Just_a_User

Active Members
  • Content count

    185
  • Joined

  • Last visited

  • Days Won

    1

4 Followers

About Just_a_User

Profile Information

  • Gender
    Not Telling
  • Location
    Earth
  • Interests
    Yes

Recent Profile Visitors

550 profile views
  1. hostapd-mana

    I edited the .conf to use wlan2 and ran the below. root@TETRA:/etc/mana-toolkit# launch-mana wlan2 Device seems to be: ONLINE. Remember: Press CTRL+C to kill MANA-Toolkit properly. RTNETLINK answers: File exists Configuration file: /etc/mana-toolkit/hostapd-mana.conf ACS: Automatic channel selection started, this may take a bit wlan1: interface state UNINITIALIZED->ACS wlan1: ACS-STARTED /usr/share/mana-toolkit/sslstrip-hsts/sslstrip2 When I check the .conf its back to wlan1.
  2. hostapd-mana

    Sorry I should have explained what I tried in more detail. I edited the hostapd-mana.conf in /etc/mana-toolkit/ to use wlan2 and I also tried from the module to edit the .conf. But when you start launch-mana or start on the module interface it starts using wlan1 and edits the .conf back to wlan1. I can post the log but it just shows wlan1 not wlan2 on the startup.
  3. hostapd-mana

    @Zylla I have issues running it (both module and terminal) using a plugged in wlan2 interface - always launches wlan1 and overwrites config.
  4. I'd recommend using iftop as its nice to see connection activity live. Also are you leaving the tetra on and connected to the internet for long periods of time? What have you installed onto it and from what sources? I would check iftop then do a firmware recovery and check again with iftop to check the connections are gone. I dont have much more than local connections on mine, apart from google dns and some small occasional exceptions. Be aware if your allowing client connections they can try brute forcing your ssh unless you turn user/pass off and go to certificates using the papers module or so. To install iftop: - opkg update opkg install iftop Iftop usage: - root@TETRA:~# iftop -h iftop: display bandwidth usage on an interface by host Synopsis: iftop -h | [-npblNBP] [-i interface] [-f filter code] [-F net/mask] [-G net6/mask6] -h display this message -n don't do hostname lookups -N don't convert port numbers to services -p run in promiscuous mode (show traffic between other hosts on the same network segment) -b don't display a bar graph of traffic -B Display bandwidth in bytes -i interface listen on named interface -f filter code use filter code to select packets to count (default: none, but only IP packets are counted) -F net/mask show traffic flows in/out of IPv4 network -G net6/mask6 show traffic flows in/out of IPv6 network -l display and count link-local IPv6 traffic (default: off) -P show ports as well as hosts -m limit sets the upper limit for the bandwidth scale -c config file specifies an alternative configuration file iftop, version 1.0pre2 copyright (c) 2002 Paul Warren <pdw@ex-parrot.com> and contributors Hope this helps.
  5. Pretty sweet!
  6. if your just after a live spectrum output from the YSO there was some info in these 2 episodes of Hak5 - specificly part 2 IIRC. If you really need gnuradio with YSO this wont help. part 2
  7. This interested me too so had a look around I didn’t see anything to specify them on the pineapple "/pineapple/modules/PineAP/executable/executable" was the closest I came to finding deauth instructions. - but was able to read them doing the below: - Found a python script that can do it and it only needed small modification to work. Install scapy onto pineapple: - opkg update opkg upgrade tar wget opkg install python tcpdump unzip wget http://www.secdev.org/projects/scapy/files/scapy-latest.tar.gz tar -xvf scapy-latest.tar.gz cd scapy* python setup.py install cd .. rm -rf scapy* make the authwatch.py - i just used nano and pasted the following into it: - #!/usr/bin/env python ###################################################### # authWatch.py v. 0.1 (Quick, Dirty and Loud) - by TinMan # Place card in monitor mode and set the channel. # If you want channel hopping, run airodump-ng in # another terminal. Will add channel hopping # in the next version. ###################################################### # # Usage: python authWatch.py # import sys from scapy.all import * interface = sys.argv[1] def sniffReq(p): if p.haslayer(Dot11Deauth): # Look for a deauth packet and print the AP BSSID, Client BSSID and the reason for the deauth. print p.sprintf("Deauth Found from AP [%Dot11.addr2%] Client [%Dot11.addr1%], Reason [%Dot11Deauth.reason%]") # Look for an association request packet and print the Station BSSID, Client BSSID, AP info. if p.haslayer(Dot11AssoReq): print p.sprintf("Association request from Station [%Dot11.addr1%], Client [%Dot11.addr2%], AP [%Dot11Elt.info%]") # Look for an authentication packet and print the Client and AP BSSID if p.haslayer(Dot11Auth): print p.sprintf("Authentication Request from [%Dot11.addr1%] to AP [%Dot11.addr2%]") print p.sprintf("------------------------------------------------------------------------------------------") sniff(iface=interface,prn=sniffReq) Then to use drop an interface into monitor mode on the channel you wish to watch - example below uses wlan1 and channel 1. airmon-ng start wlan1 1 ***optionally you can run airodump-ng if you want to channel hop, But you will likely miss some packets. To run the authwatch script python authwatch.py wlan1mon I tested this on my Pineapple TETRA and saw when the pineapple deauths clients I get "Reason [unspec]" when I turn off my wifi on my phone I get "Reason [deauth-ST-leaving]". Seems to work. Hope this helps. authwatcher.py scappyinstall.sh
  8. I know you have been there before but i would do a forced factory reset as below: - then maybe
  9. Like the idea, these are worth a read. http://dare.uva.nl/cgi/arno/show.cgi?fid=495678 https://revuln.com/files/Ferrante_Auriemma_SmartTV_Insecurity.pdf
  10. Out of interest I ran stress-ng on my bunny and it was drawing 0.48A under peak load 0.14A idle. But was monitoring with one of those cheap USB power monitors from bangood so not sure how accurate it is. root@bunny:~# stress-ng -a 4 -l 100 stress-ng: info: [8680] dispatching hogs: 4 I/O-Sync, 4 CPU, 4 VM-mmap, 4 HDD-Write, 4 Fork, 4 Context-switch, 4 Pipe, 4 Cache, 4 Socket, 4 Yield, 4 Fallocate, 4 Flock, 4 Affinity, 4 Timer, 4 Dentry, 4 Urandom, 4 Float, 4 Int, 4 Semaphore, 4 Open, 4 SigQueue, 4 Poll stress-ng: info: [8680] successful run completed in 61.48s It did get quite warm tho so I didnt want to do it for much more than a min. I can however wiggle it in the USB port and get a disconnect to occur. So tend to keep it still on desk when working.
  11. Good idea. Even just OS/Target would be great. OS/Target = Windows, OSX, Linux, Android, iOS, Other(Printers/TV/Routers/devices?) & Multi. Type/function? (maybe not) = Recon, Exploit, Access, Prank, Other & Multi.
  12. Another idea would be evilgrade - although Im not sure if this would be too obvious to the user if you plugged this in and update messages started to appear. But would perhaps be more effective once the bashbunny is combined to the wifi pineapple. https://github.com/infobyte/evilgrade
  13. Hi it might be worth taking a look at my other post
  14. quickstart

    As an additional note - I was wondering how to get to the bunny storage from bash shell - and found it wasn’t mounting permanently to /root/udisk/ as mentioned in the wiki. It turns out this is currently by design: - Although will probably change in the future as Darren says "This behaviour is most likely going to change in future versions. Just be advised that's how it works in 1.0 " So if you need it while in bash you can run This solved my curiosity. maybe others find useful.
  15. quickstart

    See some people getting stuck with updating bunnies and tools etc. so put together quicklist of what I did from a brand new bash bunny on my linux box. I'm sure there are some differences with OSX and windows but in general with adaptation or tweaks this should work for all as a general outline. 1. Read the wiki - seriously even if you dont remember it all, know where it is and use it for reference. 2. Switch position to 3 (closest to USB) and insert to pc. With mine I got a blue light. I also backed up the original payloads dir but its not required. 3. Clone the payloads github locally or download the zip and extract the contents. 4. Copy the payload folder you just cloned or extracted to the bash bunny storage and overwrite all. You now have latest payloads. At this point if you were to unplug the bunny, select switch 1 or 2 and then reinsert you would see a purple light rather than the blue one that came from factory (at least mine did). 5. Some payloads require dependencies such as quick creds. You install the dependencies using the tools_installer payload So its worth running this payload as your first payload. On the Bashbunny storage delete the payload in switch 1 or 2 and then CUT the contents of /payloads/library/tools_installer/ to the switch folder of choice. DONT copy it as there is a slight bug if you have 2x copy’s of this payload on the bashbunny storage when its run. Unplug the bunny and select the switch to match where you placed the payload and reinsert the bunny. If all goes well you should eventually see a white LED. if you see red LED you may need to check the forums. From this point your ready to try other payloads or start developing new ones. Talking of which I almost forgot DuckToolkit adds support for new languages. and uses the Ducktoolkit python library for encoding. I had some issues getting the bunny online with ICS on linux but was mostly down to me not reading things in the bb.sh ICS script but I will point them out in case others do the same. 1. A factory fresh bashbunny can only ICS when switch is in position 1 or 2 not in arming mode position 3. There is no Ethernet device on a factory fresh bunnny in arming mode. 2. When you download and run the bb.sh it should be first run without the bashbunny inserted and when the script gets to stage 3 you insert the bashbunny to complete the guided config. 3. Just because you configured the bb.sh does not mean your online, you still need to hit C to connect with the current configuration and start ICS. So from here you should have Bashbunny with up to date payloads, dependencies installed and are able to ICS to get it online if required. Hope this helps some people.