[Can+someone+help+me+out]

I haven't ordered it myself, but according to the specs, this should work.

https://www.walmart.com/ip/StarTech.com-1-ft-USB-Y-Cable-for-External-Hard-Drive-Dual-USB-A-to-Micro-B/39206896?wmlspartner=wlpa&selectedSellerId=339&adid=22222222227027081108&wl0=&wl1=g&wl2=c&wl3=56165805849&wl4=pla-88834007769&wl5=9012116&wl6=&wl7=&wl8=&wl9=pla&wl10=111830352&wl11=online&wl12=39206896&wl13=&veh=sem

[[Release] 1.1.2 - Codename Buffalo Bulldozer]

Sweet! Thanks for all the hard Seb. I've already uploaded the firmware and have some work lined up for it today. Looking forward to playing with the 5GHz support.

[PineAP limitations?]

The AP you spoof with the pineapple must be an open AP in order to get a device to connect. Spoofing an AP that is encrypted will not work because during the 4-way handshake authentication process, the client will find out that you are not the AP you say that you are. I am not aware of a way to circumvent this limitation.

[couple questions]

Just to clarify, do you have a Pineapple Nano or a Pineapple Mark V? The Nano doesn't have a proper RJ-45 Ethernet port.

[Battery Runtime Calculations]

You should be getting somewhere around 37.5 hours of runtime with a 15000mAh battery (15000mAh / 400mA = 37.5h).

Likewise with a 4000mAh battery it should come out to 10 hours.

The nano does fairly well with power but as you've seen, the accessories can really start to drain things. This is very much the case if you decided to tether a phone to the Nano. Be careful with pulling too much current from the pineapple juice battery. It's a decent little battery, but the nano operates right at its capability. It's trivial to accidentally pull the voltage down to less than 5V.
 

[PineAp Allow Associations]

So there are a few things that are different in a modern Apple device when associating.

Most new Apple devices will not probe using the name of the SSIDs in the PNL. It instead will send out a probe request that will demand the APs in the area to send a response. Once the APs respond, the device then knows if there are any available networks that match its PNL. Apple is not the only company doing this. Because of this behavior it is often a good idea to have a list of regional based APs already in your Pineapple that have a high likelihood of attracting a devices.

Now let's assume the Pineapple already has an SSID in its list that matches the devices PNL. Although I don't think you're having any of these issues, look out for these. Some phones have a setting that requires the user to manually accept any association even to a known AP. Also, some apple devices will not associate with an AP when it is idle (the screen is blacked out & locked). I have an iPod that will not associate with any AP when its idle even though it will continue to push out probe requests. As soon as the screen is unlocked, then it will auto connect. I've noticed some Samsung phone with similar functionality.

One other piece that could be a problem is APs that have WPA2 activated. If there is an SSID in both the device's PNL and the Pineapple SSID broadcast list and the device has it marked in the PNL as a WPA2 encrypted AP, then the Pineapple will likely fail at attracting that device. WPA2 requires a 4-way handshake where both participants (AP and device) must prove their legitimacy to each other. The phone will realize that the AP is not legitimate and the association will likely fail.

You mentioned that "even if it does not connect as it sees the same AP in PNL then it will use its own MAC." I don't doubt this is the case although I've never tested it as you have. I think the problem is that the Pineapple is setup to show you the MAC addresses of things that are genuinely connected to itself or probing for something else. If the device does not connect to the Pineapple but uses it's real MAC address in the attempt, there might not be a good way to pick up on that attempt via the GUI. The logging module just shows probe requests and successful associations. An attempted association is neither of those. There might be a way to see it in Recon mode, but I doubt it. I suspect, but am not sure, that recon mode is just using probe requests to enumerate the clients in an area and other packet types.

[PineAp Allow Associations]

5 hours ago, venu413 said:

Yeah I am using iphone 6s, even I am not able to see my real MAC.

But if we are allowing the associations then it should try to connect the mock SSID and then it should show up the real one. During my testing I found that whenever a phone tries to connect it will show up the real one but when it searches for the AP it uses the random one.

I need  to figure a way such that I can see real MAC when my phone is not associated to any AP.

Also are you able to see all the mock SSID from the pool list of pineapple in your phone.

Yesterday I was able see that but today I am not able see the mock SSID's in my phone. No idea of which settings I have to change. Could you please let me know if you have any clue on that

 

When it comes to seeing the real MAC address of an unassociated, modern Apple device, it's really difficult. Every now and then I come across an Apple device that will beacon out it's true MAC for one rare beacon, then it will return to rolling its address. In those rare cases it often beacons out a few SSIDs at the same time. I suspect this might be an attempted associated with the pineapple. The problem is that is you're in a rich WiFi environment, it's hard to ferret out the MAC you are looking for from all of the other beacons in the environment. 

You might be wondering how to determine when a true MAC displays itself. If the MAC address is AA:BB:CC:12:34:56, AA:BB:CC denotes the manufacturer of the device. When the apple is rolling, I've never seen it roll in such a way to randomly display an Apple MAC address. It always resolves to nothing or to another manufacturer. When the true MAC appears, it always resolves to Apple. You can check those first 6 MAC digits here to check: http://aruljohn.com/mac.pl

The only way I've found to collect the true MAC is to have the device associate with the Pineapple. Once the device is associated, it always uses it's true MAC. You can get that MAC from the client list or from the Logging module. Never forget the logging module. If you setup PineAP to log probes and associations, Logging will keep track of all the MAC addresses that are probing and the SSIDs they are probing for.

As for why you might not being seeing the SSID list; sometimes when you do a great deal of adjustments to the Pineapple in a single session, things can get muddled. You will tell it to beacon out SSIDs, but it won't. If you find the Pineapple performing this way, simply give it a reboot. It happened to me not 15 minutes ago. After a quick restart, my phone was once again overloaded with APs to choose from.

[Does the Pineapple NANO Support Bluetooth?]

Just now, Captain said:

Hmm, this is a very interesting idea. Obviously, the NANO doesn't have a Bluetooth radio natively, but I wonder if there is a Bluetooth dongle one could get to work in the USB port.

 

I am assuming that you want to "tether" in order to share your internet connection correct? As mentioned, if you are simply trying to access the management interface, than you could setup a third WLAN interface, and connect that way.

On a side note, you could check out this post. You are basically using a secondary "Smart" device to create a PAN using bluetooth.

 

Sounds like a fun idea. I'd be interested to see how it turns out if anyone follows up.

[PineAp Allow Associations]

Allow association does allow phones to automatically connect to the Pineapple but there are many things at play.

In order to see your phone beaconing for an SSID, it is not neccesary to have Allow Associations activated. Your phone will send out beacons as long as WiFi is enabled. A phone will generally send out a beacon every 30 seconds to 4 minutes. When running Recon mode to find a phone, make sure to use a time interval that will guarantee a capture of the beacon.

Secondly, if you have an iPhone, the MAC address that is beaconed out may not be the MAC address of the device. Newer Apple products randomly roll their MAC addresses for security purposes. If this type of phone is unassociated, then you will rarely see the true MAC.

Also, if just using Recon mode to find devices in an area, filtering doesn't really matter. Filtering only matters when targeting a specific MAC or SSID to allow or disallow a device. If you are just sniffing for unassociated clients, don't worry about it.

Just a note about Allow Association; Allow Association allows a device to connect to your Pineapple's open AP. In the networking module, that AP is named something. As soon as you Allow Association, any device can connect using that APs real name. When you fully enable PineAP, you then have the ability to push out SSIDs (multiple AP names) that are apart of the pool you collected or manually inputted. When trying to get a device to latch onto the Pineapple, you'll want to be beaconing out some attractive SSIDs as well as having Allow Associations on. 

When everything is turned on in the PineAP module, then things can get interesting. Your phone could beacon out it's MAC address and the SSIDs it is looking for. The Pineapple will collect those SSIDs or trick the phone into giving them up. The Pineapple will then store those SSIDs in the pool. The next time your phone beacons, the Pineapple will replay those SSIDs in the pool order to tempt your phone in automatically connecting. At that point the phone is no longer unassociated.

[Tetra setup For windows7]

Great! Have fun.

[Tetra setup For windows7]

If you are powering the device from the AC adapter, plug one end (the small end) of the Y-adapter cable into the ETH port of the Tetra. Plug only 1 other end of the cable into the USB port on your computer. You want to plug in the USB connector where the two separate cables connect. It's the fatter of the two. That should do the trick.

This configuration caused my Windows PC to see the Realtek adapter.

Trying to power the Tetra from a computer will result in negative consequences. The Tetra is a power hog compared to the Nano. It requires either an AC adapter or both Y-adapters plugged into the Tetra with the 4 remaining ends connected to a substantial USB battery pack.

[Does the Pineapple NANO Support Bluetooth?]

No, but you still have the option of administering the Pineapple via the management AP using WiFi.

[Modules won't remove and other questions]

Try not to install the modules locally. There's not a lot of storage and the nano needs a certain amount of space just to operate. You could have messed it up by filling the drive. Another factory reset should erase everything. 

[Unassociated Clients]

Yes, look under Logging. You'll need to have PineAP enabled and have the Log Probe Requests option activated. Be sure to save your settings in PineAP.

The log should show the clients and the SSIDs for which they are searching.

[like getting my pineapple nano wirelessly]

Glad it worked out for you. Have fun!

[General TETRA Discussion]

Tonight I had the opportunity to deploy the Tetra during a fun event. I'll be making a video about it this weekend. In a very nerdy way, it was absurdly fun because of this:

Turns out to be 18.5 SSIDs per minute. Just kinda made me giggle.

[like getting my pineapple nano wirelessly]

You need to initially setup the pineapple by using the internet either through tethering with a personal electronic device or with a laptop. It is necessary to do so in order to download the latest firmware and to complete the nano setup process. After this is complete, you really do not need the internet to operate the nano. Also, after setup you can use the IP address above. 

99% percent of the work I do with the nano does not require me to have an internet connection. There is plenty to do without it.

I'm sure you may already know about this webpage, but a compilation of all the setup tutorials can be found here: https://www.wifipineapple.com/pages/faq

[like getting my pineapple nano wirelessly]

I'm assuming you're asking how to see the user interface without having to physically connect it to a device. In that case connect to the management access point and go to this IP address: 

172.16.42.1:1471

[No Clients connecting]

No problem. Hope you can get it worked out.

[SSID Broadcast As Unsecure]

As far as question #1 with your Android, I've noticed something similar.  Here is an example regarding the conditions that cause a similar behavior.

First, I use my android device to connect to an access point called GOODGRAVY with WPA2 security. Next, I kill that access point and bring up the pineapple using the same SSID. The android device will not show that it sees the pineapple because in its list of approved SSIDs, it sees an access point already called GOODGRAVY. Furthermore, the legitimate access point required a password, whereas the new one does not. If I tell my android device to forget the first access point (the legitimate one), then it will see the pineapple beaconing out the unsecure version(s).

I believe you are correct regarding your assumption for question #2. If you are trying to deauth clients from a secure network and then get them to reconnect to you via an unsecure connection, you may have issues. WPA2 encryption is implemented so that both the client and the AP can verify the legitimacy of each other via a 4-way handshake. Your clients may not be seeing your spoofed AP as legitimate because it can't participate in this process as the clients expect. 

Past this point is where my knowledge abruptly ends. I think someone mentioned on this forum that if you capture that 4-way handshake and crack the password, there might be a way to get the pineapple to legitimize itself to a client using the APs credentials.

 

 

[No Clients connecting]

1 hour ago, Mother said:

Are you wanting to capture unassociated or associated clients? > unassociated

Are you trying to Deauth a client? > Yes

Do you want any client to connect or a certain client to connect? > any client

Are you posing as an AP that is using WPA2 or as an open AP? The AP is using WPA2

Something isn't adding up here. If the device you are trying to snag is unassociated, then there is no need to deauthenticate it from an access point.

Furthermore, if you want the client to automatically connect to a spoofed SSID via the pineapple, that target device will have needed to associate with an SSID of the same name in the past. Otherwise, you will need to wait for the user to manually connect to your pineapple. 

Another thing to consider is that if the legitimate access point you are trying to spoof was WPA2 protected, then the pineapple will not be able to participate in the 4-way authentication handshake with the client. Therefore, it is easier to trick a client to connect to the pineapple using common, open access, SSID names such as hhonors, attwifi, or Starbucks.

[No Clients connecting]

It could be due to 100 different reasons. Could you give more detail? Are you wanting to capture unassociated or associated clients? Are you trying to Deauth a client? Do you want any client to connect or a certain client to connect? Are you posing as an AP that is using WPA2 or as an open AP? It's hard to help without a scenario.

[Python Script for Rank Ordering SSID Pool]

I don't know that anyone is working on a module. The one line of bash script that fugu wrote works just fine.

[Karma Jasager wpa]

Thanks for bringing up the question. You shouldn't be able to cause a client to connect to the pineapple if that client is looking for SSIDs that have a WPA2 key associated with them.

After your question, I ran this test on two devices: a Nexus 7 tablet and a laptop running Ubuntu. I had both devices connect to an access point requiring a WPA2 password. I then powered down the access point. I booted the pineapple and only had the SSID of the previous access point available in the PineAP module. The pineapple only beckoned out the SSID of the previous access point. Neither device would automatically connect. I was pleasantly surprised this was the case but then thought about the nature of WPA2.

For WPA2 a four way handshake is needed. During this process both client and AP are trying to prove their legitimacy to each other. It follows then that the pineapple might not be successful in the case you stated.

However, my test was a sample set of 2. I believe any device that is implementing decent WiFi security measures would follow suit but it would be interesting to see if there are any exceptions out there. I'll probably be testing Windows based systems later.

This piece of knowledge is going to make me cut my SSID pool down. If APs / SSIDs requiring WPA2 aren't going to help me snag client devices, I might as well cut them from the pool.

[Apple randomization algorithm]

Is there anyway to capture the real Mac address if the apple clients are not associated to Wifi Pineapple

It depends on if the client is in idle/sleep mode or not. If it's in sleep mode, I have not been able to get any response from the client. If the client is not in sleep mode, then you can get the real MAC address if the client connects to the Pineapple. When an apple client is associated with an AP, it will use it's real MAC address.