Wps Script To Automatically Connect To Wpa2 Enterprise

[whitehat]

if a girl farts does that make her less sexy?

Edited May 16, 2012 by whitehat

[PineDominator]

Right now I simply have my WPS set to change the MAC

ifconfig wlan0 down
macchanger wlan0 -a
ifconfig wlan0 up

however, I wonder if I can spare myself the cost of 3G by making it automatically connect to clients' WPA2 Enterprise protected WiFi, or a nearby Fon, etc. For instance, I am doing a pen test on my son's restaurant and I managed get a login by going in as a customer and social engineering the waiter.

What I'm hoping is that you could switch on the battery, press WPS, have it load Karma, set the SSID as "City of Napa", and send logs & packets to USB (or email them). Is that possible?

the last part is possible, in fact on the wiki it explains how to use tcpdump to log all packets to usb, however if you mean you want to connect to an AP using the pineapple so you can serve up internet well right now that is not possible with one wifi, there is work to get an alfa usb one functioning and maybe use a second pineapple for this very solution.

By the way when you change the mac on the pineapple is it functioning like it should? I ask because I and others have not sucsesfully been able to get it to change and still function as it should?

[whitehat]

the last part is possible, in fact on the wiki it explains how to use tcpdump to log all packets to usb, however if you mean you want to connect to an AP using the pineapple so you can serve up internet well right now that is not possible with one wifi, there is work to get an alfa usb one functioning and maybe use a second pineapple for this very solution.

By the way when you change the mac on the pineapple is it functioning like it should? I ask because I and others have not sucsesfully been able to get it to change and still function as it should?

I see, said the blind man. So tcpdump will log all packets to USB and right now the pineapple cannot connect to a WiFi AP by using the WPS button.

OK so I guess that also rules out using a mobile 3G/4G device that transmits data wirelessly, because at that point (when the 3G/4G data is retransmitted) it is equivalent to joining a WiFi AP.

I have not experienced any trouble after changing my MAC address, but I have barely used it. What specific problem were you having that I could try to replicate?

If I buy an unlocked USB (I see the first 3G t-mobile USB modem on the list for $68 unlocked) then can I use that to connect to my Verizon account? Or does it need its down plan as well? Does anyone have something that they recommend as the cheapest and/or easiest USB 3G option?

***Update: I don't believe this, but I found a 2 year old Virgin Mobile MC760 in the back of my sock drawer. I can't believe this device I bought so long ago is the same one that's supported out of the box. OK, so I'm going to start working on getting this set up now. I know there's an entry for it on Github which I am now about to go re-visit. If there's anything I can enter into the WPS script to automate its setup and login will someone share that with me? Thanks a million.

Update to the update: The old MC760 software doesn't seem to like Mountain Lion DP2. But is that okay? I mean, does "supported out of the box" mean that at 4am Pacific time when VirginMobile USA resumes its telephone customer service I can buy data for this MC-760 and stick it in the pineapple then it will work with no need for me to run Lion? Sorry for all the questions; I'm hoping to get this thing out unassisted in the field ASAP.

What luck that I found that 760 just laying around when I was literally on the checkout screen to buy another one online for this Jasager =)

Edited April 9, 2012 by whitehat

[whitehat]

I see, said the blind man. So tcpdump will log all packets to USB and right now the pineapple cannot connect to a WiFi AP by using the WPS button.

OK so I guess that also rules out using a mobile 3G/4G device that transmits data wirelessly, because at that point (when the 3G/4G data is retransmitted) it is equivalent to joining a WiFi AP.

I have not experienced any trouble after changing my MAC address, but I have barely used it. What specific problem were you having that I could try to replicate?

If I buy an unlocked USB (I see the first 3G t-mobile USB modem on the list for $68 unlocked) then can I use that to connect to my Verizon account? Or does it need its down plan as well? Does anyone have something that they recommend as the cheapest and/or easiest USB 3G option?

***Update: I don't believe this, but I found a 2 year old Virgin Mobile MC760 in the back of my sock drawer. I can't believe this device I bought so long ago is the same one that's supported out of the box. OK, so I'm going to start working on getting this set up now. I know there's an entry for it on Github which I am now about to go re-visit. If there's anything I can enter into the WPS script to automate its setup and login will someone share that with me? Thanks a million.

Update to the update: The old MC760 software doesn't seem to like Mountain Lion DP2. But is that okay? I mean, does "supported out of the box" mean that at 4am Pacific time when VirginMobile USA resumes its telephone customer service I can buy data for this MC-760 and stick it in the pineapple then it will work with no need for me to run Lion? Sorry for all the questions; I'm hoping to get this thing out unassisted in the field ASAP.

What luck that I found that 760 just laying around when I was literally on the checkout screen to buy another one online for this Jasager =)

[PineDominator]

so far the pineapple can only do one thing with it's built in wifi, serve up karma or connect to an ap to get internet "would require changing scripts to get it to do that".

ether just changing the mac is causing karma to not function or the fact you have to bring down wlan0 is the problem could be both? in my opinion something built into hostapd is whats causing the problem? pineapples mac address is in a few files so might need to be changed in all those spots as well?

after changing the mac is it really changed? what does ifconfig show?

and does karma continue to suck in victims? or hold any clients?

sorry but I have not tried 3g on the pineapple, can someone else elaborate?

I hope you can get your device going again:-)

[whitehat]

so far the pineapple can only do one thing with it's built in wifi, serve up karma or connect to an ap to get internet "would require changing scripts to get it to do that".

ether just changing the mac is causing karma to not function or the fact you have to bring down wlan0 is the problem could be both? in my opinion something built into hostapd is whats causing the problem? pineapples mac address is in a few files so might need to be changed in all those spots as well?

after changing the mac is it really changed? what does ifconfig show?

and does karma continue to suck in victims? or hold any clients?

sorry but I have not tried 3g on the pineapple, can someone else elaborate?

I hope you can get your device going again:-)

I hope the MC-760 (3G) works too, thanks. I just bought data for it.

OK so, it could be that Karma is not working after I change the MAC. I have not seen anything appear in the log on the first page -- that is the primary Karma output right? Not the tab that says logs on the web interface. I need to test this further because it may be that no one connected; the longest I ran it was a couple of hours.

All I can really tell you for sure at this point is that when I change the MAC address it does seem to stay changed (according to ifconfig) until the device loses power or otherwise restarts.

Assuming for the moment that the MC-760 works perfectly and I can just plug-n-play, what do I need to make it server Karma/URLsnarf? Actually, I had better start an appropriately titled thread with this question.

[PineDominator]

I hope the MC-760 (3G) works too, thanks. I just bought data for it.

OK so, it could be that Karma is not working after I change the MAC. I have not seen anything appear in the log on the first page -- that is the primary Karma output right? Not the tab that says logs on the web interface. I need to test this further because it may be that no one connected; the longest I ran it was a couple of hours.

All I can really tell you for sure at this point is that when I change the MAC address it does seem to stay changed (according to ifconfig) until the device loses power or otherwise restarts.

Assuming for the moment that the MC-760 works perfectly and I can just plug-n-play, what do I need to make it server Karma/URLsnarf? Actually, I had better start an appropriately titled thread with this question.

Use karma autostart and for now when you run urlsnarf you can tail the log in the /www/pineapple/logs/ folder

[whitehat]

OK thanks PeterTFM.

So I should type something like

tail -10000 /www/pineapple/logs/something

In the past hour I did see some stuff show up in my Karma log (despite my changed MAC), including 2 SSID's I was not familiar with, which I take it are the SSID which Karma pretended to be.

Now, if I make changes to the Pineapple, such as if I tell it to autostart Karma, those changes should persist even after a power off, right? I have noticed that to be the case with my new root password, I'm just double checking.

Edited April 9, 2012 by whitehat

[PineDominator]

OK thanks PeterTFM.

So I should type something like

tail -10000 /www/pineapple/logs/something

In the past hour I did see some stuff show up in my Karma log (despite my changed MAC), including 2 SSID's I was not familiar with, which I take it are the SSID which Karma pretended to be.

Now, if I make changes to the Pineapple, such as if I tell it to autostart Karma, those changes should persist even after a power off, right? I have noticed that to be the case with my new root password, I'm just double checking.

Perfect, I use -t i think, keeps it tailing forever

I am not at my own comp but I would show you what I put in the jobs tab under the UI, basicly making cron start up dnsspoof after a minute, you could change it to urlsnarf as well

something like 1 * * * * php /www/pineapple/???/startdnsspoof.php

[whitehat]

Perfect, I use -t i think, keeps it tailing forever

I am not at my own comp but I would show you what I put in the jobs tab under the UI, basicly making cron start up dnsspoof after a minute, you could change it to urlsnarf as well

something like 1 * * * * php /www/pineapple/???/startdnsspoof.php

Splendid, thanks again Peter.

If you want me to sit down and systematically test the MAC address changes just let me know what to do. Once I get to figuring out my Karma log I will be able to verify if the MAC address change persisted, although I don't know what other variables may be in play atm.

Edited April 9, 2012 by whitehat

[PineDominator]

Splendid, thanks again Peter.

If you want me to sit down and systematically test the MAC address changes just let me know what to do. Once I get to figuring out my Karma log I will be able to verify if the MAC address change persisted, although I don't know what other variables may be in play atm.

I was thinking of giving the macchanger another try soon maybe on the beta firmware If I can:-)

I use my android phone or itouch to test if I can connect to the pineapple, maybe It you have another device or laptop to see if you get karma'd.

when I get home I'll give It another shot