Jump to content

Ruck

Active Members
  • Content Count

    19
  • Joined

  • Last visited

About Ruck

  • Rank
    Hak5 Fan

Recent Profile Visitors

323 profile views
  1. I've contacted support and they will exchange the Nano! Great support and thanks for the help in guiding for a solution!
  2. Thans for your help Cheeto. I've tried the same steps on another computer (my work laptop in this case). Also no succes, the adapter keeps stating that a network cable is not connected. The GUI or SSH is not reachable. Also I find it very suspicious that the blue LED is not als bright als before (and definitely not blinking or any action what so ever). I've contacted support and referenced to this thread.
  3. Cheeto, I have tried your video instruction, but I won't reach the firmware update page. Any other suggestion?
  4. I have tried everything from this thread: https://forums.hak5.org/index.php?/topic/37210-just-bricked-my-nano-howto-unbrick/ Both factory reset as well as connecting with reset button pressed. But nothing seems to work :( Although I think I made some progress. When first connecting the Pineapple to my Linux box it stated in dmesg that USB was over-current. After a cleaning with air this message turned into: dmesg extract: Ifconfig shows no IP assigned sudo ifconfig eth1 172.16.42.42 netmask 255.255.255.0 up ifconfig Trying to reach the webGUI doesn't work Trying to SSH to the Pineapple doesn't work (ssh root@172.16.42.1) Route Please help with further suggestions. (NOTE: I am a newb in Linux, so all command are just copying and trial and error in my case)
  5. I've ruled out the USB-Y, since the same problem occurs with the Pineapple juice. No suggestions?
  6. Hey there again, After a time of not using the nano I tried to attach the nano to my laptop again. BUT....the nano did not work :S and I can't figure out what the problem is so I need help! When I attach the nano to my laptop with the USB-Y cable like before the blue LED is hardly visible, at least not as bright as before and not blinking or any activity noticable. The nano shows up as a network adapter stating network cable not attached. The GUI is not reachable (at 172.16.42.1:1471 at least). Any suggestions on how to solve/where to start?
  7. I have a question regarding the RandomRoll you used: - When I try this with my iphone it only trolls using http sites, no https sites, is that expected behavior? If so, what causes this? Other questions I have: - Is it possible to log probes indicating wheter or not these are probes for open or closed networks? - Is it possible to log disassociation of devices (when I check logging after a day of Pineappling, I see several associations, but cannot say how long they have been associated and whether or not I could have used modules for sniffing or other 'fun' stuff?
  8. That doesn't explain the numbers/stats I see: I see two networks in reach: WORK and WORK-mobile (fictive names). 15 clients are associated with WORK-mobile. But I also see 36 unassociated clients. Which means the 36 are not connected to a wireless network right? After running the PineAP for 1 hour straight I find a merely 13 SSID's. The fact I am finding SSID's suggests that the Pineapple is working, but the devices are not probing? One of the devices is my own iphone, which isn't connected to any wireless network and should auto-connect to my HOME wifi. So I would at least expect one probe for HOME (after an hour?!). Am I thinking in the wrong direction?
  9. I have attached my Wifi Pineapple today again at the office and done a recon: I find 7 with SSID associated clients and 30 non associated clients. With PineAP running enabled for 1 hour, including all options accept broadcasting SSID pool and only 'find' 3 SSID's. This seems quite low regarding the amount of clients! Any help would be appreciated.....
  10. Recording is indeed a good idea for back-up, thanks for the suggestion. I tried 'forgetting' my work network from my iDevices (ipad and iphone) and log probes again. Still I cannot find my iDevices probing for my home network 'SSID: Home'. Also I have set up the PineAP to add SSID to the pool at my office. The pineapple only find/records 5 SSID's, which I find scarely low since there are about 5 employees with mobile devices in a 5 meter proximity and 30+ in a 10 meter proximity. I would expect a lot more probes for a lot more SSID's from 10+ devices (laptops, phones, tables) in the vincinity, correct? Any thoughts?
  11. I have another (newb :S) question. I am currently experimenting with the (basic) possibilities of the Wifi for my demonstration. (Barry for your critical response, but I feel confident enough to be able to pull this one off. I am experienced in giving presentations in the setting and I know I am the one-eyed in the land of the blind). I won't go into sniffing and/or tampering, so probably only SSID recon and connecting my iDevice for demonstration. Nevertheless I am wondering about the following: When I start the PineApp for logging probes, associations and capturing SSID to pools, I am able to see SSID and MAC's around the Pineapple. Now I have my iphone 6 and worklaptop Lenovo T-??? nearby and I know they remember (closed) Wifinetworks (eg. my work and home WLAN). When I do a recon I can see their association with my work SSID, but I do not find any other probes from these devices in the logging (eg. probing my home WLAN)? Any suggestions about this?
  12. Thanks for your response so far, you have already helped me in my thinking proces with the Nano. What I try to accomplish with the demo is a very low/basis awareness and provide a demostration of possible attack vectors. The crowd consists of financial controllers (so non-techies), which have heard of cybersecurity, hackers and all that scary stuff. The first part of the meeting will go into regulatory requirements, the need of information security policy (company wide, organisational, procedural and technical). The second part we would like to demonstrate some very (unskillfull) attack vectors, to entertain the crowd, make them aware of how easy attack vectors can be (since I am not a hacker, but with very easy to use tools already can perform basic attacks). So I want my WifiPineapple demonstration to get the crowds attention as much as possible, so providing as much personal information as possible, but without crossing the line of privacy and legal. Based on your response I think I would go for a setup like: Wifipineapple attached to the presenter laptop (for internetconnection), but stealthy placed ofcourse Activate PineAP with all but broadcasting SSID Pool (since this is more stealthy, right?) Hopefully some crowd members will have open SSID's and will connect (due to beacon response?!) This way I can show/tell the crowd: 1) Look I have found all these SSID's (eg McDonalds, Home, hotspots) so I can track/profile you by MAC address (and maybe mention: luckily these are not open SSID's and will not connect directly) 2) Look I have created X association with the PineAP, so I could monitor your networktraffic The last remark about get and DNSSpoof already goes beyond my current knowledge and skills, but thanks for the direction (I am going to look into this ;)) Another thing I am thinking is to set up my own AP with a weak password (eg Password123456 since it is considered strong with most password restrictions), connect with a device, capture and crack the handshake with Wifite. Thanks for your support, I quite like the activity of this forum! Any thought are still welcome ofcourse
  13. As mentioned in my (first) other topic I am quite new in using the NANO, using Linux and other pentesting tooling/stuff. Currently my manager has also asked me (since I told I bought the fruit) to give a demonstration on our next customer meeting (a meeting for financial controllers of our clients) regarding Cybersecurity. I am limited to a timebox presentation of 15 minutes, but can setup the wifi nano about 90 minutes in advance during other presentations and the walk in. I am not allowed from a legal perspective to break, steal or entering mobile devices, so I am thinking what would be a great demonstration for this purpose to create awareness, but without crossing privacy and legal. 1) I was thinking to set up an unprotected/free AP with the similar name of the locations AP or with the name of the Event and see who will log on to it. 2) same as 1, but with WPA2 key, provided at entrance of the meeting 3) Only recon scanning and log probes to see where attendees have been (so profiling the attendees in general) 3a) In this case is there a method to spot probes for open SSID's of devices, without having them connecting to the PineAP? So far I haven't found this yet. This would indicate devices vulnerable for the PineAP daemon right? WPA/2 protected SSID are not vulnerable to this, since the probe is with authentication, so the SSID Pool will only send the rogue SSID, but the device will not connect to it? 4) For option 1 and 2, what are nice tools/scans to perform on connected AP's to find information on the attendees which can be shared publicly... I know these are a lot of questions to ask for a newbie, but if you don't ask.... Any advice on where to start/learn are welcome....
  14. I have resolved my issue by resetting the NANO and reconnecting. If the problem returns I will mention.
×
×
  • Create New...