Jump to content

Just_a_User

Dedicated Members
  • Posts

    1,822
  • Joined

  • Last visited

  • Days Won

    54

Everything posted by Just_a_User

  1. Hi, I noticed a PineAP update on the module manager yesterday as a system update. Maybe installing that resolves your problem. Can you SSH in and check /pineapple/modules/PineAP/module.info - latest is v1.3 Also in the past i see you have had SD card issues (not mounting) did you get those resolved? You say you cant add any SSID's to the pool, even manually using the GUI?
  2. I cant find any examples of existing fsk rolljam code. And im also new to SDR in general and am still finding my feet with it. This is very interesting tho and I like learning about these things. I'm assuming your taking the ask ook example from here? https://github.com/alextspy/rolljam As a defense, I was wondering if you could you use a fake rolling code generator in the car. Also you could stop using the keyfob and use the key to lock up which would limit your exposure - at least for a rolljam attack. If you combine a rolljam with a canbus attack - cars with a start button (no key ignition) could theoretically be entered, started and stolen with no keys needed or alarm going off. crazy thought.
  3. Well was just a thought, props for trying it yourself tho! I find this a real interesting hack. In my searchings I found a post where they did what you did but with a VW that apparently used AM/OOK codes - "attacks described in this blog post are specifically looking at AM/OOK codes, however some cars use different modulations such as FSK which makes the jamming and capturing of the codes much more difficult (and naturally my scripts would not work with those unless they were modified). However the attack in theory should still work against it." Might be worth a look https://andrewmohawk.com/2016/02/05/bypassing-rolling-code-systems/
  4. I know im kinda late with this but was reading this post and it sounded like a rolljam attack I read about a little while back. also explains the step out of sequence rolling code. http://1abxf1rh6g01lhm2riyrt55k.wpengine.netdna-cdn.com/wp-content/uploads/2015/08/2015-defcon.pdf
  5. i had the same they connect but arnt "locked" in place, I read elsewhere on forum that it requires a small modification like you suggest. I popped open the case (starting at the empty SD slot if i remember) using tweezers and small flat jewlers screwdriver. Pulled out the pcb then re-assembled the case without nano inside and used a 8mm drill bit by hand. it barely took any material away before the connector slips inside. My antennas now lock into what angle I want. original post
  6. I'm using 1.1.1 and am seeing and receiving clients, I can also deauth (have used wifite on nano to capture handshakes) and recon is working for me and hasn't hung so far. maybe try a factory reset + format of SD and if that doesn't clear it try a firmware recovery. https://www.wifipineapple.com/pages/faq
  7. That is strange, I would try another factory reset + format SD one more time. If it persists afterwards then i would move on to a firmware recovery. details can be found here https://www.wifipineapple.com/pages/faq Hope you get it back on track.
  8. When you wiped it did you do factory reset or firmware recovery? https://www.wifipineapple.com/pages/faq Are you powering from battery or PC?
  9. From memory the defaults are usually 8.8.8.8, 8.8.4.4. Think there defined in /etc/config/network
  10. also its possible to reset password with a remote (hold OK for 10s) or try "admin" and "masterpwd". worst case
  11. manual says "Default Login is “Admin”, and the password box is blank" on page 9 of pdf.
  12. thank you foxtrot, just what i was after. Is that procps-watch in opkg?
  13. Looks like this one? http://www.apextechnologiesnm.com/manuals/DigitalWatchDogManual.pdf
  14. If someone wanted to monitor successful web logon's onto the pineapples (both tetra and nano) and also ssh how would they go about it? I have had a poke about in the /tmp/ folder but cant spot anything obvious like an auth.log. Would appreciate some pointers please
  15. Just want to make sure of some things before thinking something else. Maybe a silly question, but did you refresh on the connected clients page? or move to dashboard and check connected clients? Also made sure PineAP settings had Allow Associations checked? when your devices are connected are they online/receiving data?
  16. First things first id make sure the owner was happy to go ahead with this and have permission. As a starting point i'd bust the lock box and take a look at it. Specifically i'd be looking for Manufacturer, model any label, part number etc take photo's for later reference. Thats your starting point to trying to find a user/operation manual. In most cases the user manual will identify a default/factory password/pin and provide more details about what you have in front of you and how to use it.
  17. on your iphone you say you can see open version of your network being spoofed. can you manually select it and connect?
  18. The only thing that could make this better would be something like rtl_tcp but for hackrf... if such a thing exists. Again very nice module, can see its possible for basic replay attacks and recon. Captures load straight into Inspectrum once transferred to PC. Been playing with my rf doorbell and its working well.
  19. Found this that may or may not help. http://mediarealm.com.au/articles/2014/03/openvpn-client-through-a-restrictive-firewall-and-proxy/
  20. As i said i haven't done it myself so cant help much more. From what you describe it does seem to point to what sounds like an interrupted flash or stuck reset button - constant orange light. The most i can do to help is find this old web page, something @Mr-Protocol did for the MK4 wifipineapple so im not sure it would still ring true for the MK6. You can either wait for response by someone else here, try the link and adapt it for the MK6 (at your own risk) or create a separate post specifically about flashing via serial. https://mr-protocol.blogspot.nl/2013/12/wifi-pineapple-mark-iv-clean-flash-uart.html ***Do not use the above instructions for TETRA - Mr-Protocol Hope this helps. good luck.
  21. Take a look at the FAQ section - it has serial information, factory reset and firmware recovery details. https://www.wifipineapple.com/pages/faq I haven't had a bricked Pineapple as yet so haven't needed UART/serial connection. I have had a TP-MR3020 running OpenWRT that was inaccessible (the firmware was present just mis-configured) it just required a "firstboot" and "mtd -r erase rootfs_data" command over serial. But i don't know if thats exactly how the pineapples roll and its different to firmware flashing via serial as it just resets whats already there. When you power your tetra up (without holding reset) does it fully boot up to blue light?
  22. I have done a few firmware recovery's and each one has gone well. Your description doesn't explain what exactly you did and in what order so im just chucking some thoughts to try. If you have already tried them then disregard. Connections, only use the Y usb lead when updating firmware connected to the ETH micro USB port on the Tetra, I even remove my mains power and LAN cable. Firmware file, Always checksum the firmware binary before flashing anything. Once in recovery mode and connected wait for USB to create the network connection, then enter the network settings and manually change ipv4 from dhcp to 192.168.1.2 with 255.255.255.0 netmask. Hope you get it sorted.
  23. The nano tactical comes with a Pineapple juice 4000 which is charged from a micro usb using DC 5V. I have been charging mine with both 1A and 2A phone chargers and its working well. Dont put 12V onto it :)
  24. theres a nicely laid out example here http://www.hackedexistence.com/project/wifi-pineapple/wardriving-with-wifi-pineapple-kismet.html its not using GPS tho. to enable USB serial GPS you need to change the kismet.conf # Do we have a GPS? gps=true # Do we use a locally serial attached GPS, or use a gpsd server, or # use a fixed virtual gps? # (Pick only one) # gpstype=gpsd # Host:port that GPSD is running on. This can be localhost OR remote! # gpshost=localhost:2947 gpstype=serial # What serial device do we look for the GPS on? gpsdevice=/dev/ttyACM0 <----- or what ever the device shows up as in your /dev/
  25. Gutted... OK I will re-download the tetra_factory.bin - do another firmware recovery - then try again. cheers! Update: Its working! very happy - I like what you have done so thank you for the hard work Foxtrot, I wasn't expecting this to ever make it onto the Pineapples so this is a real positive addition to the modules.
×
×
  • Create New...