[Introducing the WiFi Pineapple NANO]

So I noticed there aren't any DIP switches on the NANO. I still plan on getting one either way, but I was wondering if there was any way of having that sort of functionality on the software side somehow. I had them set up for things such as wardriving, where I didn't have to have any other devices with me, just the MK5 and Pineapple Juice. I'd like to be able to do that with the NANO.

Of course I could always connect to it from my cell phone, but I'm just being optimistic here :p


Either way, I can't wait to get my hands on one.

[I have a MK5, I want a SDR Mobile Kit. Anyone?]

I have an extra mostly unused WiFi Pineapple MK5, and I'm wanting the SDR Mobile kit. Anyone interested?

I still have the original box, booklet, wall adapter with all of the different ones for different countries, the MK5 itself, 2Gb SD, and the two antennas.It's updated to the latest firmware, and I'll be restoring it to factory settings and wiping the SD before sending it. I could take pictures if you'd like to see it.

Basically everything you would have in the original package except the stickers.

I'm located in the US, and if you're a trusted member I'd gladly send you the Pineapple so you can look at it before sending the SDR.

I'd prefer the Mobile version of the SDR, but I may settle for the Starter, since I'm an absolute begginer with it in the first place. (Never messed with radio before.)

Sold. I'm not sure if I can remove my own threads on this forum or change the title.

[Where to learn about Software Defined Radio?]

So I'm considering getting the hak5 field kit, and I noticed that it comes with the software define radio. I know enough about the rest of the contents to justify my purchase, but to be honest I don't have the slightest clue what the SDR is, what it's uses are, or how to use it. Could anyone point me in the right direction? I feel like I've learned more about GSM in the past thirty minutes than I ever have..

Thanks!

[U.S. Senator Calls Wi-Fi Pineapple "Major Theft, Scary"]

I guess they should just ban wifi adapter too right?

Considering I've done that same type of thing with a laptop, kali, and a $10 wifi card before I had even heard about a wifi pineapple.

[non alphanumeric ssid's in client mode (wlan1)]

I'll also add that if I have my home wifi bssid hidden, it will show up as something like

\ X \ X \X \X \X \ X

[[Release] pixiewps 1.1 & reaver 1.5.2]

I reformatted the SD (fs:ext) the second time because I had the same thought. Nothing else is on it aside from what the pineapple puts there automatically.

[[Release] pixiewps 1.1 & reaver 1.5.2]

Looks like I'm not the only one having this issue. Take a look at my posts in the pixiewps release thread.

I'd send you a link but I'm on my phone right now.

[How do I do this legally? (Demonstration)]

So I'm a student in IT Security, and I live in a really small town. I know most of the members of the local police department. The town is really small, so the police department usually has about eight people working at a time, and the building is about the size of an average convience store or two. Unofficially, they are wanting me to give a demostration of a few things related to hacking and monitoring, stuff that might help them in their line of work, including the WiFi Pineapple Mk5.

I already have a bunch of stuff prepared, but I'm wanting to know where I stand on the legalities of this. Like I said, the entire thing is unofficial, and I could probably launch a couple hundred attacks on their network and no one would care. But just to be safe, I'm not going to be doing that.

I plan on bringing my own network equiptment and pretty much setting up a fake network to demonstrate on. But one thing they do want me to do is get the password of their WiFi connection. I've already made two videos showing different ways to do this, but it was on my own network. They are wanting to see me do it live.

What do I need to do in order to not have this come back and possible haunt me later?

Like I said, they know I'm doing it, and I've been given verbal permission, but I'm just wanting to be safe here. Any advice? Thanks.

[[Release] pixiewps 1.1 & reaver 1.5.2]

If you did an sdcard install, can you verify that all symlinks are in place from following

mkdir /etc/reaver

ln -s /sd/etc/reaver/reaver.db /etc/reaver/

ln -s /sd/usr/bin/reaver /usr/bin/

ln -s /sd/usr/bin/wash /usr/bin/

The first time yes, and I had done that as instructed before. This time I have most things installed to the internal storage.

Would you like me to reflash and try again? Maybe there is something I can do to "Enable verbose logging" or such?

[[Release] pixiewps 1.1 & reaver 1.5.2]

Same thing when used from command line. Doesn't give me any extra information either.

Since wash isn't able to find anything, none of the other applications and infusions can because they rely on it.

[[Release] pixiewps 1.1 & reaver 1.5.2]

I still haven't been able to fix this issue, and it's happened multiple times before.
Restarting from a re-flash, I updated everything in the pineapple, installed pixiewps and reaver, installed the WPS infusion by Whistlemaster along with bully, and installed tmux (Tmux shouldn't have any effect, but I can't be sure. It's just a version of Screen.)

I can pickup APs, but nothing shows up as WPS compatible, even though they are. Using wash, with or without C, monitor mode or not, I pick up absolutely nothing.

To be sure it wasn't just my pineapple, I have a second one. I followed the exact same thing as before, except on this one I also installed the Wifite-ng mod by aanarchyy.

In the past, before trying to get this to work, the normal reaver would work fine and detect WPS compatibility.

[[Release] pixiewps 1.1 & reaver 1.5.2]

Just reflashed my pineapple. I noticed that the Reaver in the repository is Endian 1, not the latest version.

EDIT: After reformatting my SD card and flashing firmware, something doesn't seem right. I've installed Reaver (Endian 2), and PixieWPS. (Also tried with Endian 1).

Installed to SD, followed the steps to get wash working.

But now I can't seem to get wash to find anything. Also WPS related functionality is gone from my pineapple, now matter what it's on. Some infusions will still find the AP, but show that it doesn't not have WPS enabled.

All done within bash, not ash:

ifconfig wlan0 down

airmon--ng start wlan0

wash -i mon0

Returns nothing

Using wash -i mon0 -C (Same with wash -i mon0 -C -s)

Returns [!] Found packet with bad FCS, skipping... (More than once)

autopixie.py

wash scan

mon0

Returns nothing

wifite-ng

scanning on mon0

Returns all access points, but fails to report WPS compatibility

[[Release] pixiewps 1.1 & reaver 1.5.2]

Most of the infusions rely on the packages aquired through opkg, or third party packages.

Also, wouldn't the modified Reaver also have to be in the pineapple packages?

Sure it could be downloaded from somewhere else, but I'm not sure how well that would go over with Hak5.

[[Release] pixiewps 1.1 & reaver 1.5.2]

Now about autopixiewps, looking at the code, it should work great, but it needs a must have change in the way it calls wash (otherwise the results will come up empty ). You have to open up autopixiewps, and remove its -C from the wash call within. And will Also want to add the proper in line checks for R-NONCE.

I know basically nothing about Reaver and WPS, so I don't know how to add the check for R-Nonce, but I've noticed that with the -C removed from both autopixiewps and wifite-ng, wifite works just fine, and autopixiewps is able to pickup wps clients now. I've looked online and I can't find anything about R-Nonce aside from it's man file entry. (Which basically says nothing)

Is there anywhere I should be looking for this? Thanks

[[Release] pixiewps 1.1 & reaver 1.5.2]

I think that wifite-ng also require autopixie.py to be running properly.

I have no issues with wifite-ng on kali with autopixie.py

whenever I move to the pineapple, autopixie doesnt find any wps APs, therefore neither does wifite-ng.

[[Release] pixiewps 1.1 & reaver 1.5.2]

Any chance of something like autopixiewps, or aanarchyys wifite mod to work on this?

Using wash or pixie by themselves show everything as normal, but the other tools fsil to see anything with WPS.

I havent taken a lool at the code, so I dont know how they are searching for wps locations.

Was anything major changed when this was ported over?

Thanks.

Im just lazy and dont like typing everything for pixie, so consider this a very liw priority request.

Ill try and figure out what the two scripts are doing in order to scan for wps.

[Is 5Gh possible on the Mk5?]

I'm not really familiar with how the different WiFi technologies work. (a,b,n,g.c...)

Would it be possible to get the pineapple to work with 5Gh networks? I realize you probably can't just switch out antennas or something, but I think it's worth asking.

If there is nothing I can do to the existing equipment, if I were to attach a card via USB that supports it, would it work? If so, would the infusions work with it, or just stuff through SSH?

Thanks

[how to turn off the pineapple]

I like to SSH and use Halt, but the only problem I've ever had from unplugging it was a bad capture file because I unplugged it while I was recording some stuff. Took about 5 seconds to fix the file and no other harm was done.

[WiFite on Pineapple Mark V]

If you already have a device in monitor mode, Wifite will automatically use that one.

So another way you could do this is by using airmon first. I believe this is the way I have it set up on my mk5.

airmon-ng start wlan1; wifite-ng -arguments

[WiFite on Pineapple Mark V]

I am currently using aanarchyys mod, soon to have pixie dust support.

The command I use is

aircrack-ng -mac -strip -aircrack -wlan1 -endless

-endless makes it loop through targets endlessly instead of exiting.

Of course the pixie dust attack currently isnt working on the pineapple, but everything else runs without issue. You can find it here if you want to try it.

https://github.com/aanarchyy/wifite-mod-pixiewps

You also might want to get a very small dictionary file and supply it to wifite, if it captures any handshakes it will try to crack them. It only has about 40 tries per second, so I only use a 500 line list full of default passwords.

-dict /path/to/file

[Pixie Dust attack with Pineapple?]

I think it might be worth mentioning that aircrack has been updated with more support for pixiewps, and Kali is now using the Reaver fork by t6x.

https://www.kali.org/penetration-testing/pixiewps-reaver-aircrack-ng-updates/

[Pixie Dust attack with Pineapple?]

Thanks for passing the message.

As soon as my classes are out, I'm going to see if I can figure out anything else. I believe there was a dependency or two missing from the pineapple that aren't on opkg, and I think I remember having problems with WASH. I'll post my findings as soon as I'm home. Just remember that I'm not an expert.

[Pixie Dust attack with Pineapple?]

Datahead made a post about it, but thay was talking about Kali, not the Pineapple.

the only thing ive been able to find on the other forum was the one from autopixie and the wifite mod. Neother of them are about the pineapple, so I havent found much support.

If anyone could help me take a look at this I would be greatful.

[[Release] 2.3.X - Codename: Logasaurus]

Great job! Huge improvements with the web interface speed!

[Pixie Dust attack with Pineapple?]

I've been trying to get the Wifi Pineapple to be able to perform the pixie dust attack for quite a while, and I can't seem to be able to. I'm thinking the problem is with the modified Reaver you have to install, but I can't be sure.

I've followed this guide: http://matthewhknight.com/autopixiewps/
(In case the link above is remove or something, just google AutoPixieWPS)

On my PC and Laptop it works flawlessly, but whenever I try this on the pineapple, I'm no longer able to pick up WPS.

If anyone has gotten this to work, or has any ideas, please let me know. Thanks.