Jump to content

Recommended Posts

Not sure about all the comments about site_survey working with karma?

using the latest version and only clicking auto then scanning for ap's once I noticed my android phone gets disconnected from the pineapple and then connects to my personal ap at home, OK

then I deauth my own ap and sure enough my phone immediately connects to the pineapple via a karma'd ssid.

problem is about 10 seconds after that my phone drops the pineapple and reconnects to my home ap?

Is that what is expected?

EDIT: the default ssid that the pineapple broadcasts is not viewable on my phone.

Edited by petertfm
Link to post
Share on other sites
  • Replies 91
  • Created
  • Last Reply

Top Posters In This Topic

The outcome for the moment is indeed no data can be captured if you launch the module as soon as you boot the MK4, I don't know why :(

AP are listed using the normal interface and connected clients using the monitor. So as soon as you bring down / up the interface, you can see the APs and as soon as you bring down / up the monitor, you get connected clients but Karma doesn't work more...

Edited by Whistle Master
Link to post
Share on other sites

Dude, what the HELL man, are you a wizard? ;) Nailed it, as usual.

I noted that both "monitor interface" and "wlan interface" were set to "enabled" and green. Tried disabling, reenabling, etc.

never clicked on "auto". I also noted that it was green both before and after clicking, nothing changed to those menu items, but it clearly got it all going!

Thanks again for the quick and precise help guys, your depth of knowledge never ceases to amaze. :)

I just figured that out about 20 minutes before your post. ;)

Link to post
Share on other sites

Whistle Master,

I think this is going to be one of my favorite plugins by you. I do have some issues with displaying the clients, however it doesn't appear to be a problem with generating the data into the $dumpPath however on line 33 of site_survey_data.php it appears the cat statement is generating a null .tmp file (I have confirmed clients and APs are in the .csv file) so the line 34 command is running against a null data set.

Link to post
Share on other sites
Posted (edited) · Hidden by Whistle Master, April 11, 2012 - No reason given
Hidden by Whistle Master, April 11, 2012 - No reason given

Whistle Master,

I think this is going to be one of my favorite plugins by you. I do have some issues with displaying the clients, however it doesn't appear to be a problem with generating the data into the $dumpPath however on line 33 of site_survey_data.php it appears the cat statement is generating a null .tmp file (I have confirmed clients and APs are in the .csv file) so the line 34 command is running against a null data set.

This is an issue with the monitor interface. You can capture information about clients connected only if you bring down and up the monitor interface (mon.wlan0, which will become mon0 afterward)

The problem after that, you can list clients connected but karma stops working...

Edited by Whistle Master
Link to post

Whistle Master,

I think this is going to be one of my favorite plugins by you. I do have some issues with displaying the clients, however it doesn't appear to be a problem with generating the data into the $dumpPath however on line 33 of site_survey_data.php it appears the cat statement is generating a null .tmp file (I have confirmed clients and APs are in the .csv file) so the line 34 command is running against a null data set.

Strange :huh: Can you send me by PM the csv file ? I'll investigate the problem. Thanks !

Link to post
Share on other sites

Hi guys i'm experiencing some problems with Site Survey..The pineapple is up and running (no karma enabled) , i go to Site Survey module click Stop mon0 and then Stop wlan0..After that click Start on wlan0 and then Start on mon0..Am i doing something wrong? The thing i can see it's something like that

Output

Interface	Chipset		Driver

wlan0		Atheros 	ath9k - [phy0]
mon0		Atheros 	ath9k - [phy0] (removed)

Link to post
Share on other sites

Hi guys i'm experiencing some problems with Site Survey..The pineapple is up and running (no karma enabled) , i go to Site Survey module click Stop mon0 and then Stop wlan0..After that click Start on wlan0 and then Start on mon0..Am i doing something wrong? The thing i can see it's something like that

Output

Interface	Chipset		Driver

wlan0		Atheros 	ath9k - [phy0]
mon0		Atheros 	ath9k - [phy0] (removed)

What's exactly your issue? You can't see any data?

Which version of the Site Survey do you have and on which version of the pineapple (hardware + firmware)?

Link to post
Share on other sites

What's exactly your issue? You can't see any data?

Which version of the Site Survey do you have and on which version of the pineapple (hardware + firmware)?

I have pineapple MKIV and firmware 1.1.1 and your module it's 1.3.5 but i think it's my problem (related to wireless range problems i'm experiencing) I asked this to see if i'm doing something wrong or maybe in the wrong order..However now site survey seems to be working..:)

Link to post
Share on other sites

Whistle Master, what is your opinion on adding auto refresh to clients and possibly an auto deauth with a whitelist?

If we can get the AWUS036H USB wifi adapter working we could be running karma on the primary adapter and auto deauthing via the secondary adapter. Once I have everything documented on this I am going to send the kernel module request to Seb. Since hack shop sells this adapter I think it is a pretty good chance we can get it added.

Link to post
Share on other sites

Hi, sorry I'm new here...

Great job by the way! :)

Where exactly do i find the code for this? I cant seem to find it in the GitHub page :S

It's a module that is downloaded and installed onto the pineapple through the UI of the pineapple.

Link to post
Share on other sites

Whistle Master, what is your opinion on adding auto refresh to clients and possibly an auto deauth with a whitelist?

If we can get the AWUS036H USB wifi adapter working we could be running karma on the primary adapter and auto deauthing via the secondary adapter. Once I have everything documented on this I am going to send the kernel module request to Seb. Since hack shop sells this adapter I think it is a pretty good chance we can get it added.

Plus one on the using site survey for deauthing, unless Seb is wanting one fully pre installed?

If doing a blacklist maybe share from the karma blacklist?

also I was thinking when we get deauthing all the time figured out maybe we could stay on the down low by only deauthing clients with high enough signal that would actually connect and or stop deauthing a client when it is not successful after so many times? I see my kama log full of clients auto-connecting to an ssid that requires encryption.

I just wouldn't want to annoy everyone when it may not be possible for them to connect due to not having open networks auto-connect or too far away for them to switch from there high signal to the pineapples lower signal, I know some clients will only connect to the higher of the 2.

Link to post
Share on other sites

Plus one on the using site survey for deauthing, unless Seb is wanting one fully pre installed?

If doing a blacklist maybe share from the karma blacklist?

also I was thinking when we get deauthing all the time figured out maybe we could stay on the down low by only deauthing clients with high enough signal that would actually connect and or stop deauthing a client when it is not successful after so many times? I see my kama log full of clients auto-connecting to an ssid that requires encryption.

I just wouldn't want to annoy everyone when it may not be possible for them to connect due to not having open networks auto-connect or too far away for them to switch from there high signal to the pineapples lower signal, I know some clients will only connect to the higher of the 2.

I don't believe it will make sense to build into karma unless we can get multi WLAN support since the wlan0/mon.wlan0 must be bound to channel 11 to handle the incoming clients.

Link to post
Share on other sites

I don't believe it will make sense to build into karma unless we can get multi WLAN support since the wlan0/mon.wlan0 must be bound to channel 11 to handle the incoming clients.

I was thinking when we get a second adapter working and using that for deauthing maybe site survey could have a cut off with time limit

Link to post
Share on other sites

I can definitely add the auto refresh for clients but the fact is that capturing the clients information takes longer (at least 20 seconds): the longer it runs, the better are the results. I will have a look on it :)

Regarding the auto deauth, what would you see for this? A link to deauth every AP and / or clients listed, one shoot? Or something you active and let running and for each AP and / or clients in sight, you deauth it ?

Maybe it could be a separate module, specific to deauth ;)

Link to post
Share on other sites

I thought that's what the backpack mk3 was going to be used for?

but we will allso have external adapters as well.

I do like the idea of connecting to the mark3/4 but really a usb alfa would do the job as well, keeping it to a mark4 would take some of the load and could allow some of the features to be run there instead. sslstrip, deauthing and possibly tethering via another wifi?

Link to post
Share on other sites

On an idea by Vulture, I'm currently working on a version to capture data directly from the interface and keep an history for later review (e.g. WEP crack) ;)

Vulture volunteered for testing it :P Stay tuned !

bb8f7a8ecb2073a9df72f182411be3fd40e808f186326bc7d4643884d079f72e2g.jpg

Edited by Whistle Master
Link to post
Share on other sites

Do you have see any information in the "output" section at the bottom when you click on deauth ?

I changed it from 5 packets to 20 for testing but it still doesn't work...:-/

00:06:30  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:31  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:31  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:32  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:32  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:33  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:33  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:34  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:35  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:35  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:36  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:36  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:37  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:37  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:38  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:38  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:39  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:39  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:40  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:40  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]

Link to post
Share on other sites

I changed it from 5 packets to 20 for testing but it still doesn't work...:-/

00:06:30  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:31  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:31  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]
00:06:32  Sending 64 directed DeAuth. STMAC: [CC:6D:A0:0A:1A:71] [ 0| 0 ACKs]

:huh: I'm sorry but the modules seems to be working... the output is correct. Now, you don't get any AKs. Are you sure you have users connected to the AP ? Are the users disconnected from the APs as soon as you run it ? The range can also be a problem if you are too far away from the AP.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.


×
×
  • Create New...