Skinny

Couple of follow up questions. How are you powering the 2.3 watt amplifier and what do you mean by usb range extender? I'm asking all this to see if there is a way I can reproduce the problem with stuff I have here.

How are you powering the Nano and what all do you have connected to it?

I keep different versions of the file depending on the use case. Many times I'm looking to grab unassociated clients in a particular area. For that purpose I have a file of just the top 100, public, free wifi points in the area. Throughout a week of capturing clients, the Nano will pick up more SSIDs during the course of doing business. At the end of the week the top 100 file gets reloaded to the /etc/pineapple/. I've found that once you reach a ridiculous number of SSIDs, it takes a longer time to capture a device if you get it to associate at all. Having a targeted list along with watching for SSIDs being beaconed by the client seems to work pretty well. Within the /etc/pineapple/ directory make yourself some copies of ssid_file. In my case it may look like this: cp ssid_file myTop100ssids cp ssid_file topssidsinKentucky cp ssid_file topssidsinCleveland Next, edit each one of these copies to your specifications. I use nano. nano myTop100ssids After editing press [Ctrl o] to save and [Ctrl x] to exit. To load up a file type for use. cp myTop100ssids ssid_file This will copy myTop100ssids and rename it ssid_file for use by the pineapple. Forgive me if this is something you were already aware of how to do but I thought it might help based on the question. Have a great day!

Thanks!

So am I safe to assume the wlan1mon goes active when whenever recon and PineAP is activated and then remains on after either module is finished or deactivated?

Seb, Just so you are aware, the red LED comes on whenever you start recon mode or activate PineAP, but once Recon has finished or if you deactivate PineAP, the light continues to blink until the power in completely killed. I'm not sure what the intent was but that's the behavior I've noticed. Just thought I'd let you know in since you were looking into it anyway.

This is mostly possible with the Ubertooth. Right now I have a setup that I use to help with Bluetooth sniffing. The rig is put together with the express purpose of tracking bluetooth devices. Here is a picture: https://twitter.com/SkinnyRaD/status/707655156108668928 The Pi is running Raspbian. I'm running ubertooth-rx and shaping the output to pick out the information I want like the identifier (LAP) and the signal strength.

Thanks for the responses. Finally getting back to this after the holidays. Usually what will happen is I will actually see the phones sending out a broadcast, so I know the they are not turning off wifi. I know when a phone is in the area and I even know its MAC address. From time to time the pineapple will work, but it is not often. I'd say I can grab an unassociated client 20% of the time. When I do get the phone to associate, I can locate the phone quickly, otherwise I have to wait around for another broadcast packet and very slowly close in on it. One thing to note is that almost every phone I've found has been in an idle state. Most people don't realize they have brought the device in with them. I'm starting to suspect that some devices will send a broadcast packet but will not respond when the device is in an idle state (ie Turned on but not direct use). I do not know if this assumption is true. However, I'm still curious if there is some way to craft a transmission to these idle devices and forces them to talk back. Even if the response is "Shut up and go away. I'm not talking to you," that would completely change the game for me. I have no desire for the devices to associate in the first place, I just need to get them to be chatty.

Hi All, I have a question regarding the pineapple but a bit of background would probably be helpful. On a daily basis my job is to hunt down and remove unauthorized WiFi devices people accidentally bring into a very large building. My management has decided they don't want any outside WiFi devices and have put money into technical solutions. I have an enterprise solution that can put me to within 20 meters of the target device. This system will provide me with the MAC address of the offending WiFi device. Once I am in the area, I have a WiFi sniffer that will give me a MAC address readout with it's associated RSSI. Before the pineapple I would wait for the device to broadcast every 30 seconds to 20 minutes depending the device's broadcast frequency. Tracking could take hours. The pineapple really changed the game. When the device connects to the pineapple the hunting time drops fantastically. In the best of scenarios the WiFi device pushes out a steady stream of RF breadcrumbs to the pineapple that allow me to track it down. Here's the problem. There are many devices I've come across that the pineapple cannot ensnare. At last check my pineapple is blasting about 400 different SSIDs to attract attention but the fish aren't biting. Anyway, here's my question. Is there anything I can do to get these devices (mostly phones) to just respond. I have the MAC address. I know I am within range. Is there anything I can do, pineapple or not, to just get these devices to just chirp. I'm not at all interested in connecting. I just need a steady, repeatable response to assist with tracking. I know this may be a bit of an odd application but any ideas would be greatly appreciated. Thanks for any help you can provide. Skinny