highxenburg

By default, the Source Address in PineAP is 00:00:00:00:00:00 (instead of the MAC of wlan0...). Once I set Source Address in PineAP to wlan0, everything starting working as desired operation. I would check that first.

Thanks b0N3z..., Kinda what I thought. I also found that my Source Address in PineAP was 00:00:00:00:00:00 (instead of the MAC of wlan0...). (But I don't know that it had anything to do with it).... However, when I changed the source to wlan0 MAC, I was able to DeAuth Clients off my home Access Point. (But the clients didn't try to reconnect back to the Pineapple automatically)....If I did it manually, I then saw them in the Dashboard. Is that expected operation? (I suppose it has to do with how the client device behaves by default....)? I suppose if you were at say .....a Starbucks ....., and DeAuth'd a client, the person with the device, would just try and reconnect manually to the spoofed SSID.... YES?

Hi everyone... I was hoping that maybe someone with a bit more experience with the Pineapple could shed some light on a DeAuth (what appears to be), a problem. (Since I'm a "Noob" to the Pineapple) 1) SCENARIO: I'm "DeAuth'ing" at home from my home Access Point & home devices, (i.e Laptops, iPhones / iPads, etc...) No matter how many DeAuth Frames I send, the client devices don't "DeAuth" from my home Access Point & associate to the Pineapple. (and show up in the Dashboard as connected clients) - Nothing happens ! - NOT EVEN A MOMENTARY DISASSOCIATION on the Client device... (Curious indeed !) 2) PINEAPPLE CONFIGURATION: The Pineapple is using the AC Adapter. The Pineapple has been reset to Factory Defaults. I am running v1.1.2 firmware. The Pineapple is connected to my Kali Linux Laptop via the supplied USB Y-Cable. I have run the wp6.sh script. I have tested Internet connectivity on the Pineapple (fetching "bulletins" & listing of Modules) and everything works. I have enabled PineAP and have all options in PineAP enabled and saved. (It's capturing SSIDs & putting them in the pool as Probe Requests come in...) I have validated that the laptop I want to DeAuth is indeed connected to my home Access Point ! The Management AP "IS NOT" disabled. and the Open AP SSID IS NOT Hidden. 3) HOME ACCESS-POINT CONFIGURATION / Clients Linksys WRT54G Authentication: WPA2 Personal Home Access Point is located about 15ft from Client devices (Windows 7 Laptops & Apple iPads & Apple iPhones, etc...) (Home Access-Point is down stairs, Laptop I'm DeAuthing... up stairs - about 15ft away) 4) PROCEEDURE: I ran a 10min RECON Scan for both 2.4 & 5GHz. I see my Home Access Point (2.4GHz) with all associated Clients mentioned above. From the Scan results page, using the Drop-Down Menu & added the Client MACs to the PineAP Filter & switched the MAC's in "Allow" Mode (So ONLY those MACs can associate) From the Scan results page, using the Drop-Down Menu, I clicked the "DeAuth" Button (using Various DeAuth Multipliers) on the verified Laptop that was connected to my Home Access Point. 5) RESULT: No device "DeAuth'd" and associated with the Pineapple. (including other devices (Apple iPads & Apple iPhones) - that were also in the PineAP Filter Allow list. 6) OBSERVATIONS: If I physically turn off the Wireless card on the Laptop I want to DeAuth and wait until the connection is cleared the Home Access Point, then turn it on again, I see (2) SSIDs of the home Access Point appearing on the Laptop (One secured, the other unsecured) - which I believe is expected behavior.... but none-the-less, it doesn't associate with the Pineapple, just to the home Access Point. I'm wondering if the fact that the home Access Point is in range and is a secure connection that the Client will first associate to a secure vs. unsecured connection first??? OR the very fact that the home Access Point is present. Vs. not present - at say a Starbucks....then could I expect the desired result? (I believe it all has to do with request probes) Any information or help anyone could provide, would be of great appreciation !! Thanks all !!