Jump to content

Authwatch?


Recommended Posts

Hi All, So I've got my Pineapple up and running and was wondering how I would go about trying to get some clients to associate with my AP fast. I remember vaguely that there was a segment on AuthWatch a while back (did a search on the forum but couldnt find a confirmed code, just one that someone was having issues with) - and was wondering where I could get the script. As far as I remember, it looks for a deauth packet and then broadcasts it. How does this work? Im not sure how you would broadcast a packet for all devices but can deauth a single device using aireplay-ng --deauth 1 -a XX:XX:XX:XX:XX -c XX:XX:XX:XX:XX mon0

Thanks for your help!

Link to comment
Share on other sites

The pineapple Mark III has aircrack-ng installed and you can DEAUTH from the interface. Check the top right when you are at 172.16.42.1/pineapple

I was also wondering how that is used? I'm probably being rather thick here, but it only has one input.

In other words, what is that field asking for? the SSID? The MAC addy of the client you wish to deauth?

I can't seem to find enough relevant info as to how we use the button with only one variable to input, and how that would work...again, sorry if it sounds stupid.

Would you mind giving a brief explanation as to how that deauth button works? I'd sure appreciate it.

Thanks!

Link to comment
Share on other sites

I was also wondering how that is used? I'm probably being rather thick here, but it only has one input.

In other words, what is that field asking for? the SSID? The MAC addy of the client you wish to deauth?

I can't seem to find enough relevant info as to how we use the button with only one variable to input, and how that would work...again, sorry if it sounds stupid.

Would you mind giving a brief explanation as to how that deauth button works? I'd sure appreciate it.

Thanks!

I agree. If you don't mind, would you be able to run through it with us?

Link to comment
Share on other sites

It is clearly labed SSID, so pick the SSID of the "legit" wifi around and deauth clients off of it.

I was.putting in the hw addy. I.e. 76:a4:35 etc....thinking command line options.

I.don't have it fired up at.the.moment, but you're saying take the.actual SSID string, enter it in that field, hit deauth, and the MK3 will broadcast the deauth to all clients on the target AP X times as specified?

That's how I thought it worked, I tried it using the SSID, no go. I then tried it using the hw addy of that AP, but.I kept getting a beacon error so I thought I was doing something wrong.

I guess I got it right but I cant make it work for.some reason

Link to comment
Share on other sites

I haven't tried yet hfam but I would assume its similar to what I listed earlier to deauth the client using bssid and mac.

Mr P - Is it actually possible to deauth all machines in the vicinity using the pineapple? I had assumed not and that it would need to be done using authwatch, which I can't find nor figure out lol

Link to comment
Share on other sites

I haven't tried yet hfam but I would assume its similar to what I listed earlier to deauth the client using bssid and mac.

Right, that's what I thought and how I was using it, but was getting a beacon error every time so I second guessed myself and thought maybe I got it wrong or there was something I was missing. Its the Mac addy of the AP, but I haven't been able to get it to work for me, not sure why though other than I get a beacon error.

Link to comment
Share on other sites

It seems to me you just enter in the SSID. You can also use the advanced box to manually type in the command used to get more customized and have it execute.

Ahhh, forgot about the advanced box, thanks! Ill definitely try some command line options!

The dialog box for the deauth is labled as BSSID in the web Gui. I assume that's the Xx:Xx:Xx:Xx:Xx:Xx format, so I tried it both ways. Only using the Mac generated results that looked like it actually ran, but with the beacon.error.

Ill try some command line options tomorrow and stop.back with the results.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...