Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Recent Profile Visitors

1,554 profile views

AshiOni's Achievements


Newbie (1/14)

  1. We have dozens of wordlist files we have created based on human nature. Example phone numbers in the United States are ten digits so we mutate the area code of the target +7 digits. You wont believe how often we find phone numbers used as passwords during pentests. Straight 8 digits, then 9, etc. Name mutation lists username/app/portal/etc+mutation works pretty often. Of course having a box to rip through those in a timely fashion helps. We only have one GPGPU, which rocks, however there are obviously better cracking rigs out there. There are services that will crush the hashes you collect as well. Those tend to come at a premium price tho.
  2. I wouldn't use the pineapple for cracking. I'd only want it to capture the handshake so we can crack it using john on a more robust piece of hardware while the rest of the pentest is taking place.
  3. Excellent tip, thank you. Found the issue. Just needed to use wlan1 instead of wlan0. I'm assuming because its set to client mode by default? I've run in to a lot of issues in the last couple of years with monX not having the same mac address as wlanX, so I've gotten in to a habbit of macchanger --mac=XX... Reaver for example has always had troubles with wlanX having a different mac address than monX.
  4. I gave it a quick go but was unable to monitor / capture traffic airmon-ng start wlan0 python wifite -i mon0 -aircrack -crack -dict none Edit I'm guessing it needs to be on wlan1?
  5. Just curious if anyone has gotten wifite installed and or working on their Mark V? I could see that being an awesome addition to the Mark V tool set.
  6. I didn't update the firmware, maybe I will give that a shot, currently running 1.0.4 I did format the SD card and everything started working again. Not sure if there was some sort of corruption or what happening there but I'm able to use it with expected results again. Thanks for the reply. I consider this issue resolved for now. -Ashi
  7. Howdy Been playing with my pineapple mark 5 for some time now. Everything was working well but all of a sudden I started having issues where karma just seemed to stop working (randomly), normally rebooting the device would solve the issue. When it was working I noticed that I had two radio nics, wlan0 and wlan1. When it stopped working I noticed there would be four radio nics, wlan0, wlan1, wlan2 and wlan3. Rebooting would solve the issue. Meaning when I rebooted it would go back to only having wlan0 and wlan1. Randomly wlan2 and wlan3 would magically reappear. After a couple of weeks of just assuming this was standard behavior the rebooting to fix the issue stopped working as well. At which point I just started to run the "Factory Reset Pineapple" link within the GUI. This worked for about a day at which point that has now stopped working as well and has developed new behaviors. When "Factory Reset Pineapple" was working to fix the radio problem I outlined above the device would say hey, I noticed you have orphan packages on this SSD, would you like to add those back in? It no longer does that as well as wlan1 no longer seems to be present when I do the factory reset. I have br0, eth0 and wlan0 interfaces only. I'm not really sure what is supposed to be there or if some how the process I was following changed some how without me noticeing. My next step is to format the SSD and re-install the firmware. My question is: has anyone seen this behavior and figured out why it's happening. I have looked over the forums a bit and see that a lot of people that seem to have the same sorts of issues, but nothing I have read so far has worked. Thanks for your time. EDIT editing the /etc/config/wireless file to include the radio wlan1 seems to bring that back and makes it functional again. Still need to understand why the wlan3 and wlan4 radios randomly appear and what is happening with the SSD. Also, I'm now seeing yet another new behavior, the karma SSID name no longer remains persistent and the timezone resets if rebooted.
  8. I had the same problem; I received my MKIV int he mail, opened it and proceeded to assemble. Little did I know that the nut on the inside was not tight. I assumed I should turn the antenna until it was semi-tight. The only problem with that line of thought was it didn't stop turning, it started to get tight at one point then just snapped the cable off inside. When I realized what I had likely just done to the unit I got out the screw driver set to open this bad boy only to quickly learn that the transparent piece of plastic on the front is a bit thin =P and snapped it in half. In the end I ordered another cable, figured the appearance wasn't as important as function and wrote the face plate up as a learning experience. The unit is now working as expected.
  9. Not sure if I should be confused or concerned when I see "./install v1.0.9.sh: /bin/bash^M: bad interpreter:"
  10. lol - sorry it didn't dawn on me to supply that information (really tired today) Here we go airmon-ng start wlan0 (tried with various adapters) crated ssidnames.txt cat << EOF > ssidnames.txt blah1 uber blah2 etc EOF mdk3 mon0 b -f ssidnames.txt I see the expected output in the terminal and can verify they are showing up on the client after a minute or two the broadcasts just stop - I cannot seem to get it restarted without rebooting the entire laptop or tower (I've tried various pieces of hardware)
  11. In a nutshell - I start MDK and everything appears to be working as I expect to it. After a minute or two the client devices stop seeing the broadcasting device Its almost like the wifi adapter has been put in power saving mode but is not when I look. I can repeat this issue 100% of the time. Tried on various hosts with various wifi adapters. Same results each time. Thoughts?
  12. Well the control of the hosted VMs on the ESXi box would still be centralized. It just wouldn't be an active part of any other network deployments you might have on the back end. You can also look in to Citrix XenClient Enterprise - it's low cost and pretty powerful and I'm sure if you called them you could get even better pricing than they show on their website, hell maybe even free if you talk with the right people...
  13. In the example given you're probably better off finding a way to boot a clone drive of whatever flavor you want and then try the attack away from the target area. But really if you have the ability to boot a thumbdrive or disk in the first place you're probably better off just grabbing the SAM file and not the entire disk. Grabbing the entire disk is only handy if you believe there are parts of that disk you need to have access to that you wouldn't otherwise be able to read when mounted to a linux box. As for the duck, maybe just have it try the most common passwords? or possibly just have it wait extremely long periods of time before trying to collect the SAM file (assumes windows) then rinse repeat. This assumes you're willing to play the high ricks odds of getting caught... (not the best solution)
  14. Not really there are lots of products out there (Xen Client) comes to mind that allow you to run the OS on top of a hypervisor which allows you to deploy desktops from a central management system in a non-persistent state. Virtualcomputer.com also comes to mind.
  15. If it were me, I suppose I would have registered an enterprise firewall as my computer to start off with, thus allowing you to NAT your local dorm room network to their network. Try something like Sophos UTM, m0n0wall, etc. and see if that works out for you.
  • Create New...