coyotlgw

Used it at home for a while, I put an old ethernet hub inline between the cable modem and the local router/AP, used Snort and later Surikata to watch traffic. Good toolset if you are just starting with IDS/ISP, dig into the ELSA database to aggregate and correlate feed data. Loved the Snorby implementation for dashboard and alerting

I feel your pain... i have been trying to get my Nano to work on-and-off for about a year now. I get a few moments of joy when it is working, but after the first or second scan it just stops working. I have swapped out several SD cards, flashed the firmware many times, and tried several computers. Each thread I post ends after I post whatever logs are requested. I think that everything works when it leaves the shop but components may deteriorate when heated up by use. I wish Hak5 had a support team instead of croudsourcing it. UPDATE 30 JUL: Tracked down Seb at DEF CON, Hak5 stands behind their products... I appreciate the help

OK... so I removed all from my SSID list and manually entered abc_fake and xyz_fake. Fired up PineAP Daemon: Enabled PineAP -> Broadcast SSID Pool Broadcast SSID Pool interval -> Aggressive started up a tablet and it see neither as available, but it automatically connected to one of the fake SSID's I made last time that is no longer being broadcast or on the list. Manually entered abc_fake into the tablet and it connected. Entered SSID "noodle" on the tablet as I have never used this before, tablet connected. So This works like the MkV where it quietly claims to be whomever you are asking for, but then why do I need to broadcast SSIDs if I cannot see them and the clients just join whatever i ask to join as the Pineapple?

not to bump my own post, but as I see no SSIDs other than the real ones I am asking again... should I see my whole list of 144 SSIDs from the PineAP SSID list when I broadcast SSID Pool? Phones and PCs see none of the fake ones but I could swear i saw them all in iwlist when I was on the previous version

waited a while and tried cold, full plug in. dmesg -T from laptop: [Wed Aug 31 22:36:50 2016] usb 3-1: new high-speed USB device number 9 using xhci_hcd [Wed Aug 31 22:36:50 2016] usb 3-1: New USB device found, idVendor=0b95, idProduct=772a [Wed Aug 31 22:36:50 2016] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [Wed Aug 31 22:36:50 2016] usb 3-1: Product: AX88x72A [Wed Aug 31 22:36:50 2016] usb 3-1: Manufacturer: ASIX Elec. Corp. [Wed Aug 31 22:36:50 2016] usb 3-1: SerialNumber: 90D1F9 [Wed Aug 31 22:36:51 2016] asix 3-1:1.0 eth1: register 'asix' at usb-0000:02:00.0-1, ASIX AX88772 USB 2.0 Ethernet, 00:c0:ca:90:d1:f9 [Wed Aug 31 22:36:52 2016] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready [Wed Aug 31 22:36:52 2016] asix 3-1:1.0 eth1: link down [Wed Aug 31 22:36:52 2016] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready [Wed Aug 31 22:36:53 2016] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready [Wed Aug 31 22:36:53 2016] asix 3-1:1.0 eth1: link up, 100Mbps, full-duplex, lpa 0x4DE1 [Wed Aug 31 22:37:21 2016] asix 3-1:1.0 eth1: link up, 100Mbps, full-duplex, lpa 0x4DE1 dmesg from pineapple:

Does not connect... dmesg on the laptop (not pineapple) is: [ 193784.536658] usb 3-1: USB disconnect, device number 7 [193784.537507] asix 3-1:1.0 eth1: unregister 'asix' usb-0000:02:00.0-1, ASIX AX88772 USB 2.0 Ethernet [193802.506634] usb 3-1: new high-speed USB device number 8 using xhci_hcd [193802.654381] usb 3-1: New USB device found, idVendor=0b95, idProduct=772a [193802.654392] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [193802.654398] usb 3-1: Product: AX88x72A [193802.654403] usb 3-1: Manufacturer: ASIX Elec. Corp. [193802.654407] usb 3-1: SerialNumber: 90D1F9 [193803.458523] asix 3-1:1.0 eth1: register 'asix' at usb-0000:02:00.0-1, ASIX AX88772 USB 2.0 Ethernet, 00:c0:ca:90:d1:f9 [193804.567154] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready [193804.570411] asix 3-1:1.0 eth1: link down [193804.573993] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready [193805.059705] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready [193805.062239] asix 3-1:1.0 eth1: link up, 100Mbps, full-duplex, lpa 0x4DE1

Sorry, but dumb question... when I have PineAP broadcasting the SSID pool I should be able to see the fake SSIDs from another machine running "iwlist wlan0 scan" when the PineAP Daemon is enabled and "Broadcast SSID Pool" is checked and saved right? I thought I saw that with the previous version but now under 1.1.1 I am not sure I am broadcasting as I only see the real ones (on real Channel 11 as opposed to Channel 1 where I have the Pineapple Access Point Channel set).

Understood. My concern was that if I have it out and not in the case it is difficult to handle (plug in, unplug, fondle, etc) without touching the antennae. As a total newb, was unter the impression that touching a powered antenna would have some profoundly adverse effect. If this is correct I would leave them off until I re-case it. If this is wrong and you tell me I am a Trottel I will put them back on :)

Totally worked, thanks. If anybody cares, I put both copies in the same local directory, renamed ssid_file_one and ssid_file_two touch NEW_ssid_file cat ssid_file_one >> NEW_ssid_file cat ssid_file_two >> NEW_ssid_file sort NEW_ssid_file | uniq >> ssid_file scp ssid_file root@172.16.42.1:/etc/pineapple/. good to go! Now seeing 144 SSIDs in pool

Heh... new record for attaching on the first try, of course. I will post as soon as I see it again :)

oh man, why did I not think to ssh in and vi the file... that is by far a better idea than trying to overwrite in the web client. You shame me with the simple solution I should have come up with on my own. Thank you... I need to think more before I post :)

Can you import ssid_file files like those created when you select PineAP => SSID Pool => Download SSID Pool? Is it actually a binary? The browser claimed it was .bin, but I can egrep and tail it like a text file and it saved with no extension. I have had to rebuild a couple times and a would love to merge by disparate files into a master list. I have a Pineapple Nano running firmware 1.1.1.

I have been dealing with an oddity, wonder if anybody has seen similar and has suggestions. I have a Pineapple Nano running firmware 1.1.1. When I connect the USB y-cables to the Nano and a laptop running Ubuntu 16.04 LTS, about half the time I see an IPv6 address assigned but never IPv4 and have to unplug, cool, then try again. Same issue on a Raspberry Pi 3 running Kali. (Yes, I went there.) Example: user@***-Ubuntu:~$ ifconfig eth1 eth1 Link encap:Ethernet HWaddr 00:c0:ca:90:d1:f9 inet6 addr: fe80::5851:89df:4911:ae3c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:58 errors:0 dropped:0 overruns:0 frame:0 TX packets:94 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2668 (2.6 KB) TX bytes:15606 (15.6 KB) It seems like if I then disconnect, wait a few seconds and reconnect, it goes through the second or third try: eth1 Link encap:Ethernet HWaddr 00:c0:ca:90:d1:f9 inet addr:172.16.42.42 Bcast:172.16.42.255 Mask:255.255.255.0 inet6 addr: fe80::be0f:d824:b0c0:2e77/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1022 errors:0 dropped:0 overruns:0 frame:0 TX packets:1074 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:601481 (601.4 KB) TX bytes:256879 (256.8 KB) (realized this was in a thread on wlan0 issue, deleted there and moved here)

not even kidding.. I have made this mistake so many times :) If you get short micro USB cables bundled to charge something do check them before you do like I did and spend several days trying to understand why a Raspberry could not talk to an Arduino over USB :)

Just to offer confirmation to what Sebkinne said, I plugged my Nano into the Pineapple Juice 4000 at 0600 yesterday and it ran PineAP in collection mode until about 1300. Battery still seemed to have some life but the Nano had shut down, presumably due to low power.