Jump to content

johnjdoe

Active Members
  • Posts

    39
  • Joined

  • Last visited

  • Days Won

    2

Profile Information

  • Gender
    Male
  • Location
    Belgium
  • Interests
    Pentesting, security, networks

Recent Profile Visitors

1,883 profile views

johnjdoe's Achievements

Newbie

Newbie (1/14)

  1. http://seclists.org/bugtraq/2015/Aug/52 Moderator notice: This issue has been fixed in version 2.4.0 of the WiFi Pineapple firmware.
  2. Thank you for your effort! :-) Unfortunately I could not discover the promised mitm proxy ... Did your plans change?
  3. I can confirm that MITMf works fine against some SSL targets. When HSTS is used it depends on the browser too, but I can confirm that with an older version of Chrome an SSLStrip attack against mail.google.com accomplished his objectives. I hope that Seb will include a working MITM proxy in the Pineapple as promised ...
  4. Kevin Mitnicks live hack at CeBIT Global Conferences 2015: Pineapple is used starting minute 38 ...
  5. I thought this too but as I told/asked in https://forums.hak5.org/index.php?/topic/33488-got-pineapnot-pineapple-questions-let-me-answer-them/page-5#entry256968 , it seems that there's a problem or even a bug: When I connect an external USB WIFI (what I bought at Hak5 with my Pineapple) it appears in the GUI as WLAN2. I enable WLAN0, WLAN1 and WLAN2 and put WLAN2 in client mode. After connecting it, WLAN1 and WLAN2 are disabled and the client connection is established with WLAN0! Do you have perhaps other (more promising) experiences with an external wlan2?
  6. Or was it the answer to my textual question? So, DNS hosts => YES, URL => NO ...
  7. Is this one the "first" for you? Because the other "first" was already in the config as an example ... domain2.com/sub *.domain1.* Thanks!
  8. Hi, is it possible to use DNS hosts or even URLs in DNS spoofing? Like this: 172.16.42.1 example.com domain2.com/sub *.domain1.* google.com bing.com Thank you in advance for your answers!
  9. Thank you Crazy52! This worked fine. Here is the result: root@Pineapple:~# route add default gw 172.16.42.42 br-lan root@Pineapple:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 172.16.42.42 0.0.0.0 UG 0 0 0 br-lan 172.16.42.0 * 255.255.255.0 U 0 0 0 br-lan root@Pineapple:~# ping www.google.de PING www.google.de (194.78.99.158): 56 data bytes 64 bytes from 194.78.99.158: seq=0 ttl=57 time=26.155 ms 64 bytes from 194.78.99.158: seq=1 ttl=57 time=25.901 ms And the clients have internet access too now. :-) But now the question: Should this not work automaticly? It's nowhere documented ... In view of the problems that I have (see my post from yesterday) with the network and after reading some other posts, I ask myself if there are possibly bugs in the firmware 2.2?
  10. Hi all, I followed the instructions from here: http://wiki.wifipineapple.com/#!ics.md The result is the following: Pineapple Netmask [255.255.255.0]: Pineapple Network [172.16.42.0/24]: Interface between PC and Pineapple [eth0]: Interface between PC and Internet [wlan0]: Internet Gateway [192.168.1.1]: IP Address of Host PC [172.16.42.42]: IP Address of Pineapple [172.16.42.1]: _ . ___ \||/ Internet: 192.168.1.1 - wlan0 ( _ )_ <--> [___] <--> ,<><>, Computer: 172.16.42.42 (_ _(_ ,) \___\ '<><>' Pineapple: 172.16.42.0/24 - eth0 On the Pineapple, the internet connection is not working: root@Pineapple:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.16.42.0 * 255.255.255.0 U 0 0 0 br-lan root@Pineapple:~# ping www.google.de ping: bad address 'www.google.de' On the Linux machine it is: root@Eniac:# route Kernel-IP-Routentabelle Ziel Router Genmask Flags Metric Ref Use Iface default 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0 172.16.42.0 * 255.255.255.0 U 0 0 0 eth0 192.168.1.0 * 255.255.255.0 U 0 0 0 wlan0 root@Eniac:# ping www.google.De PING www.google.De (173.194.66.94) 56(84) bytes of data. 64 bytes from we-in-f94.1e100.net (173.194.66.94): icmp_seq=1 ttl=46 time=39.9 ms 64 bytes from we-in-f94.1e100.net (173.194.66.94): icmp_seq=2 ttl=46 time=43.2 ms 64 bytes from we-in-f94.1e100.net (173.194.66.94): icmp_seq=3 ttl=46 time=43.5 ms I always tried different methods to give clients access to internet (see my posting from yesterday): client mode WLAN1, client mode WLAN2 and now over sharing it from a computer via eth0. Nothing! :-( Do you have perhaps an explanation for this behavior or some more tips? Thank you in advance!
  11. I have some questions / problems with my Mark V (latest release): 1. Question: Is it normal that the blue and red LED are not (always) on even when WLAN0 and WLAN1 are enabled in the GUI? 2. Questions: Is it right that I have to enable WLAN0 for sending SSIDs that I have collected or entered manualy in PineAP? Is it right that I have to enable Dogma and MK5 Karma too for distributing these SSIDs? 3. Problem: On a Win7 target I can see temporarily the manualy entered SSID but it disappears after a second or two. Then appears again and disappears etc. Do you have an explanation for this effect? 4. Problem: An other time I saw on a Win7 target these SSID constantly but when I tried to connect to it, it didn't work. In the Syslog I saw just: Jan 28 14:21:11 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: Station tried to associate with unknown SSID 'TEST' Jan 28 14:21:11 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: authenticated Jan 28 14:21:10 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: Station tried to associate with unknown SSID 'TEST' Jan 28 14:21:10 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: authenticated Jan 28 14:21:09 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: Station tried to associate with unknown SSID 'TEST' Jan 28 14:21:09 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: authenticated Jan 28 14:21:08 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: Station tried to associate with unknown SSID 'TEST' Jan 28 14:21:08 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: authenticated Jan 28 14:21:06 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: Station tried to associate with unknown SSID 'TEST' Jan 28 14:21:06 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: authenticated Jan 28 14:21:05 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: Station tried to associate with unknown SSID 'TEST' Jan 28 14:21:05 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: authenticated Jan 28 14:21:04 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: Station tried to associate with unknown SSID 'TEST' Jan 28 14:21:04 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: authenticated Jan 28 14:21:03 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: Station tried to associate with unknown SSID 'TEST' Jan 28 14:21:03 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: authenticated Jan 28 14:21:02 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: Station tried to associate with unknown SSID 'TEST' Jan 28 14:21:02 Pineapple daemon.info hostapd: wlan0: STA e0:06:e6:9f:xx:xx IEEE 802.11: authenticated 5. Problem: Sometimes when I try to enable PineAP in the GUI it disables itself some seconds after. No way to enable it again except if I reset the wireless interfaces or reboot the MK V. Do you have an explanation for that? How could I verify / restart it on the CLI? 6. Problem (Bug?): When I connect an external USB WIFI (what I bought at Hak5 with my Pineapple) it appears in the GUI as WLAN2. I enable WLAN0, WLAN1 and WLAN2 and put WLAN2 in client mode. After connecting it, WLAN1 and WLAN2 are disabled and the client connection is established with WLAN0! Here are some entries from Syslog: Jan 28 14:57:42 Pineapple daemon.info dnsmasq[1951]: using local addresses only for domain lan Jan 28 14:57:42 Pineapple daemon.info dnsmasq[1951]: using nameserver 8.8.8.8#53 Jan 28 14:57:42 Pineapple daemon.info dnsmasq[1951]: using nameserver 192.168.1.1#53 Jan 28 14:57:42 Pineapple daemon.info dnsmasq[1951]: reading /tmp/resolv.conf.auto Jan 28 14:57:35 Pineapple user.notice firewall: Reloading firewall due to ifup of wan (wlan0) Jan 28 14:57:35 Pineapple daemon.notice netifd: Interface 'wan' is now up Jan 28 14:57:35 Pineapple daemon.notice netifd: wan (1231): Lease of 192.168.1.15 obtained, lease time 10800 Jan 28 14:57:34 Pineapple daemon.notice netifd: wan (1231): Sending select for 192.168.1.15... Jan 28 14:57:32 Pineapple daemon.notice netifd: wan (1231): Sending discover... Jan 28 14:57:31 Pineapple kern.info kernel: [ 3113.620000] br-lan: port 2(wlan0-1) entered forwarding state Jan 28 14:57:29 Pineapple kern.info kernel: [ 3111.620000] br-lan: port 2(wlan0-1) entered forwarding state Jan 28 14:57:29 Pineapple kern.info kernel: [ 3111.610000] br-lan: port 2(wlan0-1) entered forwarding state Jan 28 14:57:29 Pineapple daemon.notice netifd: wan (1231): Sending discover... Jan 28 14:57:26 Pineapple daemon.notice netifd: wan (1231): Sending discover... Jan 28 14:57:26 Pineapple daemon.notice netifd: wan (1231): udhcpc (v1.19.4) started Jan 28 14:57:25 Pineapple kern.info kernel: [ 3107.690000] wlan0: associated Jan 28 14:57:25 Pineapple kern.info kernel: [ 3107.680000] wlan0: RX AssocResp from 00:14:c1:26:fd:58 (capab=0x411 status=0 aid=1) Jan 28 14:57:25 Pineapple kern.info kernel: [ 3107.680000] wlan0: associate with 00:14:c1:26:fd:58 (try 1/3) Jan 28 14:57:25 Pineapple kern.info kernel: [ 3107.660000] ath9k ar933x_wmac: wlan0: disabling VHT as WMM/QoS is not supported by the AP Jan 28 14:57:25 Pineapple kern.info kernel: [ 3107.650000] ath9k ar933x_wmac: wlan0: disabling HT as WMM/QoS is not supported by the AP Jan 28 14:57:25 Pineapple kern.info kernel: [ 3107.640000] wlan0: authenticated Jan 28 14:57:25 Pineapple kern.info kernel: [ 3107.640000] wlan0: send auth to 00:14:c1:26:fd:58 (try 1/3) Jan 28 14:57:25 Pineapple kern.info kernel: [ 3107.630000] wlan0: authenticate with 00:14:c1:26:fd:58 Jan 28 14:57:20 Pineapple kern.info kernel: [ 3102.090000] device wlan0-1 entered promiscuous mode Jan 28 14:57:17 Pineapple kern.info kernel: [ 3099.330000] br-lan: port 2(wlan0) entered disabled state Jan 28 14:57:17 Pineapple kern.info kernel: [ 3099.330000] device wlan0 left promiscuous mode Jan 28 14:57:17 Pineapple kern.info kernel: [ 3099.260000] br-lan: port 2(wlan0) entered disabled state Jan 28 14:57:17 Pineapple kern.info kernel: [ 3099.210000] br-lan: port 3(wlan0-1) entered disabled state Jan 28 14:57:17 Pineapple kern.info kernel: [ 3099.200000] device wlan0-1 left promiscuous mode Jan 28 14:57:17 Pineapple kern.info kernel: [ 3099.200000] br-lan: port 3(wlan0-1) entered disabled state Jan 28 14:56:47 Pineapple daemon.info dnsmasq-dhcp[1951]: DHCPACK(br-lan) 172.16.42.170 a0:f4:50:53:30:6d android-e92e933ef362b0fd Jan 28 14:56:47 Pineapple daemon.info dnsmasq-dhcp[1951]: DHCPREQUEST(br-lan) 172.16.42.170 a0:f4:50:53:30:6d Jan 28 14:56:46 Pineapple daemon.info hostapd: wlan0: STA a0:f4:50:53:30:6d IEEE 802.11: associated (aid 1) Jan 28 14:56:46 Pineapple daemon.info hostapd: wlan0: STA a0:f4:50:53:30:6d IEEE 802.11: authenticated Jan 28 14:56:03 Pineapple kern.info kernel: [ 3025.470000] ieee80211 phy2: rt2x00lib_request_firmware: Info - Firmware detected - version: 0.29 Jan 28 14:56:03 Pineapple kern.info kernel: [ 3025.340000] ieee80211 phy2: rt2x00lib_request_firmware: Info - Loading firmware file 'rt2870.bin' Jan 28 14:55:30 Pineapple user.notice usb-modeswitch: 1-1.2:1.0: Manufacturer=Ralink Product=802.11_n_WLAN Serial=1.0 Jan 28 14:55:30 Pineapple kern.debug kernel: [ 2992.820000] Registered led device: rt2800usb-phy2::quality Jan 28 14:55:30 Pineapple kern.debug kernel: [ 2992.820000] Registered led device: rt2800usb-phy2::assoc Jan 28 14:55:30 Pineapple kern.debug kernel: [ 2992.820000] Registered led device: rt2800usb-phy2::radio Jan 28 14:55:30 Pineapple kern.debug kernel: [ 2992.820000] ieee80211 phy2: Selected rate control algorithm 'minstrel_ht' Jan 28 14:55:30 Pineapple kern.info kernel: [ 2992.810000] ieee80211 phy2: rt2x00_set_rf: Info - RF chipset 0005 detected Jan 28 14:55:30 Pineapple kern.info kernel: [ 2992.780000] ieee80211 phy2: rt2x00_set_rt: Info - RT chipset 3070, rev 0201 detected Jan 28 14:55:30 Pineapple kern.info kernel: [ 2992.640000] usb 1-1.2: reset high-speed USB device number 5 using ehci-platform Jan 28 14:55:30 Pineapple kern.info kernel: [ 2992.400000] usb 1-1.2: new high-speed USB device number 5 using ehci-platform And DMESG: [ 2992.400000] usb 1-1.2: new high-speed USB device number 5 using ehci-platform [ 2992.640000] usb 1-1.2: reset high-speed USB device number 5 using ehci-platform [ 2992.780000] ieee80211 phy2: rt2x00_set_rt: Info - RT chipset 3070, rev 0201 detected [ 2992.810000] ieee80211 phy2: rt2x00_set_rf: Info - RF chipset 0005 detected [ 2992.820000] ieee80211 phy2: Selected rate control algorithm 'minstrel_ht' [ 2992.820000] Registered led device: rt2800usb-phy2::radio [ 2992.820000] Registered led device: rt2800usb-phy2::assoc [ 2992.820000] Registered led device: rt2800usb-phy2::quality [ 3025.340000] ieee80211 phy2: rt2x00lib_request_firmware: Info - Loading firmware file 'rt2870.bin' [ 3025.470000] ieee80211 phy2: rt2x00lib_request_firmware: Info - Firmware detected - version: 0.29 [ 3099.200000] br-lan: port 3(wlan0-1) entered disabled state [ 3099.200000] device wlan0-1 left promiscuous mode [ 3099.210000] br-lan: port 3(wlan0-1) entered disabled state [ 3099.260000] br-lan: port 2(wlan0) entered disabled state [ 3099.330000] device wlan0 left promiscuous mode [ 3099.330000] br-lan: port 2(wlan0) entered disabled state [ 3102.090000] device wlan0-1 entered promiscuous mode [ 3107.630000] wlan0: authenticate with 00:14:c1:26:fd:58 [ 3107.640000] wlan0: send auth to 00:14:c1:26:fd:58 (try 1/3) [ 3107.640000] wlan0: authenticated [ 3107.650000] ath9k ar933x_wmac: wlan0: disabling HT as WMM/QoS is not supported by the AP [ 3107.660000] ath9k ar933x_wmac: wlan0: disabling VHT as WMM/QoS is not supported by the AP [ 3107.680000] wlan0: associate with 00:14:c1:26:fd:58 (try 1/3) [ 3107.680000] wlan0: RX AssocResp from 00:14:c1:26:fd:58 (capab=0x411 status=0 aid=1) [ 3107.690000] wlan0: associated [ 3111.610000] br-lan: port 2(wlan0-1) entered forwarding state [ 3111.620000] br-lan: port 2(wlan0-1) entered forwarding state [ 3113.620000] br-lan: port 2(wlan0-1) entered forwarding state 7. Question: What is the simplest way to distribute a manualy encoded SSID and to let connect targets to it and to give them access to internet? Sorry for that long post with a lot of question/problems and thank you in advance for your precious help! It's really discouragingly not to see a simple result of catching one single target and giving him an internet access ... :-(
  12. Nice, cause I love some features of CSploit / zAnti. I think you mean that something like that will come with the new MITM proxy? Could you perhaps tell us a little bit more about the roadmap / timeline? ;-)
×
×
  • Create New...