Search the Community
Showing results for tags 'RADIUS'.
My first thread here on Hak5, so bare with me I don't follow rules. If I violate anything please ask me to stop, within reason I will comply. I'm just going to say this one time: I'm not responsible for your poor decision to do this. You break it, youre buying a new one, not me. Blame me for anything and I will laugh in your face, and make fun of you to my friends. That being said, lets start hacking some Pineapples! Goals: I want to construct a chroot environment discussed here by Matt Burch https://www.optiv.com/blog/pineapple-corporate-toolkit-part-1 Where he discusses capturing enterprise credentials from RADIUS servers using EAP authentication. We begin by sshing to the pineapple and sending the update command opkg update And setting up fstab with an external powered usb hub and a 16gb thumbdrive. In linux, format the drive as an extended partition. Setting the majority of the drive as ext4 and the remaining portion as swap space.Here is a copy of my fstab config global automount option from_fstab 1 option anon_mount 1 config global autoswap option from_fstab 1 option anon_swap 1 config mount option target /usb option device /dev/sda5 option fstype ext4 option options rw,sync option enabled 1 option enabled_fsck 0 config swap option device /dev/sda6 option enabled 1 From what I understand so far, we are going to need a copy of the Hak5 Tetra firmware.bin So pulling the git to my linux machine, my layout looks like this: git clone https://github.com/WiFiPineapple/openwrt-pineapple-tetra.git ~/Desktop/PINESHIT/pineGIT There are several prerequisites for the host nix machine that are not always easy to find/fix. For example, to get the required libz-dev and libc headers I had to install sudo aptitude build-dep nginx Open ~/Desktop/PINESHIT/pineGIT/openwrt-pineapple-tetra and run sudo make-config This will open the GUI for building a custom image for the Tetra. So there are about 2000 customization options. If you chose something that the pineapple dosent like, you may end up with a fruity brick. Study and understand what you are building, and what the options are. Start with blind compiling an image just to make sure that it builds. Meaning dont chose any options, just complete a build, not be saved, used or tested. If it completes, then our build space is solid and we can start understanding the build requirements to ensure full awesomeness. My init build took about 4 hours on Ubuntu 16.04.1 LTS 2gb RAM 2 i7 4770R @3.20GHz. It completed, but the next 2 didn't because I didnt invoke with sudo. sudo make -j1 V=s Also, I'm stuck with chroot giving me unhelpful feedback. root@BDU_Fruit:~# chroot /usb/chroot chroot: can't execute '/bin/ash': No such file or directory root@BDU_Fruit:~# Until I can get passed the chroot my project is dead in the water. I ask the community to help me finish! Hows that go.... apt-get help
I am not sure if I am missing something obvious but I have just picked up a MK5 and was looking at integrating my wireless toolset into the pineapple. I have been able to download the source and compile my binary packages, however I have noticed that firmware 2.3.0 runs wpad-mini and not full wpad. This appears to limit the ability to run hostapd's integrated RADIUS server. I have attempted to build wpad from the source contained at http://wiki.wifipineapple.com/#!build_guide.md but it appears the source for hostapd is an older version than the 2.3.0 firmware and does not include the pineapple patches. Is it possible to build and install the full wpad binary with the proper hostapd patches?
Hi guys, so I recently accessed for the first time a wireless network with RADIUS username and password style instead of the traditional wifi PSK, got a bit curious and after a little research about it's way of functioning and vulnerabilities I read that it was possible to obtain the MD5 hash relating to the password and username, but there seems to be little information on anything more specific. Do you know how this works? Is the MD5 obtained by monitoring an authentication or can you fake simulate an authentication with a username and get the MD5 with the password? Cheers ;)