Pineapple 3

[spymare]

Hi. I just got my pineapple 3 today.

I connected it via cable to my computer, and got into it's interface.

Then I started airmon-ng, and now I take of the cable between the computer and the router, and restart the computer.

The problem is, the computer does not automaticly connect to the pineapple wireless network as it should do, what am I doing wrong?

sorry but im very new to this :).

[Mr-Protocol]

Have you tried searching around the forums?

Do you have a pretty good understanding on how wireless devices will act as in auto connecting to known access points?

What OS are you using?

Do you have known/saved wifi networks that are Open authentication with NO encryption?

[spymare]

I will try search around :)

I don't got a big understanding for how it works, not yet

Im using windows 7

I have no saved networks, the ones that shows up, are all secured.

[Mr-Protocol]

Add yourself an Open Authentication no encryption network to your "Manage wireless networks" and make sure to check the "Connect to this network automatically". Then try it out again and it should work.

[spymare]

but isn't the whole idea, that clients should be automatic connected when the pineapple is around?

So I just can go into a caffee, and people get automatic connected, without them self doing it :)? sorry im a newbie

karma won't start. it keeps saying disabled even I click start, and I haven't changed anything :S

Edited November 23, 2011 by spymare

[Mr-Protocol]

You should watch the videos Darren made showcasing the pineapple. It works when devices have saved wifi networks in their devices set to auto connect. The pineapple will respond to the probe the device sends out to "see if the network is around" and then act as if it is the access point your device wants.

[Ror]

Add yourself an Open Authentication no encryption network to your "Manage wireless networks" and make sure to check the "Connect to this network automatically". Then try it out again and it should work.

Will it work with a secured network? Is there a way, if not by default?

[bobz]

I am having the same issue and I do have the network in the target machine's autoconnect wifi list with no authentication (although I think karma works if they do have authentication set). I cannot get the target machine to connect automatically at all. I am running backtrack 5 on my attack machine and have probably used everything on the pineapple before manually but for some reason I am getting frustrated with this.

[allisonmagic]

Hey protocol so does that mean it will respond to any "open" ap saved in their list or will it respond to people who have "wep" encrypted ap's saved as well ?

[allisonmagic]

Cause in the video I don't remember him stating the pineapple will respond only to saved open aps.

[itsm0ld]

The pineapple will respond to any probe request it receives open or otherwise. It will ONLY automatically connect if the saved probe request is from a OPEN network set to automatically connect.

If it responds to a probe request for a encrypted ap it will show up as a non encrypted ap but it will have to be manually connected by the user.

[allisonmagic]

yah i tried to run this strait out of the box and test that theory with my phone... it only shows the ssid of the pineapple. doesn't show it as anything else

[Darren Kitchen]

The attack works best against open APs, like those found in the public.at coffee shops (attwifi), Airports, etc. These networks are inherently insecure and yet by design they must be open. If you're having trouble finding a target take the pineapple to a taffy rich environment. For even greater succcess use airdrop-ng :)

[allisonmagic]

awesome.. good point, thanks darren... but jasager means yes man right ? in your first video i remember you saying it says " yah im your router you stupid bitch, let's get you connected ! " so i guess that's only for open routers yes ?

[itsm0ld]

awesome.. good point, thanks darren... but jasager means yes man right ? in your first video i remember you saying it says " yah im your router you stupid bitch, let's get you connected ! " so i guess that's only for open routers yes ?

Yes it only automatically works for open routers.

Edited November 24, 2011 by itsm0ld

[Darren Kitchen]

I wish it could work on WPA encrypted networks but that's unlikely to happen. It's not like a WPA AP simple asks for the password, there's a complicated 4-way handshake process that can't be emulated. That said as long as your victim has at least one open network saved and set to auto connect (the default behavior on most devices today) then it's simply a matter of enabling Karma, waiting for them to send out a probe request, and Bob's your uncle.

[spymare]

Hi Darren. I sended you a message, but haven't got a reply yet :)

I got a big problem.

After upgrading to the latest firmware you posted (1.0.2) I think it was, I can now no longer enable Karma, it won't start :S

What can I do to solve this :S?

[Darren Kitchen]

I replied to you with detailed instructions on both of your threads. Sorry if I missed a PM, my mailbox is almost always full. Better to just email me directly. I also added your issue to the FAQ on wifipineapple.com

[Mr-Protocol]

I wish it could work on WPA encrypted networks but that's unlikely to happen. It's not like a WPA AP simple asks for the password, there's a complicated 4-way handshake process that can't be emulated. That said as long as your victim has at least one open network saved and set to auto connect (the default behavior on most devices today) then it's simply a matter of enabling Karma, waiting for them to send out a probe request, and Bob's your uncle.

Won't some clients auto "dumb-down" the connection? I think i vaguely remember something like that being possible.

[Darren Kitchen]

I believe so but just by looking at the clients I'm catching and the SSID's they're associating with it's hard to tell.

[Darren Kitchen]

Part of the problem is that there are only two fields in a probe request, SSID and data rate. It's up to the OS to figure out the rest based on the probe response. What I think could really be fun is cross compiling mdk3 for the atheros and running it on the pineapple set to broadcast beacons from the top 1000 most popular SSIDs. We could call that feature Live Bait ;)

[allisonmagic]

hey so, is this some kind of cafe latte attack against clients ? to where the client will automatically see his AP even though he's nowhere around it ? this would be the work of karma yes ? soon as their client sends out a probe, karma accepts it automatically ?

[Rotunda]

Yes it only automatically works for open routers.

Now I've been planning to purchase a Pineapple since the mark 2 days... I've watched every video relating to it both on hak 5 and curtain special promo vid's Darren made... And not one of these gave me the impression you needed OPEN networks on the "victim" for this to work?! i assumed it would work on at least WEP...

Hmm...

[httpCRASH]

Now I've been planning to purchase a Pineapple since the mark 2 days... I've watched every video relating to it both on hak 5 and curtain special promo vid's Darren made... And not one of these gave me the impression you needed OPEN networks on the "victim" for this to work?! i assumed it would work on at least WEP...

Hmm...

then you asumed wrong.. at least as far as auto-connect goes... but these days people almost always have used a hotspot without encryption at some point, they are everywhere..

hotels, airports, MCDonalds, and many more... In Denmark we even have open (and free) wifi in alot of the trains..

[Rotunda]

then you asumed wrong.. at least as far as auto-connect goes... but these days people almost always have used a hotspot without encryption at some point, they are everywhere..

hotels, airports, MCDonalds, and many more... In Denmark we even have open (and free) wifi in alot of the trains..

Very fair point!

It doesn't really bother me either way i was just surprised it wasn't explained abit more in the promo vids or hak5 shows.

Its a great little unit regardless and i praise the developers on their work :D