Jump to content

No/few Clients Connected, Not Even Own Clients


velkrosmaak
 Share

Recommended Posts

So it feels as though I'm almost there! Got an AP51, got the Wifi Pineapple firmware on there and have the BBS style UI in front of me. When I disconnect, and reconnect to my own wifi, on my phone - say, I just connect to my own AP rather than through the pineapple. Does this mean that this attack only works if the actual AP you're imitating isn't there? That would explain why my testing hasn't been working.

I've renamed the built in pineapple SSID to Free Public Wifi (something like that) as a kind of honeypot, but even when I connect to that no traffic is captured (urlsnarf, driftnet, for example)

Incidentally, is there a way to disable the built in unprotected SSID?

Thanks in advance! :)

Link to comment
Share on other sites

So it feels as though I'm almost there! Got an AP51, got the Wifi Pineapple firmware on there and have the BBS style UI in front of me. When I disconnect, and reconnect to my own wifi, on my phone - say, I just connect to my own AP rather than through the pineapple. Does this mean that this attack only works if the actual AP you're imitating isn't there? That would explain why my testing hasn't been working.

Typically the device will pick the strongest signal. You can also de-auth and "guide" the clients to your device (Jasager).

I've renamed the built in pineapple SSID to Free Public Wifi (something like that) as a kind of honeypot, but even when I connect to that no traffic is captured (urlsnarf, driftnet, for example)

Probably because of https? If you have a MITM laptop then try sniffing there.

Incidentally, is there a way to disable the built in unprotected SSID?

Thanks in advance! :)

Yes, but I'm not sure why you would want to. It leaves more options to get targets. I'm not sure exactly what needs changed because I am at work, but maybe someone else can jump on and see what settings would need changed.

Link to comment
Share on other sites

Aah ok, I think I'm misunderstanding something pretty fundamental here then. I thought Jasager was already installed as part of the Wifi Pineapple firmware... Karma!=Jasager?

If not, how do I go about getting Jasager to 'say Ja!'?

Have Googled but as ever am finding a lot of conflicting info which to a newb like myself is very confusing.

Thanks Mr. P, I surely owe you a beer now with all the help you've given me!

Link to comment
Share on other sites

Unless they are connecting to an unencrypted access point in the first place, or have one already configured, you can't. If they have encryption enabled and you deauth them from their own network, when the laptop tries to reconnect to your pineapple it won't have the key and their laptop won't connect.

Link to comment
Share on other sites

I thought this was what Jasager was for? To 'say yes' even if the AP they are looking for is encrypted... no?

For de-authing from the web UI is it just a case of copying and pasting MAC's from the list or is there an easier way I'm missing? Thanks dudes!

Use a laptop with backtrack or something because deauthing via the markiii has never worked, waiting for it to be fixed or better improved.

how to get it to work:

ssh into pineapple, do a airodump-ng mon.wlan0, seems to only scan the channels the wlan0 card is set to ie 9, 10, 11.

then in the web ui enter the mac of the person you want to deauth, and if this person is connected to a wireless network that is not in the range 9, 10, 11 you will need to change the mon.wlan0 channel

just to complicated until there are some improvements.

Link to comment
Share on other sites

There is a script for aircrack-ng called airdrop-ng which will deauth based on rules. For example, all devices with an Apple OUI, or all devices that aren't connected to, say, our pineapple :)

We're working on getting that to run but resources are tight on the MK3 and it requires Python, which is rather large. For now using Airdrop-ng from a laptop is a good alternative. Here's an episode on the tool: http://hak5.org/episodes/episode-626

Also Karma != Jasager. Jasager is the name we gave 'Karma on the Fon' which eventually evolved into the suite of tools we install on the portable device. The device can be a Fon, Open-Mesh or AP51 -- something we've pre-installed and marketed as the WiFi Pineapple MK1, 2 and 3. That's a bit of a nit pick really, the long and short of it is -- if you've flashed the Jasager firmware on your own or bought a WiFi Pineapple you have the tools, including Karma.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...