Hi everyone...
I was hoping that maybe someone with a bit more experience with the Pineapple could shed some light on a DeAuth (what appears to be), a problem. (Since I'm a "Noob" to the Pineapple)
1) SCENARIO: I'm "DeAuth'ing" at home from my home Access Point & home devices, (i.e Laptops, iPhones / iPads, etc...)
No matter how many DeAuth Frames I send, the client devices don't "DeAuth" from my home Access Point & associate to the Pineapple. (and show up in the Dashboard as connected clients) - Nothing happens ! - NOT EVEN A MOMENTARY DISASSOCIATION on the Client device... (Curious indeed !)
2) PINEAPPLE CONFIGURATION:
The Pineapple is using the AC Adapter.
The Pineapple has been reset to Factory Defaults.
I am running v1.1.2 firmware.
The Pineapple is connected to my Kali Linux Laptop via the supplied USB Y-Cable.
I have run the wp6.sh script.
I have tested Internet connectivity on the Pineapple (fetching "bulletins" & listing of Modules) and everything works.
I have enabled PineAP and have all options in PineAP enabled and saved. (It's capturing SSIDs & putting them in the pool as Probe Requests come in...)
I have validated that the laptop I want to DeAuth is indeed connected to my home Access Point !
The Management AP "IS NOT" disabled. and the Open AP SSID IS NOT Hidden.
3) HOME ACCESS-POINT CONFIGURATION / Clients
Linksys WRT54G
Authentication: WPA2 Personal
Home Access Point is located about 15ft from Client devices (Windows 7 Laptops & Apple iPads & Apple iPhones, etc...)
(Home Access-Point is down stairs, Laptop I'm DeAuthing... up stairs - about 15ft away)
4) PROCEEDURE:
I ran a 10min RECON Scan for both 2.4 & 5GHz. I see my Home Access Point (2.4GHz) with all associated Clients mentioned above.
From the Scan results page, using the Drop-Down Menu & added the Client MACs to the PineAP Filter & switched the MAC's in "Allow" Mode (So ONLY those MACs can associate)
From the Scan results page, using the Drop-Down Menu, I clicked the "DeAuth" Button (using Various DeAuth Multipliers) on the verified Laptop that was connected to my Home Access Point.
5) RESULT:
No device "DeAuth'd" and associated with the Pineapple. (including other devices (Apple iPads & Apple iPhones) - that were also in the PineAP Filter Allow list.
6) OBSERVATIONS:
If I physically turn off the Wireless card on the Laptop I want to DeAuth and wait until the connection is cleared the Home Access Point, then turn it on again, I see (2) SSIDs of the home Access Point appearing on the Laptop (One secured, the other unsecured) - which I believe is expected behavior.... but none-the-less, it doesn't associate with the Pineapple, just to the home Access Point.
I'm wondering if the fact that the home Access Point is in range and is a secure connection that the Client will first associate to a secure vs. unsecured connection first???
OR
the very fact that the home Access Point is present. Vs. not present - at say a Starbucks....then could I expect the desired result?
(I believe it all has to do with request probes)
Any information or help anyone could provide, would be of great appreciation !!
Thanks all !!