Jump to content

Just_a_User

Dedicated Members
  • Posts

    1,821
  • Joined

  • Last visited

  • Days Won

    53

Everything posted by Just_a_User

  1. Are you seriously saying your nano is performing better than your MK7?
  2. Oh your still on about that, my apologies I thought we had moved on. Its possible from CLI to change MAC for all interfaces on the pineapple so not sure what you mean unless you want to go into more detail...? do you mean the beacon responses from PineAP? You can configure that to use one MAC from GUI already. Or maybe you mean you would like each beacon response to have its own unique MAC address for a valid router that may not be in range to obtain its original MAC from? Well luckily that's to do with BB so you can go complain to them about that, eh? :)
  3. What technique? You mean using 2.4 only for lower model and 5ghz on higher spec? I think its more about built in hardware and available ROM size and a trade off between free space for the user and including a qty of drivers/software. Anyway, its coming. Its official, so you can be grumpy about the past, but once its released you will have to find something else, best get looking 🙂
  4. This interested me so googled it. I see many others having the same issue with that device. However there was one post where someone claims to have it working by doing the following. I have not tested or have the device to test so good luck. sudo apt update sudo apt install dkms sudo apt install build-essential bc libelf-dev linux-headers-`uname -r` sudo git clone -b v5.6.4.2 https://github.com/aircrack-ng/rtl8812au.git cd rtl* sudo ./dkms-install.sh sudo reboot So looks like a driver issue. Its worth reading the git page.
  5. Sounds like your pineapple isnt online. Did you sort out ICS or client mode or use a supported USB Ethernet adapter?
  6. If only you gave me more time I could have answered you before you lost your mind with worry that we were all ignoring you! its OK were not, just dealing with all sorts of other stuff too. like everyone else.
  7. 1. 3 built in + a USB port. 2. no, but you can connect it to a pc and run VNC on that. 3. Yes 4. Yes, multiple radios. 5. Not quite how its working. In its simplest terms it can advertise many hot-spots and direct them to one. yours. But so much more. 6. Yes, or if not very soon. 7. Probably, but no. Faster on other hardware. 8. No.
  8. I found the tetra hardware really good over the years. Especially when adequately powered. Plugins or modules as they are known are community made so are not by hak5 directly. What I found with them was each major firmware revision there were sometimes enough changes that occasionally one or two of the modules broke. Sometimes it was simple fixes or tweaks others required the developer (if still around) to fix. Usually going to the forums and reading the (sometimes whole) relevant modules thread led to the answers. Now I have the MK7 and im finding it pretty solid, fast and refined - there have been some teething issues which are being resolved and there are still features being rolled out so things should get even better. But that's new hardware for you, the early adoption period is always "fun".
  9. Hi, I appreciate the feedback. I was helping the person by letting them know they needed to investigate the modules further, especially as they had gotten themselves so close to the answer. What they were asking for was already in there possession. So just a little more reading and they would understand there question was mute. Give a man a phish and he hacks for a day, teach him how to phish and he hacks forever EDIT - also, nothing much good (or legal) comes from a continuous deauth.
  10. Android and iOS started randomizing MAC for devices. You can google the versions of each where it started. In my android i can go into to the wifi settings (of the connected network) and turn it on/off. Its theoretically to resist basic tracking/privacy issues. Which you can see in action on your pineapple. Some good reading http://papers.mathyvanhoef.com/asiaccs2016.pdf Although I believe things have moved on further since that was written its got a lot of great info.
  11. My thinking was that in some cases clients were still able to use https or VPN while associated with the pineapple using Evilportal. I guess in an indirect way it is to try and apply some gentle pressure to complete the (more optional these days) network/portal registration.
  12. Youtube started cracking down on instructional hacking videos, removing videos often demonetizing them and banning accounts. I think this has put people off producing them, at least for a while. Started to see a few more these days though so maybe changing or people are doing it anyway. Same as you could always do, keyboard injection of payload, powershell or browser stuff seems most common these days. IF you are developing your own attacks and finding/producing them yourself then you probably will do well. If you are expecting to download ready made attack payloads that still work on latest releases of OS's & AV "as-is" then your probably going to be disappointed as once they are publicly released very often they are patched so turn ineffective. If its just for you to learn with at a home lab i would consider saving up for a BashBunny as will give you more to learn for the money as it does what the duck can do and more. But its slightly larger, slower to boot and looks obviously not like a standard USB thumb drive. Pro's n Con's. EDIT - as an afterthought. This is a common question, but its a false question. As the (Insert Hak5 device here)is basically just a tool that interfaces you with a % of an attack vector, the actual question is what can an attacker to with (Insert relevant) attack vector. So in your case, regarding the title of the post - your asking is the keyboard still viable in 2020 (to an attacker).
  13. Would it be possible to have some form of timer, to watch associated pineapple clients not on the Allowed client list and kick them automatically after xx time without registration? Or maybe throttle limit clients and lift restrictions on joining Allowed client list?
  14. Just because it does not say deauth, does not mean it does not deauth.
  15. Did you already try https://docs.hak5.org/hc/en-us/articles/360010554753-How-do-I-reset-the-device-or-recover-its-firmware- then https://docs.hak5.org/hc/en-us/articles/360034848353-Manual-Upgrade as Darren say in the post above yours.
  16. maybe take a look at the available modules for the MKVII?
  17. You can use it with kismet, airodump-ng and horst for example. Is there a specific thing you are trying to do or need?
  18. Airmon-ng isn't used to specify channel, iwconfig or the application you use the monitor interface on (like airodump-ng) will usually specify the channel/band as an option. No, you already asked and i said Maybe in the future it comes to GUI. For now use ssh/terminal.
  19. Did you check out all the modules? there is something for everyone there.
  20. Did you also try to collect a handshake using the built in recon page of the pineapple?
  21. Currently yes. CLI is only way to use a wlan3 radio, but probably/possibly not forever. Use airmon-ng tool as usual to start/stop monitor mode of a capable device.
  22. Factory reset will most likely be your only path back. Did you maybe flash the wrong firmware? maybe an upgrade file instead of the recovery file? You need to try and get to firmware recovery page as shown in the factory reset instructions https://docs.hak5.org/hc/en-us/articles/360010471134-Factory-Reset If you still cannot get into a shell/uboot recovery because of bootlooping then your going to struggle to recover that device.
  23. This is already possible from the CLI and will most likely be implemented into the GUI in future firmware releases. Sounds more like you are unsure how to use your pineapple than there is something wrong with it.
  24. From your video it shows you were trying to de-auth a WPA encrypted wifi network and expecting clients to migrate to an open network of the same name. That's not going to happen as the encryption method is different so the devices will treat it like any new unknown network. The only way that would work is if you de-authed the WPA network for so long one of the clients tried it manually out of desperation. I would hazard a guess that there is nothing wrong with the pineapple itself.
  25. @newbi3 I believe its @kbeflotemplates https://github.com/kbeflo/evilportals From my own testing I found the notify command was killing the whole process by somehow hanging. I tried many deviations of the same to try and get notify to work from php. Still no joy although i haven't given up completely yet, suggestions and reading welcome. I have got the templates to work while still giving a notification, but it is by using something that may not be on the pineapple for much longer. And that's /usr/sbin/pineutil Right @Foxtrot? Either way its there atm. Currently if you replace the $this->execBackground("notify $email' - '$pwd"); with $this->execBackground("pineutil notify 0 'Evilportal got creds! $email - $pwd'"); Then in general most of the NANO/TETRA templates seem to work, some with other minor tweaks required. So for backward compatibility and having some basic templates to test in home labs early on - its a quick and dirty way to get something up and working. But going forward new portals should probably be made from scratch for the MKVII using the best from the available firmware & module.
×
×
  • Create New...