Jamo Posted April 8, 2010 Share Posted April 8, 2010 Hi My configuration is following: Fon+ -> ubuntu laptop -> wlan -> intenet I use ubuntus inbuilt ICS. When I use wireshark or ettercap to capture packets from pineapple (eth0) it stops working, victims cant browse web etc. Quote Link to comment Share on other sites More sharing options...
digininja Posted April 8, 2010 Share Posted April 8, 2010 So the connection drops as soon as you start up Wireshark, is that right? Try tcpdump and tshark, see if they have the same affect. I can't think why this would happen but at least this will show if it is just Wireshark that is killing things. Quote Link to comment Share on other sites More sharing options...
Jamo Posted April 9, 2010 Author Share Posted April 9, 2010 Yes Wireshark kills that connection. also it happends with ettercap. Do i have to "echo "1" > /proc/sys/net/ipv4/ip_forward" for this? Tcpdump works well, it dont kill connection. Quote Link to comment Share on other sites More sharing options...
digininja Posted April 9, 2010 Share Posted April 9, 2010 No idea then, I've never seen Wireshark kill a connection like that. As tcpdump doesn't kill it then it isn't anything to do with the card going into promiscuous mode. Sorry can't think of anything else to suggest. Quote Link to comment Share on other sites More sharing options...
Jamo Posted April 9, 2010 Author Share Posted April 9, 2010 No idea then, I've never seen Wireshark kill a connection like that. As tcpdump doesn't kill it then it isn't anything to do with the card going into promiscuous mode. Sorry can't think of anything else to suggest. actually, when I today tried this it doesnt kill connection. so it works now. Quote Link to comment Share on other sites More sharing options...
digininja Posted April 9, 2010 Share Posted April 9, 2010 Good, non-logical computers again. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted April 14, 2012 Share Posted April 14, 2012 So you need external programs like Wireshark and ettercap to capture the packets? Is there no way in the web interface or in OpenWRT to tell the Pineapple to save the packets? There really isn't much RAM or storage to make it practical. Quote Link to comment Share on other sites More sharing options...
dennis00 Posted April 15, 2012 Share Posted April 15, 2012 I am seeing the same thing happen. I want to use ettercap on the packets from the pineapple but ettercap is setting the forwarding bit to 0. Similar set up as above: WiFi Pineapple Mark IV Firmware version: 1.1.1 -> [bT5 Eth0 <-> BT5 Wlan0] -> Internet I also tried it with ettercap bridging: (I did not set up a bridge, hoping ettercap does that for me?) ettercap -T -q -i eth0 -B wlan0 Quote Link to comment Share on other sites More sharing options...
barry99705 Posted April 16, 2012 Share Posted April 16, 2012 Is wireshark putting your network card into monitor mode? That will kill the connection. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.