Molotof
-
Posts
157 -
Joined
-
Last visited
-
Days Won
2
Posts posted by Molotof
-
-
Maybe it in the way our machines are setup... The only thing "extra" i have on my server is i'm also running openssh
Ok that did it for me, my drone connected, i thought i had opens-server in the install script, will have to add it, now on with some fun, i will try to replicate your error now i have a channel to feed info to the server.
2014-05-01 23:15:00 INFO snoopy_server.py: Main Snoopy Process starting. Divert all power to the engines!
2014-05-01 23:15:00 INFO prox_guid.py: Starting proximity calculator...
2014-05-01 23:15:00 INFO facebook.py: Starting Facebook stalker
2014-05-01 23:15:00 INFO ssid_to_loc.py: Starting Wigle GeoLocator
2014-05-01 23:15:00 INFO pytail.py: Staring database population engine
2014-05-01 23:15:00 INFO __init__.py: create_all() complete
2014-05-01 23:15:00 INFO _internal.py: * Running on http://0.0.0.0:5000/
2014-05-01 23:19:44 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:44] "GET / HTTP/1.1" 302 -
2014-05-01 23:19:44 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:44] "GET /login HTTP/1.1" 200 -
2014-05-01 23:19:44 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:44] "GET /static/js/jquery.js HTTP/1.1" 200 -
2014-05-01 23:19:44 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:44] "GET /static/css/snoopy-main.css HTTP/1.1" 200 -
2014-05-01 23:19:44 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:44] "GET /static/js/snoopy.js HTTP/1.1" 200 -
2014-05-01 23:19:44 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:44] "GET /static/css/cssreset-min.css HTTP/1.1" 200 -
2014-05-01 23:19:44 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:44] "GET /static/js/snoopy-login.js HTTP/1.1" 200 -
2014-05-01 23:19:44 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:44] "POST /plugin/list HTTP/1.1" 302 -
2014-05-01 23:19:44 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:44] "POST /drone/list HTTP/1.1" 302 -
2014-05-01 23:19:44 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:44] "GET /login HTTP/1.1" 200 -
2014-05-01 23:19:44 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:44] "GET /login HTTP/1.1" 200 -
2014-05-01 23:19:44 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:44] "GET /favicon.ico HTTP/1.1" 404 -
2014-05-01 23:19:52 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:52] "POST /login HTTP/1.1" 200 -
2014-05-01 23:19:53 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:53] "GET / HTTP/1.1" 200 -
2014-05-01 23:19:53 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:53] "GET /static/js/jquery-ui.js HTTP/1.1" 200 -
2014-05-01 23:19:53 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:53] "GET /static/css/jquery-ui.css HTTP/1.1" 200 -
2014-05-01 23:19:53 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:53] "GET /static/js/jquery.color.js HTTP/1.1" 200 -
2014-05-01 23:19:53 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:53] "GET /static/images/background-gradient.png HTTP/1.1" 200 -
2014-05-01 23:19:53 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:53] "GET /static/images/logo.png HTTP/1.1" 200 -
2014-05-01 23:19:53 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:53] "POST /plugin/list HTTP/1.1" 200 -
2014-05-01 23:19:53 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:53] "POST /drone/list HTTP/1.1" 200 -
2014-05-01 23:19:53 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:53] "GET /static/js/gpsmovs.js?_=1399000793320 HTTP/1.1" 200 -
2014-05-01 23:19:53 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:53] "GET /static/js/wigle.js?_=1399000793320 HTTP/1.1" 200 -
2014-05-01 23:19:53 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:53] "GET /static/js/ssidlist.js?_=1399000793320 HTTP/1.1" 200 -
2014-05-01 23:19:53 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:19:53] "POST /client/list HTTP/1.1" 200 -
2014-05-01 23:21:57 INFO snoopy_server.py:
--------------------------------------------------------------
2014-05-01 23:21:57 INFO snoopy_server.py: Main Snoopy Process starting. Divert all power to the engines!
2014-05-01 23:21:57 INFO prox_guid.py: Starting proximity calculator...
2014-05-01 23:21:57 INFO ssid_to_loc.py: Starting Wigle GeoLocator
2014-05-01 23:21:58 INFO facebook.py: Starting Facebook stalker
2014-05-01 23:21:58 INFO pytail.py: Staring database population engine
2014-05-01 23:21:58 INFO __init__.py: create_all() complete
2014-05-01 23:21:58 INFO _internal.py: * Running on http://0.0.0.0:5000/
2014-05-01 23:22:55 INFO pytail.py: New probe data!
2014-05-01 23:22:55 ERROR pytail.py: Exception!
2014-05-01 23:22:55 ERROR pytail.py: newline inside string
2014-05-01 23:22:58 INFO ssid_to_loc.py: Looking up address for 3 SSIDs
2014-05-01 23:22:58 INFO prox_guid.py: 14 devices probing. Grouping into proximity sessions...
2014-05-01 23:22:58 INFO wigle_api_lite.py: Wigling XXXXXXX
2014-05-01 23:22:58 INFO wigle_api_lite.py: Using Wigle account xxxxxx
2014-05-01 23:22:58 INFO connectionpool.py: Starting new HTTPS connection (1): wigle.net
2014-05-01 23:22:58 INFO connectionpool.py: Starting new HTTPS connection (1): wigle.net
2014-05-01 23:22:59 INFO wigle_api_lite.py: Wigling xxxxxxx
2014-05-01 23:22:59 INFO wigle_api_lite.py: Using Wigle account xxxxxxx
2014-05-01 23:22:59 INFO connectionpool.py: Starting new HTTPS connection (1): wigle.net
2014-05-01 23:23:00 INFO pytail.py: Staring database population engine
2014-05-01 23:23:00 INFO connectionpool.py: Starting new HTTPS connection (1): wigle.net
2014-05-01 23:23:01 INFO wigle_api_lite.py: Wigling xxxxxxxx
2014-05-01 23:23:01 INFO wigle_api_lite.py: Using Wigle account xxxxxx
2014-05-01 23:23:01 INFO connectionpool.py: Starting new HTTPS connection (1): wigle.net
2014-05-01 23:23:02 INFO connectionpool.py: Starting new HTTPS connection (1): wigle.net
2014-05-01 23:23:34 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:34] "GET / HTTP/1.1" 302 -
2014-05-01 23:23:34 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:34] "GET /login HTTP/1.1" 200 -
2014-05-01 23:23:34 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:34] "GET /static/css/cssreset-min.css HTTP/1.1" 304 -
2014-05-01 23:23:34 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:34] "GET /static/css/snoopy-main.css HTTP/1.1" 304 -
2014-05-01 23:23:34 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:34] "GET /static/js/jquery.js HTTP/1.1" 304 -
2014-05-01 23:23:34 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:34] "GET /static/js/snoopy.js HTTP/1.1" 304 -
2014-05-01 23:23:34 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:34] "GET /static/js/snoopy-login.js HTTP/1.1" 304 -
2014-05-01 23:23:34 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:34] "POST /plugin/list HTTP/1.1" 302 -
2014-05-01 23:23:34 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:34] "POST /drone/list HTTP/1.1" 302 -
2014-05-01 23:23:34 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:34] "GET /login HTTP/1.1" 200 -
2014-05-01 23:23:34 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:34] "GET /login HTTP/1.1" 200 -
2014-05-01 23:23:42 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:42] "POST /login HTTP/1.1" 200 -
2014-05-01 23:23:43 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:43] "GET / HTTP/1.1" 200 -
2014-05-01 23:23:43 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:43] "POST /plugin/list HTTP/1.1" 200 -
2014-05-01 23:23:43 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:43] "POST /drone/list HTTP/1.1" 200 -
2014-05-01 23:23:43 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:43] "GET /static/js/gpsmovs.js?_=1399001023546 HTTP/1.1" 200 -
2014-05-01 23:23:43 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:43] "GET /static/js/ssidlist.js?_=1399001023546 HTTP/1.1" 200 -
2014-05-01 23:23:43 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:43] "GET /static/js/wigle.js?_=1399001023546 HTTP/1.1" 200 -
2014-05-01 23:23:43 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:43] "POST /client/list HTTP/1.1" 200 -
2014-05-01 23:23:43 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:43] "POST /client/data/get HTTP/1.1" 200 -
2014-05-01 23:23:43 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:43] "GET /static/css/images/ui-icons_cccccc_256x240.png HTTP/1.1" 200 -
2014-05-01 23:23:59 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:23:59] "POST /client/data/get HTTP/1.1" 200 -
2014-05-01 23:24:10 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:24:10] "POST /client/data/get HTTP/1.1" 200 -
2014-05-01 23:24:11 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:24:11] "POST /client/data/get HTTP/1.1" 200 -
2014-05-01 23:24:12 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:24:12] "POST /client/data/get HTTP/1.1" 200 -
2014-05-01 23:24:12 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:24:12] "POST /client/data/get HTTP/1.1" 200 -
2014-05-01 23:25:32 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:25:32] "POST /client/data/get HTTP/1.1" 200 -
2014-05-01 23:25:41 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:25:41] "POST /client/data/get HTTP/1.1" 200 -
2014-05-01 23:25:49 INFO _internal.py: 192.168.1.109 - - [01/May/2014 23:25:49] "POST /client/data/get HTTP/1.1" 200 -
Right now i am good to go BUT a problem on the client side which is when using the rouge access point it halts and does not connect, otherwise using the probe it sends the collected probes to the server and it populates to the web interface.In your case your wigle credentials need to be checked, re-enter them or check if they are valid on wigle.net first. -
I am still stuck at the server client connection problem, i double checked the time sync and time zone is correct still vpn won't do it, what is your config like and can you show the tail of the snoopy server log ?
-
Hmmm i wonder how i'd go about finding that password again, The weird thing about the web interface is it always said login successful, but never changed screens, guess its just a minor error.
Good news is i finally got maltego a step further. i finally go the entity to install, now working on the machine.
if it says login successful and then still asking for username and password then it did not pass you to the main.html (glitch needs fixed)
the password is in a text file in : /home/(username you setup for snoopy)/snoopy/server/web_ui_creds.txt
and of course the username is admin.
Glad you went that far already, hopefully we don't need to fix much stuff !!
-
Exactly thats what we need to do is make it run perfect on its own then start ruining it by making a drone of a pineapple...
I passed by creepyDOL but it did not spark my interest as it did with snoopy, as it links a human to a location in a fun way which is linking with maltego then you can expand your search and connecting the dots like a sci-fi movie.
The web interface user name is admin and the password is one that was random generated by the install script.
Oh by the way CreepDOL is still Vaporware since last year, its either too dangerous and he has been bought by the all seeing eye or he has just a proof of concept that is not fitting in place yet.
-
WOW that is an amazing drone !
-
I did not get to the point of thinking of that, i was more focused on getting it working first then worry about the two sides of the coin, i was thinking of checking out required items to run the drone if they are available in dd-wrt or can be compiled to be working in the pineapple then we can customize the script and test it with the snoopy server.
Then we get an infusion to set the configuration and start up and shutdown scripts then we will be all set !
dnsmasq tshark openvpn rsync netcat macchanger aircrack-ng psmisc traceroute iptables gpsd gpsd-clients are the packages installed on the drone and i know some of them are already on the pineapple, maybe someone else could chime in regarding these packages ?!
-
Thats fantastic, makes the pineapple more useful than it is, i hope to try your infusion soon, thanks for the great work.
-
i updated my time on the server and client side so they match, although they are not my real time zone. Then i was able get my drone to connect with the server. Now i'm going through maltego and wigle and then i'm going to try to web interface created for snoopy.
Hmm that must be my problem in the vpn connection, i will confirm it when i get an extra brain cell working in my head lol, keep the good updates going :) and also some screenshots of maltego transforms and the web interface populating drone activity.
-
Below is where the permission denied comes on the server , you can find the error in the log file or by quickly pressing 6 after pressing 1 to restart the server .
Below where the server is running ok but what makes me think it is not is the 0.0.0.0 ip address of the server, points to a configuration problem that might make the vpn don't run ?
-
I've notice 2 things.
1 the server will not start for more than 7secs. From what I could see it through 2 errors. Could not determine the error cause it flashes then goes right away.
2nd , when making a drone their is a permission error when trying to run create_ssh.sh which I am guessing is located on a distance server. The logs reveal no information.
On the server if only run it as (sudo snoopy) it runs and does not error out , the error is a permission denied for what reason i have no clue, running it as root or regular user or as the user that was created for the purpose of the install script it fails.
On the other hand the client installs and runs and the probe requests get logged but it can not connect to the server even though both are on the same subnet and they can ping each other, the fake access point option does not work as it checks for internet connectivty but can't as it will only via the vpn tunnel which seems that is the problem at the moment.
I am trying to figure out the point of failure, hopefully you get up to speed as me and find it with me.
-
ok so now i am having trouble creating a drone pack (option 3 on server side) my device is a kali VM.
was reading through the README doesn't really go into detail on how to achieve this.
Was you able to get this done?
From going thru the code i was able to determine that there is two flavors of drones , one is the Nokia n900 drone pack and then the other is Kali and/or ubuntu LTS version, the script installs the following,
quote from the drone installer :
+-----------------------------------------------------------------------+
+ This script has been tested on +
+ - BackTrack5 +
+ - Kali (on Raspberry Pi board) +
+ - Ubuntu 32b 13.04 "Vanilla" (on laptop and Beaglebone Black) +
+ +
+ The below packages will be installed via apt: +
+ - dnsmasq, tshark, openvpn, rsync, netcat, macchanger, psmisc, +
+ iptables, aircrack-ng, gpsd, gpsd-clients +
+-----------------------------------------------------------------------+
i installed it on vm of kali amd64 and did not use an alfa yet, ill keep you posted on that, BUT you should have a running server to make a drone pack, if there is something broken you should watch option 6 of the logs and see where its broken and look for a fix or post it so we can figure it out.It creates a web link to download the drone pack so you can wget it then tar it then install it.This thing needs a lot of work to make it point and click, so far its full of thrones but very promising to be a complete work not just an appetizer to a vaporware ....... -
Thank you very much for working on this Molotov, and thanks damavox for bringing it up
I'm going to give this a try this weekend in VM.
Could you guys keep us updated on your progress (and possible problems/fixes you run into).
Your welcome, i am going by trial and error and getting things solved step by step as i guess the original author abandoned it or stopped working on it since its first release maybe because it was not presented correctly until it got on the news with a hexacopter having a payload of a rasperypi running kali armhf with the snoopy drone payload calling home which is the server side which in turn runs all the sslstriping and geolocation and powerful maltego transform , holy crap a moly if the pineapple has these in it as drone it would a very cool tool to have, just think about it LOL
-
guess i was going about it the wrong way.
Was using vi and copying the script over.
i will try it using git clone and let you know how it goes
Its not just a script , there is server files and drone files and database files, it so amazing i tell you, i found it because you mentioned it and been trying to get it to work since then.
-
Looks awesome, only problem is my inexperience doesn't allow me to install the install.sh file
i get the following error
cp: cannot stat `snoopy': No such file or directorycp: target `/home/byte1337/snoopy/' is not a directorychown: cannot access `/home/byte1337/snoopy': No such file or directory[!] Failed to extract files :(i'm sure this is a common issue i just havn't found the right answer for it.have tried running it as root, putting ~/ before the file name. doing chmod x+. 775 and 777still nothing. lolUmmm thats when do you get this fun stuff ?
i guess you login as user byte1337 and then git clone https://github.com/molotof/Snoopy
then you go in Snoopy dir then you go and sudo ./install.sh
let me know what happens after you do this, but please nuke your installation and redo it again , i do this quick in VMware
-
try installing it using my fork of Snoopy on LTS 12.04, hopefully you get any further, post back your findings.
-
Check out my Fork at Github Molotof it will install perfect, was able to run it as root on LTS 12.04 or log in as the user that gets created by the install.sh
Did not run a drone yet or connect to maltego as i got no time to play around, maybe someone else got more knowledge can play with it and let us know whats good !
Link to my fork of Snoopy
-
Telot, did you get dhcp server running on the raspberry pi?
-
Hi All ,
As other before me already mentioned here on this boards , the Pineapple is a great product and it’s doing exactly what it suppose to do (MITM via Karma).
However, after quite a bit of testing I found that for the sake of performance and stability I need to offload some of the more demanding tasks the an external machine.
I wanted to have fully automated setup and still keep it highly portable (no laptop require) and at the same time to overcome the current limitation by having a full Linux box at my disposal.
After ~month of testing I have what I believe a very stable POC .
Components:
1.MK IV
2. Rasberry Pi (Raspbian -HardFP , over clocked to 930 MHz)
3.Alfa awus0036h (for MDK3)
4.Brookstone battery pack
5.Belkin F4u040
6.Tmobile Rocket 4G
7.Pny 8G
Setup:
MK IV with PNY 8G connected to the Pi via Rj45.
PI is connected to the Belkin hub.
Belkin Hub has the Alfa , the 4G modem and is back feeding power to the PI.
Brookstone battery pack is feeding the hub via 5v 2.1A USB and the MK IV
Automation:
· I created several scripts to automate all the tasks I usally use , and then I used SSH remote exec (find it on the market) to send the command from my SGS3 by creating preset buttons
· Modified wp4.sh script running on startup in order set the IP and IP tables.
Set up the following scripts to be run as buttons from my phone as needed:
* Script to connect/disconnect the 4G Modem.
* Script to enable SSLstrip (0.9 and tcpdump on the PI)
* Script to disable SSLStrip and resore IPtable
* MDK3 script to deauthenticate everyone except mi Pineapple MAC
This works really great as the Pineapple is only doing Karma(and aircrack if needed) and the PI (over clocked) has enough horse power to do everything else (SSLStrip , Set ,Metasploit,tcpdump, etc...)
My next project to port it to the Odroid-x board which should have enough USB power to allow me to ditch the USB hub and therefore make it even more portable (and the fact the Odroid-x board has 4 time the horse power and 6 full USB ports).
Would you mind sharing the scripts for this project of yours? Also any progress in making it functional ?
-
virus.exe LOL !
-
LOL i am a HAM too since 2001, i hope you are having alot of fun on HF with this great sunspot cycle ;)
I am trying my best to teach people on how to conduct and interact with RF in a safe manner and have fun too.
At this moment i am working on a script to make tcpdump and sslstrip start up nicely when powering up the pineapple, that is when i have time to myself.
-
Any chance you have the part numbers or sku's for the RSMA extensions?
Love the project!
I got the two from the hakshop, but then you can look them up on amazon with the keyword RP-SMA male to RP-SMA female, The shorter the better, with such a sensitive signal you need the transmission line(from hornet board connector to antenna end) be as short as possible.I tested the two coil plastic antenna being sold as the 10dbi omnidirectional antenna, and it really brings all the boys to the yard ;) http://www.amazon.co...keywords=rp-sma
The above link is just an example of the antenna, look for a better quality antenna one!
-
Thank you Marlboro for the complement :) wait till i get my second MK4 in the mail and i will be making a double shot pineapple with a screwdriver ;-)And when i get my raspberry pi, i will put them in the blender and come out as the raspberry pina-hackada.
-
Specially Shannon ;-)
-
Hi, What kind of dc cable to powered USB hub ? Can you share the link where you purchase it ?
I cut the power cord and used the plug cable with a cut of a usb cable, joined the red wire from the usb to inner wire of the plug, the black wire from the usb to the outer wire of plug.Otherwise you can get a ready made cable from the hak shop.
You are given $250.00 to spend on technology.....what would you buy?
in Everything Else
Posted
Yup you would have years of fun with this $250 well spent green ones on the hackRF one and ham it up! oh don't forget to get a ham license too as the hackRF one can transmit too.