-
Posts
64 -
Joined
-
Last visited
-
Days Won
3
Posts posted by Sailor
-
-
Try this one:
DATE=$(date +"%Y%m%d%H%M") tcpdump -n -C 128 -W 100 -i br-lan -w /sd/log/packetlog-$DATE.pcap >/dev/null 2>&1 &
You can remove the -C and -W switches if you want just one big file
-
Do you mean in the rc.local file in /etc ? Just checking before I screw things up :-)
I guess that would work. I have put this in a script that is called from a specific bootmode (from the GUI: configuration -> Bootmodes) I don't want to start Karma all the time
Also, would the syntax to exclude a SSID be
hostapd_cli -p /var/run/hostapd-phy0 karma_add_black_ssid 01:SSID-NAME > /dev/null
No, that won't work. Just type 'hostapd_cli -h' in a SSH session to see the available options.
-
This will only work when cracking WEP, for WPA all packets need to be captured in order to have a successfull 4-way-handshake.
You are right! My mistake, bad suggestion, don't use --ivs
-
I have the following in my bootscript which prevents my other devices to connect to the MKV:
# Start Karma hostapd_cli -p /var/run/hostapd-phy0 karma_enable >/dev/null 2>&1 & sleep 2 # Add own MAC addresses hostapd_cli -p /var/run/hostapd-phy0 karma_add_black_mac 00:XX:XX:XX:XX:XX > /dev/null hostapd_cli -p /var/run/hostapd-phy0 karma_add_black_mac 01:XX:XX:XX:XX:XX > /dev/null
(post from Developer)
WiFi Pineapple Developer
Posted 13 November 2013 - 11:41 PM
At the moment they are kept in RAM, not flash. Our next iteration of karma actually has a lot more when it comes to usability and versatility.
Stay tuned.
Looking forward to that!
-
I'm sure I'm doing all the correct steps to capture the handshake, and I've used the wifite script as well as the site survey infusion. It always looks like a successful capture but when I try and convert it to a .hccap no dice. I've tried this on multiple networks and interfaces as well. Have you actually (Not just in theory) converted a captured handshake from the pineapple to a .hccap?
Nope, sorry. I never converted a capture file to hccap, I have just (succesfully) used the cap file in aircrack-ng.
Maybe it would help to try the --ivs option in airodump-ng? This would only capture the required packets for cracking. -
I've tested it out with the mark iv as well and I'm still unable to capture a valid handshake.
Has anyone actually captured and cracked a 4 way handshake with the wifi pineapple?
I cannot tell from the screenshots if you have followed the right steps to capture a handshake (the last step I see is a deauth, but that doesn't guarantee that there is a reconnect from this client).
And yes, sure this is possible. Try using the wifite python script (search on this forum). This automates the steps required to capture a handshake.
-
But why is bully faster?
Can someone tell me the main differences between Reaver and Bully that affects operatingspeed?Hard to tell without studying the source (https://github.com/bdpurcell/bully) but the author says the main differences with Reaver are:
It has several advantages over the original reaver code. These include fewer dependencies, improved memory and cpu performance, correct handling of endianness, and a more robust set of options. It runs on Linux, and was specifically developed to run on embedded Linux systems (OpenWrt, etc) regardless of architecture.
-
What firmware are you on?
-
when using tcpdump! which port is best to use along with the mkv? should I use wlan0 or wlan1? to scan the traffic going through?
You should take br-lan as the interface (not sure if you mean that with 'port')
for instance: tcpdump -n -C 10 -W 100 -i br-lan -w /sd/packetlog.pcap (this will create a maximum of 100 files, each 10MB big with all traffic from connected clients)
-
Wifite works perfect on the MKV, just don't use the dictionary attack (WPA key cracking with pyrit/cowpatty), that would take too much time because of the limited processing power.
Just follow the installation steps on: https://code.google.com/p/wifite/
No further configuration needed.
-
Great, will try that too!
-
I do have a pi running kali connected to the ethernet port.
Do you share internet from the MKV to the Pi or the other way around? Does this work without difficult configuration?
-
Will require a bit of configuration but it is very likely that this will work since this is all Python based. Just need to install Scapy + nfqueue-bindings (BeEF will be a harder).
-
Can anyone recommend any 21 Mbps (HSPA+) 3G dongle that works out of the box with the WiFi Pineapple? Or with a readily available script? :)
Preferably one that allows an external antenna to be attached to it.
Thanks a bunch in advance,
ocn^
As I understood the modems mentioned in this URL are considered to be supported by the Pineapple:
http://www.draisberghof.de/usb_modeswitch/device_reference.txt
-
The wait command is not intended for that. Try using sleep.
In my script I use a couple of sleep commands, it adds up to about 180 seconds so you should be fine with that. I think it doesn't even matter for autossh since it will keep trying to make a connection.
-
You can add the following to your boot dip script:
/etc/init.d/autossh start >/dev/null &
-
No problem to use the MKV battery packs from the shop for the MKIV. Same voltage and connector.
-
Nope, urlsnarf doesn't provide that option. You can schedule the following script to run for instance every 15 minutes:
#!/bin/sh logger "Clean-up Script Executed" # q = threshold in bytes q=52428800 w=`ls -la /sd/urlsnarf.log | awk '{print $5}'` if [ $w -ge $q ]; then logger "Log over threshold, zip and truncate" DATE=$(date +"%Y%m%d%H%M") gzip -f /sd/urlsnarf.log mv /sd/urlsnarf.log.gz /sd/$DATE.urlsnarf.log.gz echo "Log truncated" > /sd/urlsnarf.log else logger "Log looking good" fi
-
I use the following which is at least more secure than the ftp solution:
tail -f file-on-pineapple.log | ssh username@remoteshell "cat >> file-on-ssh-server.log"
If you have setup your ssh connection right you will not be prompted for a password.
Other options to look at are rsync and nc (netcat). The latter has a nice tutorial in the Hak5 channel on Youtube.
-
You could use the following:
tail -f /tmp/karma-phy0.log | grep 'pass\|AP-STA-DISCONNECTED\|Successful' | awk '{ print strftime("%Y-%m-%d %H:%M:%S"), $0; }' >> /sd/karma.log
Modify the grep query to fit your needs, this logs connects and disconnects. If you want to log probes you would probably pipe through uniq as well.
-
Is there a reason that sslstrip version 0.6 is installed instead of version 0.9? Did anyone try to update this?
Already found out myself. Version 0.9 can be used:
opkg update opkg install pyopenssl wget http://www.thoughtcrime.org/software/sslstrip/sslstrip-0.9.tar.gz -O /sd/sslstrip-0.9.tar.gz cd /sd tar zxvf sslstrip-0.9.tar.gz cd sslstrip-0.9 python ./setup.py install
Install the sslstrip infusion (1.4) after this. Sslstrip will then run with version 0.9 instead of 0.6 from the Web UI.
-
Nobody responded to my post above.... Anyone else seeing these errors in their syslog? Is it normal?
13:30:30 Pineapple daemon.warn dnsmasq-dhcp[1798]: no address range available for DHCP request via wlan1
I have had this in my log on both the Mark IV en V but never found a solution. It doesn't affect the workings though (as I know of).
-
Not sure how this is with the Mark V but my guess is that a laptop USB port has too little power (500 mA) where you probably going to need 1A+
-
WARNING: Only do this if you really need to, it could easily harm your device, so try it at your own risk!
Hey guys, so here is a quick tutorial on how to power your pineapple via a laptop USB port!
1. Grab a USB cable (i used a usb to micro-usb)
2. Grap a DC cable (same size as the one that came with your pineapple)
3. Cut the USB cable at about halfway
4. Cut the DC cable at about halfway
5. On the USB cable, cut away the insulation until you have the smaller wires inside. Keep the red and black ones and cut the rest off.
6. Trim the insulation off the red and blacks, so you only have the wire
7. Cut the insulation away from your DC cable so you have two wires
8. Carefully twist the red wire from the USB cable around one of the wires from the DC cable
9. Repeat step 8 with the black wire
You should now have something that looks like this
<snip>
Now simply wrap the wires with insulation tape and you should be good to go. Always plug in to a USB port that is powerd, or has the USB+ sign.
Hope this helps!
I would add a step 10.
10. (Double) Check polarity of your new cable and check if this is identical to the original cable.
Switching polarity causes on instant fry of your device.
Packet sniffing on mk4
in WiFi Pineapple Mark IV
Posted
Try to have a look at tcpdump, it should be installed on the MKIV.