Jump to content

Pineapple 3


spymare
 Share

Recommended Posts

Hi. I just got my pineapple 3 today.

I connected it via cable to my computer, and got into it's interface.

Then I started airmon-ng, and now I take of the cable between the computer and the router, and restart the computer.

The problem is, the computer does not automaticly connect to the pineapple wireless network as it should do, what am I doing wrong?

sorry but im very new to this :).

Link to comment
Share on other sites

but isn't the whole idea, that clients should be automatic connected when the pineapple is around?

So I just can go into a caffee, and people get automatic connected, without them self doing it :)? sorry im a newbie

karma won't start. it keeps saying disabled even I click start, and I haven't changed anything :S

Edited by spymare
Link to comment
Share on other sites

You should watch the videos Darren made showcasing the pineapple. It works when devices have saved wifi networks in their devices set to auto connect. The pineapple will respond to the probe the device sends out to "see if the network is around" and then act as if it is the access point your device wants.

Link to comment
Share on other sites

Add yourself an Open Authentication no encryption network to your "Manage wireless networks" and make sure to check the "Connect to this network automatically". Then try it out again and it should work.

Will it work with a secured network? Is there a way, if not by default?

Link to comment
Share on other sites

I am having the same issue and I do have the network in the target machine's autoconnect wifi list with no authentication (although I think karma works if they do have authentication set). I cannot get the target machine to connect automatically at all. I am running backtrack 5 on my attack machine and have probably used everything on the pineapple before manually but for some reason I am getting frustrated with this.

Link to comment
Share on other sites

The pineapple will respond to any probe request it receives open or otherwise. It will ONLY automatically connect if the saved probe request is from a OPEN network set to automatically connect.

If it responds to a probe request for a encrypted ap it will show up as a non encrypted ap but it will have to be manually connected by the user.

Link to comment
Share on other sites

The attack works best against open APs, like those found in the public.at coffee shops (attwifi), Airports, etc. These networks are inherently insecure and yet by design they must be open. If you're having trouble finding a target take the pineapple to a taffy rich environment. For even greater succcess use airdrop-ng :)

Link to comment
Share on other sites

awesome.. good point, thanks darren... but jasager means yes man right ? in your first video i remember you saying it says " yah im your router you stupid bitch, let's get you connected ! " so i guess that's only for open routers yes ?

Yes it only automatically works for open routers.

Edited by itsm0ld
Link to comment
Share on other sites

I wish it could work on WPA encrypted networks but that's unlikely to happen. It's not like a WPA AP simple asks for the password, there's a complicated 4-way handshake process that can't be emulated. That said as long as your victim has at least one open network saved and set to auto connect (the default behavior on most devices today) then it's simply a matter of enabling Karma, waiting for them to send out a probe request, and Bob's your uncle.

Link to comment
Share on other sites

I wish it could work on WPA encrypted networks but that's unlikely to happen. It's not like a WPA AP simple asks for the password, there's a complicated 4-way handshake process that can't be emulated. That said as long as your victim has at least one open network saved and set to auto connect (the default behavior on most devices today) then it's simply a matter of enabling Karma, waiting for them to send out a probe request, and Bob's your uncle.

Won't some clients auto "dumb-down" the connection? I think i vaguely remember something like that being possible.

Link to comment
Share on other sites

Part of the problem is that there are only two fields in a probe request, SSID and data rate. It's up to the OS to figure out the rest based on the probe response. What I think could really be fun is cross compiling mdk3 for the atheros and running it on the pineapple set to broadcast beacons from the top 1000 most popular SSIDs. We could call that feature Live Bait ;)

Link to comment
Share on other sites

Yes it only automatically works for open routers.

Now I've been planning to purchase a Pineapple since the mark 2 days... I've watched every video relating to it both on hak 5 and curtain special promo vid's Darren made... And not one of these gave me the impression you needed OPEN networks on the "victim" for this to work?! i assumed it would work on at least WEP...

Hmm...

Link to comment
Share on other sites

Now I've been planning to purchase a Pineapple since the mark 2 days... I've watched every video relating to it both on hak 5 and curtain special promo vid's Darren made... And not one of these gave me the impression you needed OPEN networks on the "victim" for this to work?! i assumed it would work on at least WEP...

Hmm...

then you asumed wrong.. at least as far as auto-connect goes... but these days people almost always have used a hotspot without encryption at some point, they are everywhere..

hotels, airports, MCDonalds, and many more... In Denmark we even have open (and free) wifi in alot of the trains..

Link to comment
Share on other sites

then you asumed wrong.. at least as far as auto-connect goes... but these days people almost always have used a hotspot without encryption at some point, they are everywhere..

hotels, airports, MCDonalds, and many more... In Denmark we even have open (and free) wifi in alot of the trains..

Very fair point!

It doesn't really bother me either way i was just surprised it wasn't explained abit more in the promo vids or hak5 shows.

Its a great little unit regardless and i praise the developers on their work :D

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...