[Deauth Client]

16 hours ago, Strigoi said:

I'm using the interface on chrome. Wouldn't command line be a bit more difficult?

with commandline you will receive feedback should you encounter any issues.

Also it is interesting to find out what is going on behind the scene.

 

[Hardware Setup]

15 minutes ago, D1C3 said:

What is the tetra USB 2.0 slot used for?

optional. can be used for power, for direct connection to laptop, for 3g/4g dongle, another wifi adapter etc. in your setup it does not seem necessary to have an additional wifi adapter.

[Hardware Setup]

20 hours ago, D1C3 said:

I'm thinking about this for my Tetra Setup, what do you guys think ?

 

awus036nhr is not neccessary?

[Cannot connect to Pine Open WiFi]

19 hours ago, George S said:

I did that. I actually have all the PineAP options checked and the device I am trying to connect to the Open Wifi is listed in the "Allow" Filters. 
The connection fails and from what I can guess is that it is because it does not get an IP.... 
 

I have tried other devices with no success... Stumped

try w/o using the filter. ie switch to deny mode and remove all mac addresses

[Deauth Client]

7 hours ago, Strigoi said:

I started PineAP with all options enabled. Every time I try to Deauth Client, It says,

Please start PineAP and try again.

Start PineAP

try using ssh.

[Cannot connect to Pine Open WiFi]

5 hours ago, George S said:

It appears that although devices try to connect to my PineAP wifi, they cannot get an IP and leave...

try enabling allow association. 

[Nano Not Working?!]

On 2017-5-15 at 1:08 AM, esa said:

So you SSH into WiFi Pineapple, ran ifconfig and did not find any adapter matching wlan1 or wlan1mon?

Can you post a screenshot of the results of ifconfig & iwconfig & iwlist.  

 

Well at least the forum community is trying to help you, but you do have to help us answer some qns before we can do that.

[Shipping Restrictions]

Check the seller's rating and reviews from his previous sales. Make a judgement call. 

How would shipping from Sweden cost double? Basically it is just adding an additional shipping charge from Sweden to Lebanon.

On shipping restriction, it is usually enforced by the destination country. ie your country. 

http://www.dhl.com.lb/en/country_profile/import_guidelines_express.html

Quote

Commodities where you should contact your local Customer Service advisor to clarify shipping requirements

Communications equipment
Phones/modems
Telecommunications equipment
 

Tip: call your local DHL representative and ask on the restriction. For simplicity tetra can be considered a wifi router.

[Shipping Restrictions]

15 minutes ago, c0mrade said:

When you say I can not, does that mean that they will check the address that I am shipping to and if it says something like "borderlinx" in it, they will simply ignore my order? And in that case how would I ever get my hands of hak5 products? I mean turkey is near Lebanon, also I've got a friend in sweden, I can let him buy it and then ship it to me. But that would raise the cost from 200$ to maybe 400$ doubling it, I mean I can't find any other solution.

http://www.ebay.com/itm/WiFI-PINEAPPLE-TETRA-HAK5-/182578911537?hash=item2a828d1931:g:gWEAAOSwn-tZHBac

there are always different ways to get things done. 

[Error in Kali]

50 minutes ago, Strigoi said:

In virtual box, got an error when trying to load pineapple.

https://ibb.co/gOZROF

you didnt download the script properly.

what you did was download the html file instead. 

copy the wp6.sh manually, paste it into a file, or vi into a file. 

["Load Bulletins" Crashing PC Windows 10]

17 hours ago, domingocool said:

UPDATE: Noticed if I used Microsoft Edge instead of Google Chrome to check for Bulletin Updstes that the PC did NOT crash. I still now have the issue where it will not connect though or load bulletins/firmware update.

For internet issue

 

For BSOD crash, likely a driver issue on your OS.

Update your PC/drivers. Google: bwcw8x64.sys chrome

[Pentesting Dual Frequency Routers]

On 2017-5-16 at 3:30 AM, Darksider666 said:

 

Like I said, it is working with another AP...

 

I never gave up testing and the result: Deauth is working one the router with the tool mk3 even in ac mode. I'm confused....

Ensure that your interface is set to the correct channel. 

run aireplay-ng with an additional -D parameter. 

[Assistance required to narrow down Recon bug]

I think i might have found a way to increase the chance for Recon scan to trigger an error. It seems that by running 2 or more Tcpdump/httpsniffer, it will affect Recon module's stability.
What this means is that if you are running modules which utilises tcpdump/httpsniffer (or similar type of binary), it might make Recon module unstable. DWALL is one example of such a module.

 

This might be specific to my device, so i would like for you to help test this out on your device.
Do try it on a Tetra if you have 1, Tetra might be immune since it is a more powerful unit. 

Instructions: 

a) SSH to WiFi Pineapple

b) run

airmon-ng start wlan1
tcpdump -i wlan1mon &
exit

c) SSH to WiFi Pineapple again

tcpdump -i wlan0 &
exit

d) SSH to WiFi Pineapple again

tcpdump -i br-lan &
exit

e) SSH to WiFi Pineapple again. ps command is for you to verify that 3 instances of tcpdump is running in your process list. 

ps 
pinesniffer wlan1mon 60 0 /tmp/test

f) Run pinesniffer 4 more times. And kill off the tcpdumps

killall tcpdump

g) Expected output should be one of the below: 
 -   No error reported
 -   Error reading packets
 -   Segmentation fault

h) Report the output in this thread

 

 

[advice needed Undetectable Hack on My Pc]

7 hours ago, GeeBee said:

Hi guys

thanks for your comments, really appreciated

its just an off the shelf pc laptop i purchases myself with the company credit card so i have full access and don't leave it untended, so you can see why the don't believe im responsible

its not an expensive data loss, why do you think a hack is expensive?  do you mean if someone buys a hack software off the dark web ?

thanks graham

Usually it is expensive. 
https://www.wired.com/2015/11/heres-a-spy-firms-price-list-for-secret-hacker-techniques/

Do you have Anti Virus software installed?  It helps to eliminate free/cheap tools found in public space. 

 

So from the hacker's perspective, why would he/she spend the effort & risk getting caught to target you for data that are not worth much?
Furthermore why spend the effort to plant fake Skype messages on your PC?
The hacker manage to access your PC, steal data without leaving any trace, but "carelessly" left a planted Skype messages is highly suspicious. 

Somebody wants you to take the fall. 

 

Can you share the Skype ids/email involved in the conversation?

 

 

 

[advice needed Undetectable Hack on My Pc]

On 2017-5-16 at 4:51 PM, GeeBee said:

my windows works laptop has been hacked with files and programs being added and removed and some skype conversations found that i didn't have about theft of company files

the laptop is used only be me at home and work, i know its been hacked because i know i didnt do it, but i face the sack if i cant convince my bosses that it is possible to do this even though they have paid 2 company's to search the laptop for proof that it has been hacked
any advise on how this is possible ?
is it just a hard to detect back door ? if so what is the hardest to detect ?
thanks for any advise on how this is possible

Some qns:

1) Do you have administrative rights on the laptop ? Usually IT dept will not allow employees to installed/remove programs. If you are not granted admin rights in the first place than this will be advantageous in your case since you should not be able to add or remove programs. 

2) Could you share the value of the data loss? Sophisticated hack jobs are expensive. 

3) Could it be a sabotage? Did you leave your laptop unattended in the office? From this perspective then it makes sense that 2 companies are not able to find signs of intrusion & backdoor.

[ReconPlus]

17 hours ago, Just_a_User said:

Sure, I found the module as it is works great if your moving around as it highlights MAC's that stay in range - potentially following you as you suggest.

If inverted - It would ignore for example staff working regularly at a location and highlight MAC's that are new - potentially highlighting strange/new devices in a known environment.

I hope I explained it clearly, if not let me know.

https://github.com/esa101/ReconPlus-Tetra/tree/version4

https://github.com/esa101/ReconPlus-nano/tree/version4.0

Is this what you are looking for ? 

[ReconPlus]

2 hours ago, Just_a_User said:

Sorry I cant help with the pinesniffer crashes. But I have a different question. Would this module be able to operate inverted? so ignoring MAC's it has seen for the last 'n' scans and highlighting "new" MAC's? I can see use cases for both.

Can you elaborate on why this feature would be useful? Could add this in. 

[Clients prefer "real" access point]

Just now, andylarks said:

Ah, sorry, should have included that - real AP is WPA2

Ok so you will need to create a spoof AP with same SSID and security settings. ie WPA2 & same password.

[Clients prefer "real" access point]

Just now, andylarks said:

Setup:

1. Pick known client (my mobile) connected to known AP (my WiFi router).
2. Add known client to client filter "Allow mode" for Mac.
3. In PineAP:
   1. Allow associations
   2. Log probes
   3. Log associations
   4. Broadcast SSID pool (which contains known AP name)
   5. Set both Broadcasts to "Aggressive"
4. Save

I then go back to Recon view, and Deauth the known client. I can see my mobile disconnecting from the WiFi - but it then reconnects to the original WiFi, not the Pineapple version (both are listed as options).

Am I doing something wrong?

Thanks

A.

your real AP is it a open ap or WPA/WPA2 protected AP ?

[ReconPlus]

Recon 100% stuck error ... identified one possible cause and have updated a module to bypassed the issue. 

https://github.com/esa101/ReconPlus-nano/tree/version3.1
https://github.com/esa101/ReconPlus-Tetra/tree/version3.1

 

Info on how the Recon 100% stuck situation occurs (pray for fixes in future firmware update): 
When we click scan on RECON module, at the backend it triggers pinesniffer. After pinesniffer is completed, the results will be stored at the tmp location with the following pattern /tmp/recon-xxxxxxxx

Quote

pinesniffer wlan1mon 120 0 /tmp/recon-xxxxxxxxx

RECON module will loop at a regular interval to check if /tmp/recon-xxxxxxx is created to determine that the scan is completed. There is also a check at the 100% mark to kill off pinesniffer if it is still running, if pinesniffer has crash before that then there is nothing to kill. 

Unfortunately there is a strange problem where pinesniffer crashes without producing the /tmp/recon-xxxxxxx, thus resulting in the 100% stuck situation as RECON module will keep looping and not be able to find the /tmp/recon-xxxxxxx file. 

I do not have a fix for pinesniffer or know exactly what causes it to crash, but i have updated the reconplus module to check that pinesniffer is running at the 30% & 100% mark. With this update we wouldnt have to wait without knowing what happen, or waiting up to 10min just to find out that the module has already crashed. 

 

**ps do not have the required skillset to analyse why pinesniffer crash. Any expert inputs will be appreciated. 

 

[[Idea] Hacking Mobile Devices, The Other way...]

Interesting article. Do also make sure that playing with such device is legal in your country. 

https://arstechnica.com/security/2015/10/low-cost-imsi-catcher-for-4glte-networks-track-phones-precise-locations/

https://arxiv.org/pdf/1702.04434.pdf

[General NANO Discussion]

10 hours ago, Dedsec_Nethunter said:

Hi community,

 

Sorry if stupid questions.

 

I'm going to buy a nano and i would like to know if i can launch third parts softwares through the nano.

I mean can i launch a soft like Nessus from my kali machine after i already harvested some clients with the nano? Same question for metasploit console.

Can i use these tools through the nano or i can only use the modules inside the nano?

 

Thanks for your help.

As what b0N3z mention, very unlikely and even if it is possible it will take alot of work to get nessus or metasploit running on a Nano. Even if they can work, the modules should run poorly on a Nano.

An easier solution would be to run the nessus or metasploit on your kali machine and from there target those harvested clients with the following setups:

a) kali is setup as the gateway to Nano. ie Nano connected via usb to kali laptop, kali provides the internet, all harvested client will need to connect to the internet thru you. 

or

b) kali machine connects to the same spoofed AP thru Wifi. From there you are within the same subnet as the other harvested clients. 

[Filters web gui]

Quote

Turning off the Allow Associations don't allow me to connect, so i turned on and was fine.

Strange behaviour, it works for me when Allow Associations is turned off. 

Can i check whether NetworkingPlus ->  "Hide Client AP" is disabled.

 

Anyway with Allow Association turned on, you will need to use Filter module -> SSID filter -> Allow Mode to achieve minimal visual cue. Else your targeted device will see that previously associated SSID are available in the Wifi list. 

[[Idea] Hacking Mobile Devices, The Other way...]

You might want to look into femtocell

https://www.weboost.com/news/blog/cell-phone-signal-booster-or-femtocell/

 

https://www.digitaltrends.com/mobile/femtocell-verizon-hack/

[Filters web gui]

2 hours ago, Anima said:

Good day,

I been struggling to know how to use the filters in the Nano web interface. If i misconfig the settings the Nano broadcast every SSID probe nearby and that is to nousy for me.

For my test i just need one Fake AP and every client can associate to that AP, then just some specific clients for later test the modules

How the "Allow" and "Deny" works and how should i need to configurate for my testing proposites?

 

Sorry for my english and thanks in advance.

 

 

There is a help section under Pineapple Nano GUI: 

Quote

Filtering may be performed by Client MAC Address or SSID. Both Deny and Allow modes are supported and this option may be toggled using the switch button.

Client Filtering
In Deny Mode, Clients with MAC Addresses listed in the Client Filter will not be able to connect to the WiFi Pineapple. In Allow Mode, only Clients with MAC Addresses listed in the Client Filter will be able to connect. When performing an audit, it is best to use Allow Mode to ensure that only clients within the scope of engagement are targeted.

Client MAC Addresses and SSIDs may be added from menu buttons associated with their respective listings in Recon or Client views.

SSID Filtering
In Deny Mode, clients will not be able to associate with the WiFi Pineapple if they are attempting to connect to an SSID listed in the filter. In Allow Mode, clients will only be able to associate with the WiFi Pineapple if the SSID they are attempting to connect to is listed in the filter.

SSIDs may be added to the filter from the menu buttons associated with their respective listings in Recon.

On the topic of creating a fake AP to minimise visual cues, i am not certain if the PineAP can accomplish that. If i am not mistaken, PineAP/Karma will response to any Wifi probe request with valid SSID. Thus devices with Wifi turned on should be able to see that all previously connected SSID are available. 

 

You could try https://github.com/esa101/NetworkingPlus this module for precise creation of a fake AP. 
Under the PineAP module, Turn off "Allow Associations", and keep PineAP Daemon: Disabled.

 

 

Do reply with your results.