Jump to content

gravityzero

Active Members
  • Posts

    23
  • Joined

  • Last visited

Everything posted by gravityzero

  1. I've searched throughout openwrt and hak5 forums to determine if there are any supported 5ghz micro usb dongles available to the community. My first guess is no, but I'm hoping someone can provide positive information. I know that aircrack-ng on the nano can show 5ghz information. I have done so using a ALFA AWUS052NH. Unfortunately, when using the ALFA card, I also have to use a powered USB hub. I'm looking to monitor 5ghz without all the additional equipment. Suggestions are welcomed.
  2. The best way to learn, at least for me, was watching youtube videos. There are many videos showing the use of both the wifi nano and the older MARK V. Also, it might benefit you to watch videos on using linux to capture handshakes, specifically KALI linux. The pineapple uses most of the wireless features available to KALI linux, just attempts to make them more user friendly. I would recommend youtube videos over any available e-book, but that is just me. I am a visual learner.
  3. It's very odd how this works. I've done quite a bit of research on this issue. For some reason the nano, when being used to repeat a wireless network, is flaky with DNS. Let's say I have an access point in my office building that delivers Internet. I can connect with my laptop and surf away. Now let's say I connect my nano to the same access point and use my laptop to connect to the nano instead of directly to the AP. For some reason, DNS will work sometimes and other times not. I have found a work around, but it is quite a hassle, also I don't remember this being a big deal with the MARK V. The work around is to SSH to the NANO and edit the /etc/resolv.conf using vi. Now put in additional nameservers that reflect working DNS servers. Like "nameserver 8.8.8.8" for google. Or even "nameserver 172.16.42.1". It really doesn't matter which DNS servers you use and you'll want to play around with these options to see what works. It may also help to directly add a DNS to your wifi card's settings. This is allowed in both Linux and Windows without affecting other DHCP settings.
  4. Very interesting question and someone may correct me if I'm wrong. The only way to enable monitoring for a wireless card using the nano is through ssh You would ssh 172.16.42.1 and enter your nano password. In the shell you would type airmon-ng start wlan1 or wlan2 (if you've got a secondary card) Then go back to the GUI and it should allow you to run the program. I really dislike this setup compared to the MARK V, which allowed you to toggle these options inside the GUI. It's really just a matter of adding to the next update or to a new network module. I'm sure others have noticed. Actually some modules on the wifi nano will actually enable monitoring mode without prompting. It's all in how the module is built. I wish all modules would allow you to choose the card you want, but not all do.
  5. I use it for openvpn too. It's a real easy setup. I've made scripts to initiate the vpn session when needed. installing openvpn on the nano is a little different than the Mark V. opkg update. then opkg install openvpn-openssl It is great to be able to make a secure session when needed, say at a coffee bar or other public wifi.
  6. I like the suggestion above. Routing them to a page you've created instead of where they wanted to go. Great point. You could also illustrate poor WPA2 passwords by using the pineapple to capture a handshake and using aircrack to break the captured hash.
  7. I just got a Pineapple Nano in the mail yesterday. I have to say that overall it is a great device. I also bought the Mark V years ago. One area of concern that I hope to get some feedback on is the wireless connectivity speeds. Using the Pineapple to attach via WIFI to another AP in order to use it's internet access. I've ran some tests last night and this morning. Using wlan1 to connect to an AP that can acheive wireless speed tests of around 20Mbps from a laptop. When using my pineapple as the conduit I am only achieving around 5Mbps up and down. I remember the Mark V having a defective card that caused slow speed issues. I am wondering if others have experienced anything of this sort with their nano pineapple? I'm using the latest firmware v1.1.3.
  8. Yes. I know all about that. I usually use my KALI virtual machine to edit, drag to my PC, then filezilla to the device. I've also found that editing directly from filezilla usually works too. Thanks again.
  9. Thanks a bunch. I will give it a try. I am going to probably modify the file at my leisure and upload through ssh.
  10. I make the necessary changes through vi. When i try to run command "./network reload" I keep getting a permission denied. Any suggestions?
  11. I am just wondering, is there a way to create a script or modify a particular config file on the pineapple to designate fake MAC addresses? They seem to change back to original address very quickly. It gets annoying trying to keep up with them. I had this same issue on certain Linux OS's where they would reset during a connection, which is also not ideal. There is a work around for the Linux OS to make the MAC address at least remain as set throughout the session. I will put this info below if others are interested. If you forget to stop and start the network-manager service, your MAC will change back to the original address at any given time. Don't know if there is something similar for the MARK V. service network-manager stop ifconfig eth0 down macchanger -r eth0 ifconfig eth0 up service network-manager start
  12. So I'm mainly concerned with ALFA cards that tether to the Mark V. Not the directly plugged USB versions. I've noticed that my AWUS036NHR v.2 does not work on the Mark V. Most likely because of power considerations. The card comes with a USB cable that has two USB plugs. I've used this card substituting for a single port USB cable and it works fine from my laptop, but doesn't even show up on the Mark V. Additionally I've got a AWUS036H which works fine with the Mark V. It came with a single port USB cable. Anyone have ideas on if this is a power consideration? I would like to possibly get an A/B/G ALFA Card for the Mark V. I just want to make sure it works before I purchase one. I appreciate all suggestions.
  13. From what I've experienced so far, this attack is extremely limited in scope. The claims of the attack should work against both Ralink and Broadcom. It appears that maybe the Ralink portion is true, but I've yet to find one to test it on. I have been able to locate numerous Broadcom routers and none of them are vulnerable. I was able to gain a spreadsheet from the software release noting vulnerable routers and from their own admissions, no Broadcom router was verified. I'm not saying that it does not work against a Broadcom router, but I personally have not verified it, nor have I seen one specifically listed as being vulnerable. I think this tool will perhaps become more useful over time. I also appreciate all those that work so hard on the code. It is greatly appreciated. I am also not sure that I'm using the tool correctly, especially on the Broadcom units. I will list my parameters below and maybe someone can verify. I'm running a "reaver -i mon0 -c x -b xx:xx:xx:xx:xx:xx -vv" command against Broadcom APs. I think the -S option is only used on Ralink APs. I'm running a "pixiewps -e PKE -r PKR -s E-Hash1 -z E-Hash2 -a AuthKey -n E-Nonce" command in PixieWPS. I am of course using the key values provided by modified Reaver in the appropriate fields. I've obtained the PKR value from the M2 message in WireShark, using edit -> copy -> value. Then paste into PixieWPS command. I would be happy to post the AP information for the ones I've already tested. So far I've checked over 10 APs, including 4 different Broadcoms. None have worked.
  14. Thanks for the info DataHead. I'm experiencing issues with this feature of the pineapple. I setup a secured management SSID "Tater" , as you say on wlan0-1. I can connect to it and manage, so it is all good. Next I setup the open SSID "KavaKava" and I verify that it is indeed open. Now comes the issues. I next establish a client mode connection using wlan2. This connection is made to a secured AP. wlan2 is an Alfa usb card I've added and I establish this connection to provide internet to those connecting to "KavaKava" , the open network. As soon as this connection is made, I've noticed that "KavaKava" is no longer an open network. Not only is it now secure, but it takes on the password of the secured AP. So how can I provide internet to clients via an open SSID, without using eth0 ?
  15. I've got a Reaver question for some of the veterans. I've been attempting to break a WPS pin with Reaver for a few weeks now. The AP appears to be a Cisco from the MAC address. I start a Reaver attack and put in several delay tactics to slow down the attack. The attack will run for around two hours and then I start to get "WPS transaction failed (code : 0x02) retrying last pin" Since the attack is automated, it continues to run. It still receives the M1 messages for another 30 minutes or so, but then quits even getting that far. Wash reports that the AP is not locked, but my results suggest otherwise. After 12 hours or so, I can restart the process all over again. Has anyone ever seen an AP quit responding without WASH reporting a lock?
×
×
  • Create New...