QSDx25
-
Posts
12 -
Joined
-
Last visited
Posts posted by QSDx25
-
-
On 5/15/2016 at 7:47 PM, Sebkinne said:
Hi gabehcoud,
I'm sorry to hear that you are upset about the WiFi Pineapple. I'd like to emphasize that what Mr Protocol said about arp poisioning not being needed. As you are inherently the man-in-the-middle, there is no need. The traffic is already passing through you.
In regards to how to use responder, I suggest you ask in the appropriate module thread. Please keep in mind that modules are created by community members for free, and are not directly supported by Hak5. If you have any concerns regarding the WiFi Pineapple itself (excluding modules), please raise these on our bug tracker.
Now, if you want to create a pcap (no need for ARP poisioning), you can simply run TCPDump and log to a file. That you can then import into networkminer, wireshark, tshark, etc. If you are set on using responder, you should listen on br-lan (the bridge of the WiFi Pineapple between internet and clients).
Best Regards,
Sebkinne
Hi,
You say that you don't need ARP posioning for sniffing but i did not found other module that can capture IMAP/POP3 password than ettercap and when run witn -M arp on br-lan. That's the only way i was able to reproduce sniffing imap on my own iphone. The interesting part is that my iphone is ste to use SSL for incoming settings on port 993 and im still abel to sniff the password!?
-
I'm trying to connect TETRA to internet thru WifiClient Mode in Networking menu. First i tried to connect wlan1 - scan, enter password and connect, then i connected Alfa USB adapter and tried to connect wlan2 in the same way. I do not receive any error after I click connect - its just the pineapple animation is blinking and after that I again get the connect button and field to enter password. Im entering the correct password of course and the Wifi im trying to connect is a very close withing range.
-
Hi Darren,
Sorry for flooding this thread but I think would be better to share this now. Seems that the customers service actually is not very fast. I do not receive e-mails for days. I've ordered lots of equipment and still waiting for the tracking# to start moving 2nd day. Today I've send few emails and none was answered. There is no phone support either.
-
I guess that one can be used as well in combination with wireshark and generated ssl cert or environment variables ?
-
My biggest problem is I haven't been keeping up with SSL Security last I heard it was fixed in a way that prevents a hacker from stripping SSL and with just about all the major browsers forcing HSTS you'd technically have to use a really advanced method to trick a user into clearing their cache so that when a program sslstrip is ran it downgrades the security.
I'm not 100% sure I understand the sslsplit however I haven't tried to use it yet so maybe if I installed and and played with it I'd know what it does.
I see that they released ssltrip2 which bypass HSTS.
https://github.com/LeonardoNve/sslstrip2
True/False?
-
Can't you use ettercap for that? or wait till they release SSLStrip maybe?
SSLStrip is still in the module list?
-
I guess you should check Wireshark and use your imagination... If those are SSL connections, then sslsplit comes handy.
-
Have you also considered the European Reseller?
I don't find Pineapples here...
Complete and Utter Disappointment
in WiFi Pineapple TETRA
Posted
Would be better to help him. Just let him know what plugin and option to use to sniff pop3/imap ...