PineDominator Posted April 5, 2012 Share Posted April 5, 2012 (edited) Not sure about all the comments about site_survey working with karma? using the latest version and only clicking auto then scanning for ap's once I noticed my android phone gets disconnected from the pineapple and then connects to my personal ap at home, OK then I deauth my own ap and sure enough my phone immediately connects to the pineapple via a karma'd ssid. problem is about 10 seconds after that my phone drops the pineapple and reconnects to my home ap? Is that what is expected? EDIT: the default ssid that the pineapple broadcasts is not viewable on my phone. Edited April 5, 2012 by petertfm Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted April 5, 2012 Author Share Posted April 5, 2012 (edited) The outcome for the moment is indeed no data can be captured if you launch the module as soon as you boot the MK4, I don't know why :( AP are listed using the normal interface and connected clients using the monitor. So as soon as you bring down / up the interface, you can see the APs and as soon as you bring down / up the monitor, you get connected clients but Karma doesn't work more... Edited April 5, 2012 by Whistle Master Quote Link to comment Share on other sites More sharing options...
barry99705 Posted April 5, 2012 Share Posted April 5, 2012 Dude, what the HELL man, are you a wizard? ;) Nailed it, as usual. I noted that both "monitor interface" and "wlan interface" were set to "enabled" and green. Tried disabling, reenabling, etc. never clicked on "auto". I also noted that it was green both before and after clicking, nothing changed to those menu items, but it clearly got it all going! Thanks again for the quick and precise help guys, your depth of knowledge never ceases to amaze. :) I just figured that out about 20 minutes before your post. ;) Quote Link to comment Share on other sites More sharing options...
Vulture Posted April 11, 2012 Share Posted April 11, 2012 Whistle Master, I think this is going to be one of my favorite plugins by you. I do have some issues with displaying the clients, however it doesn't appear to be a problem with generating the data into the $dumpPath however on line 33 of site_survey_data.php it appears the cat statement is generating a null .tmp file (I have confirmed clients and APs are in the .csv file) so the line 34 command is running against a null data set. Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted April 11, 2012 Author Share Posted April 11, 2012 (edited) · Hidden by Whistle Master, April 11, 2012 - No reason given Hidden by Whistle Master, April 11, 2012 - No reason given Whistle Master, I think this is going to be one of my favorite plugins by you. I do have some issues with displaying the clients, however it doesn't appear to be a problem with generating the data into the $dumpPath however on line 33 of site_survey_data.php it appears the cat statement is generating a null .tmp file (I have confirmed clients and APs are in the .csv file) so the line 34 command is running against a null data set. This is an issue with the monitor interface. You can capture information about clients connected only if you bring down and up the monitor interface (mon.wlan0, which will become mon0 afterward) The problem after that, you can list clients connected but karma stops working... Edited April 11, 2012 by Whistle Master Link to comment
Whistle Master Posted April 11, 2012 Author Share Posted April 11, 2012 Whistle Master, I think this is going to be one of my favorite plugins by you. I do have some issues with displaying the clients, however it doesn't appear to be a problem with generating the data into the $dumpPath however on line 33 of site_survey_data.php it appears the cat statement is generating a null .tmp file (I have confirmed clients and APs are in the .csv file) so the line 34 command is running against a null data set. Strange Can you send me by PM the csv file ? I'll investigate the problem. Thanks ! Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted April 12, 2012 Author Share Posted April 12, 2012 Version 1.3.5 is out ! Thanks Vulture for the bug report ! Quote Link to comment Share on other sites More sharing options...
ptrac3 Posted April 13, 2012 Share Posted April 13, 2012 Hi guys i'm experiencing some problems with Site Survey..The pineapple is up and running (no karma enabled) , i go to Site Survey module click Stop mon0 and then Stop wlan0..After that click Start on wlan0 and then Start on mon0..Am i doing something wrong? The thing i can see it's something like that Output Interface Chipset Driver wlan0 Atheros ath9k - [phy0] mon0 Atheros ath9k - [phy0] (removed) Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted April 13, 2012 Author Share Posted April 13, 2012 Hi guys i'm experiencing some problems with Site Survey..The pineapple is up and running (no karma enabled) , i go to Site Survey module click Stop mon0 and then Stop wlan0..After that click Start on wlan0 and then Start on mon0..Am i doing something wrong? The thing i can see it's something like that Output Interface Chipset Driver wlan0 Atheros ath9k - [phy0] mon0 Atheros ath9k - [phy0] (removed) What's exactly your issue? You can't see any data? Which version of the Site Survey do you have and on which version of the pineapple (hardware + firmware)? Quote Link to comment Share on other sites More sharing options...
ptrac3 Posted April 13, 2012 Share Posted April 13, 2012 What's exactly your issue? You can't see any data? Which version of the Site Survey do you have and on which version of the pineapple (hardware + firmware)? I have pineapple MKIV and firmware 1.1.1 and your module it's 1.3.5 but i think it's my problem (related to wireless range problems i'm experiencing) I asked this to see if i'm doing something wrong or maybe in the wrong order..However now site survey seems to be working..:) Quote Link to comment Share on other sites More sharing options...
Vulture Posted April 14, 2012 Share Posted April 14, 2012 Whistle Master, what is your opinion on adding auto refresh to clients and possibly an auto deauth with a whitelist? If we can get the AWUS036H USB wifi adapter working we could be running karma on the primary adapter and auto deauthing via the secondary adapter. Once I have everything documented on this I am going to send the kernel module request to Seb. Since hack shop sells this adapter I think it is a pretty good chance we can get it added. Quote Link to comment Share on other sites More sharing options...
SilverExploit Posted April 16, 2012 Share Posted April 16, 2012 Hi, sorry I'm new here... Great job by the way! :) Where exactly do i find the code for this? I cant seem to find it in the GitHub page :S Quote Link to comment Share on other sites More sharing options...
PineDominator Posted April 16, 2012 Share Posted April 16, 2012 Hi, sorry I'm new here... Great job by the way! :) Where exactly do i find the code for this? I cant seem to find it in the GitHub page :S It's a module that is downloaded and installed onto the pineapple through the UI of the pineapple. Quote Link to comment Share on other sites More sharing options...
PineDominator Posted April 16, 2012 Share Posted April 16, 2012 Whistle Master, what is your opinion on adding auto refresh to clients and possibly an auto deauth with a whitelist? If we can get the AWUS036H USB wifi adapter working we could be running karma on the primary adapter and auto deauthing via the secondary adapter. Once I have everything documented on this I am going to send the kernel module request to Seb. Since hack shop sells this adapter I think it is a pretty good chance we can get it added. Plus one on the using site survey for deauthing, unless Seb is wanting one fully pre installed? If doing a blacklist maybe share from the karma blacklist? also I was thinking when we get deauthing all the time figured out maybe we could stay on the down low by only deauthing clients with high enough signal that would actually connect and or stop deauthing a client when it is not successful after so many times? I see my kama log full of clients auto-connecting to an ssid that requires encryption. I just wouldn't want to annoy everyone when it may not be possible for them to connect due to not having open networks auto-connect or too far away for them to switch from there high signal to the pineapples lower signal, I know some clients will only connect to the higher of the 2. Quote Link to comment Share on other sites More sharing options...
Vulture Posted April 16, 2012 Share Posted April 16, 2012 Plus one on the using site survey for deauthing, unless Seb is wanting one fully pre installed? If doing a blacklist maybe share from the karma blacklist? also I was thinking when we get deauthing all the time figured out maybe we could stay on the down low by only deauthing clients with high enough signal that would actually connect and or stop deauthing a client when it is not successful after so many times? I see my kama log full of clients auto-connecting to an ssid that requires encryption. I just wouldn't want to annoy everyone when it may not be possible for them to connect due to not having open networks auto-connect or too far away for them to switch from there high signal to the pineapples lower signal, I know some clients will only connect to the higher of the 2. I don't believe it will make sense to build into karma unless we can get multi WLAN support since the wlan0/mon.wlan0 must be bound to channel 11 to handle the incoming clients. Quote Link to comment Share on other sites More sharing options...
PineDominator Posted April 16, 2012 Share Posted April 16, 2012 I don't believe it will make sense to build into karma unless we can get multi WLAN support since the wlan0/mon.wlan0 must be bound to channel 11 to handle the incoming clients. I was thinking when we get a second adapter working and using that for deauthing maybe site survey could have a cut off with time limit Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted April 16, 2012 Author Share Posted April 16, 2012 I can definitely add the auto refresh for clients but the fact is that capturing the clients information takes longer (at least 20 seconds): the longer it runs, the better are the results. I will have a look on it :) Regarding the auto deauth, what would you see for this? A link to deauth every AP and / or clients listed, one shoot? Or something you active and let running and for each AP and / or clients in sight, you deauth it ? Maybe it could be a separate module, specific to deauth ;) Quote Link to comment Share on other sites More sharing options...
barry99705 Posted April 16, 2012 Share Posted April 16, 2012 I was thinking when we get a second adapter working and using that for deauthing maybe site survey could have a cut off with time limit I thought that's what the backpack mk3 was going to be used for? Quote Link to comment Share on other sites More sharing options...
PineDominator Posted April 16, 2012 Share Posted April 16, 2012 I thought that's what the backpack mk3 was going to be used for? but we will allso have external adapters as well. I do like the idea of connecting to the mark3/4 but really a usb alfa would do the job as well, keeping it to a mark4 would take some of the load and could allow some of the features to be run there instead. sslstrip, deauthing and possibly tethering via another wifi? Quote Link to comment Share on other sites More sharing options...
thestudent Posted April 19, 2012 Share Posted April 19, 2012 Excellent Seb! I'm looking forward to seeing it! My deauths don't seem to be working...is there anything else I need to do? Maybe I'm missing something. Interface looks great though, thank Whistle Master. Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted April 20, 2012 Author Share Posted April 20, 2012 Do you have see any information in the "output" section at the bottom when you click on deauth ? Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted April 20, 2012 Author Share Posted April 20, 2012 (edited) On an idea by Vulture, I'm currently working on a version to capture data directly from the interface and keep an history for later review (e.g. WEP crack) ;) Vulture volunteered for testing it :P Stay tuned ! Edited April 20, 2012 by Whistle Master Quote Link to comment Share on other sites More sharing options...
Light Posted April 20, 2012 Share Posted April 20, 2012 I think that would be a great feature WM!!! Quote Link to comment Share on other sites More sharing options...
thestudent Posted April 21, 2012 Share Posted April 21, 2012 Do you have see any information in the "output" section at the bottom when you click on deauth ? I changed it from 5 packets to 20 for testing but it still doesn't work...:-/ 00:06:30 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:31 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:31 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:32 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:32 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:33 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:33 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:34 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:35 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:35 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:36 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:36 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:37 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:37 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:38 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:38 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:39 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:39 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:40 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:40 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted April 21, 2012 Author Share Posted April 21, 2012 I changed it from 5 packets to 20 for testing but it still doesn't work...:-/ 00:06:30 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:31 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:31 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] 00:06:32 Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs] I'm sorry but the modules seems to be working... the output is correct. Now, you don't get any AKs. Are you sure you have users connected to the AP ? Are the users disconnected from the APs as soon as you run it ? The range can also be a problem if you are too far away from the AP. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.