[Pixie Dust attack with Pineapple?]

I've been trying to get the Wifi Pineapple to be able to perform the pixie dust attack for quite a while, and I can't seem to be able to. I'm thinking the problem is with the modified Reaver you have to install, but I can't be sure.

I've followed this guide: http://matthewhknight.com/autopixiewps/

(In case the link above is remove or something, just google AutoPixieWPS)

On my PC and Laptop it works flawlessly, but whenever I try this on the pineapple, I'm no longer able to pick up WPS.

If anyone has gotten this to work, or has any ideas, please let me know. Thanks.

I'm sure the user datahead is working on this if i remember correctly there was a post on HF about it.

[MK5 refusing AP connections after period of time.]

I think there is still an issue with the current firmware.

I posted about my problems last year in this thread :-

https://forums.hak5.org/index.php?/topic/34070-how-can-i-help-the-mk-v-be-more-reliable/

I flashed my WiFi Pineapple last night with V2.3.0, left it running in my car at work... exactly the same as in the post linked above... and after a handful of hours you cannot connect to either the wlan0 open access point, the management (secured) access point or any of the PineAP created/spoofed SSIDs.

You can see all the available SSIDs being broadcast... but you cannot connect to them. I've tried on my Android Phone, an Android tablet, an iPhone and a Windows laptop.

A reboot will fix the problem, as will disabling and enabling wlan0 (and then restarting Karma and PineAP).

I am also facing an issue like this, If i leave pineapple running on the original power supply after so long it seem's the pineapple just doesn't respond i can login in to the inferface but the only way to get a connection working is a reboot.

I have also noticed that wlan2 keeps randomly disconnecting.

[[Infusion] WiFi Locator]

Yes, sorry for the long delay. Was in the middle of moving and switching jobs. Going to start back up on this. I will release it within the next two weeks. Development had stopped for a bit, but I am going to pick up where I left off today.

That's great news looks very good.

[Something awesome for €/£/$100]

Yeah everything else forum, so let us have a laugh shall we?

I've €100 to spend, this has to include the cost of something and it's shipping.

So suggest fun, unusual, strange things!

Go nuts.

RIght now i would suggest raspberryPI2 not very unusal or strange but fun as hell.

[Attacking WPS Offline with PixieWPS]

If the AP is not vulnerable it will likely say something like Key not found at least it did for me.

i did a demo video of me using it right now i don't have a AP i can test on my router is bricked due to a firmware update now.

https://www.youtube.com/watch?v=4UaGeXytkVg

Also might give AutoPixieWPS a try http://matthewhknight.com/autopixiewps/

Just wondering if you have treid this on the wifipineapple it's self.

[WPSPin.sh]

I have been using this script for a while now, just a shame it doesn't work over ssh, definitely something the pineapple could benefit from.

Here's v1.5 if any one is open for editing it to work over SSH

http://goo.gl/pY1GUa

Ops added wrong link.

[Getting started with the RasPi B.... FruityWifi?]

Hm I used Unetbootin under Windows. :)

Tried win32diskimager and now it boots, finally.

Installed FruityWifi now via apt (apt-get install fruitywifi) though I don't get the wireless-service enabled in the FruityWifi-config.

Are there any known probs with those NICs?:

Bus 001 Device 015: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter

Bus 001 Device 014: ID 0cf3:9271 Atheros Communications, Inc. AR9271 802.11n

Bus 001 Device 011: ID 0bda:8179 Realtek Semiconductor Corp.

I would re-install your OS start with the new version 1.1.0 https://www.kali.org/downloads/

Then test your wireless manually first if it works, then install fruity wifi if it fails you know where the issue is.

airmon-ng start wlanX
ifconfig wlanX down
Test injection with aireplay-ng -9 mon0

[Darren's Hack Across Europe 2015]

Waiting for an update on the london location then decide.

Hopefully i can make it.

[Wash implementation]

Hi I wan to know, whether "wash" is implemented in the mark 5.

Does it work straight out of the box when I order, or do I have to download wash myself?

If I have to download it, is it a terminal command(sudo apt-get) assuming there is a command line option , or does it come with a general update to firmware?

Is it basically a graphical user thing like most other infusions on the mark 5 or do I have to use it via terminal command on my phone?

thanks.

https://forums.hak5.org/index.php?/topic/31454-support-wps/?p=257115

There is a reaver/wash infusion check the pineapple bar.

[Getting started with the RasPi B.... FruityWifi?]

Hi!

I've 2 RaspPi's (model B) here on the table and it's sunday and I've free time. =) I also have three monitor-mode

compatible wifi-usb-adapters and a active USB-hub and a USB-batterypack... I only need to tinker some USB-to-barrelplug

to connect the hub to the batterypack, too.

So, on one I tried to install FruityWifi... but somehow their KaliLinux-Image won't boot at all (just the red LED is on).

On another SD-card I installed Raspbian which boots, though even after upgrading to FruityWifi 2.1 the interface

in the webbrowser still tells me 1.7... something's fishy there?

So, how do I start with all the funstuff? :) No time/money for a WifiPineapple yet, though, that's why I ask here for other

possibilities :)

Why dont you install kali, directly from here >>>>

http://docs.kali.org/armel-armhf/install-kali-linux-arm-raspberry-pi

Before using fruity wifi your better of learning the manual way of how to do things, that way you know what's going on.

[PHP trouble]

Hello pineapple community.

I'm having trouble with my mark v dnsspoof.

I wrote my own html that pulls credentials from a form and posts them up to a PHP function located in a separate file.

Flow looks like this:

Index.html redirect >> main.html >> form >> login.php(data logged) >> redirect >> back to main.html.

The idea is that the page loads, which once spoofed it does very nicely. But then I push the submit button, the information posts to the PHP and I get a 404E.

Everything is there in html but once directed at any .PHP it 404E's.

I fallowed the phishing tutorial and fallowed every step, but for some reason I keep getting the 404E.

I'm thinking that PHP isn't installed correctly but I'm kind of new to this and have no Idea what I'm doing wrong.

Any help would be greatly appreciated.

Thank you.

I never managed to get dnsspoof to work ever on me pineapple, gave up with it and used

Evil portal front end for Nodogsplash >>>>>>>> https://forums.hak5.org/index.php?/topic/33554-support-evil-portal/

Work's very well.

[[Support] Portal Auth]

@DataHead

Here is a quick script I wrote up to move the dependencies for python to the sd card. It will put them in /sd/depends/ and create symlinks.

#!/bin/bash

if ! [ -d "/sd/depends/" ]
then
        mkdir /sd/depends/;
fi

mv /usr/lib/python2.7/site-packages/bs4/ /sd/depends/;
mv /usr/lib/python2.7/site-packages/requests/ /sd/depends/;
mv /usr/lib/python2.7/site-packages/beautifulsoup4-4.3.2-py2.7.egg-info /sd/depends/;
mv /usr/lib/python2.7/site-packages/requests-2.5.1-py2.7.egg-info /sd/depends/;
ln -s /sd/depends/bs4 /usr/lib/python2.7/site-packages/bs4;
ln -s /sd/depends/requests /usr/lib/python2.7/site-packages/requests;
ln -s /sd/depends/beautifulsoup4-4.3.2-py2.7.egg-info /usr/lib/python2.7/site-packages/beautifulsoup4-4.3.2-py2.7.egg-info;
ln -s /sd/depends/requests-2.5.1-py2.7.egg-info /usr/lib/python2.7/site-packages/requests-2.5.1-py2.7.egg-info;
echo "Complete";

I'll probably include this in the next release.

Worked a treat thanks very much.

[Messages]

Nice, looks a sweet setup.

I sent you a message.

[Evil Portal + Metasploit]

Heyyy anyone can helpme to use the evil portal + metasploit to do a Mac and Windows pentest. Thanks!!

You do realise the forum has a search option, maybe you could adapt this for the MarkV

https://forums.hak5.org/index.php?/topic/30261-practical-use-for-evil-portal-in-a-pentest/

It's a little outdated but will give you an idea.

[Pineapple as router?]

I had considered looking at the documentation but I know that the pineapple is setup differently, that's why I asked here first :)

Is it really stable enough to become your main router i tried it ages just isn't good enough for me.

[A Question About The Range of The Mark V]

Hey guys. I ordered my Pineapple Mark V this week and I'm so excited to see what it can handle. But I'm wondering if I can use it from a remote location. For example, I leave it at home and access it from another home miles away. Is this not possible?

Either a long range antenna or if you can try this.

[Portal redirect not working]

Im not expert but is this why

https://forums.hak5.org/index.php?/topic/33578-evil-portal-setup-adding-the-authtarget-to-a-button/

add a javascript function:

redirectToTagert() {
window.location = $authtarget;
}

add the function to the onclick event for your button:

<button type="button" onclick="sendInfo();return false;redirectToTarget()">Submit</button>

That should work fine

[[Support] WPS]

If you have installed reaver to the sd, it seems to not set itself up properly in the way it symlinks from the sd. If installed to internal its all up and fine.

My proper sd install chain is such.

ssh into the pineapple and Copy paste the following

mkdir /etc/reaver

opkg update

opkg -d sd install reaver

ln -s /sd/etc/reaver/reaver.db /etc/reaver/

ln -s /sd/usr/bin/reaver /usr/bin/

ln -s /sd/usr/bin/wash /usr/bin/

ln -s /sd/usr/lib/opkg/info/reaver.control /usr/lib/opkg/info/

ln -s /sd/usr/lib/opkg/info/reaver.list /usr/lib/opkg/info/

#BULLY

opkg update

opkg -d sd install bully

ln -s /sd/usr/bin/bully /usr/bin/

ln -s /sd/usr/lib/opkg/info/bully.control /usr/lib/opkg/info/

ln -s /sd/usr/lib/opkg/info/bully.list /usr/lib/opkg/info/

Been having issue's with reaver and bully for a while but after doing these commands all worked great, reaver/bully both run as they should.

The only issue i'm having now is, there is no infusion installed for them, not a major one as i prefer cli anyways.

~Thanks DataHead for the fix's :)

[HELP AM I GETTING DDoS'd?]

Restart your router hopefully that will change your IP if not contact your service provider and explain your situation and they will change your IP for you.

Hey, my internet has been recently running VERY slow, I tried restarting the router and everything it doesn't help. I'm on WiFi. Every time I check the status of my wireless it shows me millions-billions of bytes received within in minutes of connecting. I don't have a virus because I haven't downloaded anything, I have scanned my laptop several times using several software, and also have wiped my laptop as well. Here is a picture of how many bytes were sent/received within 3 hours of connecting.

Is this a DDOS attack? If it is/isn't what can I do to help me fix this issue? Thanks in advance

I have uploaded the picture so please check it out in attachments.

Untitled.png

Update: I checked again at the status its now at 2 billion + bytes received at 3:55 hours of being connected it keeps increasing like 1 million bytes per 1-2 seconds.

[sslstrip not working in 2.04]

hi,

It seem that sslstrip is not working in version 2.04 it start normal, but it wont strip ssl of on normal sites,

I do not know what i am doing wrong.

Pam

It does work depends which site, if your hoping for facebook an that sort of site not poss im sorry.

Browsers these days use HTTP Strict Transport Security (HSTS) which prevents attacks from sslstrip. I have only been able to make it work with Safari on a MacBook. SSLStrip+ apparently defeats HSTS but I have not tried it personally. You could probably set up an evil access point with Kali Linux on a Raspberry Pi and run SSLStrip+ to get the results you want.

You mean this https://github.com/sensepost/mana/tree/master/sslstrip-hsts

Only issue is it wont work if the websites are cached.

[New hacker group]

What is it all that you want to learn, cause saying thing's like security mean so many different things.

There's tones of already resourced stuff out there ie google, youtube what more help could any one need.

I think maybe setup an irc channel or something, skype is crap for group stuff.

[Aircrack-ng revisited]

I wouldn't really use windows for wifi hacking as far as i know windows doesn't do injection , best to use Kali-linux in a VM or boot it live , as for adapter the most widely used has to be the Alfa awus036h i have 2 and they are great.

[Webinterface doesn't load]

Install one after one and test it

I was hoping there was a better way, but thanks very much.

[Webinterface doesn't load]

Disable your browser extensions and try again. It sounds to me like you have a bad infusion installed or you broke the web interface code somehow, I suggest a re-flash

Is there any way to find out which infusion broke it ?

[Webinterface doesn't load]

Those errors look like there may be a browser extension that is throwing errors which in turn breaks some JavaScript on the WiFi Pineapple.

We have seen similar results with people who have caught themselves a virus, downloaded some weird broken extension or have messed with some of the Pineapple code.

Take a look at this thread under "Webinterface Issues".

Failing that, it may be possible that there is an infusion which breaks the something - but I think more people would have noticed this.

What browser are you running?

Best Regards,

Sebkinne

I have tried this under FF33 and chrome both on ubuntu, and my galaxt tab3

Same results.