stealthkit

Make sure not to share you internet to "br-lan" that is a bridge or virtual interface. You will have to share your internet to physical interface "eth0-1" or "wlan0-1" to get the module to work. Also make sure that you turn off sslstrip or anything else that that is cpu intensive. Hopefully this helps :) -Stealthkit

By no means did I mean all open source software is crap. I understand where "Drei" is coming from, as I also work in education. I have to support 35,000 users and not to mention the 3:1 wireless model that I am in the process of implementing. I to have to work with a budget that seems to always be getting smaller. I know that Open-Source is "free" but in reality it is not free. The time you will have to work troubleshooting the issue and that time costs money. *Salary* Not to mention if for some reason you leave the company, no one will know how to work it. At least with Cisco I have one neck to choke. BTW I have a good amount to Open-Source tools I use on a regular basis (Cacti, Netdisco, and etc) but the situation I heard, you would be better off going with an enterprise solution depending on company size. *If you have the funds* It is like me trying to deploy Asteric VOIP for my users. The management would be a nightmare and not to mention I would need a crap ton of servers to host it off of. Sorry I don't mean to come off like I hate Open Source *I don't* If Open Source does everything you need, then by all means use it but you will never no if that software will go cold or not. You have to figure out how much risk you want to take on going the Open Source route. -Stealthkit

Gotcha ;) Ya Fool.py worked very quickly... Impressed -Stealthkit

BTW WM are the python scripts UpsideDown.py and Fool.py doing basically the same thing? Not complaining just curious as last night was the first time I was able to see the Fool.py script work. Glad to see it working. :) -Stealthkit

You are right... I am not sure why I did not think of it. I will make a note that my brain shuts off after 4am. On a side note I did come up with an idea for a module at 4am. It is basically a spanning-tree exploit/DOS for people who did not set up spanning-tree correctly across their network. I have seen about 2 out 3 networks or so, have spanning-tree emplemented incorrectly. Just enabling spanning-tree on the switchports which it seems a fair amount of people are guilty of doing, will not pertect them against a spanning-tree loop. It would basically let a broadcast storm occur and if they don't know how to troubleshoot it, then their network will be down for a long time till they can find the loop. I need to figure out how to get both the LAN/WAN ethernet interfaces to be just a dumb switch with no layer 3. Basically those 2 ports would have to act like a mini switch. I might persue this if I get some down time at the office to set up a test enviroment, so I don't crash my compaines core 6509-E VSS stack testing. Sorry for being off topic a little bit. -Stealthkit

If you want live traffic monitoring and a true mitm attack, then you need to look at doing ARP Poisoning. You can do this in Windows and or Linux as all you are doing is creating an anouncement to the router that you are basically now the router. This is done by poisioning the ARP cache to think you are the default gateway and so everything is routed to you which you NAT back to the router. Since you keep asking about live captures I would recommend "easy-creds" in Backtrack 5 r3. Everything is contained in one package just follow each part 1 and so on. It is scripted so you don't have to do it manually. Also remember it is illegal to take creds from someone who hasen't agreeed to a pen test. Hope this helps ;) -Stealthkit

Haroo, This is what I told you about in your other post. Like Zephyr said after enabling ICS then go back into your NIC interface and reset the static IP address. -Stealthkit

Did you set ICS on the Pineapple? The easiest way would be to use WM's "Network Manager" and click on the ICS tab in the module. Enable at boot and share "Eth0" to "br-lan. If you are going to be using the "MITM" module then "eth0" to "wlan0 or however you want it to be set up. One other thing is check you IP settings again in command prompt. Issue "ipconfig" and just double check. The last guy I fixed needed to turn on Internet Sharing again. Not sure why it turned off but it might be worth a look to see if it is an easy fix. Is your laptop connected to a wireless network because if it lost its connection you will need to reconnect it. Let me know if you can ping these from your laptop. ping www.google.com ping 172.16.42.42 ping 172.16.42.1 The ping to Google should tell me if you have a good wireless connection but if you could ping your ISPs default gateway ( More that likely 192.168.1.1 or 192.168.0.1 ) it would help get an understanding of your network connectivity. Hope this makes sense -Stealthkit

Did you set up your internet sharing on the pineapple?

I am in the market for a 5 gig per second packet shaper for the company I work for. Yes, I know that is a insane amount of bandwidth but I have 32,000 + people that I have to support. Being able to toggle the end users up and down and be able to monitor the ASR is where these things kick major ass. I have talked to BlueShield and they have a nice solution but I would like to find other people that have used a packet shaper in the enterprise setting. Any input would be greatly appreciated. :) Regards, -Stealthkit

Watch out for Cain and Able, as its main purpose is to crack hash keys. I have never tried cracking any hashes with it, I only used the ARP poisoning portion of the software.

Just like "Seb" said, try and go to http://172.16.42.1:1471 to access the UI. You will want to be connected to the LAN/POE port on the Pineapple or you need to be connected to the pineapple via wifi to access the web ui. (You need an address 172.16.42.X /24) If that doesn't work then you should re-flash the pineapple and I would suggest plugging the Pineapple into your home's router via ethernet on the WAN ethernet port on the Pineapple. -Stealthkit

Sorry about that... Fixed the hyperlink in my original post ;) -Stealthkit

Just reflash it again and it will be a lot easier. Just SCP the update.bin file over into the /tmp folder on the Pineapple. Issue "sysupgrade -n -v /tmp/upgrade.bin" through your ssh and go grab a beer. Reference the hyperlink below for exact steps. :) http://cloud.wifipineapple.com/index.php?flashing -Stealthkit

You need a powered USB hub and I would suggest downloading WM's Network Manager first via ethernet. Plug in the Alfa USB adapter into the powered USB hub. Go into the "Network Manager" module web interface click on most likly "wlan1" and click start if not already started. Then you should see it populated below again most likly as "wlan1". Select Access Point as the mode and plug in your SSID of your home network. Select WAN as the interface and you can leave channel on Auto unless you know the channel of your home wifi. Select "OPEN" "WEP", "WPA", or "WPA2" depending on your home wifi set up. Then set your encryption to either "TKIP", "AES", or "Both". Now put in your WEP or WPA key and click on save. Now click the "commit" and this will apply the config and attempt to connect. Watch the light on the Alfa when it looks like it has a link then click on "Request DHCP" and if successful you should see an IP address populate next to it. Finally click on the ICS tab and click apply at boot then select "wlan1" (whatever you wifi adapter mounted as) as the source. Put your destination as "br-lan" if not running any modules and just need to pass on internet. If you are going to be doing "mitm" attacks then put your destination as "wlan0" as this is the built in wifi. Now you should be good to go... hope this helps :) -Stealthkit