loozr
-
Posts
134 -
Joined
-
Last visited
-
Days Won
3
Posts posted by loozr
-
-
Yes I totally agree with you, it might not be correct to call it a bug, but I'm not sure what to call it.. And since it's kind of similar with what Watskeburt reported here http://forums.hak5.org/index.php?/topic/27320-fixedbug-usb-wlan-boot/ I thought I might call it a bug. I'm sorry if this is not correct.
I'm just thinking that it should be possible to add a codeline of some sort, to bring up the USB wlan after the internal wlan. But this is only a luxury issue, no big deal.
-
That's amazing work! looking forward to this be available in module list! :)
Would it be possible to also add wash? to check if the network actually is using WPS?
-
Yes, there is no problem to just connect the Alfa after boot, however if the pineapple might reboot because of overload or something, then you would have to unplug the Alfa and reboot yet again and then reconnect your Alfa..
However I'm guessing that Sebkinne has enough in the to do list, and somehow I would not like to rush him on things. He has released a lot of dev flashes lately with fixes and new features, so the man's workin' on things! B) Just want to say that I really appreciate the work you do Sebkinne! :D
-
A bit late, but yes I would vote for keeping the GND cable. As far as possible I like to keep GND in the complete circuit in any hacks I have ever done.
-
I'm afraid this is easier said than done.. I have no knowledge about this at all, but I'll bet that Oracle protects their signed java applets as good as they can.. However the java client on users computers is breached every now and then.. <_<
In my opinion I think most (normal) users have some kind of AV that the computer was originally delivered with, maybe not very god ones, but nevertheless I think that any attacks/pentests should be as stealth as possible i.e. no alert in AV.
People that are not using AV would be more aware and not install an applet like the one above, and user not aware would be aware because of the AV.
-
yes, not only do os's handle dns caching differently, so do browsers. Trying a different browser (winkey + R, iexplore.exe :()
This is mostly correct. It is true that the DNS is set by DHCP, but this is the case weather DNSspoof is running or not. The trick is that the pineapple is also a DNS forwarder. The way DNS works is by a series of redirects until the query finds the correct (authoritative) server. DNSspoof works by not forwarding dns queries for specific sites (the ones you configure in the settings). All other queries going through the pineapple are forwarded to the next DNS server, which I believe is google public dns (8.8.8.8 & 8.8.4.4), or to the DNS server handed out by the WAN DHCP lease of the pineapple. It is this reason that dnsspoofing will not work on a target with static DNS set.
[/font][/color]
so are you saying that if someone requests a page that is not in your dnsspoof records, you do not want to forward it? You could do this by simply not connecting the pineapple to the internet (standalone mode).
Well, I might have been asking for much, but lets say I have configured DNS spoof to redirect facebook.com requests to 172.16.42.1, then I would NOT like DNS spoof to occasionally forward the DNS request to openDNS, which in turn will give the real IP to facebook. In the logfile I pasted previously you can clearly see this happen..
That said, there might be something going on that I don't understand.
And I would very much like to give regular internet connection to the victims, as they would not hang for long without interwebz.
-
I'm not too sure if this should be reported as a bug or not, but I decided to put it in the forum, and if necessary Sebkinne or others can move it. Although this is not a serious problem for me, it would be great if this was an easy fix:)
So the thing is that when the Pineapple (2.6.3, and prev) is booted with the Awus036h connected the wlan interfaces get switched. Meaning that the internal wlan interface becomes wlan1. I think this might be related to http://forums.hak5.o...-usb-wlan-boot/ which states that 2.6.3+ should be fixed(at least regarding Ralink RT2501.
I'm posting some images to show my findings, and posting logs if needed.
This is a fresh booted pineapple, and the awus036h is connected after boot
[ 0.000000] Linux version 3.3.8 (sebkinne@ubuntu) (gcc version 4.6.3 20120201 (prerelease) (Linaro GCC 4.6-2012.02) ) #49 Sat Sep 1 16:27:13 EDT 2012
[ 0.000000] MyLoader: sysp=200287c9, boardp=12948c1c, parts=20000011
[ 0.000000] bootconsole [early0] enabled
[ 0.000000] CPU revision is: 00019374 (MIPS 24Kc)
[ 0.000000] SoC: Atheros AR9330 rev 1
[ 0.000000] Clocks: CPU:400.000MHz, DDR:400.000MHz, AHB:200.000MHz, Ref:25.000MHz
[ 0.000000] Determined physical RAM map:
[ 0.000000] memory: 02000000 @ 00000000 (usable)
[ 0.000000] Initrd not found or empty - disabling initrd
[ 0.000000] Zone PFN ranges:
[ 0.000000] Normal 0x00000000 -> 0x00002000
[ 0.000000] Movable zone start PFN for each node
[ 0.000000] Early memory PFN ranges
[ 0.000000] 0: 0x00000000 -> 0x00002000
[ 0.000000] On node 0 totalpages: 8192
[ 0.000000] free_area_init_node: node 0, pgdat 802cb680, node_mem_map 81000000
[ 0.000000] Normal zone: 64 pages used for memmap
[ 0.000000] Normal zone: 0 pages reserved
[ 0.000000] Normal zone: 8128 pages, LIFO batch:0
[ 0.000000] pcpu-alloc: s0 r0 d32768 u32768 alloc=1*32768
[ 0.000000] pcpu-alloc: [0] 0
[ 0.000000] Built 1 zonelists in Zone order, mobility grouping on. Total pages: 8128
[ 0.000000] Kernel command line: board=HORNET-UB console=ttyATH0,115200 mtdparts=spi0.0:256k(u-boot)ro,64k(u-boot-env)ro,6144k(rootfs),1600k(kernel),64k(nvram),64k(art)ro,7744k@0x50000(firmware) rootfstype=squashfs,jffs2 noinitrd
[ 0.000000] PID hash table entries: 128 (order: -3, 512 bytes)
[ 0.000000] Dentry cache hash table entries: 4096 (order: 2, 16384 bytes)
[ 0.000000] Inode-cache hash table entries: 2048 (order: 1, 8192 bytes)
[ 0.000000] Primary instruction cache 64kB, VIPT, 4-way, linesize 32 bytes.
[ 0.000000] Primary data cache 32kB, 4-way, VIPT, cache aliases, linesize 32 bytes
[ 0.000000] Writing ErrCtl register=00000000
[ 0.000000] Readback ErrCtl register=00000000
[ 0.000000] Memory: 29276k/32768k available (2082k kernel code, 3492k reserved, 396k data, 204k init, 0k highmem)
[ 0.000000] SLUB: Genslabs=9, HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[ 0.000000] NR_IRQS:51
[ 0.000000] Calibrating delay loop... 265.42 BogoMIPS (lpj=1327104)
[ 0.080000] pid_max: default: 32768 minimum: 301
[ 0.080000] Mount-cache hash table entries: 512
[ 0.090000] NET: Registered protocol family 16
[ 0.090000] gpiochip_add: registered GPIOs 0 to 29 on device: ath79
[ 0.100000] MIPS: machine is ALFA NETWORKS Hornet-UB
[ 0.540000] bio: create slab <bio-0> at 0
[ 0.550000] Switching to clocksource MIPS
[ 0.550000] NET: Registered protocol family 2
[ 0.560000] IP route cache hash table entries: 1024 (order: 0, 4096 bytes)
[ 0.560000] TCP established hash table entries: 1024 (order: 1, 8192 bytes)
[ 0.560000] TCP bind hash table entries: 1024 (order: 0, 4096 bytes)
[ 0.570000] TCP: Hash tables configured (established 1024 bind 1024)
[ 0.580000] TCP reno registered
[ 0.580000] UDP hash table entries: 256 (order: 0, 4096 bytes)
[ 0.590000] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes)
[ 0.590000] NET: Registered protocol family 1
[ 0.600000] PCI: CLS 0 bytes, default 32
[ 0.620000] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[ 0.620000] JFFS2 version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) © 2001-2006 Red Hat, Inc.
[ 0.630000] msgmni has been set to 57
[ 0.630000] io scheduler noop registered
[ 0.640000] io scheduler deadline registered (default)
[ 0.640000] Serial: 8250/16550 driver, 1 ports, IRQ sharing disabled
[ 0.650000] ar933x-uart: ttyATH0 at MMIO 0x18020000 (irq = 11) is a AR933X UART
[ 0.650000] console [ttyATH0] enabled, bootconsole disabled
[ 0.670000] m25p80 spi0.0: found mx25l6405d, expected m25p80
[ 0.670000] m25p80 spi0.0: mx25l6405d (8192 Kbytes)
[ 0.680000] 7 cmdlinepart partitions found on MTD device spi0.0
[ 0.680000] Creating 7 MTD partitions on "spi0.0":
[ 0.690000] 0x000000000000-0x000000040000 : "u-boot"
[ 0.690000] 0x000000040000-0x000000050000 : "u-boot-env"
[ 0.700000] 0x000000050000-0x000000650000 : "rootfs"
[ 0.710000] mtd: partition "rootfs" set to be root filesystem
[ 0.710000] mtd: partition "rootfs_data" created automatically, ofs=540000, len=110000
[ 0.720000] 0x000000540000-0x000000650000 : "rootfs_data"
[ 0.720000] 0x000000650000-0x0000007e0000 : "kernel"
[ 0.730000] 0x0000007e0000-0x0000007f0000 : "nvram"
[ 0.730000] 0x0000007f0000-0x000000800000 : "art"
[ 0.740000] 0x000000050000-0x0000007e0000 : "firmware"
[ 0.760000] ag71xx_mdio: probed
[ 0.770000] eth0: Atheros AG71xx at 0xba000000, irq 5
[ 1.320000] eth0: Found an AR7240/AR9330 built-in switch
[ 2.350000] eth1: Atheros AG71xx at 0xb9000000, irq 4
[ 2.900000] ag71xx ag71xx.0: eth1: connected to PHY at ag71xx-mdio.1:04 [uid=004dd041, driver=Generic PHY]
[ 2.910000] TCP cubic registered
[ 2.910000] NET: Registered protocol family 17
[ 2.920000] 8021q: 802.1Q VLAN Support v1.8
[ 2.930000] VFS: Mounted root (squashfs filesystem) readonly on device 31:2.
[ 2.930000] Freeing unused kernel memory: 204k freed
[ 6.250000] Registered led device: alfa:blue:lan
[ 6.250000] Registered led device: alfa:blue:usb
[ 6.250000] Registered led device: alfa:blue:wan
[ 6.250000] Registered led device: alfa:blue:wlan
[ 6.250000] Registered led device: alfa:blue:wps
[ 9.560000] JFFS2 notice: (451) jffs2_build_xattr_subsystem: complete building xattr subsystem, 1 of xdatum (0 unchecked, 0 orphan) and 12 of xref (0 dead, 5 orphan) found.
[ 10.380000] SCSI subsystem initialized
[ 10.680000] usbcore: registered new interface driver usbfs
[ 10.680000] usbcore: registered new interface driver hub
[ 10.690000] usbcore: registered new device driver usb
[ 11.260000] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[ 11.270000] ehci-platform ehci-platform: Generic Platform EHCI Controller
[ 11.280000] ehci-platform ehci-platform: new USB bus registered, assigned bus number 1
[ 11.310000] ehci-platform ehci-platform: irq 3, io mem 0x1b000000
[ 11.330000] ehci-platform ehci-platform: USB 2.0 started, EHCI 1.00
[ 11.330000] hub 1-0:1.0: USB hub found
[ 11.330000] hub 1-0:1.0: 1 port detected
[ 11.460000] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[ 11.570000] uhci_hcd: USB Universal Host Controller Interface driver
[ 11.690000] Initializing USB Mass Storage driver...
[ 11.690000] usbcore: registered new interface driver usb-storage
[ 11.700000] USB Mass Storage support registered.
[ 11.740000] usb 1-1: new high-speed USB device number 2 using ehci-platform
[ 11.890000] hub 1-1:1.0: USB hub found
[ 11.890000] hub 1-1:1.0: 4 ports detected
[ 12.180000] usb 1-1.1: new high-speed USB device number 3 using ehci-platform
[ 12.290000] usb-storage 1-1.1:1.0: Quirks match for vid 13fe pid 3600: 4000
[ 12.300000] scsi0 : usb-storage 1-1.1:1.0
[ 13.330000] scsi 0:0:0:0: Direct-Access USB DISK 2.0 PMAP PQ: 0 ANSI: 0 CCS
[ 14.320000] sd 0:0:0:0: [sda] 31293440 512-byte logical blocks: (16.0 GB/14.9 GiB)
[ 14.330000] sd 0:0:0:0: [sda] Write Protect is off
[ 14.340000] sd 0:0:0:0: [sda] Mode Sense: 23 00 00 00
[ 14.340000] sd 0:0:0:0: [sda] No Caching mode page present
[ 14.340000] sd 0:0:0:0: [sda] Assuming drive cache: write through
[ 14.350000] sd 0:0:0:0: [sda] No Caching mode page present
[ 14.350000] sd 0:0:0:0: [sda] Assuming drive cache: write through
[ 14.380000] sda: sda1 sda2
[ 14.390000] sd 0:0:0:0: [sda] No Caching mode page present
[ 14.390000] sd 0:0:0:0: [sda] Assuming drive cache: write through
[ 14.400000] sd 0:0:0:0: [sda] Attached SCSI removable disk
[ 33.020000] Compat-wireless backport release: compat-wireless-2012-07-13
[ 33.020000] Backport based on wireless-testing.git master-2012-07-16
[ 33.030000] compat.git: wireless-testing.git
[ 33.150000] cfg80211: Calling CRDA to update world regulatory domain
[ 33.150000] cfg80211: World regulatory domain updated:
[ 33.150000] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 33.160000] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 33.170000] cfg80211: (2457000 KHz - 2482000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[ 33.180000] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[ 33.180000] cfg80211: (5170000 KHz - 5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 33.190000] cfg80211: (5735000 KHz - 5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 33.770000] cfg80211: World regulatory domain updated:
[ 33.770000] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 33.780000] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 33.790000] cfg80211: (2457000 KHz - 2482000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[ 33.790000] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[ 33.800000] cfg80211: (5170000 KHz - 5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 33.810000] cfg80211: (5735000 KHz - 5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 34.560000] usbcore: registered new interface driver rt73usb
[ 34.700000] usbcore: registered new interface driver rtl8187
[ 34.740000] ath: EEPROM regdomain: 0x833a
[ 34.740000] ath: EEPROM indicates we should expect a country code
[ 34.740000] ath: doing EEPROM country->regdmn map search
[ 34.740000] ath: country maps to regdmn code: 0x37
[ 34.740000] ath: Country alpha2 being used: GB
[ 34.740000] ath: Regpair used: 0x37
[ 34.740000] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
[ 34.740000] Registered led device: ath9k-phy0
[ 34.740000] ieee80211 phy0: Atheros AR9330 Rev:1 mem=0xb8100000, irq=2
[ 34.850000] cfg80211: Calling CRDA for country: GB
[ 34.850000] cfg80211: Regulatory domain changed to country: GB
[ 34.860000] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 34.870000] cfg80211: (2402000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 34.870000] cfg80211: (5170000 KHz - 5250000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 34.880000] cfg80211: (5250000 KHz - 5330000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 34.890000] cfg80211: (5490000 KHz - 5710000 KHz @ 40000 KHz), (N/A, 2700 mBm)
[ 34.940000] usbcore: registered new interface driver rt2800usb
[ 34.960000] Button Hotplug driver version 0.4.1
[ 35.160000] RPC: Registered named UNIX socket transport module.
[ 35.170000] RPC: Registered udp transport module.
[ 35.170000] RPC: Registered tcp transport module.
[ 35.180000] RPC: Registered tcp NFSv4.1 backchannel transport module.
[ 35.530000] PPP generic driver version 2.4.2
[ 35.790000] ip_tables: © 2000-2006 Netfilter Core Team
[ 36.010000] NET: Registered protocol family 24
[ 36.140000] nf_conntrack version 0.5.0 (460 buckets, 1840 max)
[ 36.990000] usbcore: registered new interface driver ath9k_htc
[ 37.230000] usbcore: registered new interface driver usbserial
[ 37.230000] USB Serial support registered for generic
[ 37.240000] usbcore: registered new interface driver usbserial_generic
[ 37.240000] usbserial: USB Serial Driver core
[ 37.280000] usbcore: registered new interface driver cdc_ether
[ 37.390000] Error: Driver 'gpio-keys-polled' is already registered, aborting...
[ 37.490000] usbcore: registered new interface driver rndis_host
[ 37.610000] sd 0:0:0:0: Attached scsi generic sg0 type 0
[ 49.280000] EXT4-fs (sda1): ext4_orphan_cleanup: deleting unreferenced inode 391682
[ 49.300000] EXT4-fs (sda1): 1 orphan inode deleted
[ 49.300000] EXT4-fs (sda1): recovery complete
[ 49.340000] EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts: (null)
[ 57.550000] device eth0 entered promiscuous mode
[ 61.300000] eth1: link up (100Mbps/Full duplex)
[ 61.340000] device wlan0 entered promiscuous mode
[ 61.420000] br-lan: port 2(wlan0) entered forwarding state
[ 61.430000] br-lan: port 2(wlan0) entered forwarding state
[ 63.430000] br-lan: port 2(wlan0) entered forwarding state
[ 70.590000] device wlan0 left promiscuous mode
[ 70.590000] br-lan: port 2(wlan0) entered disabled state
[ 71.350000] device wlan0 entered promiscuous mode
[ 71.420000] br-lan: port 2(wlan0) entered forwarding state
[ 71.430000] br-lan: port 2(wlan0) entered forwarding state
[ 73.430000] br-lan: port 2(wlan0) entered forwarding state
[ 564.000000] usb 1-1.4: new high-speed USB device number 4 using ehci-platform
[ 564.700000] ieee80211 phy1: Selected rate control algorithm 'minstrel_ht'
[ 564.700000] ieee80211 phy1: hwaddr 00:c0:00:00:00:e2, RTL8187vB (default) V1 + rtl8225z2, rfkill mask 2
[ 564.720000] rtl8187: Customer ID is 0xFF
[ 564.730000] Registered led device: rtl8187-phy1::radio
[ 564.730000] Registered led device: rtl8187-phy1::tx
[ 564.730000] Registered led device: rtl8187-phy1::rx
[ 564.730000] rtl8187: wireless switch is on
The pineapple is booted with the awus036h inserted.
[ 0.000000] Linux version 3.3.8 (sebkinne@ubuntu) (gcc version 4.6.3 20120201 (prerelease) (Linaro GCC 4.6-2012.02) ) #49 Sat Sep 1 16:27:13 EDT 2012
[ 0.000000] MyLoader: sysp=200287c9, boardp=12948c1c, parts=20000011
[ 0.000000] bootconsole [early0] enabled
[ 0.000000] CPU revision is: 00019374 (MIPS 24Kc)
[ 0.000000] SoC: Atheros AR9330 rev 1
[ 0.000000] Clocks: CPU:400.000MHz, DDR:400.000MHz, AHB:200.000MHz, Ref:25.000MHz
[ 0.000000] Determined physical RAM map:
[ 0.000000] memory: 02000000 @ 00000000 (usable)
[ 0.000000] Initrd not found or empty - disabling initrd
[ 0.000000] Zone PFN ranges:
[ 0.000000] Normal 0x00000000 -> 0x00002000
[ 0.000000] Movable zone start PFN for each node
[ 0.000000] Early memory PFN ranges
[ 0.000000] 0: 0x00000000 -> 0x00002000
[ 0.000000] On node 0 totalpages: 8192
[ 0.000000] free_area_init_node: node 0, pgdat 802cb680, node_mem_map 81000000
[ 0.000000] Normal zone: 64 pages used for memmap
[ 0.000000] Normal zone: 0 pages reserved
[ 0.000000] Normal zone: 8128 pages, LIFO batch:0
[ 0.000000] pcpu-alloc: s0 r0 d32768 u32768 alloc=1*32768
[ 0.000000] pcpu-alloc: [0] 0
[ 0.000000] Built 1 zonelists in Zone order, mobility grouping on. Total pages: 8128
[ 0.000000] Kernel command line: board=HORNET-UB console=ttyATH0,115200 mtdparts=spi0.0:256k(u-boot)ro,64k(u-boot-env)ro,6144k(rootfs),1600k(kernel),64k(nvram),64k(art)ro,7744k@0x50000(firmware) rootfstype=squashfs,jffs2 noinitrd
[ 0.000000] PID hash table entries: 128 (order: -3, 512 bytes)
[ 0.000000] Dentry cache hash table entries: 4096 (order: 2, 16384 bytes)
[ 0.000000] Inode-cache hash table entries: 2048 (order: 1, 8192 bytes)
[ 0.000000] Primary instruction cache 64kB, VIPT, 4-way, linesize 32 bytes.
[ 0.000000] Primary data cache 32kB, 4-way, VIPT, cache aliases, linesize 32 bytes
[ 0.000000] Writing ErrCtl register=00000000
[ 0.000000] Readback ErrCtl register=00000000
[ 0.000000] Memory: 29276k/32768k available (2082k kernel code, 3492k reserved, 396k data, 204k init, 0k highmem)
[ 0.000000] SLUB: Genslabs=9, HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[ 0.000000] NR_IRQS:51
[ 0.000000] Calibrating delay loop... 265.42 BogoMIPS (lpj=1327104)
[ 0.080000] pid_max: default: 32768 minimum: 301
[ 0.080000] Mount-cache hash table entries: 512
[ 0.090000] NET: Registered protocol family 16
[ 0.090000] gpiochip_add: registered GPIOs 0 to 29 on device: ath79
[ 0.100000] MIPS: machine is ALFA NETWORKS Hornet-UB
[ 0.540000] bio: create slab <bio-0> at 0
[ 0.550000] Switching to clocksource MIPS
[ 0.550000] NET: Registered protocol family 2
[ 0.560000] IP route cache hash table entries: 1024 (order: 0, 4096 bytes)
[ 0.560000] TCP established hash table entries: 1024 (order: 1, 8192 bytes)
[ 0.560000] TCP bind hash table entries: 1024 (order: 0, 4096 bytes)
[ 0.570000] TCP: Hash tables configured (established 1024 bind 1024)
[ 0.580000] TCP reno registered
[ 0.580000] UDP hash table entries: 256 (order: 0, 4096 bytes)
[ 0.590000] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes)
[ 0.590000] NET: Registered protocol family 1
[ 0.600000] PCI: CLS 0 bytes, default 32
[ 0.620000] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[ 0.620000] JFFS2 version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) © 2001-2006 Red Hat, Inc.
[ 0.630000] msgmni has been set to 57
[ 0.630000] io scheduler noop registered
[ 0.640000] io scheduler deadline registered (default)
[ 0.640000] Serial: 8250/16550 driver, 1 ports, IRQ sharing disabled
[ 0.650000] ar933x-uart: ttyATH0 at MMIO 0x18020000 (irq = 11) is a AR933X UART
[ 0.650000] console [ttyATH0] enabled, bootconsole disabled
[ 0.670000] m25p80 spi0.0: found mx25l6405d, expected m25p80
[ 0.670000] m25p80 spi0.0: mx25l6405d (8192 Kbytes)
[ 0.680000] 7 cmdlinepart partitions found on MTD device spi0.0
[ 0.680000] Creating 7 MTD partitions on "spi0.0":
[ 0.690000] 0x000000000000-0x000000040000 : "u-boot"
[ 0.690000] 0x000000040000-0x000000050000 : "u-boot-env"
[ 0.700000] 0x000000050000-0x000000650000 : "rootfs"
[ 0.710000] mtd: partition "rootfs" set to be root filesystem
[ 0.710000] mtd: partition "rootfs_data" created automatically, ofs=540000, len=110000
[ 0.720000] 0x000000540000-0x000000650000 : "rootfs_data"
[ 0.720000] 0x000000650000-0x0000007e0000 : "kernel"
[ 0.730000] 0x0000007e0000-0x0000007f0000 : "nvram"
[ 0.730000] 0x0000007f0000-0x000000800000 : "art"
[ 0.740000] 0x000000050000-0x0000007e0000 : "firmware"
[ 0.760000] ag71xx_mdio: probed
[ 0.770000] eth0: Atheros AG71xx at 0xba000000, irq 5
[ 1.320000] eth0: Found an AR7240/AR9330 built-in switch
[ 2.350000] eth1: Atheros AG71xx at 0xb9000000, irq 4
[ 2.900000] ag71xx ag71xx.0: eth1: connected to PHY at ag71xx-mdio.1:04 [uid=004dd041, driver=Generic PHY]
[ 2.910000] TCP cubic registered
[ 2.910000] NET: Registered protocol family 17
[ 2.920000] 8021q: 802.1Q VLAN Support v1.8
[ 2.930000] VFS: Mounted root (squashfs filesystem) readonly on device 31:2.
[ 2.930000] Freeing unused kernel memory: 204k freed
[ 6.270000] Registered led device: alfa:blue:lan
[ 6.270000] Registered led device: alfa:blue:usb
[ 6.270000] Registered led device: alfa:blue:wan
[ 6.270000] Registered led device: alfa:blue:wlan
[ 6.270000] Registered led device: alfa:blue:wps
[ 9.580000] JFFS2 notice: (451) jffs2_build_xattr_subsystem: complete building xattr subsystem, 1 of xdatum (0 unchecked, 0 orphan) and 12 of xref (0 dead, 5 orphan) found.
[ 10.400000] SCSI subsystem initialized
[ 10.700000] usbcore: registered new interface driver usbfs
[ 10.700000] usbcore: registered new interface driver hub
[ 10.710000] usbcore: registered new device driver usb
[ 11.280000] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[ 11.290000] ehci-platform ehci-platform: Generic Platform EHCI Controller
[ 11.290000] ehci-platform ehci-platform: new USB bus registered, assigned bus number 1
[ 11.330000] ehci-platform ehci-platform: irq 3, io mem 0x1b000000
[ 11.350000] ehci-platform ehci-platform: USB 2.0 started, EHCI 1.00
[ 11.350000] hub 1-0:1.0: USB hub found
[ 11.350000] hub 1-0:1.0: 1 port detected
[ 11.480000] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[ 11.590000] uhci_hcd: USB Universal Host Controller Interface driver
[ 11.710000] Initializing USB Mass Storage driver...
[ 11.710000] usbcore: registered new interface driver usb-storage
[ 11.720000] USB Mass Storage support registered.
[ 11.760000] usb 1-1: new high-speed USB device number 2 using ehci-platform
[ 11.910000] hub 1-1:1.0: USB hub found
[ 11.910000] hub 1-1:1.0: 4 ports detected
[ 12.200000] usb 1-1.1: new high-speed USB device number 3 using ehci-platform
[ 12.310000] usb-storage 1-1.1:1.0: Quirks match for vid 13fe pid 3600: 4000
[ 12.320000] scsi0 : usb-storage 1-1.1:1.0
[ 12.400000] usb 1-1.4: new high-speed USB device number 4 using ehci-platform
[ 13.320000] scsi 0:0:0:0: Direct-Access USB DISK 2.0 PMAP PQ: 0 ANSI: 0 CCS
[ 13.330000] sd 0:0:0:0: [sda] 31293440 512-byte logical blocks: (16.0 GB/14.9 GiB)
[ 13.330000] sd 0:0:0:0: [sda] Write Protect is off
[ 13.340000] sd 0:0:0:0: [sda] Mode Sense: 23 00 00 00
[ 13.340000] sd 0:0:0:0: [sda] No Caching mode page present
[ 13.340000] sd 0:0:0:0: [sda] Assuming drive cache: write through
[ 13.350000] sd 0:0:0:0: [sda] No Caching mode page present
[ 13.360000] sd 0:0:0:0: [sda] Assuming drive cache: write through
[ 13.370000] sda: sda1 sda2
[ 13.370000] sd 0:0:0:0: [sda] No Caching mode page present
[ 13.380000] sd 0:0:0:0: [sda] Assuming drive cache: write through
[ 13.380000] sd 0:0:0:0: [sda] Attached SCSI removable disk
[ 33.040000] Compat-wireless backport release: compat-wireless-2012-07-13
[ 33.040000] Backport based on wireless-testing.git master-2012-07-16
[ 33.050000] compat.git: wireless-testing.git
[ 33.150000] cfg80211: Calling CRDA to update world regulatory domain
[ 33.160000] cfg80211: World regulatory domain updated:
[ 33.160000] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 33.170000] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 33.180000] cfg80211: (2457000 KHz - 2482000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[ 33.180000] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[ 33.190000] cfg80211: (5170000 KHz - 5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 33.200000] cfg80211: (5735000 KHz - 5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 33.940000] cfg80211: World regulatory domain updated:
[ 33.940000] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 33.950000] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 33.960000] cfg80211: (2457000 KHz - 2482000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[ 33.970000] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[ 33.970000] cfg80211: (5170000 KHz - 5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 33.980000] cfg80211: (5735000 KHz - 5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 34.580000] usbcore: registered new interface driver rt73usb
[ 34.960000] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
[ 34.960000] ieee80211 phy0: hwaddr 00:c0:00:00:00:e2, RTL8187vB (default) V1 + rtl8225z2, rfkill mask 2
[ 34.980000] rtl8187: Customer ID is 0xFF
[ 34.980000] Registered led device: rtl8187-phy0::radio
[ 34.980000] Registered led device: rtl8187-phy0::tx
[ 34.980000] Registered led device: rtl8187-phy0::rx
[ 34.990000] rtl8187: wireless switch is on
[ 34.990000] usbcore: registered new interface driver rtl8187
[ 35.030000] ath: EEPROM regdomain: 0x833a
[ 35.030000] ath: EEPROM indicates we should expect a country code
[ 35.030000] ath: doing EEPROM country->regdmn map search
[ 35.030000] ath: country maps to regdmn code: 0x37
[ 35.030000] ath: Country alpha2 being used: GB
[ 35.030000] ath: Regpair used: 0x37
[ 35.030000] ieee80211 phy1: Selected rate control algorithm 'minstrel_ht'
[ 35.030000] Registered led device: ath9k-phy1
[ 35.030000] ieee80211 phy1: Atheros AR9330 Rev:1 mem=0xb8100000, irq=2
[ 35.040000] cfg80211: Calling CRDA for country: GB
[ 35.040000] cfg80211: Regulatory domain changed to country: GB
[ 35.050000] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 35.060000] cfg80211: (2402000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 35.060000] cfg80211: (5170000 KHz - 5250000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 35.070000] cfg80211: (5250000 KHz - 5330000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 35.080000] cfg80211: (5490000 KHz - 5710000 KHz @ 40000 KHz), (N/A, 2700 mBm)
[ 35.230000] usbcore: registered new interface driver rt2800usb
[ 35.250000] Button Hotplug driver version 0.4.1
[ 35.450000] RPC: Registered named UNIX socket transport module.
[ 35.460000] RPC: Registered udp transport module.
[ 35.460000] RPC: Registered tcp transport module.
[ 35.470000] RPC: Registered tcp NFSv4.1 backchannel transport module.
[ 35.820000] PPP generic driver version 2.4.2
[ 36.080000] ip_tables: © 2000-2006 Netfilter Core Team
[ 36.300000] NET: Registered protocol family 24
[ 36.430000] nf_conntrack version 0.5.0 (460 buckets, 1840 max)
[ 37.280000] usbcore: registered new interface driver ath9k_htc
[ 37.520000] usbcore: registered new interface driver usbserial
[ 37.520000] USB Serial support registered for generic
[ 37.520000] usbcore: registered new interface driver usbserial_generic
[ 37.530000] usbserial: USB Serial Driver core
[ 37.570000] usbcore: registered new interface driver cdc_ether
[ 37.680000] Error: Driver 'gpio-keys-polled' is already registered, aborting...
[ 37.780000] usbcore: registered new interface driver rndis_host
[ 37.900000] sd 0:0:0:0: Attached scsi generic sg0 type 0
[ 46.640000] EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts: (null)
[ 57.760000] device eth0 entered promiscuous mode
[ 60.360000] eth1: link up (100Mbps/Full duplex)
[ 61.370000] device wlan1 entered promiscuous mode
[ 61.440000] br-lan: port 2(wlan1) entered forwarding state
[ 61.450000] br-lan: port 2(wlan1) entered forwarding state
[ 63.450000] br-lan: port 2(wlan1) entered forwarding state
[ 73.070000] device wlan1 left promiscuous mode
[ 73.070000] br-lan: port 2(wlan1) entered disabled state
[ 74.030000] device wlan1 entered promiscuous mode
[ 74.110000] br-lan: port 2(wlan1) entered forwarding state
[ 74.110000] br-lan: port 2(wlan1) entered forwarding state
[ 76.110000] br-lan: port 2(wlan1) entered forwarding state
Also the status page says that the internal wifi is not up, although that's what I'm connected via when reporting this.
As a sidenote the Network Manager module is not able to bring up the device, Auto-detect or not. I have to ssh in to the Pineapple and issue ifconfig wlan1 up.
-
Good you sorted it out by yourself! Best way to learn, right? ;)
I think you would have to execute a new symlink command when you are adding new files to your USB.
-
I have played a little bit with the Evil Java applet and found that the possibility to lure someone is quite slim.. The user would have to be quite braindead for you to achieve the attack.
Just to make it clear I did not start a listener in Metasploit, nor did I test this in the "right side" of the pineapple. The reason for this is both that I'm not sure how to change the listener address in the attack, and I didn't want to create a BT VM in my laptop for this test.
This test is made from the WAN/LAN side. And MSE went totally crazy when I entered this site, so the test is run without any AV.
Firstly the site is.. well not too bad
But the warning speaks for itself
Especially when the AV is amok at this point.
That said, I have also tested a couple of java attacks from SET in backtrack, but I haven't found any that actually fools MSE. If anyone have any tips to what java attacks one might use without AV going insane would be great! Otherwise I don't see any point in using time on this.
In regards to what you can do with it is potentially own the users machine ;)
-
I finally updated the flash, blame the delay on Black Mesa
Anyways, anyone else having trouble with modules with 2.6.4? I guess it's because of the port-change. I guess this is up to the module-writers to fix, but I thought I should mention it here, rather than posting in all the module thread's..
-
Yeah, I think most OS'es store some kind of a DNS cache, therefore I always use ipconfig /flushdns and ipconfig /renew in my Windows OS. May not need both commands, but I like to do both. And I also have as a habit to run a ping to test it.
Anyways, isn't the log that dns spoof creates a kind of "copy" of dns spoof's output? Like when the log shows an opendns ip, I think that DNS Spoof is telling the victim to use the opendns ip. I would rather have DNS spoof not sending ANY ip, if it's unable to send the pineapple's ip.
In my understanding DNS spoof is actually like a regular DNS service, it's broadcasted as the DNS server by DHCP, and every DNS request should go to DNS spoof, right? And the addresses that DNS spoof is configured with should be consistent. And only the requests that DNS spoof is not configured with should be sent to like opendns.
If this is just how it has to be, then I'm fine with that, but I would like to fix it if there is something I'm doing wrong. I guess it's all about learning how to do things properly :)
-
The behaviour you want is not possible like that. Karma will respond to open probe requests only.
The funny thing is that when playing with my pineapple at home, I have 2 instances of my homenetwork, one encrypted, and one open. So the pineapple seems to duplicate the network(without encryption), although Win is not automagically connecting to the open version.
So I'd say that Karma responds to encrypted probes too, but Windows is not dumb enough to autoconnect to the open network..
-
Great! B)
Will test it as soon as I've taken backup of my configs..
-
Could the difficulties with the google bar be related to the Safe Browsing API from google?
Actually I was testing sslstrip against the google bar, and this is what the log says.
2012-09-14 12:37:37,385 POST Data (safebrowsing.clients.google.com):
goog-malware-shavar;mac
goog-phish-shavar;mac
[/CODE]Did they save my mac or what??
-
Did you just get 3 probes? In that case it doesn't have to be anything wrong.
The 3 probes that you got, could be encrypted networks, and the Pineapple is not (yet?) capable of autoconnecting to encrypted probes. Well, as far as I know at least :)
Another thing to mention is that after I replaced the pigtail in my Pineapple, I got a lot more connections. That could be pure luck, but it could also be because of better signal.
Take the pineapple to a cafe or someplace with a lot of people, and try running karma. I guess you will get a couple of connections.
-
Could you please give me some hints to how you get this plugin working?
I've tried adding a image-replace filter from this site: http://www.irongeek.com/i.php?page=security/ettercapfilter
But I cant get it working.
Usually the log only states.
[1mettercap NG-0.7.3[0m copyright 2001-2004 ALoR & NaGA
[/CODE]Also when not using any filter whatsoever..
-
Well, I just tested ssl strip, and it found what I'm interested in out of the box.
But I think you should run only sslstrip, and not i.e. dns spoof simultanious at the same time.
Fire up sslstrip, and connect a test maschine to the Pineapple and enter a couple of sites with login and enter som text. You should find username, and password or a md5 hash of the password. If you get the md5 hash just use an online md5 decrypter, and voilla!
But did you want anything else with sslstrip?
Edit;
However, would there be a way you could cleanup the sslstrip log a little bit? I can see that different pages uses different techniques for username/password, but if one could somehow clean it up a little bit. Like showing only lines that contain username/password?
Maybe a little bit off-topic for this thread...
-
Haha, thats hardcore Barry!! :)
Great build! B)
-
Barry: Yes, there is signal loss, but I don't think I will see any difference between 10cm and 15cm cables. That said, the cable that I put into my Pineapple is 15cm long, and the original in the pineapple is about 8cm. Still the longer cable is doing better. In fact, I had some problems that I did get very few connections from Karma with the old cable, however with the new cable I got a lot more connections!
Darren: Well, I didn't believe that there would be any difference in signal strength either, but now I'm convinced. I'm sorry but I have no spec on the pigtail, except its black, about 15cm long, ordered from ebay some while ago, and it works great. I could have a look in my ebay history, but I don't think this cable is special in any way. Just an ordinary pigtail I guess.
And regarding the bit lengthy cable of mine, I didn't twist it, but rather made a loop, if you understand me and see the difference. It felt kinda "neat and safe", and I mounted the rp-sma correctly, so there is not possible to twist the cable from the rp-sma-end-of-the-cable ;)
-
It's a piece of coax cable 1.3-ish mm thick! :o I can solder some pretty damn small surface mount components, but there's no way I could solder the ipex side of it. It's so expensive because they're a bitch to make. I just wish I could find them shorter... I can find them 6" and longer all day, but trying to find one the same length as the one in the pineapple is damn near impossible without having them made.
And all this years my mom told me that the longer the better...
Anyways, I just snuggeled the wire in there, and it works better than the original, so I'm happy with it. Hopefully the pigtail is shielded, so you could have a couple of meters inside before you would notice any difference in signal? Exadurated I know, but would it be partially true?
-
Well, you could have a look in the thread http://forums.hak5.org/index.php?/topic/27372-anker-astro3-10000-mah/
But I have to say that I couldn't find any spec about the mA of the product in your link, it might be enough mA, but why gamble when the Anker Astro 10000 mah have 2 usb outputs of 2 Amps. It's not too expensive, and it can also output 5v, 9v and 12v. All within the operating area of the Pineapple.
-
If I understand you correctly, you are plugging the USB from your laptop, into the USB on your Pineapple?
You should not do this, as this could harm the Pineapple!!
You should either buy a cable like this http://hakshop.mysho...usb-power-cable or make one yourself, to feed the Pineapple power the right way.
And laptops usually only give 500mA of juice, and the Pineapple uses up top 1000mA, so you should really not power it from the Laptop at all.
The best thing to do is to use an Anker Astro 3 batterypack, or as me a batterypack from DX.com. Theese batterypacks give you an output of up to 2Amps, which is enough for the Pineapple.
Edit: The reason why you can not connect to the Pineapple I would believe is because of too little power.
-
Well, hopefully theese steps might help ou out a little! :)
-
I would really like to learn this too.
Just some basic tips about how one should do this/what tools to use would be great! :)
Ask** Phishing Tut
in WiFi Pineapple Mark IV
Posted
You might also have to edit the following line in your facebook.htm
Into
name="name"
[/CODE]
This is because your error.php is looking for 'name'
$nam = stripslashes($_POST['name']);
[/CODE]