hfam
-
Posts
393 -
Joined
-
Last visited
-
Days Won
4
Posts posted by hfam
-
-
ordered thanks for the heads up! i really appreciate it!
No worries, glad I could assist brother!
-
Has anybody already measured the power consumption of the AP51?
I know that the Fon 2100 needs approx 750mA while operating, which is clearly more which is mentioned in the USB Spec (500mA).
I know most boards deliver a higher current (else most of the 2.5" HDD's wouldn't work external), but i would prefer using an cable with two USB Jacks, so you could use 1000mA for sure.
Not that you damage your board or wonder why the Pineapple is not working stable.
That's a good question. I haven't confirmed the power consumption under any circumstances (under load or just turned on).
I can say however that I've put the device (Alfa AP51) under load for an extended period of time while powering it on USB (using the cable I'd identified above) and it hasn't given me any issues...none that I'm aware of anyhow. No unexplained shutdowns, etc.
-
In another thread we were discussing POE to the pineapple. Here is my hacked cable that is POE and as a bonus, derives its power from a spare USB port. You can find the tutorial on my website, telot.org. Direct link: www.telot.org/usbpoehack.html
Also, apologies to my lower resolution brothers, the pics in this tutorial are huge as I didn't want to lose out on some of the detail.
Enjoy!
telot
This is great, thanks telot!! Nice work and thanks for sharing!! :)
-
Just wanted to catch up and indicate that all appears to be working GREAT, thanks seb!!
Just flashed 3 Alfa AP51 units with 2.0.1 and it worked like a charm.
Karma is working perfectly (now that I understand the diff between 2.0 and previous versions!).
BROTIP: I've found that for me it works best to make the SSID change in the Karma config and saving it to something other than "pineapple" prior to hitting your "target rich environment". Coupled with Karma autostart, this works great because the "pineapple" SSID never shows up at all, even for a moment, and your new SSID with Karma just "shows up for the party" all inconspicuous like :). This is only possible due to the new implementation of Karma, thanks seb & digininja!!!!
Haven't had opportunity to use the deauth function yet. Wondering about that channel issue and the manual changing of the channel to match the target AP channel.
Is it confirmed that we have to manually change the MK3 channel to match the target AP channel in order for the deauth function to work?
Thanks again for all the hard work that goes into this project one and all!!
-
thanks for this info!
can you comfirm i found the right one? http://www.amazon.co.uk/StarTech-feet-Barrel-Power-Cable/dp/B003MQO96U/ref=sr_1_1?ie=UTF8&qid=1325757480&sr=8-1
looks alot better quality then the one i got
That is exactly the right one! I am really impressed with the quality and fit on these, perfect for the MK3. The price went up since my last purchase of these prior to Christmas, bit still great quality and a deal at that price. Funny coincidence, the other 2 I ordered arrived today!
-
Alright, let us start:
Changing the SSID:
If you use the change SSID function, the SSID DOES change.
There seems to be a problem with clients who have already seen the previous SSID.
Those will show the SSID "Pineapple" and whatever you decided to change it to.
Right, I should have mentioned, the SSID will always be "Pineapple" unless changed in the GUI. It can be changed using the karma SSID changer or by changing the wifi config and rebooting.
I know that seems like a bit of an annoyance but for now that is what we have. If, let's say you want the SSID to be internet, simply change it in the wifi config, reboot and that is what the karma'd and unkarma'd SSID will be like. Technically the SSID changer in the "config.php" page should work though, I just tested it again and it works. Although my phone does see two networks: "Pineapple" & "internet". On a different device I just started I only see "internet" though. Maybe someone can confirm that.
Karma:
I am just going ahead to say that Karma is running. This is a new version of karma which is accessible by using hostapd_cli.
To connect to the interface manually please use this: "hostapd_cli -p /var/run/hostapd-phy0" Then type ? to get a list of commands.
Karma works for me, it is just a bit more secretive I guess. The LOG does not show right now, but the functionality is there.
Associations Log:
I will see what the issue is with that. Fix will come asap.
Hope that clears some things up!
Thanks a million seb, that clears a LOT up!! I did see hostapd so it is definitely running.
That all makes sense, and that the same SSID name *is* used for both SSIDs is much cleaner I think...stealthier for sure.
Well, I bet it was working all along then and I'm just a dork. ;)
Thanks again seb, this looks like an amazing update that took a lot of work to do, cant say thanks enough, this project is just brilliant!
-
In firmware 1.9 the SSID of "pineapple" was shown before enabling Karma. After Karma was enabled it would show up as "internet" and respond to probes.
Exactly. It was like that from v1.7 on if I recall correctly.
Also, when we had access to the karma.conf (via GUI or console), we could set the SSID and see what it was set to.
For the WiFi interface (non-Karma'd), we can still see on the Configuration page for the non-Karma'd interface that it's set to "open" and SSID is "pineapple".
Now the karma.conf has been replaced with processes we can't see (at least I don't know where to look for it! :) ) so I have no idea what the default is supposed to be, but I am pretty damn sure seb didnt' set it up to also be "pineapple". ;)
I'm gonna have to crash soon, work's gonna come very early, but I'll tune back in to see if MrP, seb, or anyone else can shed some light on what's going on.
Thanks again to any and all of you working on this awesome project (and you too MrP, dev team or not!!! ;) ).
-
You mean your typical "Reset" button to go back to default settings? If so I'm pretty sure that button is not coded to do anything. (Besides interrupt the redboot to enter a fail-safe mode, but that is not for the typical user)
I don't think so. I'm referring to the "Reboot" button that's located on the Advanced page of the GUI, upper right corner, bottom "button".
I thought I recalled from early MK3 threads that it was added to do a "clean shutdown" of the MK3, someone had listed out exactly how this was done. I also recall that it wasn't really necessary, but I just assumed that it had been added and would eventually be fixed. I was just noting that all it appears to do is freeze up my AP...pings stop responding, and I have to powercycle it anyhow. :)
I'm really bumming out on 2.0 and karma not working. Reflashed to 2.0 again, and it's the same situation.
It's just not working for me. I'm in a console now, what should I see when I do a "ps" to indicate that karma is running (or not)? The GUI indicates it's running, but functionally I can't see anything...no "karma'd" SSID.
:(
-
AP51
So far it's been good for me.
just would like to point out a problem with deauthing
it seems that the mon.wlan0 is set to a specific channel and is changed bassed on what program has used it last
but when you go to deauth it leaves the channel on what ever it was at and thus gives you a 1 in 11 chance that the bssid your deauthing is on the right channel?
allso it would be nice to deauth based on ssid name "essid" and not the mac "bssid" using the -e option instead of -a aireplay-ng has to see a probe anyways so I would prefer to use the essi
and as far as the ssid of the pineapple 2.0 goes in the configuration you can change the karma ssid BUT
when you do that there seems to be 2 ssids pineapple and the one you added?
PLUS when you activate karma all ssids go away and only the probed ones show up???
just letting any one working on the pineapple what I have found and I very much appreciate all your guys hard work and enjoy playing with your work too:-D
also right from the start the reboot option never worked for me even on my mark 2 open mesh model? would freeze
That sounds like what karma should be doing.
When you first fired it up, and fired up Karma, prior to making any changes to the karma SSID, what was the SSID that came up besides "pineapple"?
I'm re-flashing 2.0 again and we'll see how it goes, but I can't seem to get Karma to fire up. It says it is, and entropy bunny does it's thing, and the GUI shows it's started, but the only SSID that shows up is "pineapple".
Also confirming that the Reboot button doesn't work, but that's definitely a back seat issue to this karma not starting thing.
bbiab
-
I was hoping to beta test this before release, looks like crowd sourcing this one lol. Make sure you guys identify the hardware you are using.
:) LULZ! I feel like it's a bit of a privilege to be in on this project at all!! :)
I'm using an Alfa AP51.
Thanks for all the hard work you all do!
-
Nope, I think Karma works in some way because my iPhone detects the open network I manually made for testing purposes even though it does not automatically connect to it, but the SSID before and after starting Karma is pineapple and I have not been able to change that. I did not test the Deauth part but I have noticed that Airmon-ng is enabled by default and there is no way of stopping it. I also had a weird glitch with the Reboot button. I clicked Restore to factory defaults and it said that changes would be made after Rebooting. I clicked then the Reboot button but the pineapple froze and never came back up. I had to unplug it a plug it back in. The last thing I have noticed is that nothing appears under Association Log even when I connect manually to the open network I have saved on my iPhone. This used to work for me on v1.9. I know Seb will fix this soon... hopefully. I flashed back to v1.9 to make it work properly again :)
I just flashed back to 1.9 as well, and Karma is working as it should.
On v2.0, Karma isn't starting.
The "pineapple" SSID is for the non-Karma mode.
The "internet" SSID up through v1.9 is for Karma mode.
Pineapple (non-karma) goes away when Karma is enabled, and "internet" is the SSID available.
This isn't working 2.0, it's just staying Pineapple.
That's why you're not getting any associations, karma isn't running.
You're just connecting to the non-karma access point.
Seb, any ideas?
-
did you get 2.0 working?
-
Ok I dont know about you guys but now I cant change my Karma SSID through the GUI :'(
Before activating Karma the SSID is pineapple, after activating Karma the SSID is also pineapple. I have tried changing the SSID before starting Karma using the Change Karma SSID box, it says that is has changed successfully but when I activate Karma, the SSID is still pineapple. I have also tried changing the SSID after starting Karma and it would not change.
I'm having exactly the same issue.
Used to be that Karma would come up as "internet", and "pineapple" would go away once Karma was up.
I have a feeling Karma isn't starting up, which is why "pineapple" is the only thing we're seeing, despite the GUI showing Karma being enabled, and the "entropy bunny" messages while it's starting/stopping.
Seb, has the implementation of Karma changed in some way? What's the default SSID supposed to be when Karma's up and running?
Thanks!
-
Does anyone here use USB to power there mrk iii?
I got this for the pineapple: eBay link but its not actually powering it? the lights stay on fine etc but i cant seem to get the thing to ping or bring up the interface but on battery power it will???
Does anyone have a working equivalent as my battery pack is soooo unreliable!
There is another thread with all this info, but I can confirm the one I purchased through Amazon works flawlessly.
Search Amazon for USB2TYPEM, and get the one by StarTec. Perfect fit and function.
-
I can confirm that it does run off USB power.
Seconded. Seems to do a great job and no different from the 12v wart.
Here's a link to the one I purchased from Amazon, $2.99, and it's a very nice fit:
-
For what it's worth, I grabbed 2 more AP51's from an AZ distributor (listed in another thread).
With Seb's firmware package, the FreiFunk flash util (check Mr. Protocol's sigline!), and help from Ghost's install guide, I just flashed 2 units straight out of the box in like 5 minutes total.
Tested, they work perfectly!!
I bought my first MK3 from Hakshop though, GOTTA show 'em some love over there!! :) :) :)
Thanks to everyone for the expert help and the outstanding community feel out here, awesome group of folks out here!
-
What a great bunch out here, thanks for all the help one and all!!
I'm now sorting out airdrop-ng, just need to figure out a bit more about how it's used, but I managed to get it all installed, and it appears that everything is working fine!
I intend to install BT5R1 on a separate partition, but for now, I'm running W7 and I'm using the aircrack-ng VMware image in the VMware Player. This gets me the 1.xx aircrack-ng suite on a linux platform, and still using Winbloze to connect the pineapple, as the base OS. It's all working really well so far, but I'm eager to learn BT, so I'm going to bite the bullet and learn it. :)
Thanks again to all you guys for all the help and expertise, I can't say thanks enough to you all.
Back to it, this is SO much fun!!
-
Last Segment of the show, Darren answered what kind of tripod/scope it was...
Vanguard VS Table Top Digital Camera Tripod
Barska 4 By 15... Made in China
SWEET, I nailed it on both counts!!! That is awesome!! Exact hit on the tripod, and exact hit on scope, only I went with 3x7 instead of fixed 4
-
Awesome setup! What's the tripod model? Could you provide a link? Thanks!
No problem, glad I could help!
From my earlier post in this thread:
I bought them both on Amazon:
Vanguard VS-82 Table Top Digital Camera Tripod - $27.??
Barska Rimfire Riflescope - The adjustable one (3-7x20) - $14.??
You may be able to find something cheaper, but I can attest.to how well this one.works, and its unmolested, so you can use it for camera work too if you wanted to.
Good luck!
-
It would have to be a separate wireless card from the one providing internet to the pineapple or anything really since it needs to be in monitor mode. I would recommend one of the alpha USB wifi adapters the hak shop sells, I have several with me all the time, or if you have an android phone I use a simple app called wifi analyzer I think. It doesn't do much but it does give me the BSSID of AP's close, it also looks less suspicious
Thanks,.that's what I figured. Funny thing, I did a "I LOVE this show, I'll take one of everything." run on the hakshop recently (you gotta show some support for Hak5!) so I just happen to have that external alfa adapter for just that reason! ;)
So: Install the adapter, figure out how.to put it in monitor mode, and install the aircrack tools on my W7 MITM machine
Now, theoretically, when I run airodump against the new alfa adapter:
- my MITM functions all continue to work just as they do now with laptop and MK3
- the airodump results on the additional alfa interface it should show me the macs (BSSID) of the SSIDs which are showing up in the Association Log
- NOW I can use the Deauth feature in the MK3 GUI, or just command line it on the laptop because I have aircrack installed
Correct?
:)
And Ive had wifi analyzer on my droid for years, that's a BRILLIANT idea for close by targets...coffee shop, etc!!! Good call!!
As always, eternally grateful for your kind help!
-
I believe the issue with running airmon on the pineapple is that the wireless card cant be in monitor mode and have karma enabled at the same time...believe karma needs to be in master mode.
That makes perfect sense, thanks!
So, on the laptop I'm using,.its W7, the MK3 is on eth, and the Internet is being provided by internal wlan.
If I can place the wlan in.monitor mode, can I then use that interface to run the airomon against, perform deauths, etc, without.screwing up the MITM function?
Thanks guys!
-
Thanks for the reply! I'm on a Windows 7 box currently. I'm definitely going to do a BT5 install, but I'm stuck with a Win7 box for the moment.
I did SSH into the MK3 and ran the command line "airodump-ng mon0", and appeared to do it's thing, but nothing much happening right now, just some probes from my own AP.
Admittedly I've got some research to do on some of these tools, but networking is what I do so this stuff isn't hard, just haven't had a requirement to use the air* tools in my industry, so I'm catching up on usage. :)
I really appreciate the assists, I promise I'm a fast learner and won't waste your time.
If anyone knows a great place to learn this stuff (the aircrack suite in particular) I'm more than happy to do my homework too.
Thanks again!
-
Yes "Are you indicating that the MAC that's showing associated with "Schnieder" is actually a MAC of a client connected to "Schnieder", and not of the "Schnieder" AP itself?" is correct.
Using your log as an example its saying:
client MAC: 00:16:a4:fe:08:ab connected to your pineapple responding to the AP name of Schnieder.
Ah-ha! The lightbulb just went on completely! :) :) :)
It all makes perfect sense now. Even if that client connected, he doesn't necessarily pull IP via DHCP from me (although that's what we want!).
In the later example with the 2 clients, those connected to me thinking it was SSID:"do you have stairs...", and then went on to pull from my DHCP.
Now that I know what the hell I'm actually looking at, I just need to sort out how to get that AP MAC so I can do the deauths and "steal" their clients!
Could this be done through SSH on the MK3 via a command line, or for that matter, a command line entered on the Advanced page of the GUI?
Again, eternal thanks for all your help and patience!
-
thanks for the quick reply!
However, I just want to be clear, and maybe I am misunderstanding what the Association Log is showing.
I thought that the Association Log shows what APs my MK3 is mimicking, along with the MAC (BSSID) of the AP.
In other words, for the "Schnieder" example in my post, I believe that "Schnieder" is the name of the AP (that much I'm sure of), and that the BSSID it's showing is the MAC of the AP (Schnieder).
Are you indicating that the MAC that's showing associated with "Schnieder" is actually a MAC of a client connected to "Schnieder", and not of the "Schnieder" AP itself?
The DHCP log (across from the Assoc log on the Status page) shows the MACs of the clients that are connected to me.
Is what my understanding not correct? If not, I'm really lost, but I think I'm correct in my understanding of the data showing.
**UPDATE**
I think I've got it wrong, and that you're correct.
I've got the following 2 entries in my Assoc log right now:
Checking SSID for start of association, pass through do you have stairs in your house Successful association of 00:16:a4:01:96:a2 Checking SSID for start of association, pass through do you have stairs in your house Successful association of 00:16:a4:01:06:91
And I see the following in my DHCP log:
48573 00:16:a4:01:06:91 172.16.42.239 UA105301283 01:00:16:a4:01:06:91 48241 00:16:a4:01:96:a2 172.16.42.106 UA105328697 01:00:16:a4:01:96:a2
I see that the MAC addresses are the same, and obviously there aren't 2 AP's associated with that one SSID.
Thank you for your assistance and feedback, I can't tell you how much I appreciate the help out here, and trying to assist others when I can..that's what it's all about! :)
So, now that I have that squared away, what do you suggest is the best way to get the MAC (BSSID) of the AP using airmon-ng? Is it possible to do this using the MK3 instead, since it's already installed and running? maybe a command line run from SSH or something?
Again, I can't say thanks enough for all the help, eternally grateful to all of you!
Problem With Laptops Connecting Automatically To Pineapple. Please Help.
in WiFi Pineapples Mark I, II, III
Posted
Exactly this.