esa Posted April 23, 2017 Share Posted April 23, 2017 (edited) Quote A WiFi Pineapple module that uses MAC address to help find out who is stalking you by correlating MAC addresses from the results of recon scans. This module remembers previously scanned MAC address and highlights thoses that were found in multiple scans. Works best with 3 or more datapoint/distinct scan. Modified using the base RECON module. https://github.com/esa101/ReconPlus-nano https://github.com/esa101/ReconPlus-Tetra A simple Sunday project. Edited May 5, 2017 by esa 1 Quote Link to comment Share on other sites More sharing options...
b0N3z Posted April 25, 2017 Share Posted April 25, 2017 tried it out after 4 1min scans it never game results. I have an android phone that is not connected to any AP also. Quote Link to comment Share on other sites More sharing options...
esa Posted April 26, 2017 Author Share Posted April 26, 2017 2 hours ago, b0N3z said: tried it out after 4 1min scans it never game results. I have an android phone that is not connected to any AP also. my bad there is a missing folder in my git upload. Please create a folder called "log" in the module's directory. It should work after that. cd /pineapple/module/ReconPlus mkdir log For others who intend to install in their sd card. transfer ReconPlus to /sd/modules/ReconPlus and remember to create the softlink. ln -s /sd/modules/ReconPlus /pineapple/module/ReconPlus Quote Link to comment Share on other sites More sharing options...
b0N3z Posted April 26, 2017 Share Posted April 26, 2017 Works great. That is pretty cool! Quote Link to comment Share on other sites More sharing options...
b0N3z Posted May 4, 2017 Share Posted May 4, 2017 I just put this on my Tetra and It wont allow for 5ghz scan. I entered an issue on the git page. Quote Link to comment Share on other sites More sharing options...
esa Posted May 5, 2017 Author Share Posted May 5, 2017 2 hours ago, b0N3z said: I just put this on my Tetra and It wont allow for 5ghz scan. I entered an issue on the git page. Hi i just assumed Tetra & Nano are sharing the same module. As i do not have a Tetra, is it possible to upload the Tetra's default Recon module. I will do a code comparison and would likely be able to "fix" it if the changes is not too significant. Quote Link to comment Share on other sites More sharing options...
Zylla Posted May 5, 2017 Share Posted May 5, 2017 I didn't have time for a diff, so i just upladed the entire module as an archive.Recon_TETRA.rar 1 Quote Link to comment Share on other sites More sharing options...
Just_a_User Posted May 5, 2017 Share Posted May 5, 2017 Nice idea, briefly tested while out walking with a second device (so I could turn it off/on at random intervals). If you can add the 5ghz that would be great. thank you for the contribution! Quote Link to comment Share on other sites More sharing options...
esa Posted May 5, 2017 Author Share Posted May 5, 2017 5 hours ago, Zylla said: I didn't have time for a diff, so i just upladed the entire module as an archive.Recon_TETRA.rar Thanks for helping to upload this and also helping to diff the network module in the other thread. Quote Link to comment Share on other sites More sharing options...
esa Posted May 5, 2017 Author Share Posted May 5, 2017 Just a minor change between the base Recon module code on Tetra & Nano. Thus i believe this should work for Tetra users. As i do not have a Tetra, i gotta rely on those who have it to help try it. https://github.com/esa101/ReconPlus-Tetra Have also updated the first post to include separate links to modules for Nano & Tetra. 1 Quote Link to comment Share on other sites More sharing options...
b0N3z Posted May 5, 2017 Share Posted May 5, 2017 Perfect, that works great. Good job. Very thankful for all your hard work on this, its really cool. Quote Link to comment Share on other sites More sharing options...
esa Posted May 17, 2017 Author Share Posted May 17, 2017 Recon 100% stuck error ... identified one possible cause and have updated a module to bypassed the issue. https://github.com/esa101/ReconPlus-nano/tree/version3.1https://github.com/esa101/ReconPlus-Tetra/tree/version3.1 Info on how the Recon 100% stuck situation occurs (pray for fixes in future firmware update): When we click scan on RECON module, at the backend it triggers pinesniffer. After pinesniffer is completed, the results will be stored at the tmp location with the following pattern /tmp/recon-xxxxxxxx Quote pinesniffer wlan1mon 120 0 /tmp/recon-xxxxxxxxx RECON module will loop at a regular interval to check if /tmp/recon-xxxxxxx is created to determine that the scan is completed. There is also a check at the 100% mark to kill off pinesniffer if it is still running, if pinesniffer has crash before that then there is nothing to kill. Unfortunately there is a strange problem where pinesniffer crashes without producing the /tmp/recon-xxxxxxx, thus resulting in the 100% stuck situation as RECON module will keep looping and not be able to find the /tmp/recon-xxxxxxx file. I do not have a fix for pinesniffer or know exactly what causes it to crash, but i have updated the reconplus module to check that pinesniffer is running at the 30% & 100% mark. With this update we wouldnt have to wait without knowing what happen, or waiting up to 10min just to find out that the module has already crashed. **ps do not have the required skillset to analyse why pinesniffer crash. Any expert inputs will be appreciated. 2 Quote Link to comment Share on other sites More sharing options...
Just_a_User Posted May 19, 2017 Share Posted May 19, 2017 Sorry I cant help with the pinesniffer crashes. But I have a different question. Would this module be able to operate inverted? so ignoring MAC's it has seen for the last 'n' scans and highlighting "new" MAC's? I can see use cases for both. Quote Link to comment Share on other sites More sharing options...
esa Posted May 19, 2017 Author Share Posted May 19, 2017 2 hours ago, Just_a_User said: Sorry I cant help with the pinesniffer crashes. But I have a different question. Would this module be able to operate inverted? so ignoring MAC's it has seen for the last 'n' scans and highlighting "new" MAC's? I can see use cases for both. Can you elaborate on why this feature would be useful? Could add this in. Quote Link to comment Share on other sites More sharing options...
Just_a_User Posted May 19, 2017 Share Posted May 19, 2017 Sure, I found the module as it is works great if your moving around as it highlights MAC's that stay in range - potentially following you as you suggest. If inverted - It would ignore for example staff working regularly at a location and highlight MAC's that are new - potentially highlighting strange/new devices in a known environment. I hope I explained it clearly, if not let me know. Quote Link to comment Share on other sites More sharing options...
esa Posted May 20, 2017 Author Share Posted May 20, 2017 17 hours ago, Just_a_User said: Sure, I found the module as it is works great if your moving around as it highlights MAC's that stay in range - potentially following you as you suggest. If inverted - It would ignore for example staff working regularly at a location and highlight MAC's that are new - potentially highlighting strange/new devices in a known environment. I hope I explained it clearly, if not let me know. https://github.com/esa101/ReconPlus-Tetra/tree/version4 https://github.com/esa101/ReconPlus-nano/tree/version4.0 Is this what you are looking for ? 1 Quote Link to comment Share on other sites More sharing options...
Just_a_User Posted May 20, 2017 Share Posted May 20, 2017 3 hours ago, esa said: https://github.com/esa101/ReconPlus-Tetra/tree/version4 https://github.com/esa101/ReconPlus-nano/tree/version4.0 Is this what you are looking for ? Just tried the tetra version, I can work with this :) thank you. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.