telot
-
Posts
803 -
Joined
-
Last visited
-
Days Won
12
Posts posted by telot
-
-
I've been playing around with site survey this morning - and of course I love it. Does exactly what I need it to do, bring down APs. One issue I'm curious about is why are we given the ability to turn off/on the monitor interface? For instance:
In this scenario there are three ssid's I'll reference: 'netgear' (the legit AP), 'free_wifi' (my default pineapple ssid) and 'FAKEAP' for my stored open auth ssid on my victim. I connect my victim (evo4g android phone) to my legit AP, 'netgear'. I fire up my pineapple, connected to a BT5 laptop, turn on karma and goto 172.16.42.1/pineapple/site_survey.php and theres nothing listed as expected. If I turn off mon.wlan0 first and turn it back on, I lose all ability to karma victims. I still have my free_wifi ssid (my default ssid, as opposed to "pineapple") but no FAKEAP is ever responded to my victim. Manually instigating a probe request by turning off/on my wifi on the victim does nothing, as the pineapple is not "listening" for AP's on wlan0, its using mon.wlan0 to listen for probe requests (it HAS to be! its the only way this makes sense). So by turning off mon.wlan0 you destroy the pineapples ability to say "YES" anymore, even if you bring it back up as mon0 (standard airmon-ng fare).
Power cycle the pineapple fixes it all of course. Now if instead of bringing down mon.wlan0 and bringing it back up as mon0 - if I just turn off WLAN0 and bring it back up, I see my list of nearby APs and it deauths the netgear AP just fine and karma's my victim right to the pineapple, like a champ. So my question is why do we even give the option to turn off/on mon.wlan0? There doesn't seem to be a need to, and in fact it hurts what we're trying to accomplish.
I've already removed the link on my local site_survey.php, maybe to reduce peoples confusion you can do the same for the production version of the module too? Thanks WM, this mod is exactly what I've been looking for!
telot
-
Also remember that simply not using WICD will not disable it. I prefer to remove it from starting
sudo update-rc.d -f wicd remove
Haha beat me to it Peter! wpa_supplicant and dhclient 4 life!
As for your karma problems solodwarf...thats very odd that the internet on your host machine gets borked too when you turn on karma...very strange indeed. Just for kicks, what happens if you turn on AutoStart for karma and boot your host machine up at the same time as the mark4? I'm just curious really, though it may do something. My guess is that when you changed the SSID, something got messed up - i would recommend reflashing to 1.0.2 and do not change anything, just see if it works out of the box after running wp4.sh.
telot
-
And Karma still works as before? If so, that's an excellent find!
:::telot goes off to test this:::
I'm still curious as to why you'd want to hide the ssid - having it broadcast pineapple as an ssid is bad, we can all agree. Having it broadcast something like "coffee_shop_wifi" or "free_Wifi" increases your chances of victims connecting, particularly if they don't have a saved open access point on their device. I can't tell you how many times my broadcast ssid (free_wifi) shows up in my karma logs...
telot
-
I just change my ssid to something more benign. I think it has to broadcast, or the "clients" won't connect.
Thats how I understand it to work also. I changed mine to "free_wifi" or something similar...I don't want you fellow pineapplers to see "pineapple" show up when you're at the airport with me :D
telot
-
I use vyprvpn and am very pleased.
telot
-
Well its been a couple weeks...anyone had any luck on the sslstrip front? If not, I'll play with it tomorrow morning when I got some pineapple time :)
telot
-
I was thinking about trying my hand at RC copters - but mostly for use as a pineapple delivery device :)
Put it in a shock resistant container (battery and all) for the drop, though I think an aerial retrieval would be very difficult...maybe steal batmans skyhook idea from dark knight :)
telot
-
rsync -avrz --ignore-existing /folder/folder/folder username@whatever.com:/folder/folder/folder
Done!
telot
-
Have tried different outlets now - all with the same results. Have tried a few adapters as well, just in case (2 pin US to 3 pin UK) but still no luck. Double checked that the adapter supports 240V (euro style) which it does. I guess I'm going to have to get in touch with Shannon!
Thanks telot!
If the hakshop was run by anyone else, it'd be a burden right? :) Lucky for us!
telot
-
I got an idea from this post Anonymous 3g Dongle For Mk4? thanks to RebelCork.
This could be a great thing to add to the project because that would not only make your internet a bit safer "as far as file sharing/porn" but would also save precious bandwidth
Sounds like even a module could implement this, I just don't know much about php and iptables?
[X] check box to block everything
[_] check boxes for http/https allow
[X] Ect
this is open for anyone that wants to take the idea
I could also see a bandwidth monitor with optional shutoff's! Hmm...
telot
-
Nobody in the same boat?
</bump>
Sure doesn't seem like it. What is your power source? Try a different outlet if you would please. Also, the mark4 takes a good amount of time to boot up - maybe 2 minutes. During that time the WPS button will flash repeatedly, and then go solid once it is completely booted up. But you say your power led is flashing? I haven't ever noticed that on mine...try a different outlet and see where that lands you, otherwise contact the hakshop (sorry to say!)
telot
-
Thx for sharing Telot, it's awesome! : )
You're quite welcome
Send them to free up space.I was thinking of sending them into tcpdump/snort to see packets and initiate logs.
I love the idea of being able to get an hourly report for example, and see what kind of data has gone through.
It'll be my Easter project to get some sort of automated sniffer going, and hell maybe fit that into a module (even a basic one)
This would be a great implementation! Thats exactly how I want to run it as well - hourly reports would be just about right. I've been swamped at work so I haven't been able to write it all out, but if you want to do it over easter, please share!
telot
-
I just use a regular computer travel case - I have a larger (12 inch or so) omni antenna that sits upright in there and is still hidden. It looks inconspicuous and carries a small battery if I need it, a cellular router providing internet via ethernet to the pineapple, and my iPad and notebooks and other crap. I wouldn't over think this - just go with something simple as being nonchalant is your best bet for remaining undetected :)
telot
-
Hello All,
I'm thinking of getting a Galaxy Nexus phone from Sprint when it becomes available. This phone has an NFC chip in it. What I'd like to do is put a NFC chip on my desktop. Once my phone comes into range of my desktop it will unlock it. Is this possible? Haven't found anything about this on Google.
Open your door locks with NFC
http://www.wired.com/gadgetlab/2011/09/yale-lock-opens-doors-with-nfc-phones/
Snubs detailed a way to do it with Bluetooth in a recent hak5 episode. Not sure about NFC though - I can't see why not as they're very similar technologies.
telot
-
telot your my hero. right up there with darren snubs seb and everyone else here. this is a cool community.
If we all give, we all get my friend :) This community is something special no doubt about it
telot
-
If you were my neighbor I would call the crtc or fcc after 1 hour of being deauthed;-)
Haha likewise.
Airdrop has some hard to come by dependencies. Python is easy enough to load up with opkg, but the loorcon and plyorcon are not available in the package manager. You'll have to compile them from scratch and hope they work with the SoC on the pineapple. So yes, Airdrop-ng is possible, but it'd be much easier to just issue a aireplay -0 from the cron.
telot
-
ssh into 1.0.2 pineapple and use the cat command.
cat /www/pineapple/urlsnarf.log
I have my pineapple email me the logs. See my post on ssmtp for how to get that setup, as its pretty awesome
telot
-
Let me be a little more clear. I am thinking of buying an AMX Integrated controller. It has 4 I/Os, 1 IR, and 2 serial. Just not sure what to do with it if I decide to buy it lol.
Ahh I thought you were hitting up the community looking for such a box. I'd use it for home automation :) With one IR blast turn on your tv, receiver, xbox, and some lights?
OR you could use it with a pineapple magnet mod - its high up on some pole looking all inconspicuous, you don't want to mess up its inconspicuousness now do you? But at the same time you want to trigger another set of scripts. Set the scripts to trigger off the wps button and wire up the IR to it.
telot
-
rofl @ hating on linux then asking for help with linux :)
Did you install anything to a different directory than you're supposed to? Try a "find / sanitize.sh" and see if its somewhere other than /usr/lib/scripts...then symlink where it is to where it should be (something like ln -s folderscriptisin /usr/lib/scripts)
telot
-
Basically I'm hitting the community trying to see what kind of ideas people can come up with for a box that has I/O ports, 2x Serial, and an IR port. I was thinking possibly using the I/O ports with occupancy sensors to have it trigger things on the IR or serial ports. But that's about all I can think of. So let's here what you got for ideas?
http://www.digi.com/products/serialservers/
Poke around on their website, as they have tens of thousands of SKUs and almost all of their devices run off linux and almost all have python support. I use their cellular routers daily for work and am very very pleased with the company as a whole.
telot
-
ok.... so I have the pineapple w/ 2 rj45s, 1 radio, and 1 usb. I have my laptop with 1 radio, several usbs and 1 rj45. I'd really like to be hardwired to a network on my laptop and connect to the pineapple over my laptop's wireless, setting up a bridge/route to the internet that way.... but I can't figure it out. I also have an alpha laying around..... does that get the job down??? Thoughts???
The pineapple is waiting for internet on its eth0 - that is how the whole schbang is configured to work. Its somewhat dangerous to go playing around with the network settings on the pineapple, because if you bork it, theres no way to unbrick it without ordering a special serial cable. Even if you did change the config, the wlan0 on the pineapple is setup to be in Master mode, because its an AP. Yes, it is conceivable to use a USB wifi adapter like an alfa plugged into the pineapple - Darren mentioned it in a thread when the mark4 was first being announced a few months ago - but nothings ever come from it. I've tried getting it to work myself, just so I can use it for deauthing and airodumping, but I haven't had much luck. The pineapple recognizes it as a USB device (lsusb) but it won't recognize it as an interface.
tl;dr no its not possible without some srs hacks
telot
-
I am currently using backtrack 3 on my OQO to be really moblie it is pretty sweet. But can't get BT 5 working .
k.
telot
-
Are you on OSX? Your symptoms sound very familiar to me. You have to do some tricks to get ICS working...for instance I can connect via ssh to my pineapple just fine and my victims have internet, but try and ping from the pineapple? Nothing. No opkg either. The process to get ICS working in OSX is detailed here: http://forums.hak5.org/index.php?showtopic=25889 - the reason I don't do that is because I also use my pineapple on other computers and cellular routers and I'm too lazy to change all my other computers to suit my mac.
telot
-
Thanks DAV! Can't wait to try it out!
^me after running this script
EDIT: I tried it and thank you for putting the default amount over 9000. I like my surrounding APs nuked into oblivion.
This script would be perfect when connecting two pineapples together...or if I can get my damn alfa awus036h working on the mark4...and to do this of course we'd have to work in a whitelist to the script so it doesn't take down the attacking pineapple.
telot
Control Bandwidth Usage Module?
in WiFi Pineapple Mark IV
Posted · Edited by telot
This must be McDonalds...cause I'm lovin' it
telot