Just_a_User

try this To restore the BB to original point you can put it into arming mode, plug it into power, wait for the green light to turn on then as soon as the green led goes out unplug it. do this a total of 3 times. The 4th time leave it plugged in and wait for the police lights to finish. it should then be restored to original point. you can then re-flash 1.3 and start again.

Depends on what you want to do, if you were capturing handshakes that would be enough. You could also try a longer Deauth to pester the user of the phone (you) to manually try one of your open networks. As its your known AP you could also try to EvilTwin your AP mirroring the settings (including password) and position yourself/pineapple between the AP and device to improve chances. If you want to get your phone to associate automatically with the pineapple you would do better to go out to the middle of a field for example (or delete your AP from its known networks for test) where your phone would be looking for networks but was not in range of any known AP's. Ideally your pone had at least one open network in its saved networks, say you used Starbucks free wifi in the past. then your phone would most likely associate to the pineapple with the settings you mention above.

thank you, I have been looking for this.

Nice idea, briefly tested while out walking with a second device (so I could turn it off/on at random intervals). If you can add the 5ghz that would be great. thank you for the contribution!

Out of interest, why are you converting the pineapple update *,bin to *.iso?

Thank you kbeflo for your work. Its much appreciated.

I also love my Tetra. Not forgetting the mention of pineapple core by Darren, which would allow combining a Tetra or Nano with a BashBunny. Im guessing this could allow for handing processor intensive tasks off to the BashBunny along with some extra storage. Should also give the pineapple some extra life/longevity. Plus what you learn on a Tetra will almost certainly be transferable to the next model if/as/when.

Great, thanks for update!

I dont think so, but things may have changed since

There are a couple of things online that look similar (but not identical) to the camera you have bought - did you already try: - User = root Password = 123456 or User = ADMIN Password = 123456789 if they don’t work then I would stick to your brute force or alternatively open it up and see if there is a serial/uart you can tap into.

From a quick google I see you have asked a few places. ispyconnect seems to support IPC365 maybe this allows you to do what you want. https://www.ispyconnect.com/man.aspx?n=IPC# If you need telnet access then maybe try setting up an account on the android app (like described in the user manual) and then using those credentials on the terminal to get in. Worth a try.

Welcome to the Pineapple :) Although its possible to spoof protected AP it isn’t part of the PineAP and needs to be crafted individually at the moment. The protected AP needs to be set up identically to the original including its password which you would usually not know by just running passive network scans.

Yes it can, when you initially set it up you were asked to enter a name for the managment wifi with a password. find this network on your phone and join, entering the password you used. then open the phones browser and browse to http://172.16.42.1:1471 to get to the pineapple web UI. Everything is the same but the pineapple has no internet access. The connection app and tethering is only really used to share the mobile phones data connection combined with access to the pineapple UI.

By what you describe I think you connected nano to battery and USB charge cable from nano to phone? this would indeed put power through the nano and charge the phone which is also fine if that’s what works for you and what you want to achieve. The lead I mentioned above allows fitting the other end of the nano to the phone while splicing in a power supply allowing the usb port on the nano to be used with something else such as a 3g dongle, gps or wifi adapter. As with most things there are many ways to get a similar result.

I feel disabling the nano's management wifi network makes reception and operation slightly better and also helps you avoid pineappling your own network/connection to the nano. So for a solution without using wifi try looking for a OTG cable with power - I occasionally use mine like this as is allows the battery to power the pineapple and not drain the phone (depending on which cable). If you were to use a normal OTG type cable combined with a charger cable (uUSB to uUSB) it would drain the phone battery and probably make the nano unstable. Something like this https://www.amazon.co.uk/Micro-Cable-Power-Samsung-I9100/dp/B00C4521R4 some cables have no power connection to the phone at all some connect power to both pineapple and phone. decide what you prefer and give it a go. EDIT - I should add that I use my nano in this config when using a 3g dongle connected to the nano - it provides internet to both nano and phone which is handy.

I think what b0N3z is saying is that the symptoms you describe sound similar to having power issues. From what you describe it could also be something to do with the Micro SD card. Does the problem persist over reboots? Have you tried a factory reset? Reformatted the SD from the Pineapple GUI? Some more detail might help narrow it down to the root cause.

I recall this one being asked before, have a read of this: -

Just a guess - Wondering if you installed libnetfilter-queue - 1.0.2-1?

Nice one, cheers!

you pretty much came to the conclusion by yourself :) Forcing clients off of a secured network isnt the real strength of the pineapples - not saying its not possible but in most cases the client devices prefer a secured network over an open one and have a stronger signal to them than your pineapple - your options are a deauth attack in the hope to harass a user enough to click connect to an open network. Or you can attempt a WPS attack (if WPS is enabled on network) or a more traditional handshake capture and take the successful capture and run a password brute force attack against it. Where the pineapples come into there own is around unassociated clients looking for known networks. - such as personal devices at a work office location. The real vulnerable clients are the ones who have associated with an open network in the past (these will mostly be picked up by the pineapple like a sponge soaking up water) Or you could try making a new network that a client might be looking for such as an open guest network in a lobby area of a corporation that actually has no guest wifi. Keep it legal :)

The antenna included with the TETRA are dual band so both 2.4 and 5ghz. The antenna you link to are intended for the NANO and are 2.4ghz only. Also they use RP-SMA and the TETRA uses SMA.

A good collection of Mini-itx cases here http://www.mini-itx.com/store/?c=3 This one says half size pcie http://www.mini-itx.com/store/~JOUJYE528I-250W

Interesting research worth a read and watch. I think the devices used are around the $185 mark. type RX band- TX band- Function Application width width UT-100A 6-8 MHz 2-8 MHz Rx-Tx General UT-100B 2-4 MHz 2-8 MHz Rx-Tx amateur UT-100C - 2-8 MHz Tx General UT-100D 2-4 MHz - Rx amateur http://www.idealez.com/hides/home/en_US/ http://www.ebay.com/sch/hides168/m.html?item=322470042239&hash=item4b14b65a7f%3Ag%3AGc4AAMXQVT9TBXWO&rt=nc&_trksid=p2047675.l2562

funny you say that - yesterday I had an idea of using a dns blackhole and @kbeflo found this https://doc.pfsense.org/index.php/Creating_a_DNS_Black_Hole_for_Captive_Portal_Clients#Create_the_configuration_file It looks promising. but is untested yet. EDIT - as it stands wont work. :(

Nice idea - I just had a play and seem to have ADB (android-tools-adb_4.2.2+git20130529-5.1_armhf.deb) installed on my bunny. I only tested basic operation while connected to client via my tetra - see below. I used manual instructions here and here, the dependencies were already installed on the bunny - or alternatively you can just run "apt-get install android-tools-adb". root@bunny:~# adb version Android Debug Bridge version 1.0.31 root@bunny:~# adb connect 172.16.42.147 * daemon not running. starting it now on port 5037 * * daemon started successfully * connected to 172.16.42.147:5555 root@bunny:~# adb devices List of devices attached 172.16.42.147:5555 offline root@bunny:~# adb devices List of devices attached 172.16.42.147:5555 device root@bunny:~# adb shell shell@android:/ $ But maybe you got this far already and had problems with operation?