mreidiv Posted February 29, 2012 Share Posted February 29, 2012 just got my mk4 so i have Few questions Where did Ngrep go? I cant get urlsnarf to work. Karma urlsnarf dns spoof and cron jobs is on? And i though reaver would be included on this? Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted February 29, 2012 Share Posted February 29, 2012 Ngrep is gone for now. What issues are you having with urlsnarf? What do you mean when you say it is on? Reaver is included. No UI for it yet. SHH in and see. Best regards, Sebkinne Quote Link to comment Share on other sites More sharing options...
mreidiv Posted March 1, 2012 Author Share Posted March 1, 2012 (edited) Ngrep is gone for now. What issues are you having with urlsnarf? What do you mean when you say it is on? Reaver is included. No UI for it yet. SHH in and see. Best regards, Sebkinne urlsnarf is not showing up in the ui like the mk3 & by on i have it enabled in the ui is there a log file some where that i can look at? i can confirm that after 8 and a half hours not even a sign of over heating so that's good. I can cat urlsnarf and phish.log on the advanced page so its working just not in the Web UI Edited March 1, 2012 by mreidiv Quote Link to comment Share on other sites More sharing options...
iamk3 Posted March 1, 2012 Share Posted March 1, 2012 (edited) I'm having the same issue with urlsnarf not showing up, but that may be related to the issue of clients not being passed to the internet for me... However, I don't see a "urlsnarf" option "heading" like in the mk3 gui. Edited March 2, 2012 by iamk3 Quote Link to comment Share on other sites More sharing options...
korang Posted March 2, 2012 Share Posted March 2, 2012 Reaver is included. No UI for it yet. SHH in and see. Best regards, Sebkinne Reaver is on the Beta MK IV??? I got the Schmoocon Edition and I do not see it... Quote Link to comment Share on other sites More sharing options...
korang Posted March 2, 2012 Share Posted March 2, 2012 Where are you looking? One the pineapple itself...... Guess I should ask, where should I be looking Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted March 2, 2012 Share Posted March 2, 2012 Reaver is not present on the shmoocon version. You will have to wait until the update is released. Regards, Sebkinne Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted March 2, 2012 Share Posted March 2, 2012 just got my mk4 so i have Few questions Where did Ngrep go? I cant get urlsnarf to work. Karma urlsnarf dns spoof and cron jobs is on? And i though reaver would be included on this? ngrep is still on there but not in the web UI. We're working on a revised web UI for sniffing which should bring together the power of urlsnarf, ngrep and *ettercap* :) Very excited about that last one. You can still use ngrep, urlsnarf from the command line for now. Reaver is included, just SSH in and type reaver. i can confirm that after 8 and a half hours not even a sign of over heating so that's good. Yep - I'm very happy with the thermal properties of the mk4. I ran one the other night with a battery pack in a pelican case at an RSA party for over 4 hours with over 100 clients associated and it wasn't even warm. I hadn't even drilled vent holes in the case yet! Even I'm amazed. Reaver is on the Beta MK IV??? I got the Schmoocon Edition and I do not see it... Reaver wasn't on the shmoocon edition - it was too new then. We'll have a firmware update out for the shmoo folks in a hot sec. Hang tight. Quote Link to comment Share on other sites More sharing options...
nopenopenope Posted March 2, 2012 Share Posted March 2, 2012 Is the ettercap update going to contain the fake sslcert plugin? so we can sniff ssl the "proper" way, without just saying NO SSL FOR YOU Quote Link to comment Share on other sites More sharing options...
Mark4FanGer Posted March 2, 2012 Share Posted March 2, 2012 Hello forums, any idea when releasing new fw for mk4? my is still on 1.0 regards Quote Link to comment Share on other sites More sharing options...
blu3nowh3r3 Posted March 2, 2012 Share Posted March 2, 2012 ooooooooooooo ettercap ooooooooooooooooo Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted March 2, 2012 Share Posted March 2, 2012 Firmware over the weekend. Still toying with the best way to implement ettercap. You can try it yourself. SSH in and: opkg update opkg install ettercap-ng # Package might also just be called "ettercap" also might want to run "df -h" to see if you have enough room on /, otherwise format a USB drive in EXT4, plug it in (shouldn't have to reboot) and you'll notice all that room available in /usb (run df -h to verify) Installing packages to usb is done by adding --dest usb in the opkg command, as defined in the /etc/opkg.conf Quote Link to comment Share on other sites More sharing options...
Splicer Posted March 2, 2012 Share Posted March 2, 2012 (edited) Posted Edited. Never mind, issues was fixed. Edited March 2, 2012 by Splicer Quote Link to comment Share on other sites More sharing options...
nopenopenope Posted March 2, 2012 Share Posted March 2, 2012 Thanks Darren, I'll look into it when I get mine, as well as using an alfa instead of a 3g card, since I don't have a card because I just use my hacked wifi hotspot on my droid razr. Also, I see a problem that might occur with that, can I SSH into the pineapple from my phone, when its getting internet from my phone. phone's internet --> alfa in pineapple --> pineapples network --> ssh from same phone into it? when I can't use the wireless card in phone when it's hotspot is active. say the pineapple is connected to my phone on 192.168.1.5, would I just SSH into that? Quote Link to comment Share on other sites More sharing options...
telot Posted March 3, 2012 Share Posted March 3, 2012 Thanks Darren, I'll look into it when I get mine, as well as using an alfa instead of a 3g card, since I don't have a card because I just use my hacked wifi hotspot on my droid razr. Also, I see a problem that might occur with that, can I SSH into the pineapple from my phone, when its getting internet from my phone. phone's internet --> alfa in pineapple --> pineapples network --> ssh from same phone into it? when I can't use the wireless card in phone when it's hotspot is active. say the pineapple is connected to my phone on 192.168.1.5, would I just SSH into that? What are you using as an SSH client on android? The only one I can find (Free) is connectbot...which is kinda a piece of crap as far as ssh clients go...no tab completion FTL :( telot Quote Link to comment Share on other sites More sharing options...
barry99705 Posted March 3, 2012 Share Posted March 3, 2012 What are you using as an SSH client on android? The only one I can find (Free) is connectbot...which is kinda a piece of crap as far as ssh clients go...no tab completion FTL :( telot I've not seen anything with tab completion on Android. I use Android Terminal Emulator. Quote Link to comment Share on other sites More sharing options...
nopenopenope Posted March 3, 2012 Share Posted March 3, 2012 (edited) I've not seen anything with tab completion on Android. I use Android Terminal Emulator. You can tab complete with Better Terminal Emulator Pro, on my droid razr is it volume up x2, you can set it in the settings, it wont say tab completion though, set your key as ^[ then when press it twice it auto completes. Also, Better Terminal Emulator Pro has SSH built into it, I would think most would. Just type shh to check. When I'm using backtrack on my phone it's ssh'ing into the localhost. So if i want multiple terminals I just open a new tab and 'ssh localhost' or 'ssh 127.0.0.1' and then obviously its backtrack, and its on my phone so I'm to lazy to set a new password lol, it asks for the password, in this case toor, and your good. Edited March 3, 2012 by soka80 Quote Link to comment Share on other sites More sharing options...
barry99705 Posted March 3, 2012 Share Posted March 3, 2012 Okay, here's a Mk4 question. What's the WPS button for? Quote Link to comment Share on other sites More sharing options...
PineDominator Posted March 3, 2012 Share Posted March 3, 2012 Okay, here's a Mk4 question. What's the WPS button for? Make it assignable to a function? enable disable karma or what ever you want? Quote Link to comment Share on other sites More sharing options...
telot Posted March 4, 2012 Share Posted March 4, 2012 Make it assignable to a function? enable disable karma or what ever you want? My hopes...My dreams... telot Quote Link to comment Share on other sites More sharing options...
caturix Posted March 4, 2012 Share Posted March 4, 2012 What are you using as an SSH client on android? The only one I can find (Free) is connectbot...which is kinda a piece of crap as far as ssh clients go...no tab completion FTL :( telot I use connectbot with hackers keyboard and can tab complete no problem. That's on my XOOM tab with 4.03. Quote Link to comment Share on other sites More sharing options...
anode Posted March 4, 2012 Share Posted March 4, 2012 Okay, here's a Mk4 question. What's the WPS button for? I thought it was just a warning label Quote Link to comment Share on other sites More sharing options...
anode Posted March 4, 2012 Share Posted March 4, 2012 ./etc/hotplug.d/button/50-wps Possible use? Just exploring the p'apple Quote Link to comment Share on other sites More sharing options...
Drewdroid Posted March 4, 2012 Share Posted March 4, 2012 Okay, here's a Mk4 question. What's the WPS button for? My first thought was that if it was a default image it would be a sign that you were vulnerable to Reaver attacks. That got me thinking... How about assigning it the function of LAUNCHING Reaver. Turn it on its head and use it to our advantage. It would obviously have to write to files for later use but that's the nice thing about Reaver and WPS vulns. Once you have that back door you're golden. Yes, we could just have it launch via gui or ssh but that's not as amusing. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted March 4, 2012 Share Posted March 4, 2012 So here's the 50-wps script. if [ "$ACTION" = "pressed" -a "$BUTTON" = "wps" ]; then for dir in /var/run/hostapd-*; do [ -d "$dir" ] || continue hostapd_cli -p "$dir" wps_pbc done fi Shouldn't be too hard for someone to whip up an alternate script for it! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.