Zylla
-
Posts
647 -
Joined
-
Last visited
-
Days Won
46
Posts posted by Zylla
-
-
On 7/6/2019 at 1:26 PM, Mr.miYagi said:
And because i was bored and already experimenting, i tried to flash the newest Nano 2.5.4 img...
Aaaaand its boots up. Im stuck now at the setup screen, it ask to push the reset button to continue, wich i dont have.
I tried already with a few DIP switch combination, but it didn't work. I try now:
- More DIP switch combinations
- Try to find out if some GPIO pins triggers it
- Try ro find out, how i cuould skip this part of the setup
Edit: Reset on Nano seems on gpio12, no DIP switches are 12 on mkv
Stuck at the setup screen?
Here's what worked for me:- SSH to the Pineapple
- jffs2reset
- reboot
This suggestion is meant for you only, in this specific scenario.
-
I suggest trying this IPK which I built for snapshot a while back, especially if there's issues with the other one.
It's built with musl as the C library, which is the default now in snapshot and LEDE.
-
Yeah as Foxtrot is saying there are differences between the Nano and the MKV.
I don't recommend anyone attempt to flash the openwrt builds and expect it to to work!
It might work. But it also might brick your device.
So my comment above recommending @Mr.miYagito try it was because he seemed capable to handle a brick if it should occur.
I'll send you a pm. @Mr.miYagi, so I can try compiling a version of mana for the version of openwrt you need.
-
Given the tools at your disposal you seem fit to handle a "brick" if any should occur.
The MKV uses AR9331 CPU, same as the NANO.
So i would try flashing this firmware:
https://downloads.openwrt.org/snapshots/targets/ar71xx/generic/openwrt-ar71xx-generic-wifi-pineapple-nano-squashfs-sysupgrade.binThat's the latest official snapshot build of openwrt for the pineapple nano.
You might need to install a couple of kmods to get everything setup afterwards, as some components differ between the devices.To build MANA you would need to download the SDK for the snapshot release. Here:
https://downloads.openwrt.org/snapshots/targets/ar71xx/generic/openwrt-sdk-ar71xx-generic_gcc-7.4.0_musl.Linux-x86_64.tar.xzI hope that helps 🙂
BTW: When building MANA. Chose the "light" version when installing on "Non Chaos Calmer" versions, as the main version has a postinst script made for the Pineapple.
-
The pre-compiled MANA packages are built for Chaos Calmer, and will not run run on LEDE 17.X.
It's also built with a different C-library. (uClibc), and your version of LEDE is running musl.
You could download the Makefiles for MANA available on my repo and build it using the correct SDK for the version of LEDE you're using.
Or you could try building a complete new firmware running latest openwrt snapshot, I don't see any reason for it not working.
My MKV died a few years ago, so I'm unable to test anything myself.
-
In normal situations the footprint is comparable with tools like airodump-ng or mdk3/mdk4, and can be lowered even more when disabling deauth attacks.
The PMKID can in some instances even be captured without the AP being present.And yeah, simply capturing traffic when a client connects to the AP will capture the 4-way handshake.
If you let Kismet run for a day at home, you will find that a lot of handshakes have been captured while running.
It even allows downloading the handshakes in the browser. :) -
This reminds me about that epic "90's hacker-movie" that i can't remember the title of! We need an: "Ad-block blocker-blocker"!?
Jokes aside. I have encountered these sites, but haven't debugged exactly what's going on. But i reckon it's just like @Foxtrot says. "It's all client side" -
I'll look into the possibility of porting Fluxion, or create something that does the same on the Pineapples.
I haven't tested Fluxion extensively, so i'll give some feedback asap. ?-
2
-
1
-
-
9 hours ago, i8igmac said:
No one called out 'warcraft ||| reign of chaos'
old school dota was insane.I did a reverse engineer of the tcp protocol, created a ddos style attack to shut down all servers on battle.net by connecting thousands of fake clients to every public server.
And when I created a user list of known admins, these clients where un-kickable/un-bann-able...
After I did this. I felt confident I could accomplish anything.
Haha, cool. I played alot of WC3 and WC3-TFT! Old-school dota was awesome, indeed! :D
Cool hack. Must have pissed off blizz a bit. Did it take them long time to patch it? ^^
Reminds me of some of the hacks done by of the "admins" of the Ownedcore forum's World of Warcraft section.
He went "insane" and killed all players in Stormwind on alot of servers! xD
-
17 hours ago, Rinilyn said:
The red lines arentt errors, they are the commands that i typed(im just trying to show him that i followed steps). Coreutils gets installed but wifite still wont run and “see” it. This is the same session with wifite happening AFTER installing coreutils and sym linking.
.controls arent errors, im am sym linking them (i was desperate i tried everything). I sometimes feel my nano is different than everyone ?
There's no need to sym-link those files, as the error-messages is a "false-positive". (Due to the reasons i explained above with the overlay filesystem.)
You will get those error messages with any IPK you try to install on the Nano, but they can safely be ignored. The installed IPK still works.That being said, i just tested Wifite2 on my Nano. (factory settings with usb-stick mounted as /sd)
Here's my process step-by step, for the nano. And it works flawlessly:opkg update ; opkg install coreutils-stty -d sd mkdir -p /sd/gits ; cd /sd/gits git clone git@github.com:derv82/wifite2 python wifite2/Wifite.py
Results:
-
2 minutes ago, Rinilyn said:
i really need this working man. this is everything i did after a fresh reset. @kbeflo
( i sym linked git too). i also tried other interfaces after the pictures. same results.
The issue with Wifite2 in the first screenshot comes from not having installed coreutils-stty.
In the second screenshot i can see you're installing it. So i'm a bit puzzled. Does it happen after installing coreutils-stty?
And by the way, i saw you drew a red line around some errors in the second screenshot. Those are not actual errors that are causing the Nano to misbehave.
Those errors appear on every package you try to install with OPKG on the Nano. I guess the overlay filesystem is fooling opkg to think that something is wrong, when actually it's not.
So every line that contains: .prerm / .postinst / .list / .control can safely be ignored on the Nano. Nothing is actually wrong. -
18 hours ago, haze1434 said:
You're better off writing your own nowadays. They can't fingerprint what they don't know exists
Yeah i know! But after the obfuscation, and the all the heavy anti-debugging was added, it's a nightmare injecting/attaching anything into WoW without crashing it.
But i'm still trying! :D-
1
-
-
31 minutes ago, Just_a_User said:
I used to play a lot of WoW, then some then not a lot. Before my daugher was born my wife (aso a WoW player) and I leveled out mains to 100 before signing out. Maybe one day we will get back online.
Did you follow the honerbuddy saga? https://www.thebuddyforum.com/threads/the-sad-news-honorbuddy-and-others.411956/
Sounds exactly like my story, except my wife and i continued playing after our daughter was born in 2014. But not nearly as much as before.
We both had all classes (13 characters) leveled to 110, and then we both got a 6 month suspension on our accounts. This is two months ago.
We were using FireHack, which is a LUA-unlocker. And i wrote combat-rotations for our characters, which got quite popular in the community.And yeah, i had a lifetime sub. to HonorBuddy, which i purchased in 2007. But i stopped using it around 2010-2011 because Blizzard targetted them so much, and it was almost guaranteed perma-bans.
Rumour has it that Blizzard really upped their game on the anti-cheat stuff. We've heard talk about that exact department within Blizzard tripling the amount of employees, and now with HonorBuddy out of the picture i think it's really easy for Blizzard to target other stuff (client-side).
I also have no doubt they're testing out some Artificial Intelligence software to detect stuff server-side as well. Papers released several years ago describes having no problems detecting bots, and that's without AI-software. (link to paper)Blizzard also implemented the same anti-cheat system that Overwatch has with patch 7.3 a little while ago, which also added obfuscation and heavy anti-debugging to the client.
This also killed alot of other cheating software, like oLUA (free lua-unlocker), and many other projects.
FireHack was the only one that managed to pull through this, but we had a detection two months ago approx.
God knows how many hidden detection stuff they might have added to the client. And they're not always active either, so it's hard to track it.-
1
-
-
World of Warcraft! No doubt.
I've been playing it since the early European "closed beta" in late 2003/ early 2004 to this day.WoW also sparked an interest in me for developing and reversing software. So i've been developing "addons" for WoW for a while now, and reversing Blizzards anti-cheat system; as it's basically behaving as malware. And i enjoy finding out how it's working and the stuff they're scanning on your computer.
-
1
-
-
I've uploaded it to a github repo. with a little tutorial to get it up and running on a fabric-reset Pineapple Tetra.
Usage on the Nano should be the same, except using the SD-card for storage/installation stuff.
(For example adding --dest sd to all the opkg install lines)The custom hostapd and wpa_supplicant is readily cross-compiled for the device with the same source-files that are in the directories.
I've also included a enable-hwcrypto.sh script, to reset the changes made when you disable it.And a last thing: When you've enabled/disabled hwcrypto you will need to reboot to get the changes.
Please test it, and report back any changes you'd like to see. :)
-
I'll be a honest. I haven't studied his attack into details, but it's starting to look a bit interesting now after i got it working on my Tetra.
It says that the hostapd version he's' using is patched. It'd be interesting to merge these patches with hostapd that already has the Karma/Mana patches.
We could then find vulnerable clients without having them to connect manually. Which i'll actually start doing some testing on.
This also gave me some tips for possibly improving my scripts for the Mana attack. Sweet. :)
-
Yeah. I've got the script/attack working on my Tetra now.
Just need to compile everything, and make a tutorial on how to set it up.
Screenshot when testing on my iPhone 7+ connected.
-
On 2.12.2017 at 11:26 AM, coolcow said:
Would a tip help you to rearrange the priorities on your schedule... ? :D
I don't want to sound like a douchè here, but yes it actually will help.
To be honest, me and my wife are having a tough time here economically, so i'm having to prioritize working on stuff that gives a bit of income over other stuff. -
I'm working on it. :)
Have a lot on my schedule though so progress is a bit slow.
-
If we're talking about something that's "reasonable": i'm suggesting a microwave, or as we used on my old workplace: this insane magnet, built for destroying data on HDDs.
We need to consider the time you have to react when your house is being raided by feds. (If they know your "1337 haxer skillz" they might be ready for you to pull something like this off.)
It's seconds!
So, either a microwave next to your computer, ready to go.
Or some custom rig with a trigger that will ignite some thermite around the HDDs. (Saw this in a video a long time ago)If you have time on your hands the 3-pass should be fine.
-
On 18.11.2017 at 6:07 PM, maximusgoliath said:
But it won't work on my Nano. Tried interface 1,2,3 and 9 always the same exception occurs:
[+] looking for wireless interfacesPHY Interface Driver Chipset
-----------------------------------------------------------------------
1. phy1 wlan2 Atheros AR9271 ath9k
2. phy2 wlan1 Atheros AR9271 ath9k
3. phy0 wlan0-1 Atheros AR9330 ath9k
4. phyX IEEE Unknown Unknown (MONITOR MODE NOT SUPPORTED)
5. phyX 802.11bgn Unknown Unknown (MONITOR MODE NOT SUPPORTED)
6. phyX Mode:Master Unknown Unknown (MONITOR MODE NOT SUPPORTED)
7. phyX Tx-Power=17 Unknown Unknown (MONITOR MODE NOT SUPPORTED)
8. phyX dBm Unknown Unknown (MONITOR MODE NOT SUPPORTED)
9. phy0 wlan0 Atheros AR9330 ath9k[+] select interface (1-9): 9
[+] enabling monitor mode on wlan0... enabled mon0[+] Scanning. Found 0 target(s), 0 client(s). Ctrl+C when ready
[!] Error: Airodump exited unexpectedly! Command ran: airodump-ng mon0 -a -w /tmp/wifiteRpkuXu/airodump --write-interval 1 --output-format pcap,csv[!] Full stack trace below
[!] Traceback (most recent call last):
[!] File "Wifite.py", line 201, in <module>
[!] w.main()
[!] File "Wifite.py", line 39, in main
[!] self.run()
[!] File "Wifite.py", line 83, in run
[!] s = Scanner()
[!] File "/sd/wifite2/py/Scanner.py", line 38, in __init__
[!] % ' '.join(airodump.pid.command))
[!] Exception: Airodump exited unexpectedly! Command ran: airodump-ng mon0 -a -w /tmp/wifiteRpkuXu/airodump --write-interval 1 --output-format pcap,csv[!] Exiting
[!] disabling monitor mode on mon0... disabled mon0
[!] putting interface wlan0 up... done
[!] restarting NetworkManager... restartedHoly moly, that's alot of interfaces!
Have you upgraded your version of aircrack-ng on the Pineapple?
This output looks alot like the bogus output you get after upgrading to another version of aircrack-ng, not using the airmon-ng customized for the Pineapples. -
1 hour ago, maximusgoliath said:
First of all, thank you for your work!
Any Idea what I‘ve might be missing here:
root@Pineapple:~# cd /sd
root@Pineapple:/sd# cd wifite2/
root@Pineapple:/sd/wifite2# ls
LICENSE README.md Wifite.py py runtests.sh
root@Pineapple:/sd/wifite2# ./Wifite.py
-ash: ./Wifite.py: not found
Try "chmod +x Wifite2.py" or "python Wifite.py"
-
Awesome!
-
I'd be very interested to see your notes, as i've been thinking about this for a while. :)
I actually downloaded gps2ip a while back, but i never really got around to testing it really thoroughly.
[RELEASE] WiFi Pineapple Firmware v2.7.x
in WiFi Pineapple NANO
Posted
Sweet. I'll test it out ASAP 🙂