Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by unixmito

  1. Is reaver dead? No. Depending on your willingness to invest time, reaver is still very much worth using; or using WPS as a vector altogether. If the attack is dragnetting for easy targets, it would make sense that lockouts would frustrate their efforts. In which case, reaver might be suited to the task. In cases where the time investment is a worthwhile prerequisite for ingress, there are options that can be tailored to certain AP's where you avoid a majority of the lockouts. Setting a wide berth with Time outs and interspersing pin attempts will slow down the process, but it will still be a gain in time if compared to a locked-out state of a router. The best scenario for an attack is using multiple mobile and concealable devices (like the pineapple) while dedicating each one to a single AP. Although it might take you three days to crack several AP's, their pivot and deploy nature makes them agile tools. If you're receiving excessive timeouts, spend time with the tool. Adjust the values until you can proceed without being locked out a majority of the time. You can automate mac rotation with a shell script and cron, which helps against certain AP's that track time outs to MAC addresses. Each brand of device is unique and they each have unque behaviors.
  2. Good question. I have one.. did you read all the posts? The answer is only a few posts above yours. I totally sympathize with your current quandary. But I would feel it redundant and a disservice to you if you don't read through the knowledge already presented. I will give you one hint. You need to bridge the wlan0 to wlan1, and the tool for that would be to use Iptables to route out-bound traffic to your internet accessible wifi.
  3. I'm willing to pay a pretty penny. I nee dot know a starting point. Otherwise, is this like a bidding war? how about 45$ for the mk3 all by it's lonesome?
  4. Thank you, from the bottom of my empty and cold heart. :D +1 internets
  5. Unfortunately it doesn't. I used the alfa, compile a usbreset program to renitialize the hardware.. went through lsusb out put.. used a Netgear WG11v2 and a TP-Link all with compatible chipsets. None of the decide to show up in any of the config options, nor do they show up as a device under /dev. I will probably go to 2.5 if that's what it will take. I mean, they said wifi relay and I want my relay darnit! :o Thank you very much for you input! If you find anything else please don't hesitate.
  6. I can see that happening, however the problem is that upon trying to run iwconfig or ifconfig to search for the card (I've used the Alfa card sent to me with the Pineapple and several other Atheros based cards) and it simply doesn't show up. If anyone else has figured this out, it be most appreciated.
  7. There are a plethora of ready made tools. Although I would suggest that you work on your disks outside of a running instance of OS X (I'm not so sure how it treats mounted filesystems while in operation). Take a look http://superuser.com/questions/19326/how-to-wipe-free-disk-space-in-linux for several suggestions.
  8. A more interesting question would be how do we convert the rainbow table into something available for pyrit. Why Pyrit? So far, after bench-marking its performance I have found pyrit to be exceedingly adept at being one head above the rest in terms of speed. Should I manage to airolib -> cowpatty -> pyrit I'll write a howt to on the subject. If anyone has suggestions, then... pass the bread bro!
  9. In an additional note, certain websites will hash the password before sending by using javascript. I believe that at one point Yahoo used this method of protecting a cleart-text password appearing on the site. To circumvent this, I remember using ettercap to load a filter and remove references to the onsubmit="" javascript event handler.
  10. I recently purchased on recently (only a week ago), and I ran into the same consideration. What I concluded was that at the very least go for the PRO bundle. Besides what the standard package provides, you will receive a 7dBi antenna; a special USB to 12V power cord, And an additional wifi card which will diversify what you can accomplish with the Mark IV on its own (such as simultaneous deauth attacks). BUT.. had I had the cash, I would have sprung for the full package, especially for the battery pack that allows you to wardrive unfettered from power constraints (for a time). So, go for broke, by the best package, incidentally the priciest but well worth the investment. As for international shipping, I wouldn't have the slightest clue. I hope my personal take on what I received will help you make a purchase.
  11. I hate to dredge up such an old post, but it has to be said that I haven't seen a bit of code to suggest how to properly create a wifi to wifi relay with the pineapple. Yes, I did use the search function, and no after reading about 11 posts nothing definitive. Sure, I can hack together and iptables script, I'd rather not fudge the configuration and have to reset the whole thing should I end up not being able to SSH into the pineapple. Thanks.
  12. Received with my Mark IV just a day ago. Nice & glossy. Great Job! I like the full page photo pages.
  13. OpenVa is great place to start with. My advice is, go with a preexisting library that actually does most of the grunt work. Facial recognition is an exceedingly specialized field. Having already tried to roll my own, you're going to wish that you taken applied mathmatics in college (and if you did, kudos). Otherwise sounds like a great project. Does Hadoop include facerecognition?
  14. I presume that the community left this topic alone for obvious reasons. The pineapple is mean to act as a device of convenience. It incorporates functions, script, programs that work with laptop already. The point being, all the tools found in Jasager origiinlly began as tools that a laptop could execute. Let me ask you this, would you want to haul a laptop around; opening and closing the lid when ever you had to set up an attack, or would you rather contain all the same device in a much smaller form, with efficient power and such... (etc. etc., ad naseum to the credit of its creators). And have you tried a simple and cursory search of google, one would find that Karma (or karmetasploit) exists as a project independent to the Wifi Pineapple.
  15. I just realized there's a question forum, sorry moderator, please move my post in that direction.
  16. First let me introduce myself, I am known by unixmito (fork() anyone?). I have both an intellectual and professional interest in programming, networking, auditing, etc. Recently, I purchased the Mark IV, and am waiting to receive it today. In lieu of the 4-6 hours I will have to wait for it to arrive I'm doing a variety of research ahead of time. First question: Second Question: Third question: I appreciate those that have gone through and read this entire post. I only resort to such a long winded approach since using the search function doesn't produce any results for: "solar panels," "solar," "entropy," "fuzzing," or "TOR." Bibliography http://www.math.uni-...ropy/algor.html (Descriptiona Entropy in Logicl) https://blog.torproj...ne-cell-enough/ (One node enough to break TOR) http://docencia.izt..../miscelanea.pdf (Quantified Harmonic Wave Theory)
  • Create New...