WallE
-
Posts
91 -
Joined
-
Last visited
Posts posted by WallE
-
-
Oh well, I put them back again together, and now it's working. Don't ask me why
Uploaded with ImageShack.usWorking perfectly. I untie them, tie them back. Then it's worked. No idea why (For both of them)
I was wondering. If the DC is not plugged, is there any energy going out?
Oh and by the way, how long do you think this super battery can last if plugged 24/24?
-
Uploaded with ImageShack.us
That's the other without the on/off
Same thing, the battery pack is burning and the power do not go to the pineapple. I even tried to switch the cable in case the color were wrong. But in that case the battery pack is not heating but the power do not go to the wifi pineapple either. So maybe it's an hardware problem? I don't know what to think. Seem to be an easy task but well, not working here. Tomorrow I will try to buy a new battery pack and a new dc cablePS: The battery pack cable metal is silver and the dc one is bronze. If that can change anything
-
Alright so I tried to do the same as you but I have a big problem. I decided to forget about the 9 volt snap and I think that caused problem because after less than 30 seconds the battery pack is literally melting.
Here's some pic:
Uploaded with ImageShack.us
Uploaded with ImageShack.us
Uploaded with ImageShack.us -
I connected my wlan0 to client mode to the home wifi.
Then I go into putty and typed:
arpspoof -i wlan0 192.168.1.45 (Testcomp) 192.168.1.1 (gatway)
Then I runned URLsnarf on wlan0
But nothing appear on urlsnarf when I surf internet with the 192.168.1.45 computer
And wlan0 is really connected to the wifi when I type iwconfig it show the connection to the home wifi -
Here's the scenario:
I want to connect the wifi pineapple to my home wifi and run an MitM attack
I used network manager to connect wlan0 to the AP with this setting
wlan0 mode: Client (So the wifi pineapple is not creating any AP)
WAN mode
Then I do a dhcp request.
I am able to connect to the AP successfully.
But when I run sslstrip or any infusions it is just not working on the home wifi.
What am I doing wrong?
Thanks
-
Alright I have access to the router. What I do then?
-
Wait, seriously? I just ordered an anker ............
-
Facebook works. Gmail works. Twitter works.
What really irks me is that apps don't work. With the proliferation of mobile apps and less and less reliance on proper websites, sslstrip will continue to become less and less useful as time goes on. UNLESS someone (Moxie?) comes up with a way to strip apps of their custom ssl implementations. Moxie has already commented on this a bit, and if he can't crack it, god help us all.
telot
Are you sure about gmail and twitter? I am 100% sure they are HSTS protected and SSLstrip shouldn't work on those.
-
Well I tried to deauth a specific user and it's working like a charm. But this is not exactly what I want to do. So 2 questions here:
1. Is it possible to deauth every client connected to the AP or we can only jam one client at a time?
2. Is there a way to SHUTDOWN the AP, I want to find a way to not be able to see the AP anymore. Some kind of DDoS. How can I perform that?
-
Can you give me more detail on how to proceed because I am not sure on how to do that.
Thanks you very much
-
What does the raw tcpdump show?
-Tp
A lot of verbose
i installed dsniff, and used that instead.
How did you installed dsniff?
-
Sslstrip sniffs credentials straight after install without using the terminal or anything. That's what I use on the pineapple
SSLstrip work for https not for http credential
-
Can you tell us a list of website which is working and not working?
-
But the -c is to Deauth a specific user of the AP no?
If you don't put the -c command and just the -a command isn't supose to deauth all the AP user?
Like that command?
root@Pineapple:~# aireplay-ng -0 0 -a 00:14:6C:7E:40:80 wlan1
And I am not sure what is a -c broadcast
-c can be a command to deauth a particular user (client) or equal a broadcast ff:ff:ff:ff:ff:ff
but what is a broadcast ff:ff:ff:ff:ff:ff
-
So is it possible to have the pineapple AP invisible?
-
Same here
-
Well actually I wanted to use TCPdump to sniff http credential but I never used tcpdump so I find that command all over the web:
tcpdump port http or port ftp or port smtp or port imap or port pop3 -l -A | egrep -i 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user ' --color=auto --line-buffered -B20
But it's not working on the pineapple so I was wondering what command are you using to run TCPdump and catch credential?
Thanks
-
Maybe you have some power issue, how are you plugging your pineapple?
-
You can see a list of HSTS protected website here:
-
It is not working on HSTS protected website
-
Alright so I was trying to use aireplay to DEauth an AP unfortunately something is wrong.
I am using my wifi pineapple with an alfa awus036h connected to it. The wifi pineapple is plugged into the wall so there is no power issue. Here's what I did
root@Pineapple:~# airmon-ng start wlan1
root@Pineapple:~# airodump-ng -c 1 wlan1
root@Pineapple:~# aireplay-ng -0 0 -a 00:14:6C:7E:40:80 wlan119:49:24 Waiting for beacon frame (BSSID: 00:14:6C:7E:40:80) on channel 1NB: this attack is more effective when targetinga connected wireless client (-c <client's mac>).19:49:24 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80]19:49:25 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80]19:49:25 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80]19:49:26 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80]19:49:26 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80]And that goes on and on forever so I tough the job was done but when I connect to the AP I can still go on internet and surf at a normal speed...
Any tough?
PS: It's the first time I am DEauthing. So I was also wondering if it's possible to totally shutdown an AP (Invisible when you scan for AP)? or it will just disconnect people from it?
EDIT: I also tried
root@Pineapple:~# aireplay-ng -0 0 -a 00:14:6C:7E:40:80 -c 00:14:6C:7E:40:80 wlan119:56:10 Waiting for beacon frame (BSSID: 00:14:6C:7E:40:80) on channel 119:56:10 Sending 64 directed DeAuth. STMAC: [00:14:6C:7E:40:80] [166|166 ACKs]And it's go on and on for that lane
19:56:10 Sending 64 directed DeAuth. STMAC: [00:14:6C:7E:40:80] [166|166 ACKs]But I still can surf the web ....
-
Bump, finally is it possible to MitM a different AP than the Pineapple AP or not?
-
I just tried the stealth mode hoping it will hide the AP but actually when I enable it it's does nothing at all...I still see the AP and I can still connect to it. But when I ping it it's doesn't reply...
But well, is it possible to hide the AP ?
-
I am wondering if it is possible to use the wifi pineapple tools on other AP than the pineapple AP.
So let's say you grab the WPA key of another AP, can you connect on that AP with your pineapple and then using all the tools? (DNS spoof, sslstrip, urlsnarf, tcpdump etc)
If it is possible any tip on how to perform that?
Video Demo - "tango Mode" Proof Of Concept
in WiFi Pineapple Mark IV
Posted
Alrigh so I am trying to tango mode since a while but it's just not working. I am connecting both Pineapple through PoE. Connecting one to the WAN than to my computer. Go to putty at 172.16.42.1 and enable Darren command but this is not working.
And they are not sharing network.
Any idea?