thesugarat

Hmmm... lostngone's antenna array just made my Christmas list... I've said it in other threads but I'll mention them again. I have a Hawking HSB2 amplifier and a Backfire Antenna from radiolabs.com and it's a dynamite combo for other than mobile situations. I've got the backfire mounted to a camera tripod and with extended cords (and a new SMA Male to RP-SMA female adapter for the Mk 5) I can either bring in signals from two blocks away or broadcast that distance. Edit: Link for ki2k. http://www.radiolabs.com/products/antennas/2.4gig/backfire.php

barry, I would think the difference between what Google was doing and what Pineapple users do is obvious. I don't go around hoovering up all the floating bits of data out there like Google was doing, and I'm not convinced they should have been fined for other peoples stupidity seeing as how that is what this community kinda thrives on... I think a key point to the argument is that if I setup my pineapple as an Access Point and I put up a splash page about it being inherently insecure, and you agree to those terms, you have no expectation to privacy on someone else's network. I'm not holding a gun to there heads... Now, having said that, the use of Karma to draw them in takes advantage of a well known security flaw. Even that, to me, takes advantage of ignorant consumers and exposes a flaw in the security standards of the wireless router manufacturing realm. Just my opinions here... Not trying to have an armchair quarterback's philosophical debate. I'm not a lawyer but in order to use the pineapple i've had to think through my reasons and expectations on the various legal aspects. There's too much at stake personally to get caught up in any kind of legal trouble involving a pineapple. But I don't mind pushing the boundaries on what is legal and socially acceptable in order to make a point. I just have to be able to live with any consequences. I wonder if the Hak5 folks would ever have a special episode where the EFF is invited to talk to the legal aspects of pineapple use in the wild. korang, Have you ever thought of deploying the pineapples in Locked pelican cases? Two locks would be best to maintain a two person integrity system. Maybe only collect them after a preset time where the batteries have run out... That way any access to the data is only possible physically and the locks would prove data integrity.

remco, I'm sorry for being vague in my reply. I didn't mean to suggest you try either of those things to fix this... I was implying that you might have done either one of them and this is the result. You can post the contents of your /etc/config/wireless file and we can see if that's actually the cause.

There are several other posts on this... The following command will help but you could just swap them manually via ssh in the /etc/config/wireless file. rm /etc/config/wireless && wifi detect > /etc/config/wireless && reboot

xrad, Sebkinne fixes bugs! I just help with workarounds if I can find them because this stuff happens to me too. I mainly try to stay out of his way and not step on toes. :)

The encryption is not a bad idea but the situation is a bit of a stretch. And I'd love to know where that interpretation of legality comes from barry. I know that if you are on the "Starbucks" network you can run wireshark and collect information; which is why the Terms Of Service usually has a clause about it being inherently insecure... and while running wireshark may be a violation of the TOS that you may have agreed to when connecting, I didn't believe that it was illegal. It's what you do with whatever you collect. As soon as you use a username/password that you collected that's when it became illegal. Same thing with using a Pineapple at the front end of someone elses free network. Or am I completely off here. Of course if you are truely pen testing a place your comments are absolutely correct. I'm just talking about the other situation.

arclights, Your wireless file looks ok except it has no info on another access point for the pineapple to connect to on radio1. Which could lead to wlan1 connecting to what it knows. Which leads to the next issue. You are still broadcasting the default wlan0 AP name. Go into the Karma tile and change that to something other than the default. It shouldn't auto connect after that unless you tell it to. And when you say you used the wifimanager infusion are you making the changes then hitting save then commit? If you are doing all that make sure to look at the wireless file after to ensure it sticks.

I'm lost as to the purpose of this and why it goes past .254.....

Things are different with the 5. Wlan0 and eth0 are bridged to lan. While Internet is usually brought in via wlan1 with client mode which is tied to wan. I'm not saying the old method is impossible but it's going to take some tweaking of the settings. The VM is a workable option, but I don't understand the need to use the eth0 for ICS when Client Mode works, unless there is a specific need for that configuration.

Yeah... Those are all mixed up. Radio1 should be radio0.

The encryption type changed. I'm just going to guess that you haven't done the update from the pineapple bar that fixes that issue for Client mode... You can manually change it. Or use the wifi manager to change it. Then save and commit and then just reboot. Once it's working do the updates.

jjd, What version Alfa are you using for wlan2? Techasist seems to have problems with using another 8187.

You have them both set to "lan". Set radio1 to "wan".

EightBall, Please post the contents of your /etc/config/wireless file. And if you are using the ICS tab in wifi manager without having a good grasp on the normal bridged functions of the pineapple you could be introducing problems. Since the release of the fixes to the encryption problem on wlan1 you should have no issues using the Client mode tab under the Network Tile.

I'm not with Hak5 but I read the forums so I know there are others having similar problems. Is it broadcasting an access point? Have you tried removing the sd card and using the dip switches for recovery mode? I'm just asking. I don't have an answer for you.

I've seen my sd installed infusions not load also. I usually pop the sad card out while it's running and pop it back in then reboot.

Techasist, I have not actually tested it. My recommendation was a correction to the normal functions of the pineapple with the addition of a wlan2 used to deauth. I can try to test it if that would help.

Remco, What you describe sounds like a result of the wireless swap bug. Have you done a factory reset or recovered via the dip switches?

Simple. Don't use it with the Mk 5. And I mean OSX ICS not a Mac. I use Mavericks on my Air with the pineapple all the time. I just use wlan1 on the pineapple to connect to an AP for Internet. Then just connect my laptop to the pineapples AP. Nothing else needed at that point. Your pineapple will be able to update and you'll also be able to browse websites etc. If your intended use of the Mk 5 differs from this and absolutely needs to use the eth0 connection your going to have to make several tweaks.

You can connect from the client side as well. You just need to look first at your pineapple and see what IP address the client assigned to it. For example. If your pineapple client mode wlan1 connects to an AP and gets 192.168.0.11 and the you connect to the same AP with your laptop you just point your browser at 192.168.0.11:1471. And technically your Alfas have male rp-sma connectors. I believe the male vs female description relates to the outer connector with the spinning hood ring (male) connecting to the simply threaded (female) part. At least that's what I see. And the male/female is not related to the pin in the center and whether or not it is the pin or receives the pin. Make sense?

Yes it's a pain walking around with a laptop but everything in BT or Kali is free. Kismet is pretty great and hard to beat at free.

A recommendation for #4. wlan0 for your "cows" wlan1 for connection to an AP wlan2 (alpha) for deauthing

I've looked into that one. It's just really expensive... :)

Are you talking about replacing the current log destination directory with a symlink to a similarly named log directory on the sd card. So that when sslstrip believe it's writing to the original log location it's actually writing to the sd card... I'm guessing you installed sslstrip to internal not to the SD card? That might work. Or a maybe a cron job?

masler77, If you are using wlan1 on your Mk5 (Client Mode tab in Configuration Tile) to connect to your mobile router then your laptop should connect to the Pineapple via wlan0 (the broadcasted AP of the Pineapple). Under this configuarion you do not need to enable any kind of ICS. It should just work. You should with your laptop get an ip address of 172.16.42.X and be able to access the Pineapples Management page where the Pineapple Bar should allow you to install infusions. As long as you can do that you should be able to open another tab in your browser and go to whatever website you want. If you are not running in this configuration you need to be more clear how you are setup when you have a problem.