russell@fulton.geek.nz
-
Posts
6 -
Joined
-
Last visited
Posts posted by russell@fulton.geek.nz
-
-
dopey question ;)
How do I get a shell? I tried ssh but got connection refused.
remnux@remnux:~$ ssh 172.16.42.42
ssh: connect to host 172.16.42.42 port 22: Connection refused
-
I pulled the version from GitHub -- which is different from the one we used in the workshop and does not offer a menu.
It just asks you if you want to use the saved setting and if you say no you get prompted:
Connect using saved settings [Y/n]? n
Select WiFi Pineapple Interface:
0) docker0 172.17.42.1
1) eth0 192.168.20.130
2) eth1 172.16.42.42
> 2Select Internet Interface:
0) docker0 172.17.42.1
1) eth0 192.168.20.130
2) eth1 172.16.42.42
> 1Choose Internet Gateway:
0) 192.168.20.2
>Keep default IP settings? [Y/n]?
Save settings for next session [Y/n]?My point is that the pineapple is getting packets out of the VM and on to the LAN do the local routing is working fine. The problem is that those DNS packets will be dropped by our firewall so I need to tell it to use our local DNS.
-
Thanks for the prompt response!
The network was set by wp6.sh and it picked the correct gateway address?? hmmm...
Ah! it is hard coded in the script and is not actually used in any configuration. It is just printed.
Lets see what tcpdump on the external interface of my laptop says when I try to get modules:
listening on en3, link-type EN10MB (Ethernet), capture size 262144 bytes
10:39:36.642885 IP bluebottle.insec.auckland.ac.nz.58311 > google-public-dns-b.google.com.domain: 42869+ A? www.wifipineapple.com. (39)
10:39:41.647346 IP bluebottle.insec.auckland.ac.nz.53756 > google-public-dns-b.google.com.domain: 56401+ A? www.wifipineapple.com. (39)
10:39:42.477325 IP bluebottle.insec.auckland.ac.nz.50273 > google-public-dns-b.google.com.domain: 57283+ AAAA? 3.openwrt.pool.ntp.org. (40)
10:39:46.652565 IP bluebottle.insec.auckland.ac.nz.56182 > google-public-dns-b.google.com.domain: 61055+ A? www.wifipineapple.com. (39)
10:39:47.483060 IP bluebottle.insec.auckland.ac.nz.60021 > google-public-dns-b.google.com.domain: 24482+ AAAA? 3.openwrt.pool.ntp.org. (40)
10:39:52.487384 IP bluebottle.insec.auckland.ac.nz.63384 > google-public-dns-b.google.com.domain: 15637+ AAAA? 3.openwrt.pool.ntp.org. (40)
10:39:57.492908 IP bluebottle.insec.auckland.ac.nz.53060 > google-public-dns-b.google.com.domain: 50745+ A? 3.openwrt.pool.ntp.org. (40)
10:40:02.497604 IP bluebottle.insec.auckland.ac.nz.55421 > google-public-dns-b.google.com.domain: 51612+ A? 3.openwrt.pool.ntp.org. (40)
10:40:07.503074 IP bluebottle.insec.auckland.ac.nz.52182 > google-public-dns-b.google.com.domain: 3242+ A? 3.openwrt.pool.ntp.org. (40)
The traffic is hitting the LAN but won't make it out to the Internet.
So it's back to my initial question: How do I point the WP to a local DNS (and NTP) server? We block both at the border.
-
Oops. meant to include the routing table:
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 172.16.42.42 0.0.0.0 UG 0 0 0 br-lan 172.16.42.0 * 255.255.255.0 U 0 0 0 br-lan
-
HI folks
I did the "pineapple" workshop at AusCERT conference back in May and finally got around to getting the nano deployed at work. I actually brought the full pack with the other toys so I need to set up the nano from scratch. Pleased to report that the workshop notes still work fine -- the only thing I had problems with was getting the routing working properly ( there was no default route shown in the network config). I 'fixed this by the time honoured method of unplugging it and putting it back in ;) all looks good now.
remnux@remnux:~$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:0c:29:2e:5f:1c
inet addr:192.168.20.130 Bcast:192.168.20.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe2e:5f1c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7976 errors:0 dropped:0 overruns:0 frame:0
TX packets:3981 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1401121 (1.4 MB) TX bytes:1379223 (1.3 MB)eth1 Link encap:Ethernet HWaddr 00:c0:ca:90:d3:9d
inet addr:172.16.42.42 Bcast:172.16.42.255 Mask:255.255.255.0
inet6 addr: fe80::2c0:caff:fe90:d39d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:228 (228.0 B) TX bytes:578 (578.0 Bremnux@remnux:~/wifipa$ sudo bash wp6.sh _ ___ _______ ____ _ __ | | / (_) ____(_) / __ \(_)___ ___ ____ _____ ____ / /__ | | /| / / / /_ / / / /_/ / / __ \/ _ \/ __ '/ __ \/ __ \/ / _ \ | |/ |/ / / __/ / / / ____/ / / / / __/ /_/ / /_/ / /_/ / / __/ |__/|__/_/_/ /_/ /_/ /_/_/ /_/\___/\__,_/ .___/ .___/_/\___/ /_/ /_/ v6.2 _ . ___ \||/ Internet: eth0 192.168.20.2 ( _ )_ <--> [___] <--> ,<><>, Pineapple: eth1 172.16.42.42 (_ _(_ ,) \___\ '<><>' Network: 172.16.42.0/24But attemts to load new modules fail. I am betting that the problem is that the nano is trying to use Google DNS which won't work from inside our network but I can see where to change it.
results of initial trials with WP
in Everything Else
Posted
Hi
Posting this here since all the wifipineapple forums are model specific and are focused on helping people with problems. There does not seem to be anywhere for generic discussion about results etc. If I have missed somethign then do let me know :)
I now have my nano runnning at work which is in the IT dept of a large university. Yes, I am allowed to do things like this ;) Purely passive monitoring at the moment and I have a couple of days worth of logs which I have run through a ruby script which is based on Darren's analyze.sh. At the moment my script just replicates what Darren's does. Yes it will be available somewhere public when there is enough additional functionality to make it worthwhile.
Current output:
Top 10 NIC vendors apple, 157 Unknown 94 samsung 65 intel 20 murata 15 microsoft 15 huawei 10 liteon 7 messma 7 htc 7 motorola 6 Top 10 SSIDs UoA-WiFi 345 MPI_Guest 51 vodafonesucks5 50 vodafonesucks2 50 Tigger 33 homewlan5 27 eduroam 22 UoA-Guest-WiFi 16 Auckland Wi-Fi @ Tomizone 12 Auckland WiFi 6 Grumpy 5 Distribution of ssids per client # SSIDS #clients 1 418 2 25 3 61 4 2 5 6 6 2 7 2 8 2 9 1 10 3 11 1 12 2 13 1 16 4 17 1 Total number of clients is 531The only surprise in the vendors is the number of unknown -- I see there are other versions of the IEEE list out there. I'll give them a try.
The SSIDs are much more interesting. The two UoA-WiFi are our official networks ( as is eduroam). We have an arrangement with Tomizone to carry each others SSIDs so that is no surprise but the rest is somewhat baffling. I know where one of the "Tiggers" comes from but 25 others ??? I know that vodafone suks but that bad?
I have just added code to the script to dump out the distribution of the number of SSIDs per clients. That I found unexpected. Most of the clients are not leaking SSIDs and a few hemorrhage them! My iphone only showed UoA-WiFi until I deleted it and forced it to reconnect, then Tigger appeared as well but not any of the other one I know to be in the prefered networks list. Tigger is not a network I join often so why it appeared and not the other I don't know.