Jump to content

esa

Active Members
  • Posts

    92
  • Joined

  • Last visited

Everything posted by esa

  1. heatsink mod ? nano looks too pretty for me to wanna do any cosmetic surgery on.
  2. tested E3372H with nano, it works in a specific setup. You might find articles with suggestion to mod the E3372H to disable NAT mode or messing around with USB_modeswitch, they are not necessary. Setup: Nano Firmware 1.1.1 1) nano + E3372H + battery bank ==> success, provided internet to nano automatically 2) laptop connected to nano which is connected to E3372H ==> fails, eth1 went up when dongle is plugged in but fails to acquire IP address thus no internet I am not a expert on linux networking so i cant be certain what is wrong with setup (2), but so glad i tested (1).
  3. Thanks MrGadget, never knew i could call pineapple directly in the cli. Saved me all the coding complexity of having to use curl with apiToken.
  4. anyway an update for issue 1, Win10 seems to remember that i have granted internet access to Pineapple interface before. (Previously it wasnt working) So when i plug in my pineapple to win10, it automatically was given internet access. Strange but that means it is possible for win10 to remember your network settings.
  5. To clarify on your issue 3, you would like to get your target who is connected to a secured AP to connect to your spoofed pineapple AP. So how to attack a target who is connected to secured AP? The spoofed pineapple AP should be configured with the same security setting as the real AP. Assuming Secured AP has SSID secured_hotel_wifi and is WPA2 and has passphrase pass87654321 You will first need to create a spoofed AP with SSID secured_hotel_wifi, WPA2 with passphrase pass87654321 Then perform deauth on the target, and if your signal is stronger, the target device will be connected to your spoofed AP. Why you cant do it with Pineapple GUI Because we can only create OpenAP with the GUI. So is the Pineapple useless for this situation? You can still do it using the commandline interface. Basically Pineapple is like a mobile kali linux with all the requuired Wifi adapters for you to conduct your attacks. Thus just SSH to the pineapple, then use the tools at your disposal from the cli.
  6. You have many qns, so i will try as best to give a summary to them. Issue 1: I am facing this problem on Win10 as well, but this is not a wifi pineapple issue. It is the OS. Issue 2: try updating your firmware advanced -> check for upgrades, No issues with connecting to the spoofed AP. your lack of internet might be related to your issue 1, If you are able to load bulletins on the Dashboard, then any clients that are connected to you should have internet access. Issue 3: w/o modification to pineapple and if you are using its GUI, it is meant for open network. Example: your buddy is connected to free_hotel_wifi and you want him/her to connect to your pineapple AP Preparation Under pineAP -> SSID Pool add the free_hotel_wifi into the list. At pineAP -> configuration select these options. Allow association, Log Association, PineAP Daemon Enabled, Broadcast SSID Pool, Broadcast SSID Pool Interval -> Aggressive. Operation Under recon do a scan (any duration) till you are able to find your buddy's phone that is connecting to the free_hotel_wifi AP. Click on the down arrow located to the right of the MAC address -> click deauth. results Refresh your dashboard, your buddy's device should be connected to you. Repeat the process if it isnt. If it still fails, it is likely that the real AP signal strength is stronger that your pineapple AP thus the device will choose to connect to the AP with the stronger signal. For more info: google on evil twin wifi attack, karma sploit.
  7. saw some queries on captive portal without having to click on authorization button. ps. didnt have time to test this code, but figured it might be useful. try saving this as index.php. <?php // Attempt to get the client's ip address $ip=$_SERVER["REMOTE_ADDR"]; // Attempt to add iptables rule to enable client ip exec("sudo iptables -t nat -I PREROUTING -s " + ip_address + " -j ACCEPT"); // Attempt to add ip into the whitelist $whitelist = "/tmp/EVILPORTAL_CLIENTS.txt" $file = fopen( $whitelist, "a" ); fwrite( $file, "$ip\n" ); fclose( $file ); ?>
  8. In case anyone is still having problem with the caching issue mentioned in the quote. Try the below soln. Works for me.
  9. Hi, there is a problem with 1.1.1 which made the deauth fail. A update to the recon module was upload that fixes this. So all you need to do is go to modules -> manage modules -> get modules from wifipineapple.com -> recon -> update Next remember to reboot the pineapple, for the changes to take effect.
  10. Hi i suppose you are asking if it is possible to write custom modules? The answer is yes, please see the below tutorial for custom gui module. Alternatively you could ssh into the pineapple and run cli commands. https://www.youtube.com/watch?v=Lvf2At3G1C0
  11. Hi i am trying to address the logging request but unfortunately i am a complete noob at angularjs. I pinpointed that a possible location to extract the (URL, Data, Cookies) is at DWall/js/module.js location under the $scope.ws.onmessage. if (data['image'] !== undefined) { $("#img_container").prepend('<img src="' + encodeURI(data['image']) +'">'); } else { $("#url_table").prepend("<tr><td>" + data['from'] + "</td><td></td></tr>").children().first().children().last().text(data['url']); } if (data['cookie'] !== undefined) { $("#cookie_table").prepend("<tr><td>" + data['from'] + "</td><td></td></tr>").children().first().children().last().text(data['cookie']); } if (data['post'] !== undefined) { $("#post_table").prepend("<tr><td>" + data['from'] + "</td><td></td></tr>").children().first().children().last().text(data['post']); } So i read from online tutorials that angularjs could use HTTP post to send data. Thus was wondering if it would work for sending the (URL, Data, Cookies) a local PHP file. The below example is my failed attempt at getting url data send to a login.php file. Any experts could assist? var request = $http({ method: "post", url: "login.php", data: { pass: data['url'] }, headers: { 'Content-Type': 'application/x-www-form-urlencoded' } }); My php file looks like this <?php $postdata = file_get_contents("php://input"); $request = json_decode($postdata); @$pass = $request->pass; $file = 'log.log'; echo "log.log"; file_put_contents($file, $pass); ?>
×
×
  • Create New...