Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


About nobody:nobody

  • Rank

Recent Profile Visitors

539 profile views
  1. Also it would make auto driver installation possible for situations like this. https://forums.hak5.org/index.php?/topic/36771-lan-turtle-not-showing-up-on-os-x-el-capitan/
  2. So I was just thinking about this. What if we could remotely type keyboard commands on the pc that the turtle is connected to via usb? USB rubber ducky style, except through the Internet instead of a pre-configured payload. Think of the possibilities! You could control it realtime through ssh to the turtle, or you could automate it. If all the network traffic is flowing through the ducky, it could detect when the user is most active on the computer. It could detect which operating system it is running by analyzing the traffic. It could even detect which programs are used on the pc. Then, accor
  3. That's exactly what I would assume. But this tool is specifically designed to phish for wpa keys.
  4. Could you explain how that would look in your device settings? I mean, it is detecting one ap that claims to have security, and at the same time claims to not have security. How would (say Android) deal with that?
  5. If anyone would be willing to downlaod and test it that would be great too. I dont have any usb wifi cards and the tool requires 2 cards.
  6. So I have been reading about different social engineering based attacks and came across wifiphisher(if you don't know, it is an automated evil twin+captive portal tool to phish for wpa(or wep i guess) passwords by making up a story about a firmware update.) I dont understand how this is possible. As i understand the evil twin, it requires the evil ap to have all of the same info as the real one to convince the client to connect to it after the deauth right? Therefore it cannot be performed on an encrypted network as you could not forge the handshake right? Surely devices aren't dumb enough to
  7. Maybe I should give some context. I am in a Christian school where no one knows anything about computers or networking. My plan was to make a honeypot network named "Free Student WiFi" or something like that which leeches off the staff wifi(which I know the password for) and make every website redirect to zombo.com or Rick Astley.
  8. Ok. Thanks. One more question. I know this is technically possible, but I want to know if the Karma software supports it. What if I know the password? For example, I know the password to my school's wifi (I was in the right place at the right time.) So could I save that wifi network/ssid onto the pineapple(If I decide to get one over a MyLittlePwny) so that when I take it to school the teachers will try to connect and get the (Pwn)pi(napple) instead? It is a WPA2-PSK network. Does the Pineapple/PwnPi software support that?
  9. So, I have been doing a lot more research since my last question and I came across PwnPi and FruityWifi. I have been pricing things out, and I came up with just over $110 including international shipping for the following: Rpi 2 model b 2x alfa 1200 mw usb wifi dongles with rt3070 chipset (bgn) A plastic case with fan and heatsink for rpi Samsung 16gb microsd with adapter A pack of transistors to control the fan depending on temps. This has all the functionality of a wifi pineapple for just $10 more plus free shipping. Why buy a pineapple if I could instead get this which is more powerfu
  10. Thats what i thought. What about wep?
  11. Hi all. I am new here and considering buying myself a wifi pineapple. I just had a question about karma. It is probably a really dumb question but I could not find the answer anywhere. In all the demonstrations of karma on youtube, they always "spoof" a open wifi that has been saved on the target device. Is it possible to spoof a protected wifi network? So the device will attempt to connect to the wifi pineapple with a wpa2 password which will result in me getting the password? Thanks.
  • Create New...