sud0nick

Considering one module is made for both devices (meaning the same code is used on both devices) it would not make sense to separate the threads. A change in code for the NANO would also appear on the TETRA and vice versa. If there is a problem with a specific device then I would do what Foxtrot stated and simply include the device you are using in your post.

I've been working on this all day and I think I got my hopes up too high for Bettercap. It seems like a great tool and definitely has a lot of modularity but it still doesn't conquer HSTS. I'll lay out the testing environment I used today and what I experienced. If anyone else has better results please let me know how you accomplished them. Method 1: • Setup Backbox Linux with Bettercap on my home network containing multiple end user devices. • Access websites with MBP and Windows 10 desktop which are connected to the same network. Method 2: • Using Backbox Linux, hostapd, dnsmasq, iptables, and the Alfa AWUS036NEH, I set up an AP on my laptop to become an actual MITM. • Connected MBP to evil AP. The following commands were used during both methods: bettercap -X -I wlan0 bettercap -X -L wlan0 bettercap -X --proxy-https -I wlan0 The first command tells Bettercap to sniff all traffic in the subnet associated with wlan0 (in this case 192.168.1.0/24). Bettercap immediately found a bunch of targets (including my NAS, Domain Controller, Printer, laptops, phones, etc) and began displaying a bunch of traffic. I hopped on my MBP to see what would be captured when I browsed the internet but the network was brought to a halt. So I switched to my desktop and found the same issue. I pressed Ctrl+C in Bettercap and after a few seconds it stopped and my network came back up. I tested this out a few more times throughout the day and at various points the network was either down completely or dragging very slowly, while at other times it seemed to work just fine. I did notice if I killed the connection to my VPN on Windows that I could get back out to the internet (didn't try on my MBP) but this only worked once or twice. Most of the time I couldn't browse to any sites at all. Then I attempted to use Method 2 and the second command (with -L to sniff local traffic on my laptop) and it seemed when I connected my MBP to the evil AP it was able to get out to the internet just fine. All of the traffic was logged with the protocol being used but since everything was HTTPS I couldn't view any of the data. The final command I used (this time using Method 1 again) enabled the HTTPS proxy server in Bettercap. This is a really cool builtin feature but it didn't work out as I had hoped. I hopped back on my MBP, and my desktop, and noticed the network was super slow again. I browsed to www[.]facebook[.]com, https://www[.]facebook[.]com,and https://wwww[.]facebook[.]com. The one with four w's seemed to work until I noticed on my MBP that Chrome had the "Your Connection is Not Secure" message. I clicked the "Advanced" link hoping it would let me bypass the invalid certificate but it said due to HSTS I wasn't allowed to continue. I tried to browse to a couple different sites, including these forums, on my desktop but nothing loaded as if I wasn't even connected to the internet. Like I mentioned before I was able to see src, dst, proto, and url so I was able to tell that my wife was spending all day on Facebook on her phone but I got nothing beyond that. I probably missed a couple steps in this post but it's difficult for me to condense all of the setup, troubleshooting, and testing to a few lines. If I wasn't clear enough about my testing I'll be glad to answer any questions you may have. Overall it seems like a great tool but it certainly doesn't defeat HSTS and I'm kinda bummed it slows down the network so much.

Which modules in particular? Are you installing them to the SD card if it gives you the option?

It depends on what you want to learn about. I have some tutorials up for the NANO and TETRA but they are only for my modules. You'll probably see more appear as time goes on since these are new devices. Not even all of the modules that were available on the MKV are fully functional on the NANO/TETRA yet.

That's because you are following MKV tutorials. They should still be valid but the interface will be different.

You can find everything you need here. If you are still having trouble then give us as much information as you possibly can. What flavor of Linux are you running? How are you powering the TETRA? Do you see the default AP when the TETRA is on? etc...

The search function doesn't work as well as I once thought. Here is the thread shadowmmm referenced: https://forums.hak5.org/index.php?/topic/37142-questions-about-wp6sh/

I'm glad you did a lot to troubleshoot and documented that here but I think you did too much. Simply plug the USB Y cable into your computer (assuming your USB ports aren't dead), wait a few minutes, and you should see a new network adapter appear on your system that says "Realtek USB FE Family Controller". You may need to disable your main internet connection at first to get to the Pineapple. What I mean is sometimes I can leave both my WiFi interface and the Pineapple interface on and still get to 172.16.42.1. At other times I have to disable my WiFi interface for Windows to understand I want to go to the 172.16 network and not my 192.168 network. From there you should be able to get into the web interface and set everything up normally.

You could do it yourself.

It should go without saying but I hope what you are doing is all legal and with the permission of the owners of the AP / portal. If not then I recommend you don't do it.

Nope. I haven't been able to SSH in on mine when this happens. It hasn't happened in the last couple days so hopefully it stays that way.

I thought I read somewhere on the forums that someone was working on this already. If I find it I'll edit my post with the link. Edit: According to this post it looks like you found it.

The current release is a stable release. You can absolutely do this, however, you will not be able to clone the database that contains the expected usernames and passwords. If that were the case we wouldn't need to trick the user (except to maybe get a plaintext version of a hashed password). The demonstration you are talking about shows a special injection set I created to grant users an access key to further portray a valid captive portal. The .exe they download to get that key executes a root shell on their system so you can access it. This functionality is not dependent upon any particular captive portal and can even be used on a cloned website. You can definitely clone the portal pictured in your post and use that to get the user's credentials. However, Portal Auth will not automatically send those credentials to the original portal so you will have to first authenticate your Pineapple on that AP or by some other means (i.e. 3G/4G modem) to give your target users internet access after they give you their credentials.

Neat! I've used py2exe in the past but didn't know about ps2exe. I'll have to check it out.

It's only similar to Kismet in the sense that it looks for wireless networks around you. The difference here would be that coordinates would be associated with the AP so the data could be displayed over a map.

You must have missed my edit. Everything works.

hmmm...for some reason I still don't see the updated Networking module even though bored369 said he was able to update and the problem was fixed. Nevermind. I just saw the firmware upgrade. Everything works now, thanks!

I've had to do that quite a bit. It doesn't happen every time but it happens a lot.

I don't know if it's a driver issue because the NIC works just fine but when I associate to my AP within the Networking module it does everything but pull an IP and set routes. Looking through UCI everything is configured properly and looking through dmesg it appears to have associated just fine. I just can't get out to the internet until I manually configure the IP and routes. Thanks for looking into it. Edit: Thanks, Darren. I don't see it in the module manager yet so I'll have to check tomorrow. I'll report back though once I update and try it out.

That sounds great! I would love to have a solid mobile power solution. On a different note, I've run across a problem on the TETRA firmware (I may be the only one) where my third NIC doesn't pull an IP and routes are not set up automatically. This is the same NIC I've used on my MKV and NANO (so my lazy self doesn't have to add another MAC to my allow list) and when used on them it works just fine. On the TETRA I have to manually configure an IP address and all appropriate routes to get out to the internet. Has anyone else had this problem? The third NIC is a Panda Wireless PAU06. Edit: I just loaded modules and saw the Update button for the Networking module :). I'm sure it's been fixed. Still having this problem.

It's cool. I just wasn't sure from how I interpreted the power notice. Thanks for the clarification.

I think my TETRA isn't getting enough power with the Pineapple Juice 15000. I've tried using one and both ports to power it in the EDC but it reboots before it fully boots up. I read through the power notice a few times and I don't think I'm doing anything wrong since it states the max power budget is 18W and I believe using both ports together supplies ~15.2W. What is the best method for powering the TETRA on the go? Do I have to wait until I get my second battery that Darren mentioned to do this?

The device itself is a bit bigger than the MKV but the antennae are huge (double the size of those on the MKV and NANO)! The Tac edition is cool though because the EDC was well thought out in my opinion. Lot's of space for all your hacker tools, laptop, and multiple Pineapples.

You weren't kidding when you said the TETRA is a beast. I love it!

Wow! That's awesome you guys are sending out secondary power packs. I didn't get a second one with my tac edition but I look forward to it!