Jamo Posted April 8, 2010 Posted April 8, 2010 Hi My configuration is following: Fon+ -> ubuntu laptop -> wlan -> intenet I use ubuntus inbuilt ICS. When I use wireshark or ettercap to capture packets from pineapple (eth0) it stops working, victims cant browse web etc. Quote
digininja Posted April 8, 2010 Posted April 8, 2010 So the connection drops as soon as you start up Wireshark, is that right? Try tcpdump and tshark, see if they have the same affect. I can't think why this would happen but at least this will show if it is just Wireshark that is killing things. Quote
Jamo Posted April 9, 2010 Author Posted April 9, 2010 Yes Wireshark kills that connection. also it happends with ettercap. Do i have to "echo "1" > /proc/sys/net/ipv4/ip_forward" for this? Tcpdump works well, it dont kill connection. Quote
digininja Posted April 9, 2010 Posted April 9, 2010 No idea then, I've never seen Wireshark kill a connection like that. As tcpdump doesn't kill it then it isn't anything to do with the card going into promiscuous mode. Sorry can't think of anything else to suggest. Quote
Jamo Posted April 9, 2010 Author Posted April 9, 2010 No idea then, I've never seen Wireshark kill a connection like that. As tcpdump doesn't kill it then it isn't anything to do with the card going into promiscuous mode. Sorry can't think of anything else to suggest. actually, when I today tried this it doesnt kill connection. so it works now. Quote
Mr-Protocol Posted April 14, 2012 Posted April 14, 2012 So you need external programs like Wireshark and ettercap to capture the packets? Is there no way in the web interface or in OpenWRT to tell the Pineapple to save the packets? There really isn't much RAM or storage to make it practical. Quote
dennis00 Posted April 15, 2012 Posted April 15, 2012 I am seeing the same thing happen. I want to use ettercap on the packets from the pineapple but ettercap is setting the forwarding bit to 0. Similar set up as above: WiFi Pineapple Mark IV Firmware version: 1.1.1 -> [bT5 Eth0 <-> BT5 Wlan0] -> Internet I also tried it with ettercap bridging: (I did not set up a bridge, hoping ettercap does that for me?) ettercap -T -q -i eth0 -B wlan0 Quote
barry99705 Posted April 16, 2012 Posted April 16, 2012 Is wireshark putting your network card into monitor mode? That will kill the connection. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.