Jump to content

coyotlgw

Active Members
  • Posts

    29
  • Joined

  • Last visited

  • Days Won

    3

Everything posted by coyotlgw

  1. Used it at home for a while, I put an old ethernet hub inline between the cable modem and the local router/AP, used Snort and later Surikata to watch traffic. Good toolset if you are just starting with IDS/ISP, dig into the ELSA database to aggregate and correlate feed data. Loved the Snorby implementation for dashboard and alerting
  2. I feel your pain... i have been trying to get my Nano to work on-and-off for about a year now. I get a few moments of joy when it is working, but after the first or second scan it just stops working. I have swapped out several SD cards, flashed the firmware many times, and tried several computers. Each thread I post ends after I post whatever logs are requested. I think that everything works when it leaves the shop but components may deteriorate when heated up by use. I wish Hak5 had a support team instead of croudsourcing it. UPDATE 30 JUL: Tracked down Seb at DEF CON, Hak5 stands behind their products... I appreciate the help
  3. OK... so I removed all from my SSID list and manually entered abc_fake and xyz_fake. Fired up PineAP Daemon: Enabled PineAP -> Broadcast SSID Pool Broadcast SSID Pool interval -> Aggressive started up a tablet and it see neither as available, but it automatically connected to one of the fake SSID's I made last time that is no longer being broadcast or on the list. Manually entered abc_fake into the tablet and it connected. Entered SSID "noodle" on the tablet as I have never used this before, tablet connected. So This works like the MkV where it quietly claims to be whomever you are asking for, but then why do I need to broadcast SSIDs if I cannot see them and the clients just join whatever i ask to join as the Pineapple?
  4. not to bump my own post, but as I see no SSIDs other than the real ones I am asking again... should I see my whole list of 144 SSIDs from the PineAP SSID list when I broadcast SSID Pool? Phones and PCs see none of the fake ones but I could swear i saw them all in iwlist when I was on the previous version
  5. waited a while and tried cold, full plug in. dmesg -T from laptop: [Wed Aug 31 22:36:50 2016] usb 3-1: new high-speed USB device number 9 using xhci_hcd [Wed Aug 31 22:36:50 2016] usb 3-1: New USB device found, idVendor=0b95, idProduct=772a [Wed Aug 31 22:36:50 2016] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [Wed Aug 31 22:36:50 2016] usb 3-1: Product: AX88x72A [Wed Aug 31 22:36:50 2016] usb 3-1: Manufacturer: ASIX Elec. Corp. [Wed Aug 31 22:36:50 2016] usb 3-1: SerialNumber: 90D1F9 [Wed Aug 31 22:36:51 2016] asix 3-1:1.0 eth1: register 'asix' at usb-0000:02:00.0-1, ASIX AX88772 USB 2.0 Ethernet, 00:c0:ca:90:d1:f9 [Wed Aug 31 22:36:52 2016] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready [Wed Aug 31 22:36:52 2016] asix 3-1:1.0 eth1: link down [Wed Aug 31 22:36:52 2016] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready [Wed Aug 31 22:36:53 2016] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready [Wed Aug 31 22:36:53 2016] asix 3-1:1.0 eth1: link up, 100Mbps, full-duplex, lpa 0x4DE1 [Wed Aug 31 22:37:21 2016] asix 3-1:1.0 eth1: link up, 100Mbps, full-duplex, lpa 0x4DE1 dmesg from pineapple:
  6. Does not connect... dmesg on the laptop (not pineapple) is: [ 193784.536658] usb 3-1: USB disconnect, device number 7 [193784.537507] asix 3-1:1.0 eth1: unregister 'asix' usb-0000:02:00.0-1, ASIX AX88772 USB 2.0 Ethernet [193802.506634] usb 3-1: new high-speed USB device number 8 using xhci_hcd [193802.654381] usb 3-1: New USB device found, idVendor=0b95, idProduct=772a [193802.654392] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [193802.654398] usb 3-1: Product: AX88x72A [193802.654403] usb 3-1: Manufacturer: ASIX Elec. Corp. [193802.654407] usb 3-1: SerialNumber: 90D1F9 [193803.458523] asix 3-1:1.0 eth1: register 'asix' at usb-0000:02:00.0-1, ASIX AX88772 USB 2.0 Ethernet, 00:c0:ca:90:d1:f9 [193804.567154] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready [193804.570411] asix 3-1:1.0 eth1: link down [193804.573993] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready [193805.059705] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready [193805.062239] asix 3-1:1.0 eth1: link up, 100Mbps, full-duplex, lpa 0x4DE1
  7. Sorry, but dumb question... when I have PineAP broadcasting the SSID pool I should be able to see the fake SSIDs from another machine running "iwlist wlan0 scan" when the PineAP Daemon is enabled and "Broadcast SSID Pool" is checked and saved right? I thought I saw that with the previous version but now under 1.1.1 I am not sure I am broadcasting as I only see the real ones (on real Channel 11 as opposed to Channel 1 where I have the Pineapple Access Point Channel set).
  8. Understood. My concern was that if I have it out and not in the case it is difficult to handle (plug in, unplug, fondle, etc) without touching the antennae. As a total newb, was unter the impression that touching a powered antenna would have some profoundly adverse effect. If this is correct I would leave them off until I re-case it. If this is wrong and you tell me I am a Trottel I will put them back on :)
  9. Totally worked, thanks. If anybody cares, I put both copies in the same local directory, renamed ssid_file_one and ssid_file_two touch NEW_ssid_file cat ssid_file_one >> NEW_ssid_file cat ssid_file_two >> NEW_ssid_file sort NEW_ssid_file | uniq >> ssid_file scp ssid_file root@172.16.42.1:/etc/pineapple/. good to go! Now seeing 144 SSIDs in pool
  10. Heh... new record for attaching on the first try, of course. I will post as soon as I see it again :)
  11. oh man, why did I not think to ssh in and vi the file... that is by far a better idea than trying to overwrite in the web client. You shame me with the simple solution I should have come up with on my own. Thank you... I need to think more before I post :)
  12. Can you import ssid_file files like those created when you select PineAP => SSID Pool => Download SSID Pool? Is it actually a binary? The browser claimed it was .bin, but I can egrep and tail it like a text file and it saved with no extension. I have had to rebuild a couple times and a would love to merge by disparate files into a master list. I have a Pineapple Nano running firmware 1.1.1.
  13. I have been dealing with an oddity, wonder if anybody has seen similar and has suggestions. I have a Pineapple Nano running firmware 1.1.1. When I connect the USB y-cables to the Nano and a laptop running Ubuntu 16.04 LTS, about half the time I see an IPv6 address assigned but never IPv4 and have to unplug, cool, then try again. Same issue on a Raspberry Pi 3 running Kali. (Yes, I went there.) Example: user@***-Ubuntu:~$ ifconfig eth1 eth1 Link encap:Ethernet HWaddr 00:c0:ca:90:d1:f9 inet6 addr: fe80::5851:89df:4911:ae3c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:58 errors:0 dropped:0 overruns:0 frame:0 TX packets:94 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2668 (2.6 KB) TX bytes:15606 (15.6 KB) It seems like if I then disconnect, wait a few seconds and reconnect, it goes through the second or third try: eth1 Link encap:Ethernet HWaddr 00:c0:ca:90:d1:f9 inet addr:172.16.42.42 Bcast:172.16.42.255 Mask:255.255.255.0 inet6 addr: fe80::be0f:d824:b0c0:2e77/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1022 errors:0 dropped:0 overruns:0 frame:0 TX packets:1074 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:601481 (601.4 KB) TX bytes:256879 (256.8 KB) (realized this was in a thread on wlan0 issue, deleted there and moved here)
  14. not even kidding.. I have made this mistake so many times :) If you get short micro USB cables bundled to charge something do check them before you do like I did and spend several days trying to understand why a Raspberry could not talk to an Arduino over USB :)
  15. Just to offer confirmation to what Sebkinne said, I plugged my Nano into the Pineapple Juice 4000 at 0600 yesterday and it ran PineAP in collection mode until about 1300. Battery still seemed to have some life but the Nano had shut down, presumably due to low power.
  16. Huge fan of Targus. Durable, appropriately priced, many little pockets.
  17. The stickied thread is outstanding. I would also suggest the following talk from DefCon 23: DEF CON 23 - 1o57 (Ryan "LosT" Clark) Responsible Incident: Covert Keys Against Subverted Technology Latencies, Especially Yubikey https://www.youtube.com/watch?v=gzjMrSknbEI 1o57 is one of the core organizers and always gives a talk on the first day to new folks to the profession. This is the first time he allowed it to be filmed. Great advice, including a list of the things he feels that a new "hacker" should research and learn to really get a solid background: Learn to count in binary. On your fingers. Know binary math Same for hex... why do we use it? how does it relate to machine code? instructions? TOR SHODAN IDA Pro and Vivisect TCP/IP fundamentals ASM scripting C/C++ (K&R) Basic crypto properties Wireshark and pcaps Why NESSUS is lame Metasploit (and such things) Virtualization and VMs Backtrack and Kali Can you use the command line? SSH PuTTY Filezilla Open source tools like GIMP, Inkscape, etc How DNS works and why it is fundamentally broken Dont be an idiot on Social Networking Digikey, Jameco, Mouser, McMaster (go to their website and request their catalog) Lady Ada will tell you how to get free crap and keeps a list. Some manufacturers will send you free stuff if you ask for a chip or something claiming that you need it for something you are going to make a lot of pick an illegal thing and see if you can find a legal way to do it read Spamnation
  18. Fallen Archangel, were you able to get it working by installing Kismet and using the "USB Mouse Receiver"? Any particular resource you found helpful?
  19. I noticed the same thing at DefCon when just collecting SSIDs with PineAP. I was told by the folks at the vendor booth (and I want to say later confirmed on these forums) that it gets hot but that is normal... not something to worry about. That being said, if you see a headline about an old man in AZ spontaneously combusting while WarDriving (well, WarDogWalking...) please disregard my assurances of safety
  20. Very cool project, but I had issues getting it to run on a fresh-build Raspberry Pi 3... right after the [ NAMESERVER ENUMERATION MODULE ] output I crash with: Traceback (most recent call last): File "warberry.py", line 346, in <module> main(sys.argv[1]) File "warberry.py", line 96, in main namechange() File "/home/pi/WarBerry/warberry/resources/rest_bypass.py", line 137, in namechange if mvp_found != True: UnboundLocalError: local variable 'mvp_found' referenced before assignment This is on a brand new Pi3 running fully patched Jessie and connected over Ethernet. Cleaning off a Raspberry Pi 2 Model B to try it there as I seemed to be the only person having the issues I was having. great thread in https://www.reddit.com/r/netsec/comments/4kznx4/warberry_pi_tactical_exploitation/
×
×
  • Create New...