1 Man, 1 Macbook Air, 1 Yagi, 1 Mark Iv And A Whole Lota Pwnin

[Isolot]

Afternoon fellow hax5zors and Hax5zorets,

I recently acquired a boat load of tools from the hak5 store and wanted to share my experiences for those who are looking to buy. First of all, Shannon did an awesome job of mixing two separate orders to save me some shipping cash. Second, it got to me in Australia within a week B) .

Macbook Air + 16 dbi Yagi + Alfa USB Wifi AWUS036H:

Like a true king of the jungle osx lion does not play well with others, for this reason i didn’t try the AWUS036H natively. Passing the AWUS036H through to my backtrack 5r1 virtual box worked like a charm until i started receiving string descriptor errors on start-up of the vm. Others have had this issue with virtualbox and installed an extension pack to fix the problem. The extension pack worked for the AWUS036H running on windows 7 in virtual box but the backtrack vm still got the string descriptor error. Bottom line is Virtual box is flaky at handling the usb device interchange between osx lion and Linux virtual machine’s. So i shelled out the cash for Parallels, converted my virtual box images to parallels and all my problems disappeared straight away. The Yagi is awesome! I changed my home router to wep and went 80 to 100 meters away in a local park. I got about 60% signal strength and was able to crack the network key in about 15-20 mins using the backtrack vm....this is where it get’s strange . Using the alfa+yagi, WCID sees the network at the same strength as kismet and is able to connect super slowly. Upon connection i get an ip but nmap doesn’t work because of the slow responses and any browser requests were timing out. 1 out of 10 tries will give me the target networks router config login page within 120 seconds. So i shutdown the backtrack vm and opened a windows 7 vm, installed the alfa and connected using the cracked password and yagi at 60% signal strength. It worked fast! Nmap and internet browsing all worked fine under the exact same scenario as backtrack which was slow.

So in short the alfa+yagi+backtrack5r1 works flawlessly at cracking passwords at 100 meters away but is unstable at holding an authenticated connection. After switching the alfa to the windows 7 vm i am able to browse the network perfectly at 100m away. This is really annoying as i would like to continue my exploration within backtrack and not have to drop to windows for a stable connection. I have tried setting the alfa to 30db with iw reg set BO and txpower 30 but this made no difference to the stability of the connection....any idea’s?

Macbook Air + Apple Usb Ethernet Adapter + Mark IV.

First of all, the hak5 team have done a great job at keeping the setup simple. I set the static ip on the usb Ethernet to 172.16.42.42 and lion was perfectly happy talking to the device. Then boom!!! lion strikes again, as soon as ICS is on lion applies a second ip to the adapter ignoring the 172.16.42.42 address. The range ICS assigns to the adapter is stupidly not changeable in lion as it was in previous versions of osx .Instead of making the pineapple look for the different range i decided to go back to the vm world! The backtrack parallels VM handled the apple usb Ethernet adapter pass through perfectly fine and the auto setup script was able to apply the correct IP’s to the correct apple usb Ethernet interface. Champaign fell from the heavens and noobs got pwned internet access through the vm’s bridged connection to the apple internal wifi card. This thing was DNS spoofing all over selected requests, Im stoked! All is working bar one thing... whenever i turn ipforwarding on i can no longer connect to local ports such as the kismet server or a meterpreter listener . For example, anything from the backtrack vm trying to connect to a listener on 127.0.0.1 i think gets forwarded off into the night. Is there Anyway to exclude requests coming from my backtrack vm to the ip forwarding rule? Unless i am doing something wrong in the pineapple setup script....any idea’s?

I am keen for Apples, Pineapples and Penguins to coexist without the use of Windows!

Thanks in advance,

IsoloT.

[Dioxin]

Your issue could be VirtualBox related. I've had a few issues myself with the flaky USB support.

Try out VMWares Fusion on a 30 day trial. Its $50 but there is a bundle floating around containing it and a whole slew of other apps for the same $50 (weird in know!)

Additionally for ICS I would probably try to route the traffic through BT5 and use NAT or Bridge to the Mac Internet Connection.

This way BT5 doesnt really need to know Lion exists.

If you are feeling particularly adventure you could try to install BT5 natively on the Mac ;)

I've had some success with this, but the display is the major issue.

[peZ]

I've always had trouble with BT5 (R1 or R2) holding a connection via AWUS036H on my Mac running in VMWare Fusion. Could never find an answer even after doing the:

iw reg set BO

iwconfig wlan0 txpower 30

[telot]

Love the story Isolot!

I too had osx lion rawr it's ugly head all over my otherwise awesome pineapple. Tell me this though, what's your parallels networking configuration set to? Have you tried whichever one gives you a dhcp ip addy from your router (as opposed to one from your computer...can't remember the name of the mode).

telot

Edited June 9, 2012 by telot

[johnw]

I'm looking at picking up a netbook soon to run BT5R2 and XP SP3 on exclusively.

Any suggestions? My macbook pro is driving me a little batty.

[redhook]

Did you turn the Alfa's power up in Backtrack? It defaults to something like 100mW.

[redhook]

I'm looking at picking up a netbook soon to run BT5R2 and XP SP3 on exclusively.

Any suggestions? My macbook pro is driving me a little batty.

EeePC?

[skrite]

I am keen for Apples, Pineapples and Penguins to coexist without the use of Windows!

i am with you. I have a macbook air that i recently installed backtrack linux (into kubuntu 10.4) http://www.backbox.org/

Anyway, i am waiting on the hardware to arrive in the mail, only ordered a few days ago. This post is months after the last one in this thread, but do you care to share how things have been going? What tips you have have?

I am using close to the exact same harware you are, and windows is not an option. (VMs, dual boot, and such are)

thanks

[Isolot]

i am with you. I have a macbook air that i recently installed backtrack linux (into kubuntu 10.4) http://www.backbox.org/

Anyway, i am waiting on the hardware to arrive in the mail, only ordered a few days ago. This post is months after the last one in this thread, but do you care to share how things have been going? What tips you have have?

I am using close to the exact same harware you are, and windows is not an option. (VMs, dual boot, and such are)

thanks

I been AWOL doing the Ceh exam and pesky work etc, sorry for the late reply.. how did you go dude? i'll get back into it this weekend, will see how good bt5 r3 is at holding a wifi connection with low signal strength. Super keen on giving that mitm pen testing web ui that was posted a go too! if that works it will speed up my workflow. In general though, i love the macbook air, wouldn't trade it for any other pentesting lappy!

cheers buddy,

Isolot.

Isolot.

[skysploit]

I have nothing to add but great read... I was strapped to my seat the whole time :)