Download links and changelog can be found in the original post.
  18. 1 point
    are you allowed to setup a Demo Wifi? As Glowinghot666 said show them how insecure wifi in ggeneral is. Setup your tetra as a MITM don't pull any data just show them as a Proof of concept. Are you just trying to give them a broad overveiw of security or are their any use cases that they are looking for?
  19. 1 point
    ...however 2.4ghz has the longer range for the same power output.
  20. 1 point
    You can do nothing if you don't want to risk prosecution for illegally accessing a server. Also if you need to ask what you could do, that demonstrates you really should not be doing ANYTHING. Remember unless you are being paid to run a penetration test, and have explicit written permission, you shouldn't be trying to mess with other people's machines. And since you clearly say you "found" it, I don't think you have permission. Don't do anything.
  21. 1 point
  22. 1 point
    Starcraft Brood War forever, friends!
  23. 1 point
    Thank you so very much for your response, Dav-ee! Running the script that you linked worked like a charm! You just saved me $100 US. Let me explain the steps to take from here for the sake of completion. Hopefully this thread will help at least one other person. 1.) Serial into your bash bunny. Instructions for this can be found on the wiki. 2.) Execute "nano sebscript.sh" (or whatever name you would like.) 3.) Paste the code that Dav-ee linked into the file you have just created, and save the file. 4.) Execute "chmod a+x sebscript.sh" 5.) Execute "./sebscript.sh reformat" 6.) sebscript.sh will then ask if you are sure that you want to reformat. If you do, execute "y" 7.) Your bunny will then reboot, and you should be good to go! Pics or it didn't happen: Thanks again to seb and dav-ee. I owe you guys a beer.
  24. 1 point
    Running nano in VirtualBox. So my setup for virtual box is (at least the relativeparts to this) I'm on a macbook pro running VB with kali rolling what ever version Network: NAT (though it ought to be possible to run it bridged as well but with NAT its a bit easier when I use my VPN) I found a script that helps setup using the pineapple you can grab here: https://github.com/hak5darren/wp6 plug in ur nano then find the devices menu at the top probably (its a drop down) select usb and select the device it should automatically recognize then run the wp6 script and select guided setup following instructions it should connect This was all done on a macbook pro. If your using a different OS on a different machine you may have varied results hope it helps you out....I personally dont like vmware too much find I have issues with it. But frankly what ever works for ya is probably the best solution! Just thought I'd share my setup.
  25. 1 point
    That's quite easy, you just have to spoof all DNS requests and resolve them to the Pineapple. This will make it seem as if internet exists, but a captive portal is present.
×