0xPHK

@Vile: Thanks for the tip, will try it this weekend... ...as well as playing with spt to see if it can work with a fon 2202 cheers phk

So after 12 days, any news about it?

Ok will try this setting with my w7 box, but how many ppl are using this setting, maybe not so many i think... thanks cheers phk

because the ducky has pwned the autorun function ;)

without deleting the old key associated to ip/hostname in known_hosts it won't let you accept the new key if strict checking is enabled - @sebkinne wil try the new version as soon as i can :) have you played with the simple phishing toolkit on a pineapple yet? thanks for your work. cheers phk

@darren: Which OS's are known to autoconnect, using deauthing or waiting for new victims to come in our bar? Didn't tested any linux dist's yet but xpsp3 and later won't autoconnect to karma - when the known ap was using any sort of encryption. If it wasn't - clients will connect automatically, up to fully patched w7 boxes... so i'm guessing macs could be vulnerable? would be nice to get some informations on this "issue" cheers phk

hope this thread is not dead yet. to your question: maybe both ;) when "debugging" or simply sniffing the packets you will find the needed informations in your dumped packets. give wireshark a try ;) but i can confirm that windows boxes running xpsp3 and later won't autoconnect to karma, all you can do is waiting that someone is dumb enough to manually connect to the karma'd ap.. what i cannot say is which os's will still connect automatically to the rouge ap, but regarding to several hak5 videos with darren, macs are a possibilty... maybe darren could answer to this cheers phk

let's see if we can it run on our lovely pineapples ;) will try this when more time avail. cheers phk

Not sure but i think he means deauthing all clients on that specific AP. Maybe leaving the ClientMAC form empty and only using the BSSID of the attacked AP? Someone here using a 2202 with this firmware?

I recently saw an updated 2.01 firmware on wifipineapple.com Is this a generic atheros based fw like the version on the first post or is this special for a MK3? Tried flashing it to my 2202 but it hangs at redboot and won't boot up. cheers phk

@ Sebkinne, i sent you a pm. cheers phk

This was the reason of my decision to take a 2202 because of the 32MiB and the USB Port for extra storage, but unfortunately it's not working yet as it should. cheers phk

Well I have tested all the things that came up to my mind, including several IP changes. I was using your 172.16.42.0/24 IP range on my first attempts to get it running. Currently my 2202 is configured @ 192.168.1.1, spoofing lists were modified as well. My major problem is getting Internet connection to work on Lan port and over Wlan, the connection itself comes via Wan port from my local network router. I want to get this running first before doing further investigation why karma is not running too. My intention was to use my 2202 as generic wired mitm device between my router and and the switch that serves all local network clients, to use the snarfing and spoofing capabilities. Maybe I'm thinking into the wrong direction, please correct me if this theoretical scenario won't work at all. Karma is primarily for mobile usage, but as there are wireless clients in my network and my neighbourhood too, so a working Karma would more than just be nice. EDIT: forgot to say private key auth works, dropbear expects authorized_keys in /etc/dropbear Greetings from Germany Phr³³k

Looks like I'm a few steps further into getting things running... My current status: disabled the wan port to "emulate" a mesh/ap51/2100 with just one eth port - internet, spoofing and url snarf works as well as ngrep. only karma won't work as it should be. in the control centers status window association switchtes from enabled to empty, ss well as showing some association info (passing through...) - but but switches after ~10secs to empty and vice versa. the association log shows associated clients even if karma is not enabled ?!? enabling/disabling doesn't seem to make a difference, so i think something is still screwed up. BTW: ngrep causes the 2202 to reboot after aprox. 30-40secs Maybe Darren, Sebastian or someone else could please help troubleshooting my issues? Is there a mk3 user running it stable on a 2202? Usb for logs & paylods and second eth-port would extend the possibilities of the pineapple a lot. One jack in, one jack out - no karma though, but still suitable for mitm using spoof and snarf features. sorry for spamming this thread but can't edit existing posts - dunno why (EDIT 5 posts rule) cheers phk

Well that sounds interesting - sending one to germany is possible? I think ur location is important and so the shipping costs... So please make an offer for one level shifter incl. shipping thanks & cheers phk

After some further investigation I'm still not able to get Internet working over lan & wlan. Maybe the WAN port must be added to the br-lan bridge as the 2100 and other devices only have one eth-port? Currently the following 2 interfaces are bridged - eth0.1 (computer-eth-jack) & wlan per default. As Karma fails to associate probing clients (in this case my last known ap's radio is still on), I think the last known ap is a little bit faster answering the probing requests, than my pineapple? Will try disabling my ap tonight to see if this works. cheers phk

Something Offtopic > where is the edit button for my posts? *confused* Ok back to Topic @sebkinne: Thanks for your answer, the available space may be a problem, so i understand your point regarding to the original webif. The question about the packages is now clear too, it was intended for ppl who just want to install the packages without reflashing, right? Now i have to investigate why the internet connection isn't routed correctly to the clients. the spoofing attempt works when plugging a client in the eth jack or by connecting directly to the "internet" essid, but currently it looks like karma is NOT associating a wireless client correctly, there are some association entries but they are cleared after a few secs. I'm short before starting over again... thx & cheers phk

Well i think something is not working as intended. As I have a 2202 Fonera there is a wan port which is connected to my local networks router to provide internet access. Br-lan is set to 192.168.1.1 statically and wan port uses dhcp, it gets ip from my local 192.168.0.0 network. Dhcp is configured to provide gw @ 192.168.0.251 as this is my routers ip. If a client connects dhcp provides all needed addresses incl. gw, dns and netmask but internet connection is not working, when using wlan or eth port on my fon. maybe a routing table problem? In fw-standard setting the gw is in the same network as the 2202's primary ip (gw 172.16.42.42 / eth 172.16.42.1) So i thought it should be possible to adapt these settings to suit my local network. (0.0) but this is not working either, Any ideas Guys?

First of all, thanks for the good work you have done here. After flasing the 1.9 Firmware x times via Redboot, it never worked as intended, so tried it again with the ap51 utility, which was never able to detect my interfaces correctly (drop down,list always empty), but this time it worked - i have no idea why but MK3 is now working on my 2202 but i have a few questions regarding fimware. First i was wondering if it is possible to use the stock webinterface from backfire as well as the pineapple ui? I tried to get passwordless authentication via private key file / authorized_keys in dropbear but this seems to be different from the configuration of sshd . The USB led is lit all the time, maybe i missed something to read? I think when using Backfire 10.03.1 the leds were working correctly but i'm not fully sure, will investigate this later. On our pineapple-wiki, there are .ipk files for use with a stock openwrt-distro, is this still applying to the latest mk3 firmware? Maybe it is possible to use both webui's when just adding the missing packages? (mk3 uses opkg and not itsy right?) And one last question about the error message when accessing the ip directly: The redirect.php includes a error.html, but there is only a error.php. Maybe i did not understand how it works yet, maybe there is something missing? cheers phk