condor

I have an SMCD3Gnv wifi router with a voip network bridge (main access to internet) connected to this is a ssh server (solely for reverse shells {pineapple drops), a debian box, a windows xp box, a wii, ipod, lenovo laptop, compaq laptop, my acer netbook, and also a pineapple MKIV for testing. another pineapple MKIV in my netbooks bag for 'in the field' type stuffers. I also have an alfa awus036h and a host of antennae including a 16dbi yagi. I really want the 036nha to use with the pineapples =(

terribly interesting. and he looks alot like me too. hmmmm the internet is like a classic 'ant and the grasshopper' story to me; while most ppl are watching someone fall on their face, I am preparing. I am not interested in the entertainment aspect, I want more knowledge......

I'll bet not many people that watch these events know that the 'Higgs Boson' was recently discovered and confirmed through experiments at the LHC in switzerland. Furthermore, I'll bet noone knows what any of those scientists names are. This discovery, along with many, many more will help to shape our lives as well as the world around us for many many years into the future. It's sad, but the majority of the human population puts a very large price on entertainment.

Yes! Facebook, Youtube, Google. These sites are each worth billions of dollars. Do they cost you any money to go there? How do they earn that money? Advertisers pay them BIG money to put ads on their sites. What if we went to these advertisers and landed users of the internet on their pages? Forget about clicking a link, I'll send ya a couple thousand users an hour, I wonder how many we could get collectively.... ...it would be just as great to do it for fun though, too, don't get me wrong. I'm not into any of this stuff for the money, lol.

Anyone down for some synchronized pineappleing? I think it would be cool to see how many people we can get to land on a certain page. We could all set our pineapples to route users to a splash page of our choice, as long as we all used the same page, we could effectively net up ALOT of clients, eh? It would be very interesting to see, I think. Let me know, I've got 2 of 'em.

I use a spare pineapple in my bedroom, connected to my router provided by my ISP via ethernet to the WAN port on pineapple. I can then connect to the pineapple via wifi, or through the router (http://10.0.0.10/pineapple/index.php for instance). This enables me to mess with the device and not get kicked when/if the wifi goes loopy =P. This is just for testing, though. In the field, I primarily use bt r5, or winXP. Anywho, I absolutely recommend you get one of these bad boys. Oh the fun you'll have......

This, my dear friend, is exactly the post I was looking for. Don't judge me, but I'm pretty stoked that you three have responded to me. I can always make sense of what you guys post. There are others, but you guys are very active, and very knowledgeable. Thank you. I have learned SOOO much in the last few months, I go about my day just smiling at ppl. MUAHAHAHA..... and yeah, I turned on my other pineapple that's in my bedroom, instead of out in the backyard, and am able to follow your instructions, petertfm, with good results. Obviously, there aren't any AP's in range way back at my shed (or wireless clients to karma, for that matter). It was fun setting up the pineapple on the roof, though. I had a magnetic 11dbi omni stuck to the dish of an old directTV antenna, with the pineapple stuffed into an old cookie dough container, 4g rocket and all....

I tried your advice petertfm, thank you. However, I am still unable to get any data back from airodump. Here's a bit from my session: root@Pineapple:~# ifconfig mon.wlan0 down root@Pineapple:~# ifconfig wlan0 down root@Pineapple:~# ifconfig wlan0 up root@Pineapple:~# airmon-ng start wlan0 Interface Chipset Driver wlan0 Atheros ath9k - [phy0] (monitor mode enabled on mon0) mon.wlan0 Atheros ath9k - [phy0] IEEE Unknown Unknown (MONITOR MODE NOT SUPPORTED) 802.11bgn Unknown Unknown (MONITOR MODE NOT SUPPORTED) Mode:Monitor Unknown Unknown (MONITOR MODE NOT SUPPORTED) Frequency:2.462 Unknown Unknown (MONITOR MODE NOT SUPPORTED) GHz Unknown Unknown (MONITOR MODE NOT SUPPORTED) Tx-Power=18 Unknown Unknown (MONITOR MODE NOT SUPPORTED) dBm Unknown Unknown (MONITOR MODE NOT SUPPORTED) root@Pineapple:~# ifconfig 3g-wan2 Link encap:Point-to-Point Protocol inet addr:100.217.32.85 P-t-P:10.0.0.1 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:1836 errors:0 dropped:0 overruns:0 frame:0 TX packets:1897 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:202034 (197.2 KiB) TX bytes:221448 (216.2 KiB) br-lan Link encap:Ethernet HWaddr 00:C0:CA:60:EE:16 inet addr:172.16.42.1 Bcast:172.16.42.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2264 errors:0 dropped:0 overruns:0 frame:0 TX packets:2284 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:325565 (317.9 KiB) TX bytes:638279 (623.3 KiB) eth0 Link encap:Ethernet HWaddr 00:C0:CA:60:EE:15 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:5 eth1 Link encap:Ethernet HWaddr 00:C0:CA:60:EE:14 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:4 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:4445 errors:0 dropped:0 overruns:0 frame:0 TX packets:4445 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:562576 (549.3 KiB) TX bytes:562576 (549.3 KiB) mon0 Link encap:UNSPEC HWaddr 00-C0-CA-60-EE-16-00-00-00-00-00-00-00-00-00-00 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:32 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) usb0 Link encap:Ethernet HWaddr 02:F6:4A:78:B3:47 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:17 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) wlan0 Link encap:Ethernet HWaddr 00:C0:CA:60:EE:16 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2260 errors:0 dropped:0 overruns:0 frame:0 TX packets:2504 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:32 RX bytes:357181 (348.8 KiB) TX bytes:718531 (701.6 KiB) root@Pineapple:~# iwconfig wn0 mode monitor Error for wireless request "Set Mode" (8B06) : SET failed on device wn0 ; No such device. root@Pineapple:~# iwconfig wlan0 mode monitor Error for wireless request "Set Mode" (8B06) : SET failed on device wlan0 ; Device or resource busy. root@Pineapple:~# airmon-ng start wlan0 Interface Chipset Driver mon0 Atheros ath9k - [phy0] wlan0 Atheros ath9k - [phy0] (monitor mode enabled on mon1) mon.wlan0 Atheros ath9k - [phy0] IEEE Unknown Unknown (MONITOR MODE NOT SUPPORTED) 802.11bgn Unknown Unknown (MONITOR MODE NOT SUPPORTED) Mode:Monitor Unknown Unknown (MONITOR MODE NOT SUPPORTED) Frequency:2.462 Unknown Unknown (MONITOR MODE NOT SUPPORTED) GHz Unknown Unknown (MONITOR MODE NOT SUPPORTED) Tx-Power=18 Unknown Unknown (MONITOR MODE NOT SUPPORTED) dBm Unknown Unknown (MONITOR MODE NOT SUPPORTED) root@Pineapple:~# airodump-ng mon0 CH 3 ][ Elapsed: 8 s ][ 2012-07-24 23:53 BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID BSSID STATION PWR Rate Lost Packets Probes root@Pineapple:~# airodump-ng wlan0 ioctl(SIOCSIWMODE) failed: Device or resource busy ARP linktype is set to 1 (Ethernet) - expected ARPHRD_IEEE80211, ARPHRD_IEEE80211_FULL or ARPHRD_IEEE80211_PRISM instead. Make sure RFMON is enabled: run 'airmon-ng start wlan0 <#>' Sysfs injection support was not found either. root@Pineapple:~# [/CODE] As you can see, mon0 did not become active after the first attempt at airmon. However it did show up in the list from ifconfig. After the second airmon-ng start wlan0, I got a mon0 interface, but it still does not 'see' [i]anything[/i] I don't have any issues using the aircrack-ng suite from my netbook, using bt r5. But it's interfaces aren't as complicated, lol. How do [u]you[/u] get this working? I would love to see this.

ok, so mon.wlan0 is used by the system. Would I still use airmon-ng to slip wlan0 into monitor mode? or iwconfig wlan0 mode monitor? (same thing?) I don't mind that affecting karma, but I am interested in whether or not it does (putting the interface into monitor mode). I have an awus 036h, but am unable to get that to work with the pineapple as of yet. Funny thing, I am outside in my backyard where I have my pineapple set-up in a shed. I am using it atm with 3g and when I clicked on your aircrack link I got this crap: Web Guard is enabled on your line and has restricted your access to this content. The person on your Wireless account who is designated as the Primary Account Holder can disable or adjust this restriction through the account management website. I wonder if I'll be able to call them and get that lifted. Wow

Can someone please explain just how this thing is using it's antenna? I'm a bit confused on the mon.wlan0 deal. I want to understand this so I can do a site survey w/ airodump-ng. I would use WhistleMasters module but I'm unsure exactly what's going on, and I am usually not connected via wifi. I am trying to learn to manage it all through ssh/3G, but I'm a noob at this stuff. Any advice/knowledge is greatly appreciated...

...like session hijacking? you don't even need the pineapple for this, if I'm not mistaken.

I'll take 2 for $1200. wtf is that sticking out of the usb port? I'm seriously laughing aloud...

Pretty sure you could use the wps button module & put the respective commands into 2 diff button triggers.

that is intense. essentially a beefed up pineapple though, huh? I can't imagine someone knowledgeable enough to execute an attack worthy of this device actually paying for one. Wouldn't such a person 'roll their own'? I'm curious; about how many pineapples MKIV's have been sold? Anyone?

yeah, can't get any info on the interface either. I thought it was me again, and I just needed to figure it out. I'm glad to see I'm not alone. Wish I could help...

"Who are you...who are so wise in the ways of science?" I was cracking up when I heard you and snubsie quoting old Monty Python. Way back when I first got the pineapple, I was trying my little heart out to get this autossh to work. But not until the other day when I saw this video and watched you copy paste the RSA public key did I realize that I was only copying inbetween ssh-rsa and root@pineapple, seeing you do it helped. The help in the UI says : You'll need the from "ssh-rsa" to "root@Pineapple" anyway, thanks

woooo.hoooooo! thnx guys

I can't begin to convey my gratitude. I tried to send you a pm after reading some crapola from kent lawson? Security through obscurity, eh? I can only hope that the information that I glean here, as well as my passion for this, gets past on to my kids. Who will then, perhaps, become leaders themselves in this crazy binary new realm. Anyway, I for one appreciate you, and those like-minded. Keep up the good work.... There are alot of us watching....and learning

where do I find the md5 sums for prev. firmware versions? specifically 2.3.1?

well, I have 2 pineapples and one is firmware 2.4.1 while the other is 2.3.1 I just updated (5 min ago) the one pineapple to 2.4.1 and am having problems with 3g. What is most interesting is that the device (zte mf591) is now mounted? at /usb. This solves some challenges I've had as far as installing modules, bla.bla, however it opened other challenges; I can't get the 3g to dial! And while I'm here reporting 'bugs' (perhaps this is not a bug, but instead it's me being retarded) I noticed today @ work while doing a live implamentation that once I enabled karma, I lost 3g connectivity. I am just too inexperienced to understand that one. How does the answering of probe requests affect routing? I am soooo lost on that one. I really want to understand it, but I 'spose as long as it works, I'll be happy, and perhaps one day I will understand it. Also; during said implamentation karma did not do it's 'thing'. I had not one ssid in the list of available networks that did not belong there. As a matter of fact, there were 3 ssid's. When I got home, I used the other pineapple and enabled karma. This was successful as I saw many 'available' networks to join. Some even had different signal strengths than others (which I thought was right on for it looked much more legit).

how about a short tutorial? I can't seem to get this one working. I can, however, use my netbook and deauth my router. Just think it would be cool to be able to do it all from the pineapple. I assume WhistleMaster has it going. Oh, to be a guru of helmholtz resonation. I can't even get the damn awus 036h to work with my pineapples.

re: autossh and it's persistence. When enabled, does it actually establish a connection to the relay server, and the server holds the conn, or is it just constantly trying to connect, and when you log on to the vps using -p 4255 etc, the connection is then established? I could probably look through auth.log files on the server and come to a conclusion, but I am looking for a definitive answer that doesn't involve my own garbled 'self-teaching'.=)

you have any idea how many ppl will connect to a 'spongebob' ssid?

ok, the 2 of you know WAY more than I so please advise; When using a 3g modem w/ sdCard, how do I get opkg to do its magic? it wants to work with the 'usb' directory, but with a sdcard there is not a 'usb' directory, it's /mnt/sdb1;2;sdc1;2 etc, etc here is the error message from opkg: Collected errors: * make_directory: Cannot create directory `/usb//usr': Read-only file system. * make_directory: Cannot create directory `/usb//usr': Read-only file system. * opkg_conf_write_status_files: Can't open status file /usb//usr/lib/opkg/status: No such file or directory. I'll dig around, perhaps there is some elusive opkg_config file I'll happen upon. But I would really appreciate any guidance. Thanx, I love this thing...

you guys never cease to amaze me... I just overhauled my working knowledge of these nifty little devices, and boy are they hummin....