DataHead

as for reaver not working either, do try to bring down the mon enabled "wlan" interface

After you put the device into monitor mode, bring down the interface. In this case wlan2. ifconfig wlan2 down. The drivers are finniky with having a mon and coresponding wlan interface both up at the same time But a personal favorite, if you are using the ne 2.1 firmware, the aircrack packages are updated. So you can make use of airmon-zc. Which will take care of bringing down the interface for you. So airmon-zc start wlan2. The monitor interface naming syntax is different with airmon-zc. The result is itbeing wlan2mon after in monitormode. And as for wash, there is a switch to ignore bad fc. wash -C I think? so try all that and report back

I've had some routers that had wps enabled, but didn't show in a wash output. If you know for sure that wps is a constant active ( not enabled only buy physical push button ) try ssh'ing to the pineapple and run reaver from commandline with the target mac. And see if it starts attacking the router as expected. Also if just for visibilty concerns, run wash for a while through ssh and see if your ap comes up eventually as wps enabled

So make sure the router is putting out a 2.4 signal

Neh is singleband n. 2.4ghz n not 5ghz dualband

Id like to also point to this link https://bugzilla.redhat.com/show_bug.cgi?id=913631#c42 The issue is discussed here, it seems its been pretty well taken care of in fedora kernel if followed from one of the last posts. Maybe something could be pulled and applied from upstream? Again I'm no linux guru :-p But I've also read that turning off the hardware encryption on the rt2870 device will rid of the annoyance, havebt tested it myself yet though

ditto

Hey seb, thanks for the quick reply! The device does work, but only achieves half the bandwidth possible from the ap ( but is double of which my awus036h does:) ). And from what I've read on the net, its due to the driver issues and warnings of which I see. Now since there are an over abundance of these warnings popping up, it becomes too much for dmesg to handle on the device and forcefully reboots. But the message right here, [ 64.130000] ieee80211 phy2: rt2x00lib_request_firmware: Info - Loading firmware file 'rt2870.bin' [ 64.350000] ieee80211 phy2: rt2x00lib_request_firmware: Info - Firmware detected - version: 0.29 Indicates that the rt2870.bin is out dated, I believe it is now 0.33?

[ 1181.080000] ieee80211 phy2: rt2800usb_entry_txstatus_timeout: Warning - TX status timeout for entry 6 in queue 2 [ 1181.090000] ieee80211 phy2: rt2800usb_entry_txstatus_timeout: Warning - TX status timeout for entry 6 in queue 2 [ 1181.100000] ieee80211 phy2: rt2800usb_entry_txstatus_timeout: Warning - TX status timeout for entry 7 in queue 2 [ 1181.110000] ieee80211 phy2: rt2800usb_entry_txstatus_timeout: Warning - TX status timeout for entry 7 in queue 2 [ 1181.120000] ieee80211 phy2: rt2800usb_entry_txstatus_timeout: Warning - TX status timeout for entry 8 in queue 2 [ 1181.130000] ieee80211 phy2: rt2800usb_entry_txstatus_timeout: Warning - TX status timeout for entry 9 in queue 2 [ 1181.140000] ieee80211 phy2: rt2800usb_entry_txstatus_timeout: Warning - TX status timeout for entry 9 in queue 2 [ 1181.150000] ieee80211 phy2: rt2800usb_txdone: Warning - Got TX status for an empty queue 2, dropping [ 1181.160000] ieee80211 phy2: rt2800usb_txdone: Warning - Got TX status for an empty queue 2, dropping [ 1181.170000] ieee80211 phy2: rt2800usb_txdone: Warning - Got TX status for an empty queue 2, dropping All of those, and more. There is about 400 of those errors in my syslog / dmesg from my brand new just received yesterday awus036neh on my pineapple. Now I'm no Linux guru, but I'd assume its all driver controlled errors? Also I've noticed that the pineapples driver for the awus036neh is out dated, version .29. Does anyone have a fix for this? Did I receive a defective device?

he mentions it in this post https://forums.hak5.org/index.php?/topic/34187-release-211-codename-pineosauria-mobilus/?p=254756

not that specificaly, but seb mentioned in a different thread that they are working on one of their own designed for the mk5! said hoped to have it out before the end of this year, good things to come :D and hopefully with the new sslstrip :D

He speaks of their secret mitm proxy

Have you perhaps set a static IP on your laptops? If you have, set it to auto dhcp. Or if the reverse, try setting a static IP in the 172.16.42.xxx ranges. Like 172.16.42.222. Connect to the pineapple, and see if it works :) Also make sure all the dip switches are in the up position when booting the pineapple. And if you can access the webuiafter all that, double check all the settings, and make sure there aren't any error in the config. Did you happen to enable client mode for Ethernet though not having Ethernet ports on the laptops? If so, plug the Ethernet into your home router, and access the pinewebui through its IP and port. Example, 192.168.0.12:1471

Wlan1(connected to your internet connected ap) to and shared via br-lan.

Hey all, I been trying to get rfkill to run on my mk5, but can't seem to get it goin at all. I've installed kmod-rfkill with --force-depends. I've removed the hold flag on the kernel and upgraded it. I've compiled my own to include it. I've changed the module loading order from 20-rfkill to 15-rfkill, but nothing seems to work. is there some kind work going on behind the scene on the mk5 to prevent rfkill from functioning. If so, why? And does anyone have any guidance to get it properly installed / working? I'm assuming its something with the kernel.

Sounds great! I guess one could just commit the 2.1.1 web interface from the internal storage to the github :-)

follow these steps cd /sd tcpdump -w ./tcpdump.pcap if you cd /sd first, it changes the working directory. the "./" means the current working directory, so it will save the log to /sd/tcpdump.pcap tested it and it works as expected

Here is my edit: i dont need any credit for the edit either, all is claim to you, this is more a suggestion implementation. but it works fine :) probably also should add a getopts for ease to change the device & gateway address aswell. but meh, ill let you change it if you want inputdevice=$1 clear if [[ -z $(iwconfig | grep -s $inputdevice) ]] then echo -e "\t \n \n $inputdevice is [\e[1;31mNOT VALID\e[0m]" echo -e "\t [\e[1;31mPlease re-run the script with a valid device\e[0m]" echo -e "\t [\e[1;31mor else $device will be assumed\e[0m]" sleep 5 else clear $device = $inputdevice fi the full script #!/bin/bash #By KiatoGS sleep_time="30" #Seconds between every chec device="wlan1" #The device you are using for client mode gateway="192.168.1.1" #Your " home's " network gateway for network connection check inputdevice=$1 clear if [[ -z $(iwconfig | grep -s $inputdevice) ]] then echo -e "\t \n \n $inputdevice is [\e[1;31mNOT VALID\e[0m]" echo -e "\t [\e[1;31mPlease re-run the script with a valid device\e[0m]" echo -e "\t [\e[1;31mor else $device will be assumed\e[0m]" sleep 5 else clear $device = $inputdevice fi clear echo echo echo -e " +---------------------------------------+" echo -e " This script will run a loop every \e[1;32m$sleep_time\e[0m " echo -e " seconds to check your client mode" echo -e " connection on \e[1;32m$device\e[0m pinging" echo -e " \e[1;32m$gateway\e[0m and \e[1;32m8.8.8.8\e[0m" echo -e " +---------------------------------------+" echo echo while : do sleeptime=$sleep_time echo -n "[-] Checking for Internet connection..." ping -q -w 6 -c 1 8.8.8.8 > /dev/null 2>&1 #Ping google if [[ $? -eq 0 ]]; then echo -e "\t [\e[1;32mOK\e[0m]" else echo -e "\t [\e[1;31mFAILED\e[0m]" echo -n "[-] Checking for Network connection..." ping -q -w 6 -c 1 $gateway > /dev/null 2>&1 #Ping gateway if [[ $? -eq 0 ]]; then echo -e "\t [\e[1;32mOK\e[0m]" echo -e "[-] Check your \" home's \" internet connection \e[1;31m!\e[0m" else echo -e "\t [\e[1;31mFAILED\e[0m]" echo -n "[-] Checking for $device device..." #When i am using a usb wireless card for client mode there are times #that the usb card just disappears from my pineapple. Only a reboot #brings it back on. if [[ -z $(iwconfig | grep "$device") ]] ; then echo -e "Sorry but $device doesn't seem to be up... \t \t [\e[1;31mREBOOTING\e[0m]" sleep 5 reboot else echo -e "\t \t [\e[1;32mOK\e[0m]" echo -n "[-] Realising ip if any..." kill `ps -ax | grep udhcp | grep "$device" | awk {'print $1'}` 2> /dev/null echo -e "\t \t \t [\e[1;32mOK\e[0m]" echo -n "[-] Scanning APs..." iwlist "$device" scan > /dev/null 2&>1 sleep 4 echo -e "\t \t \t [\e[1;32mOK\e[0m]" echo -n "[-] Requesting ip..." udhcpc -R -n -i "$device" > /dev/null 2&>1 if [[ -n $(ifconfig "$device" | grep "inet addr:") ]] && [[ -n $(route | grep "$device") ]] ; then sleep 1 echo -e "\t \t \t [\e[1;32mOK\e[0m]" else echo -e "\t \t \t [\e[1;31mFAILED\e[0m]" fi sleeptime="1" fi fi fi sleep $sleeptime done

I also agree, but i think you should set up the device as a user variable. For ease of use. As some wont know to change the bash script to read wlan2,wlan3, etc instead of wlan1. Maybe have it read it as a cl argument. So device="wlan1" change to device=$1 As $1 is first commandline arg in bash. Or set up another variable for the input arg one. IPUTDEVICE=$1 device='wlan1' Then do a if ! iwconfig | grep $(INPUTDEVICE) exit with message to say not a valid device etc just for handling incorrect device specified. or default to wlan1? And if no arg is passed, default to wlan1 else device=INPUTDEVICE I'm rushed at the moment, otherwise i would have changed it to such and submitted to you a proper .patch as respect to opensource community. but thoae are my ideas / 2cents. If I get around to it later, I will submit to you a .patch or my modified script

keep in mind, these higher power as in signal capturing are much stronger.and if your usb wifi is too close to the router, it will probably have issues. example, i have to unscrew my antenna on my usb wifi in order to lower the signal to get some ip leases an ics working properly. so if thats the same case as others, try it, or move further away from the router

by the looks of your lsusb, i'd have to assume your sd card reader isnt working either? im looking for any kind of helpful solution for you, but i cant make any promise of good news yet. maybe if Seb, Darren, or someone whom has more technical knowledge can also offer a hand as well it may return a same result, but what about typing usbreset? does it list the usb2.0 controller?

ssh, then type lsusb then post the output possibly look into modprobe too with any usb other rtl8187 usb card unplugged from the pineapple modprobe rtl8187 lsmod then iwconfig, and ifconfig wlan1 up post the output(s)

Or you can try cd /directoryofscript bash ./myscript.sh

what are the output ratings of your power supply? are you using the stock one provided? i guess those ones could be flaky at times.

yes sir, you could do that :) the new firmware comes bundled with an updated aircrack-ng 1.2 rc1 and included with that package is Besside-ng, and awesome tool for WPA and WEP cracking automation. well, automates WPA handshake capturing, but is a full auto WEP cracking tool. if interested, i have made a patch file for you to compile against the package, that allows for WEP only scanning / cracking. or i guess i can just drop the compiled package here. of course, this is NOT an official package but is built from the official source, i did not modify anything other than the besside-ng.c to include some new features. those are: -C <num> : start wep cracking @ <num> iv's -w : WEP scanning / cracking only. will not attempt to death WPA networks. you can either download the package from zippyshare, or attached to this post. if you download the .zip attached to this post, you must unzip the file "aircrack-ng_1.2-rc1-3_dataheadmod_ar71xx.ipk" first. then move the ipk file to the pineapple ( /sd, or /root, or /tmp wherever ), open an ssh connection to the pineapple, cd to the directory where you put the ipk on the pineapple, then "opkg install aircrack-ng_1.2-rc1-3_dataheadmod_ar71xx.ipk" example: i put mine in the root of my sd card. cd /sd opkg install aircrack-ng_1.2-rc1-3_dataheadmod_ar71xx.ipk aircrack-ng_1.2-rc1-3_dataheadmod_ar71xx.ipk of course, you install the package at your own risk and i am not responsible for any error that may or may not occur, please install at your own risk, and be sure to know what you are doing before installing any 3rd party package. of course, i provided the .patch file here in this thread if you would like to see my modified source and compile it yourself. https://forums.hak5.org/index.php?/topic/34223-request-please-release-the-modified-aircrack-12-sources/ EDIT: i'd recommend using a fast sd card with a good size swap partition on it. the use of besside-ng, my modified version or stock version, as it is a resource hog. also, besside-ng will write its logs to the current working directory, so be sure to "cd /sd" before running it but on a different note, there are plenty of other tools and ways readily available to crack wep keys using our pineapples :) and good luck and happy pentesting when you get your mk5! Merry Christmas! cheers! aircrack-ng_1.2-rc1-3_dataheadmod_ar71xx.ipk.zip