Zephyr

Hey Peter, it does have an Atheros chipset, AR9271. Hey Tyler, I tried every txpower setting from 10 to 30 in one dB increments. You brickwall it at 20. The NHA is supposed to have an output of at least 30dBm. Some have allegedly reported coaxing 32-33dBm out of it. It is advertised as a 2000mW adapter ... albeit perhaps falsely. I'm only interested in getting it to 27dBm. Seeing that the AWUS036H is a solid 30dBm adapter, I would assume at least that much from the NHA. Not sure but here I'm assuming it to mean my screen shots of Backtrack.

In fact don't use it at all. Unfortunately the power level cannot be set to anything above 20dBm. I've tried configuring the NHA under OpenWRT and Backtrack 5. Same result in both cases, you can't bring the power above 20. I've tried different driver installs. Same issue. Stick with the Alfa AWUS036H. It still works.

In a RF anechoic chamber.

Do you ever get the same error with any other equipment you plug into the same USB port? On the surface it looks like your Alfa, for whatever reason, might be drawing too much power. If you do not get the same error with any other divices (e.g. external hard drives, etc) then it could be the Alfa itself. To help isolate the problem, do you have a powered USB hub you can try this with? Plug the powered hub in to your box, then plug your Alfa in to the hub. See if you still get the error.

Hey Infiltrator, when you run your AWUS036H in BT5r3 do you get a constant, rapid flickering of the LED? I'm running BT5r3 from a Live USB install. When I bring up my adapter (ifconfig wlan1 up) I get the initial single flash, but then some seconds after that, is starts to flicker rapidly. Not a slow irregular flicker like you would see on a modem, rather it's almost solid green. Also the adapter seems to have a mind of its own. Even though I set the regulator domain (iw reg set BO) to Bolivia, and the txpower to 30, it seems to jump regions (hence power levels) almost at will depending on what I'm doing. It also has a tendency to get stuck on channel 11. I've always heard that the AWUS036H is supposed to work great out-of-the-box with BT5r3. What do you think. Is it a driver problem? Any ideas? Btw, the adapter works fine in both WinXP and Win7 with the correct drivers installed.

Not sure but I believe it may have been meant to be run as a startup script or via the WPS button.

Currently I'm using a 3S 4000mAH LiPO to power both my Pinapple and Anker Uspeed Hub (I made sure to get a hub which is supplied by12 volts). My Hub Power Feeder Cable

I have to agree with you on the Anker. I'm using the Anker Uspeed 4-port (3.0/2.0) and it works great. No power feedback either. Regarding Belkin, maybe someone else's experience is different but a lot of Belkin equipment has always seemed a little bit dicey to me and I stopped using it some years ago. Glad to hear your Anker is working well for you.

Thanks for sharing.

Not if you're using you Macbook Pro and wearing your rectangular, thick-framed spectacles while donning a latest cause t-shirt ;)

Hey kurt, I'm a little over my head at this point as to all what's involved but I'll get there quickly. I have to say though your idea is brilliant :)

Hey Seb that's good to hear. Since being able to (and having the power to) deauth is half the battle imho.

Hey Infiltrator, I did try all that. In my post above I noted the commands I issued to the card before trying to change its txpower, such as changing the regulatory domain (iw reg) to someplace lke Bolivia (set BO). And the card was brought down and non-functioning before making these changes were issued. Regardless of the commands issued, the card is either at 0dBm or 20dBm, no high or lower. As Petertfm said in another post, apparently the card cannot be set to any higher than 20dBm when interfaced through the Pineapple. (with the awus036h you can). What I don't understand is why I cannot even set it to a lower power, say, 15 or 10dBm either Just so you know, I'm issuing these commands in the Pineapple UI, not BT or Linux.

I was thinking a bit of something like this a little earlier ... like just having a phish facebook page pop up as soon as they connect via Karma .... but you have definitely refined the idea to perfection. Yes, a Captive Portal page! will give lots of cred to to feel safe and go ahead and log in. I like it I like it! Muhahahaaaaa evil hackers think alike ;)

I knew there was a reason I always stuck with the awus036h. Frankly speaking 20dBm/100mW ain't crap.

Ok no matter what I do or what command I execute, I cannot get the AWUS036NHA to goto 30dBm. On the other hand I can set my AWUS036H to 30dBm. In the advanced section, I bring the card down. Commands issued: ifconfig wlan1 down iw reg set BO iwconfig wlan1 txpower 30 ifconfig wlan1 up All of these commands take without a hitch and without error. I then run iwconfig to check the power. The most the 'NHA' will go to is 20dBm, yet I can set the 'H' Alfa to 30dBm. In fact I cannot even bring the power down on the NHA, say to like 10dBm. I've search and read about every post on the topic. What gives?

Hey kurtm, please excuse my temporary ignorance on the matter, but are you suggesting the idea of using a facebook or twitter page as a captive portal page to logon to our fake hotspot? In other words, "Unlimited WiFi Provided Here! Just Login Using Your Facebook Account For Unrestricted Access!" Something like that?

There are many tutorials floating about. http://forums.hak5.org/index.php?/topic/28278-rq-hotmailcom-outlookcom-phishing-pages-or-guide-to-how-to-make/ The basic process is the same for all phishing pages. I'm still working with it and learning myself. The #1 rule, before you real-world use a phishing page you create, test it and test it again, on multiple machines and devices. Compare it with the real thing until you know it's perfect. Above all your phish page must look real.

You can research it for yourself if you want, but I've heard of people having good performance with the Anker and D-Link DUB hubs with no feedback issues. Anker D-Link DUB Still, using the usb extension with the cut power wire would be the safest and most certain option.

Like Mr. Protocol said, note how many processes you have running. Are you running a usb hub with things connected to it? I would suggest you unplug everything from usb (if you have anything plugged in), then reboot the Pineapple and shut down all processes on the status page, including wireless and cron jobs. Let it sit there for an hour doing absolutely nothing and see if it still reboots on its own. If not, then it may likely be a process on the Pineapple causing the problem and you can troubleshoot from there. If it does reboot, it is most likely a hardware/firmware problem. At that juncture I would reflash the Pineapple just to be sure and run the same test again. The fact that you say it reboots on the hour to the second leads me to believe it is a process causing the trouble as apposed to some intermittent hardware glitch.

Yeah I'm having the same issue and I'm running 2.7.7. You probably won't have wireless either since the Alfa is stealing wlan0. I'm trying to figure out a work around. EDIT: Be sure you are running at least firmware v2.7.6 or greater. Try installing your Alfa after you boot your Pineapple... and during a test mode, connect only the Alfa to the usb. No hubs no flash drives. Then do an iwconfig to see what's what, and confirm that the Alfa has indeed been registered as wlan1 while your Pineapple remains wlan0. If all's well then plug in your hub along with your Alfa, flash drive etc and check with iwconfig again. Depending on what I'm doing with the Pineapple at the time (e.g. jammer), I keep getting different assignments for my Alfa ... wlan4, wlan6 etc. That seems to be ok as long as I know what it is.

Hey Mr Protocol, In the whitelist tab it reads: Note: APs on the whitelist are not DeAuth'ed. And there is a default [grep] expression in the blacklist box of: # Every AP [a-zA-Z0-9]* along with an admonishment below of: Note: APs on the blacklist are DeAuth'ed. But in the rare event that things might have been reversed, and on your suggestion, I tried reversing things and put all my macs in the blacklist. Same result. Everything gets deauthed, the pineapple's WLAN light flashes, and I have to do a pineapple reboot. By the way, all of this is towards the goal of being able to sit down near a target area and deauth APs and clients without deauthing myself, naturally ;) EDIT: Addition information. I noticed that in the WiFi Jammer drop down list, it is only giving me the option to use interface wlan0, the pineapple itself. - wlan1, which if I'm not mistaken should be the Alfa card, does not show up in the drop down list. For the sake of elimination I disconnectd the Alfa altogether a re-ran the experiment. Same result. In other words, Wifi jammer has been using the pineapple's radio as apposed to using the Alfa to send the deauths. Correct me if I'm wrong but I'm pretty sure the opposite should be true. It should show wlan1 (Alfa) and wlan1 (Alfa) should be doing the deauthing.

Ok, with wifi jammer, and all my mac's in the whitelist, it seems I'm still deauthing myself. Here's my setup: The pineapple is connected to my laptop as normal via PoE ethernet and is being powered by the brick. It's working fine as an AP. I have my Alfa card connected as usual and functioning, and it is connected to some open, internet-enabled AP somewhere. (My Alfa card is not connected through the pineapple, but rather directly to my laptob via usb cable). My pineapple firmware is 2.7.7 and wifi jammer is v2.9. Ok so I have entered all my macs into the whitelist, yet when I run the jammer, both of my devices (an Android and a second laptop) connected to my pineapple AP are still getting deauthed. More weird, whenever I run the jammer, right after everything gets deauthed, the WLAN light on the pineapple starts to continuously flash in a steady fashion, almost seeming to denote an "error." At this point the pineapple is not operating as an AP. There is no signal, as seen by either my second laptop or the Android. The only way to get everything working again is to reboot the pineapple. Then everything's fine. Both my Android and second laptop connect to the pineapple again and they're both happy. I'm still experimenting but not discovering much of a fix at this juncture. If anyone might have a suggestion please feel free to jump in.

Beautiful ... works perfectly. Great work, Tyler.

Sebkinne: The problem was the former, as you said. While created the dual swap/storage partion usb in Ubuntu, I had to take ownership of the storage partion in order to move the phishing files onto it, when I clearly should have released ownership and transfered the files later in WinSCP. Tyler: I too usually do not use beta releases until they have been proven, but Sebkinne seemed to be pretty sure of it so I took a leap of faith, knowing I could revert later if necessary. As far as I can tell, there is in fact a problem with redirect.php on 2.7.7; Assuming your DNS spoof config is set to only 172.16.42.1 *, all traffic of course gets redireced through redirect.php for parsing. Under this configuration, for all the spoof pages it works fine and they all load. However if you try to visit a legit page, redirect.php will not pass it through, but rather the browser gets stuck on a blank redirect.php page. The work around for this was to put all URLs for the spoof pages in the DNS spoof config and update, such as the ones included in your txt file. This seems to be a better approach to me as, like you said, it doesn't make much sense to have redirect.php needlessly handling a lot of traffic that it doesn't need to. Speaking of spoof pages, I added a '172.16.42.1 m.facebook.com' to the DNS spoof config, which of course leads to the full-version facebook spoof page, which could be a bit glaring even to most brain-dead users out there, which leads me to a question. Many if not most connections today are mobile devices (i.e. smart phones) connecting to mobile versions of websites. In your next release, do you think you could add the mobile versions of popular websites as well? That would cover the gamut very well.