Jump to content

esa

Recommended Posts

Quote

A WiFi Pineapple module that uses MAC address to help find out who is stalking you by correlating MAC addresses from the results of recon scans. This module remembers previously scanned MAC address and highlights thoses that were found in multiple scans. Works best with 3 or more datapoint/distinct scan.

Modified using the base RECON module.

https://github.com/esa101/ReconPlus-nano

https://github.com/esa101/ReconPlus-Tetra

A simple Sunday project. 

Edited by esa
  • Upvote 1
Link to comment
Share on other sites

tried it out after 4 1min scans it never game results.  I have an android phone that is not connected to any AP also.

Link to comment
Share on other sites

2 hours ago, b0N3z said:

tried it out after 4 1min scans it never game results.  I have an android phone that is not connected to any AP also.

my bad there is a missing folder in my git upload. Please create a folder called "log" in the module's directory. It should work after that.

cd /pineapple/module/ReconPlus
mkdir log

 

For others who intend to install in their sd card. transfer ReconPlus to /sd/modules/ReconPlus and remember to create the softlink.

ln -s /sd/modules/ReconPlus /pineapple/module/ReconPlus

 

Link to comment
Share on other sites

  • 2 weeks later...

I just put this on my Tetra and It wont allow for 5ghz scan.  I entered an issue on the git page.

Link to comment
Share on other sites

2 hours ago, b0N3z said:

I just put this on my Tetra and It wont allow for 5ghz scan.  I entered an issue on the git page.

Hi i just assumed Tetra & Nano are sharing the same module. As i do not have a Tetra, is it possible to upload the Tetra's default Recon module.

I will do a code comparison and would likely be able to "fix" it if the changes is not too significant.

Link to comment
Share on other sites

Nice idea, briefly tested while out walking with a second device (so I could turn it off/on at random intervals). If you can add the 5ghz that would be great. thank you for the contribution!

Link to comment
Share on other sites

Perfect, that works great.  Good job. Very thankful for all your hard work on this, its really cool.

Link to comment
Share on other sites

  • 2 weeks later...

Recon 100% stuck error ... identified one possible cause and have updated a module to bypassed the issue. 

https://github.com/esa101/ReconPlus-nano/tree/version3.1
https://github.com/esa101/ReconPlus-Tetra/tree/version3.1

 

Info on how the Recon 100% stuck situation occurs (pray for fixes in future firmware update): 
When we click scan on RECON module, at the backend it triggers pinesniffer. After pinesniffer is completed, the results will be stored at the tmp location with the following pattern /tmp/recon-xxxxxxxx

Quote

pinesniffer wlan1mon 120 0 /tmp/recon-xxxxxxxxx

RECON module will loop at a regular interval to check if /tmp/recon-xxxxxxx is created to determine that the scan is completed. There is also a check at the 100% mark to kill off pinesniffer if it is still running, if pinesniffer has crash before that then there is nothing to kill. 

Unfortunately there is a strange problem where pinesniffer crashes without producing the /tmp/recon-xxxxxxx, thus resulting in the 100% stuck situation as RECON module will keep looping and not be able to find the /tmp/recon-xxxxxxx file. 

I do not have a fix for pinesniffer or know exactly what causes it to crash, but i have updated the reconplus module to check that pinesniffer is running at the 30% & 100% mark. With this update we wouldnt have to wait without knowing what happen, or waiting up to 10min just to find out that the module has already crashed. 

 

**ps do not have the required skillset to analyse why pinesniffer crash. Any expert inputs will be appreciated. 

 

  • Upvote 2
Link to comment
Share on other sites

Sorry I cant help with the pinesniffer crashes. But I have a different question. Would this module be able to operate inverted? so ignoring MAC's it has seen for the last 'n' scans and highlighting "new" MAC's? I can see use cases for both.

Link to comment
Share on other sites

2 hours ago, Just_a_User said:

Sorry I cant help with the pinesniffer crashes. But I have a different question. Would this module be able to operate inverted? so ignoring MAC's it has seen for the last 'n' scans and highlighting "new" MAC's? I can see use cases for both.

Can you elaborate on why this feature would be useful? Could add this in. 

Link to comment
Share on other sites

Sure, I found the module as it is works great if your moving around as it highlights MAC's that stay in range - potentially following you as you suggest.

If inverted - It would ignore for example staff working regularly at a location and highlight MAC's that are new - potentially highlighting strange/new devices in a known environment.

I hope I explained it clearly, if not let me know.

Link to comment
Share on other sites

17 hours ago, Just_a_User said:

Sure, I found the module as it is works great if your moving around as it highlights MAC's that stay in range - potentially following you as you suggest.

If inverted - It would ignore for example staff working regularly at a location and highlight MAC's that are new - potentially highlighting strange/new devices in a known environment.

I hope I explained it clearly, if not let me know.

https://github.com/esa101/ReconPlus-Tetra/tree/version4

https://github.com/esa101/ReconPlus-nano/tree/version4.0

Is this what you are looking for ? 

  • Upvote 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...