Jump to content

esa

Active Members
  • Posts

    92
  • Joined

  • Last visited

Posts posted by esa

  1. Quote

    A WiFi Pineapple module that uses MAC address to help find out who is stalking you by correlating MAC addresses from the results of recon scans. This module remembers previously scanned MAC address and highlights thoses that were found in multiple scans. Works best with 3 or more datapoint/distinct scan.

    Modified using the base RECON module.

    https://github.com/esa101/ReconPlus-nano

    https://github.com/esa101/ReconPlus-Tetra

    A simple Sunday project. 

    • Upvote 1
  2. On 22/04/2017 at 1:25 AM, Rawpower said:

    Hi,

    I don't receive any results performing the 'recon'-scan?

    The scan even don't stops, stays on 100% ... without results in the frame below :huh:

    What's wrong?

    Thx

    Bart

     

    Try a factory reset.

  3. 5 hours ago, hashrocket said:

    So, as you may have guessed I just received my Tetra and have been eager to try it out. I noticed that open access points are definitely able to be spoofed by PineAP, but it looks like things aren't so easy when trying to fool a client into connecting to what once was a WEP/WPA encrypted AP. I've been testing against my Netgear router's open and encrypted wifi APs, and trying to change the name or deauthing clients and such. The open AP works fine, but the one that requires a login does not.

    I'm guessing that this is just normal behavior? I'm kinda thinking it is. ;)

    https://forums.hak5.org/index.php?/topic/40651-broadcasting-as-wpawpa2-ap

    no module for it yet. but you could ssh into pineapple and create a WPA/WEP AP. modify the hostapd file accordingly for WPA/WEP.

    WEP network still exist ? rarely see it around, 

    • Upvote 1
  4. I am trying to use NFQUEUE to perform traffic manipulation with Scapy seems to be having issue running it. 

    I am certain the command works as i ran it previously on a Kali Linux OS.

    On Pineapple Nano i am getting iptables: No chain/target/match by that name message. 

    root@Pineapple:/# iptables -t nat -A PREROUTING -p udp --dport 53 -j NFQUEUE --queue-num 1
    iptables: No chain/target/match by that name.

     

  5. 16 hours ago, cheeto said:

    @medudder, I don't mind waiting as long as I know that the 3g dongle will work in future update.

     According to "Smarty", the e3372h-153 is compatible with the Tetra.   I would hope that it's compatible with the nano too.  Has anyone tried it on the Nano?

     

    I think you're right.  I have to wait it out.

    I really wish the nano's mobile broadband were more user friendly.

     

    Thanks again for your effort.

     

    Cheers

     

     

    if your dmesg has the below message when the dongle is plugged in then you probably have an issue with the modeswitch. ie the dongle is behaving as if it is a storage device and not a modem. To debug you could try this link.

    http://www.draisberghof.de/usb_modeswitch/bb/viewtopic.php?p=4521

    Quote

    May 12 09:24:44 archbook kernel: [ 7286.844556] scsi 68:0:0:0: Direct-Access     HUAWEI   SD Storage       2.31 PQ: 0 ANSI: 2
    May 12 09:24:44 archbook kernel: [ 7286.845155] sd 68:0:0:0: Attached scsi generic sg1 type 0
    May 12 09:24:44 archbook kernel: [ 7286.845427] scsi 67:0:0:0: CD-ROM            HUAWEI   Mass Storage     2.31 PQ: 0 ANSI: 2
    May 12 09:24:44 archbook kernel: [ 7286.849419] sr0: scsi-1 drive

    or just purchase a E3372 from China, last check some are selling at around USD$35 on taobao (china's equiv of amazon)

  6. 10 hours ago, coyotlgw said:

    not to bump my own post, but as I see no SSIDs

    10 hours ago, coyotlgw said:

    not to bump my own post, but as I see no SSIDs other than the real ones I am asking again... should I see my whole list of 144 SSIDs from the PineAP SSID list when I broadcast SSID Pool?  Phones and PCs see none of the fake ones but I could swear i saw them all in iwlist when I was on the previous version

     

     

    Broadcast SSID pool works. Try to clear the 144 SSIDs and insert 1 SSID into the pool and see if that works. 

    Test objective: To test if SSID that is broadcasted by nano is visible by other devices

    My settings

    SSID Pool (these AP does not exist in the environment): 
    testwifi
    test123

    PineAP Daemon: Enabled
    PineAP ->  Broadcast SSID Pool
    Broadcast SSID Pool interval -> Aggressive

    Test Results:
    My mobile detected the testwifi & test123 with no problems

  7. On 6/23/2016 at 9:35 PM, cheeto said:

    @medudder, I don't mind waiting as long as I know that the 3g dongle will work in future update.

     According to "Smarty", the e3372h-153 is compatible with the Tetra.   I would hope that it's compatible with the nano too.  Has anyone tried it on the Nano?

     

     

     

    tested E3372H with nano, it works in a specific setup. 
    You might find articles with suggestion to mod the E3372H to disable NAT mode or messing around with USB_modeswitch, they are not necessary. 

    Setup: Nano Firmware 1.1.1

    1) nano + E3372H + battery bank ==> success, provided internet to nano automatically

    2) laptop connected to nano which is connected to E3372H ==> fails, eth1 went up when dongle is plugged in but fails to acquire IP address thus no internet

    I am not a expert on linux networking so i cant be certain what is wrong with setup (2), but so glad i tested (1). 
     

  8. 3 hours ago, MrGadget said:

    Hi guys, 

    I just wanted to share a little script I made to trigger PineAP & Karma if my phone connects to my management AP. 

    As soon as my device with the specified MAC address connects to it, PineAP and Karma are started (including some visual feedback using the LEDs).

    When the device disconnects from the AP, PineAP & Karma are turned off.

     

    
    #!/bin/bash
    <<COMMENT1
    Script that checks if a defined MAC address is connected
    to the hotspot on interface wlan0-1. If the device is connected,
    the pineapple automatically starts to generate wifi-honeypots.
    On client dissconnect the honeypots are turned off.
    
    COMMENT1
    
    triggerMAC="FF:FF:FF:FF:FF:FF"
    
    #Checks if a client with the defined MAC connects to AP
    client=`iw dev wlan0-1 station dump | grep "$triggerMAC"`
    echo "Starting to listen for "
    
    #Wait for client to connect
    while [ -z "$client" ];
    do
    	sleep 1
    	client=`iw dev wlan0-1 station dump | grep "$triggerMAC"`
    done
    
    #Notification to WebGUI on client connect
    pineapple notify "Client connected"
    
    #LED animation for visual feedback
    for i in {1..3}
    do
    	pineapple led red on
    	pineapple led blue on
    	pineapple led yellow on
    	sleep 1
    	pineapple led red off
    	pineapple led blue off
    	pineapple led yellow off
    	sleep 1
    done
    pineapple notify "Firing up PineAP and Karma"
    #Start PineAP
    pineapple module PineAP start
    sleep 5
    pineapple led yellow on
    echo "Starting dogma"
    #Start dogma
    pineapple module PineAP dogma start
    sleep 2
    echo "Starting responder"
    #Start beacon responder
    pineapple module PineAP responder start
    sleep 2
    #Start collecting SSID
    pineapple module PineAP harvester start
    pineapple led blue on
    sleep 5
    
    #Start Karma, to allow client assosiation
    echo "Starting Karma"
    pineapple karma start
    pineapple led red on
    sleep 5
    
    #Turn LEDs off => for animation
    pineapple led red off
    pineapple led blue off
    pineapple led yellow off
    
    #While client is connected, LED animation is running => visual feedback
    while [ ! -z "$client" ];
    do
            pineapple led yellow on
    	sleep 1
            pineapple led yellow off
            pineapple led blue on
    	sleep 1
            pineapple led blue off
            pineapple led red on
    	sleep 1
            pineapple led red off
            pineapple led blue on
    	sleep 1
            pineapple led blue off
    	#Check if client is still connected
    	client=`iw dev wlan0-1 station dump | grep "$triggerMAC"`
    done
    
    #Stop Pineap
    pineapple notify "Client diconnected! Stopping PineAP and Karma!"
    pineapple karma stop
    sleep 5
    pineapple module PineAP stop
    sleep 5
    
    #Reset LEDs to work in default mode
    pineapple led reset
    echo "PineAP was shutdown"
    

     

    Hope you guys like it :)

     

    Cheers MrGadget

    Thanks MrGadget, never knew i could call pineapple directly in the cli. Saved me all the coding complexity of having to use curl with apiToken.

     

  9. anyway an update for issue 1, Win10 seems to remember that i have granted internet access to Pineapple interface before. (Previously it wasnt working)

    So when i plug in my pineapple to win10, it automatically was given internet access. Strange but that means it is possible for win10 to remember your network settings. 

     

  10. 9 hours ago, eladp said:

    First, thank you for your answers. 

    Regarding my questions:

    Q1- I will try using a diffrent OS. 

    Q2- My firmware is 1.1.1 and I haven't heard about a newer release. So I don't think that could help. I will check if it's caused by my first issue in Q1. But for now firmware is updated, I can load bulletin so I'm connected but devices that connects to the spoofed AP don't have internet access. 

     

    Q3- This the most important part that I Still don't understand you said with our modifications and if I'm using GUi it's good only for open networks.  

    Can you please elaborate a little bit more about that please? What's needed to be used for secured networks? What modifications or Non - GUi, interface? 

     

    Thanks in advance. 

     

    Elad. 

    To clarify on your issue 3, you would like to get your target who is connected to a secured AP to connect to your spoofed pineapple AP. 

    So how to attack a target who is connected to secured AP? 

    The spoofed pineapple AP should be configured with the same security setting as the real AP.
    Assuming Secured AP has SSID secured_hotel_wifi and is WPA2 and has passphrase pass87654321

    You will first need to create a spoofed AP with SSID secured_hotel_wifi, WPA2 with passphrase pass87654321
    Then perform deauth on the target, and if your signal is stronger, the target device will be connected to your spoofed AP.

    Why you cant do it with Pineapple GUI

    Because we can only create OpenAP with the GUI.

    So is the Pineapple useless for this situation? 

    You can still do it using the commandline interface. Basically Pineapple is like a mobile kali linux with all the requuired Wifi adapters for you to conduct your attacks.
    Thus just SSH to the pineapple, then use the tools at your disposal from the cli. 

  11. You have many qns, so i will try as best to give a summary to them. 

    Issue 1: I am facing this problem on Win10 as well, but this is not a wifi pineapple issue. It is the OS.

    Issue 2: try updating your firmware advanced -> check for upgrades, No issues with connecting to the spoofed AP. your lack of internet might be related to your issue 1, If you are able to load bulletins on the Dashboard, then any clients that are connected to you should have internet access.

    Issue 3: w/o modification to pineapple and if you are using its GUI, it is meant for open network.

    Example: your buddy is connected to free_hotel_wifi and you want him/her to connect to your pineapple AP

    Preparation

    Under pineAP -> SSID Pool add the free_hotel_wifi into the list. At pineAP -> configuration select these options. Allow association, Log Association, PineAP Daemon Enabled, Broadcast SSID Pool,  Broadcast SSID Pool Interval -> Aggressive.

    Operation

    Under recon do a scan (any duration)  till you are able to find your buddy's phone that is connecting to the free_hotel_wifi AP. Click on the down arrow located to the right of the MAC address -> click deauth. 

    results

    Refresh your dashboard, your buddy's device should be connected to you. Repeat the process if it isnt. If it still fails, it is likely that the real AP signal strength is stronger that your pineapple AP thus the device will choose to connect to the AP with the stronger signal. 

     

    For more info: google on evil twin wifi attack, karma sploit. 

  12. On 6/11/2016 at 4:04 PM, kuangcao said:

    i want to coding a module to handle network data for change and instead and more.i have many good ideas to pineapple  but first  it can handle network data by coding custom for module

    please tell me!

     

    Hi i suppose you are asking if it is possible to write custom modules? The answer is yes, please see the below tutorial for custom gui module. Alternatively you could ssh into the pineapple and run cli commands. 

    https://www.youtube.com/watch?v=Lvf2At3G1C0

×
×
  • Create New...