cptprice

Thanx, i will be waiting for your video tutorial. Also have you ever tried Yagi Antenna with alfa AWUS036H? I think that alfa supports max of 9dbi antenna, will yagi work being 16-18dbi?

DId you try USB 3g Dongles? Or maybe connecting your iphone or android via usb (as modem) ?

@JackChitt Could you please share your Androrat setup with everyone?

Well i have the same question. I want to buy a Yagi Antenna, can that be used with Pineapple using an adapter, and also can it be used with alfa (Cause i think that alfa can support upto 9dbi)?

Could you please confirm if the following 16dbi Yagi Antenna would work :- "http://www.ebay.com/itm/200809728556?ssPageName=STRK:MEWAX:IT&_trksid=p3984.m1423.l2649" Besides the RP-sma Connector do I need something else?

"http://www.youtube.com/watch?v=FjasYNydt5s"

Thank you so much for your valuable input, so this means that Jail Broken Iphones can be hacked if they are connected to our pineapple, is that right? If so, then what tool should be used to get access to the root, and where to look for the password files. I saw a tutorial on youtube for something similar:- In this, the attacker uses armitage and metasploit to find vulnerabilities, checks if the iphone is jail broken, and if the default password is the same we gets access to the root. Now here are my questions:- 1) We get an iphone connected to our pineapple. (Assuming it is jail broken) 2) Is it possible to use Armitage and Metasploit on backtrack along with pineapple? 3) Say, once we get access to the root, where to look for the "Password Files" or Login credentials that are stored in the apps? I am new, and just curious, please excuse me if i sound stupid. Furthermore, since we are talking about hacking iOS, shannon did a video in which she used a USB rubber ducky to put a persistent shell in mac which we can get access to through netcat. Now since such a simple script can accomplish that, is it not possible to have an injection similar to that but on the iphones? Instead of using usb rubber ducky for which we need to have physical access to the device, we could use an injection that can be put using this splash page. When the user clicks accept, the script is installed and we get access.

I totally understand what you are trying to say: 1) You have got several Android devices or iOS devices connected to your pineapple. 2) All have apps for facebook twitter or even mails are preconfigured within their device. 3) You are wondering how to get their credentials, since Mitm wont work. This is the same thing i've been wondering, infact, if someone could develop some infusion that we would be able to use as post-exploitation that could copy their preconfigured password files from their device. Just a thought!! Also, what about gmail using https now? I tried sniffing through ettercap and sslstrip, and i could'nt get the credentials.