Jump to content

Xcellerator

Active Members
  • Posts

    285
  • Joined

  • Last visited

  • Days Won

    10

Everything posted by Xcellerator

  1. I use an Anker Astro E4 which spits out 13000 mAh. It has two usb ports on it for 1A and 2A both at 5V. So use the 2A one (10W). Also a 5mm DC barrel to USB lead. It easily powers the Pineapple for at least 15-20 hours on a full charge.
  2. Sounds good, mate. I'll wait for the new firmware to drop and if there's still a massive lag then I'll open a ticket. If anything happens or is resolved, I'll post back in this thread for anyone in the future. Thanks for all your help!
  3. 1. Afraid not. What you're after is persistence. There are a huge myriad of ways to gain persistence though once you have a shell. I'd suggest reading through these: https://isc.sans.edu/diary/Wipe+the+drive+Stealthy+Malware+Persistence+Mechanism+-+Part+1/15394. They have what are probably the easiest ways to keep persistence going. 2. Unfortunately, a binary like this will probably be detected by most antivirus. The VirusTotal report currently says that 25/57 AV vendors will recognise it as malicious. Report: https://www.virustotal.com/en/file/413d54659bc768f8df22344db3aa2164e98096f367cc7baa41f8f748c0fede21/analysis/1428692100/, so it doesn't look so good... A general thing to keep in mind is that if you write your own binary, or even generate one from metasploit (not a meterpreter executable, they're always picked up) you stand a much better chance of if not being detected. Just don't upload them all the VirusTotal, that just increases the chance of detection. (It didn't matter in this case because it's already heavily detected..)
  4. Right, here we go: 1) Throughout the whole process I had at least 50% idle cpu according to top. 2) The bit rate stayed fairly level, pretty much the same as yours but it spiked an awful lot. About every 10 seconds or so it'd drop for a second or two to anywhere between 1 and 40 MBps. 3) Once I threw on the whole PineAP suite and Karma, there was no effect on the bit rate at all, but after a short while my access to the Internet was lost. Nothing would bring it back up other than a reboot. I confirmed that connecting straight via the AP worked just fine. After it all rebooted, I found the plot thickens even further. Before I rebooted it, I tried pinging the gateway and it gave me "Network Unreachable". After rebooting, it responded just fine. Then, about 3-4 mins after setting everything up running again, it goes again. I'll add that this whole time, I've got download speeds of 0.5-1.5 Mbps according to speedof.me and speedtest.net. Connecting directly, I get a solid 20-ish Mbps. (The reboot issue is the same as you described except I didn't have as much running, so at least that seems to be experienced by someone else. I've seen other people reporting *similar* things too on the ticket tracker).
  5. Hey, thanks for replying. Here is the client mode page, as far as I can tell, things seem pretty normal. And yeah, you're right. The pineapple's wlan0 is on channel 11 and my AP is on channel 6.
  6. Anyone seen anything like this? I wanna make sure it's nothing on my end before opening a ticket.
  7. Alright guys, just a quick query. I've got my pineapple set up connected to my home access point through wlan2 (The Alfa from the hakshop). When just connected and the pineapple not running any other business I get a connection speed of about 4-5 MBps but I varies quite wildly and sometimes ducks down the below 1 MBps. However, once I start running the PineAP suite it drops completely to sit between 0.1 and 0.5 MBps. I'm right next to my AP so it's not that. I've tested the Alfa on a laptop and ensured that it's still working fine. I also SSH'd into the Pineapple and used top to check ram and cpu usage. Both were sitting comfortably low. Is this behaviour seen by everyone else, or is there a problem on my end that I've overlooked? EDIT: Okay, so after some more playing around, it seems the issue *may* be related to Harvester. With all the PineAP modules running plus Karma I get around 1.3 MBps. As soon as Harvester is turned on, it drops to about 0.1 MBps. ALSO, I keep getting random reboots which makes me think it could be an overloading problem? I've since done a factory reset and updated to the latest firmware. And I've double checked the power. Its got a solid 12W being pumped into it..
  8. I'd recommend you read this: http://schierlm.users.sourceforge.net/avevasion.html Very good article on how the encoders work and what does and doesn't bypass AV evasion. When it comes to binaries, it basically boils down to writing your own code.
  9. I spent a few months in southern China last year and from I saw, the chances of any copyright claims being dealt with are pretty slim. Complete shops on high streets blatantly advertise themselves as "Appla" or "Niek" and sell rip off products. If they can get by, then it'd be even easier for a website. Some shops don't even bother trying to change the name.
  10. Certainly not as easily as with open networks because they're encrypted. If you know the WPA2 passphrase then you could create a cloned AP and deauth the clients connected to the real AP which should end up with them associating to your fake one. But of course, if you do this, its a targeted attack because you won't get any other clients from other APs. Hope that helps!
  11. Yeah, that'd be because the Wii accepts USB keyboard as input. Off the top of my head, I don't believe the Wii supports USB Keyboard is a substitute for the WiiMote. So you couldn't get it to press the A button or wiggle the analogue stick on the nunchuck. I think the Ducky would work fine on the XBox if you only wanted to enter keystrokes, but as far as the emulation of the actual controller goes, I'm not sure. You could try taking a look at "MotionInJoy". Their drivers for windows work pretty well for both the 360 controller and Sony's dualshock.
  12. I suppose you'd have to rewrite the firmware to act as an Xbox controller rather than a standard keyboard. I guess it's possible, but would probably take a lot of effort..
  13. Describing the Pineapple as a man-in-the-middle is a perfect description. ALL the pineapple does when in client mode is "forward" everything from its wireless clients to your AP. It couldn't encrypt or mask anything because then your AP wouldn't understand it. (Ok, there is encryption involved, but its only the WEP/WPA that you have on your AP, thats only so that someone not authenticated to the network can't snoop on anything - in other words, everything is decrypted once it gets to the router.). As far as your router (and therefore your ISP) is concerned, the pineapple is just another wireless client connected to the network, just like your laptop or phone is. HOWEVER, obviously if you had several devices connected to the pineapple, the router wouldn't be able to distinguish between them (all the connections would appear to originate from the pineapple). Just like your ISP can't tell whether your phone or your laptop requested a certain web page (all the connections appear to originate from your router). Hope that clears it up for you.
  14. I get a similar issue with PineAP. It starts up just fine, then I got into reconnaissance mode and try to add an AP to the SSID list and the web interface freezes and whole pineapple locks out - can't even ping it. Have to power cycle to get it back working. So far its happened every single time.
  15. Have a look at this. http://web.archive.org/web/20131025003847/http://domonkos.tomcsanyi.net/?p=418 The original page doesn't seem to want to load for me, so I grabbed it off of Wayback Machine. Be sure to read through the PDF he references at the beginning of the article. Its a bit long but VERY clearly explains how GSM works which is invaluable when it comes to analyzing the traffic you'll see.
  16. Yeah, there is. As far as I know that is for 2.4 GHz USB Dongles that provide better throughput for client mode. One of the most suitable ones from that list is the one being sold on the Hakshop at the moment.
  17. How about we knock it back on topic then. Does anyone know of any 5 GHz USB dongles that are supported by the pineapple? If so, how did they fare with various tasks? Client mode, etc.
  18. Yeah, it could do with updating actually. Got my last exam tomorrow, so I'll see about adding in the new commands.
  19. I would reccommend this write up here: http://domonkos.tomcsanyi.net/?p=418 in which he uses the original HackRF Jawbreaker to intercept AND decrypt gsm traffic. Importantly, this PDF which he links near the beginning which explains all about how GSM exactly works: https://skydrive.live.com/redir?resid=8F7DEEEC761F130B!603&authkey=!AN3UlLqs7FxmZmQ Finally, this project is really cool. It involves hacking the femtocells to see all the traffic passing through it (femtocells are portable mini cell phone towers that anyone can buy for around $400 to improve their coverage - typically for businesses that have poor reception round the office...): https://wiki.thc.org/vodafone Hope these help! I think thats all the projects I know of - the PDF detailing GSM is a highly recommended read!
  20. The only way to do something like this would be to have a jail broken iPhone with OpenSSH running that still has the default login (root/alpine). Certainly not for something running stock firmware (if there is a way, it's not public knowledge). You'd be surprised though. There's a lot of people who jailbreak their phone to unlock it and leave OpenSSH on there. All it takes is a quick nmap to check.
  21. Well, I use the Astro E4, which outputs 5V, but has a 2A USB aswell as the 1A one. 10W seems to power the pineapple just fine for everything I've been doing. Remember, its all done to wattage, not just voltage. (Watts = Volts x Current in case you were unsure).
  22. Great! I was pretty sure that variable consumption wouldn't affect the battery, but just wanted to double check! Thanks very much!
  23. When I bought my WiFi Pineapple, I also bought an Anker Astro E4 from Amazon (mainly because it has the two USB ports and can charge my iPad). However, after a few months I found that it holds next to no charge at all. Thankfully Anker sent me a replacement no problem, which I received today. As far as I know, variable power consumption shouldn't impact on battery life or efficiency, but I know I'll feel like a fool if start using the new battery with the pineapple and the same thing happens again. I'm 99% sure that I just got a dud battery the first time around, but I'd like to hear if anyone else has any experience with Anker batteries or can give any input. As I said, I'm just making doubly sure I don't screw up another battery (if it was my fault in the first place!)
  24. You can use "iwinfo wlan0 assoclist" over SSH to see all the clients connected to wlan0, either by karma or not. You need to install iwinfo using opkg first though.
  25. Alright, I might have exaggerated a bit, LOL. I take it you're from the UK as well though - I'm sure you agree that you can't expect the BBC or ITV or anyone else to report anything remotely related to InfoSec - even when they do it's grossly exaggerated even for the British Media.
×
×
  • Create New...