Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by ScottHelme

  1. Yeah, it will always have to use the real MAC when connecting, otherwise there would be all sorts of issues. The MAC address in each probe though, which is generally what's used to track you, can be anything and it doesn't really matter.
  2. The phone doesn't transmit the entire list in one go though. Each SSID is probed for using it's own probe request. If you're searching for 10 SSIDs, you send out 10, separate, probe requests. Each of these probe requests would contain a unique MAC address, so how would you know they all came from the same device? If 2 devices are sat next to each other and send a set of probes, without some prior knowledge or some serious work, you can't identify the devices uniquely. This also becomes more difficult as more devices are present. When I say tracking I'm not talking about triangulation. It is still just as possible to triangulate a broadcast, it's just a lot harder to tie each broadcast together as you no longer have the unique identifier present in each frame, the MAC address.
  3. For general wifi tracking though, like that one on the streets of London (http://www.theregister.co.uk/2013/08/12/spy_bins_scrapped_from_london_streets/), do you think anything like that would be possible? With such a mass of devices coming through, even with half of them being iOS, the amount of data being pumped out would make it near impossible, surely? The signal strength could be useful, but form experience, it's not nearly accurate enough to pin down a device in a dynamic environment like that. All it takes is one small shift of an object like a bus to completely alter signal strength for a huge swathe of devices. I guess time is the biggest factor here, but you generally don't have very prolonged periods where the devices you want to track are in range.
  4. I'm sorry, I'm not sure I follow. With a random MAC address per probe, how would you know where any probe request came from, or even how many devices were sending the probes that you see? Are we talking about just general device identification here?
  5. With a randomised MAC address per probe, how would you know that any given set of SSIDs came from a specific client though?
  6. I can't see how the changes will affect the current operation of the Pineapple, things like Karma will still work just fine. The AP responds to the probe using the supplied (spoofed) MAC and then the client connects with it's own genuine MAC. The changes are intended to have no effect on the normal operation of WiFi.
  7. But I will still have to capture all the associated traffic?
  8. Thanks for the reply. I did think about airodump, but can it be configured to just record the MAC addresses of devices and not any packet data?
  9. I'm looking for a way to record MAC addresses that the Pineapple can see and wondering what the easiest/best approach would be. I notice that Karma normally logs the MAC of a device when enabled, but I don't want to have any effect on devices. I put it in white list mode and left the list empty and it doesn't seem that it logs the beacons. I assume it's possible to get kismet on there, though after a brief search, not much turned up. Is there anything someone can point me to in the way of a guide or some information on how best to achieve this? Cheers.
  10. If you're so angry just toss it out and write it off as an unfortunate loss. Next time, don't throw the box away. You could also try asking for help on the forums and providing details on your issues. I've had a cursory search around and I can't seem to find any thread asking for help. Have you tried a factory reset? Have you upgraded to the latest firmware? What steps have you tried so far to resolve your problems? I'm sure there's plenty of people here willing to help if you provide some details. Scott. P.S. You can also try some of the WiFi Pineapple threads on my blog if you need some help getting setup and started.
  11. Yeah at the minute. There may be a better way of doing what I want to do, so please do tell me if there is! Normally for decrypting SSL traffic I'd just point it at Fiddler but the device I'm looking at right now doesn't have proxy settings. The setup: <PC > -- LAN --- < Pineapple > --- WiFi ---- < Target Device > I just want to route any and all WiFi traffic from the Pineapple through the proxy. So far I've tried various configs but I either lose connectivity on the target device, or, it can still browse the web and the proxy sees nothing...
  12. Hey guys, I'm trying to get Fiddler or Burp Suite in front of an embedded device that isn't proxy aware. I have it connected to the WiFi on the MkV and I would like to push all the traffic to port 8080 on my PC which is connected to the LAN port of the pineapple. I've found a few tutorials and guides on Google, one specifically related to the Mk4 actually, but I've not had any luck. The device has internet connectivity when connected to the pineapple wifi network, I'd just like to push all traffic through 8080. Any hints or tips? Cheers, Scott.
  13. I've been working towards this myself but had to put it aside for other projects. I will try and pick it up again this weekend and see where I get.
  14. Hey guys, Thought I'd share my latest blog about hacking the router provided to me by my new ISP. To say the security is shocking would be a bit of an understatement. Feedback greatly welcome! https://scotthelme.co.uk/ee-brightbox-router-hacked/ Regards, Scott.
  15. Thanks, I'm glad they helped. A basic explanation of Karma: A wifi device walks around shouting out for networks it remembers to try and find them, these are called beacon frames. Normally your device says "Hey, is Starbuck's Wifi here?" and the AP will say "No, I'm Costa Coffe Wifi". What Karma does is respond with "Yes, of course, I'm Starbuck's Wifi, please connect to me" and off your device goes connecting to the access point.
  16. Karma can't spoof WPA/WPA2 protected networks, only open networks. If you wish to test Karma, simply test it without ICS and you can try to get your devices to connect without exposing anything like your internet connection. If you wish to test other features of the pineapple, disable Karma and put a password on the AP. This way you can test Karma in isolation without exposing any of your network and you can also test other features in a secure fashion. After that just combine them and take it out in the wild. Scott.
  17. The person asking about VPNs is advertising a VPN service in his sig... *suspicious face*
  18. To my knowledge the LAN interface has a statically assigned IP address and will not obtain an address from a DHCP server.
  19. You can find a link to my blog in my signature, there are a few tutorials on there that should get you going. If you have any questions, feel free to ask :-) Scott.
  20. Thanks for the feedback! I've been working hard on the posts to make them nice and clear. I will take a look at Feedly, I've not heard of it, and see if there is anything I can do for compatibility. Scott.
  21. Hey guys, I've just covered HTTP Strict Transport Security (HSTS) and how it helps to improve web security. Any feedback on the blog or input anyone has would be much welcomed. Check it out here: http://scotthel.me/hsts Scott.
  22. The warning icon means that the network is not secure and is an open network. You simply need to create a password for your WiFi network and it will no longer show the warning icon.
  23. You will have to provide a lot more info that that. What device is this on? What are you connected to? Does the network have Internet access? Is this even anything to do with a Pineapple?!?! We have no idea :-) Please help us to help you and provide enough information for someone to actually troubleshoot your issue. Scott.
  24. When I run opkg list-upgradable I get no output. Does anyone have the same issue? I was wondering if I could somehow combine the list of upgradable packages with the upgrade command and just magic them all up to date in one go. Any tips? Too optimistic? Scott.
  • Create New...