Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Recent Profile Visitors

1,011 profile views

rpcodes's Achievements


Newbie (1/14)

  1. What are the odds? “Guess My Bitcoin Private Key” by @kerbleski https://t.co/WnmAblHvuj

  2. @Change apps like sarahah, i think you should also encourage others to "flag as inappropriate". Also, the "1 click… https://t.co/xsQW4NBAey

  3. Whats anyone going to do if they dont release it? What if they do and we dont like it, then what? Anyone actually p… https://t.co/RRdi3muxqz

  4. RT @OfficialTandE: Trying to talk only through gifs today https://t.co/bdDJIv74Xa

  5. @Koreandogs now Im sad. And regret buying ...certain products. So, well done :)

  6. RT @wkerslake: TIL Cunningham's Law = "the best way to get the right answer on the Internet is not to ask a question, it's to post the wron…

  7. RT @WongeneKIM: Life is much more exciting with video games. Retweet if you agree!

  8. RT @OmanReagan: Artist’s impression of the ultracool dwarf star TRAPPIST-1 from the surface of one of its planets. ESO/M. Kornmesser https:…

  9. Mr-Protocol thanks for the input. I think your steps are the same as mine just written in simpler language. And you also add the deauth step, yes, I agree. I was looking for a no hands solution, so your step 3, can that be automated somehow do you know? Similar to how karma broadcasts beacons, I'd ultimately like to broadcast WPA APs the same way. I also found on forums this which is basically step 1 https://forums.hak5.org/index.php?/topic/38180-howto-capture-wpa-handshake-wifi-pineapple-nano/ So for the WPA experts - what do we use to actually generate the AP side handshake? i.e. what are our cracking tools
  10. Spoonish, does this mean Chrome on Android for example, is not a crummy browser? Lets see, crummy, do you mean IE for Windows maybe? Where can I find information about the proper operating conditions for either DNS Spoof or DNS Masq ? What clients will / wont be fooled, etc
  11. Maybe DNS Spoof module is dead and replaced by DNS Masq module? https://forums.hak5.org/index.php?/topic/37893-dnsmasq-spoof/ Is there a list of known working configurations, in other words, should I be configuring something via SSH and not the web console? For either DNS spoof or masq
  12. I ran a similar set of tests about a month ago, maybe more by now, Win7, Android, and Ubuntu Linux clients. On the Tetra, but same software (Karma, etc). I think that to accept a client that is looking for a WPA access point, pineapple would need some way to respond with the correct handshake (using tools like airng and the like maybe?) In other words its not enough to reply "Yes I am the WPA AP you want", like it does with Open networks and Karma Iirc WPA is like: Client sends some handshake info AP replies with its handshake info Everything matches then client connects; otherwise, no dice. I'm thinking, is it possible to set up pineapple something like this: 1. listen for and collect the clients handshake / request to connect 2. send to a server to crack / brute force / etc the password, again i think air-ng or something may have this capability? 3. once cracked, send handshake reply to pineapple 4. broadcast the handshake reply, so now client thinks pineapple is its desired WPA2 AP I have not investigated the sort of computational power it would take for a "simple" WPA2 password crack, this is just an idealized flow. Any WPA2 experts - Am I on the right track at least? I second your notion of trimming your pool size. I wonder, does pineapple interface allow us to filter out WPA protected ARPs somehow? I will have to look again for this, curious...
  13. Feeling a little lost here. Waiting for Pineapple to reboot, as even trying DWall isn't showing results. It has worked in the past. But what I want to do, is send example.com requests to the pineapple via DNS Spoof. What I did was install DNSSpoof, its dependencies, then tried Start. Then I visited example.com from a connected android device, and didn't get to pineapple. So, since I am a little unsure about what some of these interfaces are, and I don't see any explanation on Universisty / wiki, I just tried this on each interface: 1. Change interface in menu 2. Press start 3. If no error, try to go to example.com on Android My results were mostly errors, and not once did I see what I expected (pineapple's hello world example page) wlan0 - I am assuming this is what clients are connected to when using Karma dnsspoof: wlan0: no IPv4 address assigned dnsspoof: couldn't initialize sniffing wlan0-1 - not sure if this is what clients also connect to, or if admin portal dnsspoof: wlan0-1: no IPv4 address assigned dnsspoof: couldn't initialize sniffing eth0 - okay, the ethernet port - I have nothing connected here dnsspoof: eth0: no IPv4 address assigned dnsspoof: couldn't initialize sniffing eth1: Only one ethernet port, so not sure if this might be the unused USB? dnsspoof: eth1: no IPv4 address assigned dnsspoof: couldn't initialize sniffing wlan1mon - what is this? dnsspoof: unknown physical layer type 0x323 lo: tried using a connected android (v5.0) client visiting example.com goes to real site dnsspoof: listening on lo [udp dst port 53 and not src] br-lan: again not sure what this is, assuming it is connection to my linux box dnsspoof: listening on br-lan [udp dst port 53 and not src] My config in the Module: example.com So dual question, I suppose: What exactly are the interfaces listed, can someone correct me on these? Did I miss an obvious explanation on wiki maybe? And also, can I find more information on setting up the DNS Spoof module? Im comfortable with SSH but not sure where to go to investigate DNS spoof related issues.
  14. RT @OmanReagan: Artist’s impression of the ultracool dwarf star TRAPPIST-1 from the surface of one of its planets. ESO/M. Kornmesser https:…

  15. ssids seem to be kept in /etc/pineapple/pineapple.db a SQLite database. This is what I see: sqlite> select * from ssid_list; id,ssid 1,"XANADU-ZONE " 2," " So I can clear by doing delete from ssid_list; then replacing modified database file. That works fine if I want to start over. I did more digging, and Im not sure how it got into the state above anyway, where a newline seems to be appended. The issue started with the web console. But here is the table just using the web console again: sqlite> select * from ssid_list; id,ssid 1,Coconuts 2,"Added From Web Client" 3,HOME-A9E8-5 I will try and post more info when it happens again esp. if I figure out how to recreate.
  • Create New...