NovaSam
-
Posts
34 -
Joined
-
Last visited
Posts posted by NovaSam
-
-
Have two Mark Vs and a Pineapple Plug for sale.
- Mark V, with the original large blue 72 Hour battery with power cables.
- Pineapple Plug (connects two Mark Vs together - Tango Mode) - with the first Mark V that I sell
If buying both Mark V's I'll include the USB power cable as well. Both Mark Vs have a battery, and power/charging cables.
$70 each or $120 both in a package. All upgraded to the latest 2.4 firmware.
-
Yeah I was kind of curious about that as well. :( Kind of a waste for the plug. Have two Mark Vs and a plug. It was fun but really had a lot of issues with the hardware regardless. They work fine, but I'll probably find a dedicated use for my Mark Vs and work more with my nano. If I ever get the resources and approval from the wife I might get the Tetra.
-
Red Team Security recently in the news sporting some Hak5 gear hacking a power company.
-
Leave it to WifiPineapple Nano to kick off 180 USB adapters. ;) might have to get me another one ;)
Compared to my Mark Vs this thing is much better, all be it I'm a little later to the game, so thanks for working out most of the bugs for me.
Samsung Galaxy S5 - not rooted
Nexus 7 Asus Pwnpad
Used the connector app, (first time was a cable issue, switched to the official cable for my S5 and no issues) Make sure the USB cable you are using is a data cable and not just a plain charging cable. I am finding most of my USB cables are not data cables lately.
I do not have the developer option enabled on the S5, but I believe it is enabled on the Nexus 7, just have not tried tethering with it yet.
Also found that it works fine with my Asus Chromebook, although I don't share my internet connection just connect via the USB Ethernet.
-
I like the idea of keeping track of meta data related to how a SSID was captured and how many clients are looking for it, or if the SSID was only found via an access point via recon, of just one you entered into the pool list Occupineapple style.
I'm guessing parsing the logs and creating a report based on the data logged would get us there, but I can see a lot of SSID analyses using mostly whats already built in just need a couple more fields to populate.
-
1
-
-
Wonder if one could use the Hardware SDK on the Pineapple and connect the radio, then port the code as an infusion. Or run the original python code directly. Then you could not only sniff Wifi, but also go for the low hanging fruit.
I also found the CreepyDOL very interesting as well.
-
Can't wait to try it out on each of my pineapples. Keep up the good work.
-
Just a couple I found searching the internets.
Using Wifi Pinapple to attack Comcast Xfinity Wifi.
http://www.theregister.co.uk/2014/06/24/comcast_xfinity_evil_twin_steals_subcriptions/
Nothing like using Defcon22 to test the security of the Wifi Pineapple.
-
Just think of the Wireless DDoS to a device, from a consultant, that has been traveling and using hundreds of APs a year stumbles upon a PineAP that suddenly lights it up with Beacons and management frames for every AP it has ever connected to. I was demonstrating the Pineapple with just Karma a few months ago, before our auditors conducted a wireless pentest. Should have seen their faces when their laptops and phones connected within seconds, let just say they will never look at hotel wireless the same again. Dogma looks like it might also conserve your pineapple and the airwaves a bit, as it will focus on just the target device or device type.
koolkarnt, I am still playing with PineAP myself, but I think I can answer some of your questions. I have not played with the Source/Target section yet, Dogma seems to actually broadcast the AP's listed in the PineAP SSID Management section, and Auto Harvest will automatically add SSID's that devices are currently looking for to the SSID Management section.
I have a simple question that I'm too lazy to search for myself. Where is the file for the SSID Management stored? My list became quite long during testing, and I would like to copy it to another file before deleting all of the collected AP's. When I enable Dogma, the list is so large that it takes several minutes for "most" of the names to be viewed by any device. I've even seen a device or two that quit trying all together after 10-20 AP's populated.
-
Yes you can still manage your pineapple over Wifi and connect one of your wifi adapters, preferably your Alfa for internet speed to your client network via the Client network link. For the SD Card you will need to go to Resources -> USB Info -> Format SD Card. If you don't see it right away after the format try a fresh reboot.
I recommend watching some of the earlier Hak5 Episodes late 2013 that cover some creative ways to use the Pineapple router, but will also help you with some of the other network and wireless configuration options.
-
Tacking on a external usb wifi, might be the best bet for wifi ...redacted... as you can also better control your arena or lack of one to give you better results. Any light touchscreen ultrabooks work good with Kali?
-
Not sure how I missed this one. Looks pretty neat, and supposed to get up to 20 minutes of flight time even with a GoPro attached, but can hold other payloads. GPS waypoints, and follow me mode sounds pretty cool as well. Was a kickstarted, and they claim to have made it hackable, but does not look open source like our friends. Great ideas, even with the FAA crackdown it will be interesting to see what this all goes.
https://www.thepocketdrone.com/store/checkout?cart=53fac793285fd
-
That would be pretty interesting would have to get me one of those. Could be walking around seeing mobile devices access points as you walk, drive, or ride. remotely triggering attacks, and viewing results.
Having the Yagi out, and looking like a wifi terminator, or the pie piper of wifi clients.
By the way how many hours can you get with your Glass before recharging?
-
The Google situation is WILDLY different:
Google scanned for unencrypted wireless networks as broadcast by their APs, connected to them and performed some sort of scanning of that home network to determine what was there. They 'hacked' the AP and/or its hosted network.
The Pineapple pretends to be the unencrypted AP you occasionally connect to and then simply MITMs anything that connects to it. It's a honeypot AP that can be used to hack any client that connects to it, but until you hack the client I don't see the harm.
When questioned you could simply say that you're using the pineapple to provide (to yourself) legitimate wireless access at your current location using some remote wireless access point that you're authorised to use since the wifi in your own device is so piss-poor it can't get a decent signal from it. It shouldn't be your problem that other people in that same location can tag along on your connection. Hell, you're providing a SERVICE here!
Yes a service indeed, with a few extra features to boot..
-
That was pretty funny. better then the DEFCON version, first 4 minutes pretty entertaining. :D I do a lot of live streaming so pretty understandable.
-
Very unlikely as to fully implement PineAP you will want more then one radio, and in some cases two. This is one of the primary reasons Hak5 developed the custom hardware for the Mark V. I believe Darren has pointed this out several times on the forms already.
Now this does not mean there will be no more updates, but I would recommend possibly investing in the Mark V.
So....will there be an firmware update to the Mark IV, implementing the PineAP suite of tools ?
-
It could be helpful to have multiple rubber duckys for when you have different payloads for each one. So like you said option 1 if this is the case and option 2 if this is the case.
I have also found different operating systems have different commands, and some work better then others. A good hack sometimes involves as much planning and recon as possible, and always written permission of course. Sometimes it's just having a couple options for when the opportunity presents its self.
Also you could also have multiple payload pre compiled on your tablet or netbook, and you could simply change them out as needed on the fly. So you could get by with just one, but whats the fun in that.
-
You may need to setup routing between subnets not he pineapple. By default the subnet is the same on all interfaces int he default configuration. It's all based on OpenWRT. So you can check out the OpenWRT.org site for information on how to configure different routing interfaces.
The only thing you have to keep in mind is that the PineApple was design to be a Man-In-The-Middle devices. So keep this in mind while configuring routing or your pineapple will not serve this purpose anymore.
Here is a thread we talk about something similar
-
Nice find, will need to try it out. Thank you
-
A quick google search on Port Mirroring and OpenWRT and I ran into this. Might be all you need. This is on the OpenWRT forums so it is more likely to work on the Pineapple as it is OpenWRT (Duh) ;) Let me know if this works, might be worth creating a simple infusion.
https://forum.openwrt.org/viewtopic.php?id=28878
You can use TEE from iptables.
Something like this, to monitor all traffic from and to the WAN:
# incoming packets (ignore packets from local subnet)
iptables -A POSTROUTING -t mangle -o br-lan ! -s 10.10.0.0/16 -j TEE --gateway 10.10.0.1
# outgoing packets (ignore packets to local subnet)
iptables -A PREROUTING -t mangle -i br-lan ! -d 10.10.0.0/16 -j TEE --gateway 10.10.0.1Thereby, all packets gets forwarded to 10.10.0.1
You can also use a seperate vlan to create the mirror-port. -
There are a lot of solutions out there to help monitor/filter internet traffic on your home network. Some Paid, and many free with paid options. All solutions are not 100% effective, and have their own ups and downs, and ways around them.
- If you primary use windows 8.1 devices look into Parental controls (requires you to add at least one child account first) includes both filtering/reporting
- OpenDNS - basically with very little modification to your router, devices point all DNS on your network to OpenDNS servers, and even setup a free account to run weekly reports.
- Apple iOS devices have built in filtering "Restriction" options to help filter adult content.
- Mac OS X has some built in limited Parental Controls.
- Some home wireless routers now have parental controls and filtering built in.
- K9 Web Protection, use on Windows Mac, iPhone, iPad, Android.
- use a solution such as untangle.com in-line or arp spoof, they have a free version you can install on any regular PC hardware,
- setup a squid server if you have even more time on your hands.
Personally I'm not a big believer in web filtering, but rather user education. There is still a good place for filtering such as phishing, and malware prevention.
-
I have had my pineapples misbehave in the recent past. Like you I have been learning a lot by trial and error. I enjoy figuring out how things work, isn't that what hackers really do?
Some things I have found to help when having issues (slow or non-responsive):
- Wiping the SD Card after a major update.
- Re-flashing firmware
This process seems to get better with every new version released. Hoping that we can preload backed up configurations in the near future to make remote flashing possible without having to have another node on the network to reconfigure everything each time.
-
Taking mental note on checking/updating SSL certs for all sites before Defcon ;)
-
I see what your talking about. I'm trying to do something similar by connecting two Pineapple Routers together, with the new pineapple plug I got at Defcon. This guide is helpful, as it explains the default routing behavior a little more (very important when working with pineapples).
I'm using the First pineapple to setup the internet client connection, as well as a WPA2 (a little more secure) access to manage both routers. Then I use the second pineapple to work the rest of the other attacks, although I can continue to use the first one for recon, and other stuff. Still toying with the whole idea of using multiple fruits to keep everyone on their feet ;)
Modules Requests Discussion
in NANO / TETRA Modules
Posted
Enjoy Wifite goodness,
opkg update
opkg install reaver
wget https://raw.github.com/psyvisions/wifite/master/wifite.py
mv wifite.py /bin/
cd ..
cd /bin/
chmod +x wifite.py
wifite.py -mac -aircrack