Jump to content

ScottHelme

Active Members
  • Content Count

    61
  • Joined

  • Last visited

  • Days Won

    2

About ScottHelme

  • Rank
    Hak5 Fan +

Recent Profile Visitors

864 profile views
  1. Yeah, it will always have to use the real MAC when connecting, otherwise there would be all sorts of issues. The MAC address in each probe though, which is generally what's used to track you, can be anything and it doesn't really matter.
  2. The phone doesn't transmit the entire list in one go though. Each SSID is probed for using it's own probe request. If you're searching for 10 SSIDs, you send out 10, separate, probe requests. Each of these probe requests would contain a unique MAC address, so how would you know they all came from the same device? If 2 devices are sat next to each other and send a set of probes, without some prior knowledge or some serious work, you can't identify the devices uniquely. This also becomes more difficult as more devices are present. When I say tracking I'm not talking about triangulation. It is
  3. For general wifi tracking though, like that one on the streets of London (http://www.theregister.co.uk/2013/08/12/spy_bins_scrapped_from_london_streets/), do you think anything like that would be possible? With such a mass of devices coming through, even with half of them being iOS, the amount of data being pumped out would make it near impossible, surely? The signal strength could be useful, but form experience, it's not nearly accurate enough to pin down a device in a dynamic environment like that. All it takes is one small shift of an object like a bus to completely alter signal strength
  4. I'm sorry, I'm not sure I follow. With a random MAC address per probe, how would you know where any probe request came from, or even how many devices were sending the probes that you see? Are we talking about just general device identification here?
  5. With a randomised MAC address per probe, how would you know that any given set of SSIDs came from a specific client though?
  6. I can't see how the changes will affect the current operation of the Pineapple, things like Karma will still work just fine. The AP responds to the probe using the supplied (spoofed) MAC and then the client connects with it's own genuine MAC. The changes are intended to have no effect on the normal operation of WiFi.
  7. But I will still have to capture all the associated traffic?
  8. Thanks for the reply. I did think about airodump, but can it be configured to just record the MAC addresses of devices and not any packet data?
  9. I'm looking for a way to record MAC addresses that the Pineapple can see and wondering what the easiest/best approach would be. I notice that Karma normally logs the MAC of a device when enabled, but I don't want to have any effect on devices. I put it in white list mode and left the list empty and it doesn't seem that it logs the beacons. I assume it's possible to get kismet on there, though after a brief search, not much turned up. Is there anything someone can point me to in the way of a guide or some information on how best to achieve this? Cheers.
  10. If you're so angry just toss it out and write it off as an unfortunate loss. Next time, don't throw the box away. You could also try asking for help on the forums and providing details on your issues. I've had a cursory search around and I can't seem to find any thread asking for help. Have you tried a factory reset? Have you upgraded to the latest firmware? What steps have you tried so far to resolve your problems? I'm sure there's plenty of people here willing to help if you provide some details. Scott. P.S. You can also try some of the WiFi Pineapple threads on my blog if you need
  11. Yeah at the minute. There may be a better way of doing what I want to do, so please do tell me if there is! Normally for decrypting SSL traffic I'd just point it at Fiddler but the device I'm looking at right now doesn't have proxy settings. The setup: <PC > -- LAN --- < Pineapple > --- WiFi ---- < Target Device > I just want to route any and all WiFi traffic from the Pineapple through the proxy. So far I've tried various configs but I either lose connectivity on the target device, or, it can still browse the web and the proxy sees nothing...
  12. Hey guys, I'm trying to get Fiddler or Burp Suite in front of an embedded device that isn't proxy aware. I have it connected to the WiFi on the MkV and I would like to push all the traffic to port 8080 on my PC which is connected to the LAN port of the pineapple. I've found a few tutorials and guides on Google, one specifically related to the Mk4 actually, but I've not had any luck. The device has internet connectivity when connected to the pineapple wifi network, I'd just like to push all traffic through 8080. Any hints or tips? Cheers, Scott.
  13. I've been working towards this myself but had to put it aside for other projects. I will try and pick it up again this weekend and see where I get.
  14. Hey guys, Thought I'd share my latest blog about hacking the router provided to me by my new ISP. To say the security is shocking would be a bit of an understatement. Feedback greatly welcome! https://scotthelme.co.uk/ee-brightbox-router-hacked/ Regards, Scott.
×
×
  • Create New...