WallE

Alrigh so I am trying to tango mode since a while but it's just not working. I am connecting both Pineapple through PoE. Connecting one to the WAN than to my computer. Go to putty at 172.16.42.1 and enable Darren command but this is not working. And they are not sharing network. Any idea?

Oh well, I put them back again together, and now it's working. Don't ask me why Uploaded with ImageShack.us Working perfectly. I untie them, tie them back. Then it's worked. No idea why (For both of them) I was wondering. If the DC is not plugged, is there any energy going out? Oh and by the way, how long do you think this super battery can last if plugged 24/24?

Uploaded with ImageShack.us That's the other without the on/off Same thing, the battery pack is burning and the power do not go to the pineapple. I even tried to switch the cable in case the color were wrong. But in that case the battery pack is not heating but the power do not go to the wifi pineapple either. So maybe it's an hardware problem? I don't know what to think. Seem to be an easy task but well, not working here. Tomorrow I will try to buy a new battery pack and a new dc cable PS: The battery pack cable metal is silver and the dc one is bronze. If that can change anything

Alright so I tried to do the same as you but I have a big problem. I decided to forget about the 9 volt snap and I think that caused problem because after less than 30 seconds the battery pack is literally melting. Here's some pic: Uploaded with ImageShack.us Uploaded with ImageShack.us Uploaded with ImageShack.us

I connected my wlan0 to client mode to the home wifi. Then I go into putty and typed: arpspoof -i wlan0 192.168.1.45 (Testcomp) 192.168.1.1 (gatway) Then I runned URLsnarf on wlan0 But nothing appear on urlsnarf when I surf internet with the 192.168.1.45 computer And wlan0 is really connected to the wifi when I type iwconfig it show the connection to the home wifi

Here's the scenario: I want to connect the wifi pineapple to my home wifi and run an MitM attack I used network manager to connect wlan0 to the AP with this setting wlan0 mode: Client (So the wifi pineapple is not creating any AP) WAN mode Then I do a dhcp request. I am able to connect to the AP successfully. But when I run sslstrip or any infusions it is just not working on the home wifi. What am I doing wrong? Thanks

Alright I have access to the router. What I do then?

Wait, seriously? I just ordered an anker ............

Are you sure about gmail and twitter? I am 100% sure they are HSTS protected and SSLstrip shouldn't work on those.

Well I tried to deauth a specific user and it's working like a charm. But this is not exactly what I want to do. So 2 questions here: 1. Is it possible to deauth every client connected to the AP or we can only jam one client at a time? 2. Is there a way to SHUTDOWN the AP, I want to find a way to not be able to see the AP anymore. Some kind of DDoS. How can I perform that?

Can you give me more detail on how to proceed because I am not sure on how to do that. Thanks you very much

A lot of verbose How did you installed dsniff?

SSLstrip work for https not for http credential

Can you tell us a list of website which is working and not working?

But the -c is to Deauth a specific user of the AP no? If you don't put the -c command and just the -a command isn't supose to deauth all the AP user? Like that command? root@Pineapple:~# aireplay-ng -0 0 -a 00:14:6C:7E:40:80 wlan1 And I am not sure what is a -c broadcast -c can be a command to deauth a particular user (client) or equal a broadcast ff:ff:ff:ff:ff:ff but what is a broadcast ff:ff:ff:ff:ff:ff

So is it possible to have the pineapple AP invisible?

Same here

Well actually I wanted to use TCPdump to sniff http credential but I never used tcpdump so I find that command all over the web: tcpdump port http or port ftp or port smtp or port imap or port pop3 -l -A | egrep -i 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user ' --color=auto --line-buffered -B20 But it's not working on the pineapple so I was wondering what command are you using to run TCPdump and catch credential? Thanks

Maybe you have some power issue, how are you plugging your pineapple?

You can see a list of HSTS protected website here: http://src.chromium.org/viewvc/chrome/trunk/src/net/http/transport_security_state_static.json?view=log

It is not working on HSTS protected website

Alright so I was trying to use aireplay to DEauth an AP unfortunately something is wrong. I am using my wifi pineapple with an alfa awus036h connected to it. The wifi pineapple is plugged into the wall so there is no power issue. Here's what I did root@Pineapple:~# airmon-ng start wlan1 root@Pineapple:~# airodump-ng -c 1 wlan1 root@Pineapple:~# aireplay-ng -0 0 -a 00:14:6C:7E:40:80 wlan1 19:49:24 Waiting for beacon frame (BSSID: 00:14:6C:7E:40:80) on channel 1 NB: this attack is more effective when targeting a connected wireless client (-c <client's mac>). 19:49:24 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80] 19:49:25 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80] 19:49:25 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80] 19:49:26 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80] 19:49:26 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80] And that goes on and on forever so I tough the job was done but when I connect to the AP I can still go on internet and surf at a normal speed... Any tough? PS: It's the first time I am DEauthing. So I was also wondering if it's possible to totally shutdown an AP (Invisible when you scan for AP)? or it will just disconnect people from it? EDIT: I also tried root@Pineapple:~# aireplay-ng -0 0 -a 00:14:6C:7E:40:80 -c 00:14:6C:7E:40:80 wlan1 19:56:10 Waiting for beacon frame (BSSID: 00:14:6C:7E:40:80) on channel 1 19:56:10 Sending 64 directed DeAuth. STMAC: [00:14:6C:7E:40:80] [166|166 ACKs] And it's go on and on for that lane 19:56:10 Sending 64 directed DeAuth. STMAC: [00:14:6C:7E:40:80] [166|166 ACKs]But I still can surf the web ....

Bump, finally is it possible to MitM a different AP than the Pineapple AP or not?

I just tried the stealth mode hoping it will hide the AP but actually when I enable it it's does nothing at all...I still see the AP and I can still connect to it. But when I ping it it's doesn't reply... But well, is it possible to hide the AP ?

I am wondering if it is possible to use the wifi pineapple tools on other AP than the pineapple AP. So let's say you grab the WPA key of another AP, can you connect on that AP with your pineapple and then using all the tools? (DNS spoof, sslstrip, urlsnarf, tcpdump etc) If it is possible any tip on how to perform that?