Jump to content

esa

Active Members
  • Posts

    92
  • Joined

  • Last visited

Posts posted by esa

  1. 16 hours ago, Strigoi said:

    I'm using the interface on chrome. Wouldn't command line be a bit more difficult?

    with commandline you will receive feedback should you encounter any issues.

    Also it is interesting to find out what is going on behind the scene.

     

  2. 15 minutes ago, D1C3 said:

    What is the tetra USB 2.0 slot used for?

    optional. can be used for power, for direct connection to laptop, for 3g/4g dongle, another wifi adapter etc. in your setup it does not seem necessary to have an additional wifi adapter.

  3. 19 hours ago, George S said:

    I did that. I actually have all the PineAP options checked and the device I am trying to connect to the Open Wifi is listed in the "Allow" Filters. 
    The connection fails and from what I can guess is that it is because it does not get an IP.... 
     

    I have tried other devices with no success... Stumped

    try w/o using the filter. ie switch to deny mode and remove all mac addresses

  4. 11 hours ago, Dystrakti0n said:

    Thanks B0N3z, I did that, logged back in and my original ticket no longer shows up, so must have gotten dumped in the rollover. As an aside, would you mind shooting me a copy of your boot serial output so I can see what it >should< look like?

    The post is long so i didnt read everything.

    yellow light or frequent reboot could be due to low power, ensure sufficient power is provided to tetra. or can you share your power setup. ie how many battery

  5. On 2017-5-15 at 1:08 AM, esa said:

    So you SSH into WiFi Pineapple, ran ifconfig and did not find any adapter matching wlan1 or wlan1mon?

    Can you post a screenshot of the results of ifconfig & iwconfig & iwlist.  

     

    Well at least the forum community is trying to help you, but you do have to help us answer some qns before we can do that.

  6. Check the seller's rating and reviews from his previous sales. Make a judgement call. 

    How would shipping from Sweden cost double? Basically it is just adding an additional shipping charge from Sweden to Lebanon.

    On shipping restriction, it is usually enforced by the destination country. ie your country. 

    http://www.dhl.com.lb/en/country_profile/import_guidelines_express.html

    Quote

    Commodities where you should contact your local Customer Service advisor to clarify shipping requirements

    Communications equipment
    Phones/modems
    Telecommunications equipment

     

    Tip: call your local DHL representative and ask on the restriction. For simplicity tetra can be considered a wifi router.

    • Like 1
  7. 15 minutes ago, c0mrade said:

    When you say I can not, does that mean that they will check the address that I am shipping to and if it says something like "borderlinx" in it, they will simply ignore my order? And in that case how would I ever get my hands of hak5 products? I mean turkey is near Lebanon, also I've got a friend in sweden, I can let him buy it and then ship it to me. But that would raise the cost from 200$ to maybe 400$ doubling it, I mean I can't find any other solution.

    http://www.ebay.com/itm/WiFI-PINEAPPLE-TETRA-HAK5-/182578911537?hash=item2a828d1931:g:gWEAAOSwn-tZHBac

    there are always different ways to get things done. 

    • Like 1
  8. 17 hours ago, domingocool said:

    UPDATE: Noticed if I used Microsoft Edge instead of Google Chrome to check for Bulletin Updstes that the PC did NOT crash. I still now have the issue where it will not connect though or load bulletins/firmware update.

    For internet issue

     

    For BSOD crash, likely a driver issue on your OS.

    Update your PC/drivers. Google: bwcw8x64.sys chrome

  9. On 2017-5-16 at 3:30 AM, Darksider666 said:

     

    Like I said, it is working with another AP...

     

    I never gave up testing and the result: Deauth is working one the router with the tool mk3 even in ac mode. I'm confused....

    Ensure that your interface is set to the correct channel. 

    run aireplay-ng with an additional -D parameter. 

  10. I think i might have found a way to increase the chance for Recon scan to trigger an error. It seems that by running 2 or more Tcpdump/httpsniffer, it will affect Recon module's stability.
    What this means is that if you are running modules which utilises tcpdump/httpsniffer (or similar type of binary), it might make Recon module unstable. DWALL is one example of such a module.

     

    This might be specific to my device, so i would like for you to help test this out on your device.
    Do try it on a Tetra if you have 1, Tetra might be immune since it is a more powerful unit. 


    Instructions: 

    a) SSH to WiFi Pineapple

    b) run

    airmon-ng start wlan1
    tcpdump -i wlan1mon &
    exit

    c) SSH to WiFi Pineapple again

    tcpdump -i wlan0 &
    exit

    d) SSH to WiFi Pineapple again

    tcpdump -i br-lan &
    exit

    e) SSH to WiFi Pineapple again. ps command is for you to verify that 3 instances of tcpdump is running in your process list. 

    ps 
    pinesniffer wlan1mon 60 0 /tmp/test

    f) Run pinesniffer 4 more times. And kill off the tcpdumps

    killall tcpdump

    g) Expected output should be one of the below: 
     -   No error reported
     -   Error reading packets
     -   Segmentation fault

    h) Report the output in this thread

     

     

  11. 7 hours ago, GeeBee said:

    Hi guys

    thanks for your comments, really appreciated

    its just an off the shelf pc laptop i purchases myself with the company credit card so i have full access and don't leave it untended, so you can see why the don't believe im responsible

    its not an expensive data loss, why do you think a hack is expensive?  do you mean if someone buys a hack software off the dark web ?

    thanks graham

    Usually it is expensive. 
    https://www.wired.com/2015/11/heres-a-spy-firms-price-list-for-secret-hacker-techniques/

    Do you have Anti Virus software installed?  It helps to eliminate free/cheap tools found in public space. 

     

    So from the hacker's perspective, why would he/she spend the effort & risk getting caught to target you for data that are not worth much?
    Furthermore why spend the effort to plant fake Skype messages on your PC?
    The hacker manage to access your PC, steal data without leaving any trace, but "carelessly" left a planted Skype messages is highly suspicious. 

    Somebody wants you to take the fall. 

     

    Can you share the Skype ids/email involved in the conversation?

     

     

     

  12. On 2017-5-16 at 4:51 PM, GeeBee said:

    my windows works laptop has been hacked with files and programs being added and removed and some skype conversations found that i didn't have about theft of company files

    the laptop is used only be me at home and work, i know its been hacked because i know i didnt do it, but i face the sack if i cant convince my bosses that it is possible to do this even though they have paid 2 company's to search the laptop for proof that it has been hacked
    any advise on how this is possible ?
    is it just a hard to detect back door ? if so what is the hardest to detect ?
    thanks for any advise on how this is possible

    Some qns:

    1) Do you have administrative rights on the laptop ? Usually IT dept will not allow employees to installed/remove programs. If you are not granted admin rights in the first place than this will be advantageous in your case since you should not be able to add or remove programs. 

    2) Could you share the value of the data loss? Sophisticated hack jobs are expensive. 

    3) Could it be a sabotage? Did you leave your laptop unattended in the office? From this perspective then it makes sense that 2 companies are not able to find signs of intrusion & backdoor.

  13. 17 hours ago, Just_a_User said:

    Sure, I found the module as it is works great if your moving around as it highlights MAC's that stay in range - potentially following you as you suggest.

    If inverted - It would ignore for example staff working regularly at a location and highlight MAC's that are new - potentially highlighting strange/new devices in a known environment.

    I hope I explained it clearly, if not let me know.

    https://github.com/esa101/ReconPlus-Tetra/tree/version4

    https://github.com/esa101/ReconPlus-nano/tree/version4.0

    Is this what you are looking for ? 

    • Upvote 1
  14. 2 hours ago, Just_a_User said:

    Sorry I cant help with the pinesniffer crashes. But I have a different question. Would this module be able to operate inverted? so ignoring MAC's it has seen for the last 'n' scans and highlighting "new" MAC's? I can see use cases for both.

    Can you elaborate on why this feature would be useful? Could add this in. 

  15. Just now, andylarks said:

    Setup:

    1. Pick known client (my mobile) connected to known AP (my WiFi router).
    2. Add known client to client filter "Allow mode" for Mac.
    3. In PineAP:
      1. Allow associations
      2. Log probes
      3. Log associations
      4. Broadcast SSID pool (which contains known AP name)
      5. Set both Broadcasts to "Aggressive"
    4. Save

    I then go back to Recon view, and Deauth the known client. I can see my mobile disconnecting from the WiFi - but it then reconnects to the original WiFi, not the Pineapple version (both are listed as options).

    Am I doing something wrong?

    Thanks

    A.

    your real AP is it a open ap or WPA/WPA2 protected AP ?

  16. Recon 100% stuck error ... identified one possible cause and have updated a module to bypassed the issue. 

    https://github.com/esa101/ReconPlus-nano/tree/version3.1
    https://github.com/esa101/ReconPlus-Tetra/tree/version3.1

     

    Info on how the Recon 100% stuck situation occurs (pray for fixes in future firmware update): 
    When we click scan on RECON module, at the backend it triggers pinesniffer. After pinesniffer is completed, the results will be stored at the tmp location with the following pattern /tmp/recon-xxxxxxxx

    Quote

    pinesniffer wlan1mon 120 0 /tmp/recon-xxxxxxxxx

    RECON module will loop at a regular interval to check if /tmp/recon-xxxxxxx is created to determine that the scan is completed. There is also a check at the 100% mark to kill off pinesniffer if it is still running, if pinesniffer has crash before that then there is nothing to kill. 

    Unfortunately there is a strange problem where pinesniffer crashes without producing the /tmp/recon-xxxxxxx, thus resulting in the 100% stuck situation as RECON module will keep looping and not be able to find the /tmp/recon-xxxxxxx file. 

    I do not have a fix for pinesniffer or know exactly what causes it to crash, but i have updated the reconplus module to check that pinesniffer is running at the 30% & 100% mark. With this update we wouldnt have to wait without knowing what happen, or waiting up to 10min just to find out that the module has already crashed. 

     

    **ps do not have the required skillset to analyse why pinesniffer crash. Any expert inputs will be appreciated. 

     

    • Upvote 2
  17. 10 hours ago, Dedsec_Nethunter said:

    Hi community,

     

    Sorry if stupid questions.

     

    I'm going to buy a nano and i would like to know if i can launch third parts softwares through the nano.

    I mean can i launch a soft like Nessus from my kali machine after i already harvested some clients with the nano? Same question for metasploit console.

    Can i use these tools through the nano or i can only use the modules inside the nano?

     

    Thanks for your help.

    As what b0N3z mention, very unlikely and even if it is possible it will take alot of work to get nessus or metasploit running on a Nano. Even if they can work, the modules should run poorly on a Nano.

    An easier solution would be to run the nessus or metasploit on your kali machine and from there target those harvested clients with the following setups:

    a) kali is setup as the gateway to Nano. ie Nano connected via usb to kali laptop, kali provides the internet, all harvested client will need to connect to the internet thru you. 

    or

    b) kali machine connects to the same spoofed AP thru Wifi. From there you are within the same subnet as the other harvested clients. 

×
×
  • Create New...