IvanDoe
-
Posts
28 -
Joined
-
Last visited
-
Days Won
2
Posts posted by IvanDoe
-
-
Now that I have more knowledge of MITM and the pineapple. I feel secure that this will be a fun project. Are you still maintaining it? I would also like to know of possible ways to inject once I have clients on the pineapple. Maybe evil portal? Or am I missing a step? I get that your base is just a UI for the exisiting functions of MITMf correct?
Hey :)
I didn't update project for awhile since it worked pretty much as it should.
I don't think evil portal would work for something like this.
The way i would use it is have pineapple "collect" clients, and raspberry pi would run MITMf and run mitm attack and collect data.
Raspberry pi would be connected via eithernet to pineapple.
https://bettercap.org/ turned into really great project and i was thinking of getting that working with my script soon.
I have few extra ideas but since i have MKV and current firmware isn't the most stable i am waiting for new firmware of NANO and TETRA to get ported to MKV.
Firmware was supposed to be released this month, not sure if that is still true.
-
Thats pretty cool.
So based on ssid/mac you find geo location.
Few days ago i started messing around with wigle also but i went in different direction.
Since there was no access points near me in wigle database online i made local database via wigle for android.
Made php script that based on gps cordinates goes thru local wigle database and filters close ssids (50-100meters close).
Was thinking of making pineapple change and spoof fake accesspoints based on location.
Have option to spoof open only or protected networks as open etc.
If anyone thinks this is good or wants it after i clean it up and test more i can release script on github :)
-
Darren will tetra be sold in EU shop soon?
-
1
-
-
With each consecutive WiFi Pineapple the lifespan has increased (with the exception of the Mark III). Unfortunately software improvements (like PineAP) couldn't be back ported to the Mark IV due to the tremendous hardware differences with the Mark V (like the storage and 2nd radio). The Mark V has had support for over two years. If the trend continues I believe we will see similar support for the 6th gen devices. The short term road map is looking like:
6th generation launch:
- WiFi Pineapple NANO Dev release <-- you are here
- 5 GHz WiFi Pineapple Dev release
- Both 6th gen devices mass market launch
- 6th gen software port to Mark V
- Work begins on next gen "mouse trap" software
- Work begins on companion "core" hardware module
I don't have a crystal ball but I'd say the 7th generation WiFi Pineapple line will be brought on by innovations unforeseen at this time -- but considering how expensive and time consuming it is to make new hardware -- we'll be focusing on what we have now for quite some time.
So wifi pineapple MKV will get software/firmware update?
I really don't see why MK5 woudln't get software update and new UI like nano since specs are so similar.
-
No - the software is completely different. The entire UI was re-imagined from the ground up based on feedback and user testing. It's built on modern web standards to be fast, responsive and intuitive and really focuses on the wireless pentest workflow. The hardware also differs from the Mark V not only on the outside, which should be obvious from the form factor with the streamlining of ports, but also within. Chipsets were chosen based on performance and reliability. For example now it's dual-Atheros with higher gain and throughput, and not only on the radios but also the storage.
Cpu and ram looks same as for mk5 from what i can see?
I am glad and happy for hak5 making new gadgets... but i'm pretty sure alot of people was expecting this new device to be able to have better specs (cpu, ram) since it has been years since mk5 was released.
There was talk of mk5 firmware maybe having MITMf implemented, i figured that was delayed so this new device can have but seeing specs i am not so sure?
Big thing about mk5 was when it was released it could sslstrip etc, it can't do now with ssl tls.
Will mk5 still get firmware updates and be actively developed for?
-
300 Euro + shipping
-
Kali Pi must really be stripped because reaver is missing wash is missing
Kali for arm devices ( from what i tested on raspberry pi and odroid) comes with basic stuff.
You can install meta packages or individual tools you wish to have.
-
Try and put full include on index.php or functions.php and see if that changes anything
require_once ('includes/functions.php');
torequire_once ('/var/www/html/www/includes/functions.php');
now that i see it /var/www/html/www/ doesn't look right either
Try and put script into root folder of web server.
-
What page did you open when that happend?
I tested script on windows and linux but it looks like include error.
Maybe Cookie.class.php is empty?
Try and delete all files and download/unzip/git clone again
-
It says on github what files to edit in script, google for mysql import for database
-
Yes, copy files to www, import mysql db and edit config files
Replace mitmf plugin and you should be ready to go :)
-
Try https://github.com/byt3bl33d3r/MITMf
or https://github.com/evilsocket/bettercap
I have tried both, mitmf has alot of plugins, i even made a web ui for mitmf that collects data via xss/php/mysql > https://github.com/ivangr0zni/mitm-grabb3r
-
Ok so i tried script via vmware, i do have raspberry around but figured i'd try it in vm first.
I used kali 2, didn't have to install open3, worked out of the box, i just had to change interface name in script, wlan1/wlan2.
Stoped it after few minutes but it seems to work cool, i'll set kali on raspberry and try it out as dropbox somewhere :)
Anyway as i posted yesterday, alfa awus036neh seems to have driver issues or something else with kali 2.0 (monitor mode won't show any access points), so i used older awus036h with this script.
-
if you install open3 successfully, post your install method... I never had any problems but can't remember my install method
Sure, ill try to set it today or tomorrow.
I didn't code in ruby before but it seems like i need to add wlan2 here?
@device_list=["wlan1"]Not sure what syntax ruby uses to use multiple parameters?
From code it seems like each wifi card trys to crack its own access point?
In video i don't see script running mdk3 attack on access point but i see function for attack in script?
Thanks for help, i just want to figure out how it actually works :)
-
Thanks for sharing this :)
I'll try it out.
-
2.4ghz, there is bunch of networks around me but none show up
-
I know alot of people here have AWUS036NEH, did anyone actually got it working (in monitor mode) in kali 2.0?
I get to monitor mode just fine but once i run airodump-ng it doesn't show any networks at all.
I have tried multiple ways of putting card in monitor mode but get same results, no wifi networks showing.
-
Looks pretty cool. Any plans for something like acrylic case?
I have raspberry pi 2 and few days ago received odroid xu4, its ALOT faster but more expensive also.
-
You could use strip-n-inject (i think that is name of infusion) to inject grabber code but the way script is set is it needs clients ip, i have limited knowledge of pineapple API but i don't think there is easy way for strip-n-inject to pass client ip.
Even if that would work you still coudln't use script on ssl websites ( thats where MITMf comes in with its hsts ssl options).
-
This isn't infusion for pineapple, it's a script that works with or without wifi pineapple but it needs MITMf software.
I made it and released it here since i was expecting(as many others) this last pineapple firmware to have MITMf included...
You will have to use some other linux box in combination with wifi pineapple to use mitm grabb3r.
I use raspberry pi 2 with kali linux to run mitmf and script and wifi pineapple to do wifi stuff.
-
Did you expand root partition?
https://linhost.info/2015/05/expand-the-root-partition-in-kali-linux-for-the-raspberry-pi/
-
It's pretty much all there on github but if some part isn't clear feel free to ask :)
-
Few months ago i started working on pineapple infusion but it ended up being alot bigger project.
I made a php/mysql script and the way it works is MITMf injects javascript(xss) code into each page, and there is web script that manages clients with various xss "options" like cookie stealing, jskeylogger etc...
Each clients history and captures can be viewed on a timeline.
You don't have to use mitmf, you can use whatever application you want as long as you inject code with necessary information.
You can find out more about it, how to set it and download it here > https://github.com/ivangr0zni/mitm-grabb3r
-
I am actually working on something like this that started as pineapple infusion but developed into much more :)
The way it works is MITMf injects javascript(xss) code into each page, and there is web script that manages clients with various xss "options" like cookie stealing, jskeylogger etc...
I've talked with and showed it to MITMf author and he likes it, and there was talk of MITMf being included in next pineapple firmware so in future it should be handy to have.
I plan on releasing this script it in month-ish.
Will the new web interface be ported to the Mark V?
in WiFi Pineapple Mark V
Posted
In the post where nano/tetra was introduced i think Sebkinne or Darren said sometime in February, not sure if that is still the plan.