Jump to content

TheHackerNextDoor

Active Members
 View Profile  See their activity

  • Posts

    73

  • Joined

  • Last visited

  • Days Won

    2

 Content Type 

Posts posted by TheHackerNextDoor

    [Infusion idea] WiFi crack

    in Mark V Infusions

    Posted

    Hello,

    maybe a stupid idea but why not add an option to automaticly copy the SSIDof the open/cracked SSID to the pineapple so it looks like that AP. It would make a great tool for a MITM attack. Walk into any place and you don't have to configure your pineapple just turn it on, it connects / crack and connects and pretends to be the local SSID. Block the local AP for everyone else and just allow the pineapple to connect to it.

    Sorry if this is already possible...

    Karma and the jammer would work for that. It would kill all networks, and emulate them all, too.

    A Tip Before Updating

    in WiFi Pineapple Mark V

    Posted

    You'll find that we do have a warning on the upgrade page that upgrading will wipe all user data (except anything on the SD card).

    Best regards,

    Sebkinne

    Yes, I found that after. I thought I should post it here for ignorant people like me... :P

    WiFi Pineapple Constantly Crashing

    in Questions

    Posted · Edited by TheHackerNextDoor

    Hi,

    My WiFi pineapple is constantly crashing. I don't know why. I am powering it off of the supplied adapter. All I am running is the jammer, dnsspoof, and karma. Right before it crashes, the red light goes on for about a second. Then the blue light starts flashing until it boots.

    Suggestions for the Mark VI

    in WiFi Pineapple Mark V

    Posted

    Here are some suggestions I have dreamed up over the past couple of days.

    More RAM

    I think the mark V is very limited when it comes to RAM. Come on, only 64MB? I'm sorry, but I can't run very much at a time, and it is constantly crashing! How difficult would it be to add 128MB of RAM, or better yet, 256MB?

    Dual-booting

    I think dual booting would be a good feature. How I see it, is there would be a second DIP switch module to choose which version you want to boot. It's annoying to have to change the settings each time, like the wireless settings, for example. If I want to prank my friends, I have to change the /etc/wireless/config file from encrypted WPA2 'Nothing to see here!' to something like 'Free Wifi!'

    Antenna Repositioning

    A physical problem with the Mark V that the Mark IV does not have is the width. I can fit the Mark IV in my pocket(other than the antenna, which is hidden by my shirt), however I can't fit the Mark V in, because of the antennas. If I put it in my pocket with the antenna sticking out, it is visible, because of the angle of the antennas. What about having a 90 degree SMA connector where the SMA ports are, so the antennas would be right next to it?

    How do devices check for internet?

    in Questions

    Posted

    I'm wondering how different devices check for internet, an d hopefully I will be able to use the DNSSpoof on my pineapple to make it look like they have internet, even when they don't.

    How does iOS know when there is internet? I set up a sample network on the pineapple, turned on randomroll, and connected to it on my iPod. Immediately, it opened a webpage with a dancing banana.(Lol) It said I had to log in, so therefore it new I was messing with the internet. How does it check?

    Same for Android/PC. Again, the purpose of this is to make it look like there is internet, even when there isn't.

    Autossh Not Working

    in Questions

    Posted

    For arguments sake, could you place GatewayPorts just above that "Match User storage" line and if that doesn't change anything also specify the (sanitized) ssh client command you're using.

    Wow. That was the problem... I'm so stupid! xD

    Autossh Not Working

    in Questions

    Posted

    Here is /etc/ssh/sshd_config:


    # Package generated configuration file

    # See the sshd_config(5) manpage for details


    # What ports, IPs and protocols we listen for

    Port 22

    # Use these options to restrict which interfaces/protocols sshd will bind to

    #ListenAddress ::

    #ListenAddress 0.0.0.0

    Protocol 2

    # HostKeys for protocol version 2

    HostKey /etc/ssh/ssh_host_rsa_key

    HostKey /etc/ssh/ssh_host_dsa_key

    HostKey /etc/ssh/ssh_host_ecdsa_key

    #Privilege Separation is turned on for security

    UsePrivilegeSeparation yes


    # Lifetime and size of ephemeral version 1 server key

    KeyRegenerationInterval 3600

    ServerKeyBits 768


    # Logging

    SyslogFacility AUTH

    LogLevel INFO


    # Authentication:

    LoginGraceTime 120

    PermitRootLogin yes

    StrictModes yes


    RSAAuthentication yes

    PubkeyAuthentication yes

    #AuthorizedKeysFile %h/.ssh/authorized_keys


    # Don't read the user's ~/.rhosts and ~/.shosts files

    IgnoreRhosts yes

    # For this to work you will also need host keys in /etc/ssh_known_hosts

    RhostsRSAAuthentication no

    # similar for protocol version 2

    HostbasedAuthentication no

    # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication

    #IgnoreUserKnownHosts yes


    # To enable empty passwords, change to yes (NOT RECOMMENDED)

    PermitEmptyPasswords no


    # Change to yes to enable challenge-response passwords (beware issues with

    # some PAM modules and threads)

    ChallengeResponseAuthentication no


    # Change to no to disable tunnelled clear text passwords

    #PasswordAuthentication yes


    # Kerberos options

    #KerberosAuthentication no

    #KerberosGetAFSToken no

    #KerberosOrLocalPasswd yes

    #KerberosTicketCleanup yes


    # GSSAPI options

    #GSSAPIAuthentication no

    #GSSAPICleanupCredentials yes


    X11Forwarding yes

    X11DisplayOffset 10

    PrintMotd no

    PrintLastLog yes

    TCPKeepAlive yes

    #UseLogin no


    #MaxStartups 10:30:60

    #Banner /etc/issue.net


    # Allow client to pass locale environment variables

    AcceptEnv LANG LC_*


    Subsystem sftp /usr/lib/openssh/sftp-server


    # Set this to 'yes' to enable PAM authentication, account processing,

    # and session processing. If this is enabled, PAM authentication will

    # be allowed through the ChallengeResponseAuthentication and

    # PasswordAuthentication. Depending on your PAM configuration,

    # PAM authentication via ChallengeResponseAuthentication may bypass

    # the setting of "PermitRootLogin without-password".

    # If you just want the PAM account and session checks to run without

    # PAM authentication, then enable this but set PasswordAuthentication

    # and ChallengeResponseAuthentication to 'no'.

    UsePAM yes


    # SparkleShare

    # Please do not edit the above comment as it's used as a check by Dazzle

    Match User storage

    PasswordAuthentication no

    PubkeyAuthentication yes

    # End of SparkleShare configuration



    GatewayPorts clientspecified

    Autossh Not Working

    in Questions

    Posted

    But then you probably already looked into them and didn't see anything particular there.

    So, let's end the suspense. Are you or are you not specifying a bind_address to ssh in your -R parameter?

    Yes, I am specifying a bind_address.

    Autossh Not Working

    in Questions

    Posted

    In your -R parameter you're probably providing as values "5000:localhost:22". If so, try as -R value "*:5000:localhost:22" in which the asterisk is the bind address, defaults to localhost and with an asterisk in place it'll now be all interfaces (but you can specify it aswell if you wish - just use the Server's name of the interface).

    And PS, this only works if on the Server your SSHD configuration has the GatewayPorts option set to enabled.

    Hold on, so GatewayPorts = enabled? I had tried GatewayPorts = clientspecified and GatewayPorts = yes, but neither worked. Should I try that?

    Autossh Not Working

    in Questions

    Posted

    Then doing only what's described for the second ssh client session will suffice. Just instead of connection that session to (pineapple) local port XYZ you connect to Server where I'd still recommend you port-forward external port 443 to whatever the sshd port on your Server is to disguise your traffic and in setting up that session include the parameters to create tunnels A and B as described.

    I'm going to restate my question.

    Pineapple is on network A, firewalled.

    SSH server is on network B, not firewalled (Example IP 192.168.1.123).

    PC is on network B.

    I can connect the pineapple to the ssh server, forwarding port 80 on the pineapple to port 5000 on the server. I can make a connection on 127.0.0.1:5000 (Tested with wget)

    When I go on my PC, and I enter 192.168.1.123:5000 in google chrome, I get connection refused.

    If I go back to the server and run netstat -a, and I see that it is only listening on 5000 on localhost.

    In my /etc/ssh/sshd_config file, I have GatewayPorts = clientspecified .

    Does this help?

    Autossh Not Working

    in Questions

    Posted

    Okay, so the goal then is to have a 2-way tunnel between the Pineapple and your Server (which actually means 2 tunnels, one for each direction). I'm assuming 'your server' is a machine on your home network, but not one directly connected to the internet. The machine that IS directly connected to the internet we'll call the Staging server in what comes next.

    I think you need 2 client sessions for this.

    The first is from the Pineapple to your Staging server. I'd go about doing that by having your Staging server provide a listening socket to ssh on port 443. Encrypted traffic is expected there so the network your Pineapple is on won't see very weird traffic, just maybe more of it. When you start your ssh client on the pineapple, tell it to tunnel connections on (pineapple) local port XYZ to remote Server port 22 (or wherever you have sshd listening on Server). This is tunnel 1. Using firewall rules on the Pineapple restrict local port XYZ to localhost only. Start something like "vmstat 20" to generate a small amount of traffic every 20 seconds to prevent the connection (and, thus, tunnel) from being closed due to inactivity.

    Next, on the Pineapple, run an ssh client that connects to (pineapple) local port XYZ which first creates tunnel A which is from (pineapple) local port ABC to (Server)localhost port 22 (or wherever you have sshd listening on Server) and tunnel B which maps (Server) remote port DEF to (pineapple) localhost XYZ. Again, start something like "vmstat 20" to generate traffic on the line to prevent the closing of the tunnel due to inactivity.

    With this setup in place, you can now connect to port ABC on the Pineapple to get to your home Server and on your home Server you connect to DEF to connect to your Pineapple.

    You could do this without a Staging server when Server is connected directly to the internet, but then you'd have to seriously firewall the listening port on your Server to prevent unauthorized access across the full internet to the Pineapple at your undisclosed location.

    My home servers are directly connected to the internet. They are port forwarded.

    Autossh Not Working

    in Questions

    Posted

    If I understand correctly you want to use the pineapple as a bridge to connect wirelessly to a wired server, is that correct?

    You said "The server accepts connections from 127.0.0.1" you know this mean that only connection originating from that very same server will work, if you want to be able to connect remotly, from an other machine, then it need to listen to an interface other than localhost.

    The pineapple in on a firewalled network. The server is on my home network. I want to tunnel the pineapple to my home server, and I want to access it from my home computer.

    Autossh Not Working

    in Questions

    Posted

    I want to go Pineapple > Server > Server local network. The server accepts connections from 127.0.0.1, but not from its internal IP. If I use netstat, I can see that it is only listening on localhost.

×
×
  • Create New...