Zylla
-
Posts
647 -
Joined
-
Last visited
-
Days Won
46
Posts posted by Zylla
-
-
I suggest you read up on what the Pineapple really is, and also what is legal to do, and what's not.
On another note, you don't need to spoof your mac-address to act as another ap, as clients do not care about the mac-address of the access-points they are trying to connect to. -
besside-ng works like a charm for me when doing exacly what you're describing.
It's insanly fast, even on the nano. And catches handshakes within seconds.
It also works on 5GHz channels. So i guess you could launch one process one wlan0mon, and another on wlan1mon that would cover both 2.4 and 5GHz at the same time.
SSH terminal from my phone. But i guess you could write a small script that launches at boot and automatically starts to pwn everything within range. -
You modify the "firmware" which is located on the PC, not the firmware which is on the hardware.
This firmware is responsible for translating alot of the stuff that happens on the wifi-chip.It turns out that by editing the open-source firmwares for these devices, you can create strong DDoS devices, which works alot better, and more stealthier than regular de-auth attacks, or even mdk3 attacks.
And more...Read up, or test it yourself here: https://github.com/vanhoefm/modwifi
-
Yes that would surely help, i was just thinking about temporary stuff that could help him mitigate the problem til it's patched. It was not meant as a permanent fix.
-
The first thing that comes to my mind as it is running linux is: 'nice'
nice is a command that can limit a process/background-process cpu-usage.
which also works quite "nice" (no pun intended) on the Pineapples! :)
Maybe Pinesniffer should be run with that command? :) -
The Tenda U1 has a RTL8192EU chipset (Realtek).
There's no such thing as a "airmon chipset". Or were you perhaps asking if the chipset supported monitor mode or injection?
If so, yes. It does support monitor mode. I'm not sure about injection though.
You might get issues with finding a driver for you linux distribution though, but sources do exist on github, and elsewhere.
By the way, you can get cards that works perfectly for monitor-mode+injection out of the box, for a very low price.
For example the TP-LINK WN722N, which uses the AR9271 chipset from Atheros. I have several of these.
There's also lots of other cool stuff you can do with these dongles. (firmware modding etc.) -
It might seem to be related to a bug several users are experiencing with the kernel version 3.18.x. [link]
Just producing traffic on the SD-card produces something like this:[ 1116.317108] sd 1:0:0:0: [sda] [ 1116.317199] Result: hostbyte=0x07 driverbyte=0x00 [ 1116.317220] sd 1:0:0:0: [sda] CDB: [ 1116.317233] cdb[0]=0x28: 28 00 13 7b 13 08 00 00 f0 00 [ 1116.317297] blk_update_request: I/O error, dev sda, sector 326832904
Here's a command i run on the NANO to trigger it:
root@nano:~# badblocks -e 100 -v /dev/sdcard/sd1
You can then check dmesg for errors.
The SD-card seems to disconnect, and after a second it reconnects with a new device-name each time (sda,sdb,sdc,sdd,etc.)
Dmesg:
root@nano:~# dmesg [191722.800000] usb 1-1.2: USB disconnect, device number 11 [191722.810000] sd 2:0:0:0: [sdc] [191722.810000] Result: hostbyte=0x01 driverbyte=0x00 [191722.810000] sd 2:0:0:0: [sdc] CDB: [191722.820000] cdb[0]=0x28: 28 00 00 1e b5 60 00 00 f0 00 [191722.820000] blk_update_request: I/O error, dev sdc, sector 2012512 [191722.830000] sd 2:0:0:0: [sdc] [191722.830000] Result: hostbyte=0x01 driverbyte=0x00 [191722.840000] sd 2:0:0:0: [sdc] CDB: [191722.840000] cdb[0]=0x28: 28 00 00 1e b6 50 00 00 10 00 [191722.850000] blk_update_request: I/O error, dev sdc, sector 2012752 [191725.890000] usb 1-1.2: new high-speed USB device number 12 using ehci-platform [191726.030000] usb-storage 1-1.2:1.0: USB Mass Storage device detected [191726.050000] scsi host3: usb-storage 1-1.2:1.0 [191727.050000] scsi 3:0:0:0: Direct-Access Generic STORAGE DEVICE 0933 PQ: 0 ANSI: 6 [191727.050000] sd 3:0:0:0: Attached scsi generic sg0 type 0 [191727.520000] sd 3:0:0:0: [sdd] 15187968 512-byte logical blocks: (7.77 GB/7.24 GiB) [191727.530000] sd 3:0:0:0: [sdd] Write Protect is off [191727.530000] sd 3:0:0:0: [sdd] Mode Sense: 21 00 00 00 [191727.540000] sd 3:0:0:0: [sdd] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA [191727.550000] sdd: sdd1 sdd2 [191727.560000] sd 3:0:0:0: [sdd] Attached SCSI removable disk [191727.890000] buffer_io_error: 31 callbacks suppressed [191727.890000] Buffer I/O error on dev sdc1, logical block 557056, lost sync page write [191727.900000] JBD2: Error -5 detected when updating journal superblock for sdc1-8. [191727.910000] Aborting journal on device sdc1-8. [191727.910000] Buffer I/O error on dev sdc1, logical block 557056, lost sync page write [191727.920000] JBD2: Error -5 detected when updating journal superblock for sdc1-8. [191727.950000] EXT4-fs (sdd1): couldn't mount as ext3 due to feature incompatibilities [191727.960000] EXT4-fs (sdd1): couldn't mount as ext2 due to feature incompatibilities [191728.020000] EXT4-fs (sdd1): recovery complete [191728.020000] EXT4-fs (sdd1): mounted filesystem with ordered data mode. Opts: (null) [191728.300000] Adding 1004364k swap on /dev/sdcard/sd2. Priority:-4 extents:1 across:1004364k
-
3 minutes ago, MrBlack911 said:
Agreed. Have asked around for a more, relevant, up-to-date tutorial to be put out that shows any sort of Pineapple attack on anything other than a windows 7 browser in 2012... still waiting.
You can actually run the newest version of SSLstrip on the Pineapples, which defeats hsts. (I posted above 'explaining' how to use it)
Also: There are several other viable attack-vectors one can use against most operating-systems.
Though, your success rate will in most cases depend on the stupidity of your target.
Just running Windows 10 with all updates + anti-virus will not save you against a persistent attacker. Same goes for Linux, OSx, iOS, Android etc. -
As digininja said: your phone/modem is acting as a router to pass traffic to the correct locations.
I have a 4G modem in my home with open ports, and i use both NAT and PAT to set it all up.
If you're unable to open ports, try checking with your ISP if they offer this feature, or if they are actively blocking ports.
I know that i had to change the APN on my modem from the default one, because my ISP was blocking ports on the default one to protect their users.
Ask your ISP if they perhaps use a feature like this, where you enter another APN to allow opening of ports. -
Yeah, what Seb wrote seems to be the case. I tested with my Pineapple while running airodump on my Kali box.
Everything is working on 2.4ghz, and everything actually seems to be working on all 5ghz channels (from the Pineapples point of view)
But the Kali box can only find beacons in the 2.4ghz range. -
Yeah i've noticed the same bug here.
The version info in /pineapple/modules/meterpreter/module.info is the same as the one reported from Module Manager. Strange :P -
3 hours ago, Wendy said:
But am I supposed to be able to use my wifi on my laptop and pineapple at the same time without using ethernet?
Yes! Your PC is sharing it's network-connection/internet to the Pineapple through the USB interface.
I'm not sure what could be causing your problems, as i don't have that much information to go on.
Do you have any power-saving features activated perhaps? Like USB or wifi power-saving? -
I'm guessing it could be the regulatory settings, limiting your channels, pm me and i'll hook you up with something to remove those limits :)
-
Wifite works on the Pineapple. Just use SSH.
Just make sure you to install python correctly. I get issues sometimes on the Nano, because the pre-installed python is installed internally, and it messes up a lot with the sd-card.
The solution for me was to just delete the "/usr/lib/python2.7" directory, then re-install python through opkg, BUT make sure it gets installed to the SD-card (opkg install --dest sd)
After installing it again, i make a sym-link from /sd/usr/lib/python2.7 -> /usr/lib/python2.7 = works.
When using wifite2, make sure to install "coreutils-stty".
But i generally recommend wifite-ng. It runs smooth. :) -
Yes. Checkout MANA Toolkit for Kali Linux.
It can take on WPA-EAP (Enterprise) encrypted wifi networks.
I've ported the toolkit in its entirety to the Pineapples, but it's not very user-friendly yet, and you better know what you're doing when installing it. (Manual install)
Github Link: MANA-Pineapple -
You can use a USB-charger. My suggestion is a charger with enough amperage.
I haven't had issues with a normal iphone charger, but i usually use my iPad charger (2 amps), to make sure it gets enough juice :) -
You need to provide a bit more information if you want help.
Quotewhen I try to scan the área only get my own devices
When you say scanning, are you referring to Recon?
Also, are you 100% sure there are other devices within range that should show up?
If so, how far away do you estimate these other devices to be?
You could try testing the module "Site Survey", and check to see if the results differ.
Quoteanother issue is the access point, I can connect to it but does not work
What access point are you referring to? The wireless administration network that the Pineapple is broadcasting, or another one?
If you're talking about the Pineapples administration network: Do you get an ip-address when connecting to the network?
Are you able to ping the Pineapple (172.16.42.1) when connected? -
I highly recommend sqlmap.
-
A microwave actually! That explains why it was working just fine at my office, and not at home (where i do most of these tests.)
I live quite far from the city, and the only wifi traffic here is mine. So that's probably why i was experiencing it almost all the time then.
Well i'm glad you managed to figure it out! Looking forward to the update :) -
It would probably help us help you if we could see this simple redirection script you wrote.
As something must clearly be happening that triggers that specific error message. How exactly are you redirecting? -
Just a heads-up. The binary i copied from my Tetra was for version 1.1.0. (The one that works)
The same problem happens on my Tetra when i upgrade it to version 1.1.1!
Here's a output from my upgraded Pineapple Tetra (1.1.1)
root@tetra:/tmp# pinesniffer wlan1mon 15 2 /tmp/recon-test [*] Pinesniffer started on wlan1mon, running for 15 seconds terminate called after throwing an instance of 'std::out_of_range' what(): basic_string::erase Aborted -
lmao... i tried to copy the pinesniffer binary from my Pineapple Tetra over to my Pineapple Nano, because i saw their filesize differed a bit, and i know they can run the same executables.
And now it's working as intended!I get no errors when i execute it over SSH, and it's output in the web-interface is now displaying as intended!
-
I have been experiecing lots of problems with my new sd-card after i upgraded to 1.1.2.
This was not happening on 1.1.1 when i used this sd-card, but i did experience the same bug with my old sd-card on version 1.1.1.
And it was the reason i purchased a new card.
Right after i updated to 1.1.2 i had to format the card because my Nano was full of errors in the dmesg output.
Formatting the card helped, but i still get these "disconnect" errors whenever i read/write from the card, and the card then connects again with a new device-name each time.
This makes it difficult, if not impossible to run scripts that are saved to the card, for example Wifite...
Here's a pastebin of my dmesg when it happens. (Times of interest: 16sec, 22sec, 30sec, 182sec.)
I booted the Nano, and ran this command to trigger the bug:root@nano:/sd# cd /sd/ ; cat `find -name *.*`
Normal output appears for a few seconds, and then this output appears:cat: read error: Input/output error cat: read error: Input/output error cat: read error: Input/output error cat: read error: Input/output error cat: can't open './modules/RandomRoll/assets/logs/randomroll.log': No such file or directory cat: can't open './modules/RandomRoll/module.info': No such file or directory cat: can't open './modules/RandomRoll/module.html': No such file or directory cat: can't open './modules/Deauth/lists/whitelist.lst': No such file or directory cat: can't open './modules/Deauth/lists/blacklist.lst': No such file or directory -
Hi there.
I upgraded to 1.1.2 just recently, and have been experiencing some issues with Recon. It freezes at 100%, without any results showing. I'm also forced to press stop, regardless of the timer i set.
The strange thing is that it occasionally works! But that's like 1/20 times.
While i was debugging it, i noticed that /tmp/recon-$scanID was empty.
So i tried to execute the Recon command manually over SSH, and got this output:root@nano:~# pinesniffer wlan1mon 15 0 /tmp/recon-test_15 [*] Pinesniffer started on wlan1mon, running for 15 seconds terminate called after throwing an instance of 'std::out_of_range' what(): basic_string::erase Aborted root@nano:~# pinesniffer wlan1mon 30 0 /tmp/recon-test_30 [*] Pinesniffer started on wlan1mon, running for 30 seconds terminate called after throwing an instance of 'std::out_of_range' what(): basic_string::erase AbortedWhen i attempt to run the command on my Tetra it works as expected, and the temp file contains the correct output.
Can't compile openwrt-pineapple-nano
in WiFi Pineapple NANO
Posted
I suggest trying: openwrt-ar71xx-generic-ubnt-nano-m-squashfs-sysupgrade.bin
And no, there's no Pineapple UI in this firmware. This is just the openwrt source codes, with the changes they have made to make it build on their hardware.