Jump to content

100$ For... Nothing?


Tataboutlamin

Recommended Posts

Hi!

The only things that I have with this device are "KARMA: Probe Request from bla bla bla" but no connections...

I just read a topic that said "The pineapple will only successfully connect open wifi networks"

So.... If I am on a router with password like at home or at school or at MANY PLACES in the world, my pinapple wifi router is useless?

Please tell me there's something to do with that!

Link to comment
Share on other sites

Hi!

The only things that I have with this device are "KARMA: Probe Request from bla bla bla" but no connections...

I just read a topic that said "The pineapple will only successfully connect open wifi networks"

So.... If I am on a router with password like at home or at school or at MANY PLACES in the world, my pinapple wifi router is useless?

Please tell me there's something to do with that!

To be honest, all the information about how the Pineapple works and what it can and can't do is available from the stores website.

If things aren't clear there, there are multiple threads and discussions on this matter.

If you bought a pineapple for reasons such as grabbing clients off of encrypted networks, well, Jasager won't help you much with that. The pineapple however is much more than just the Jasager. It has a full set of penetration testing tools and modules. Calling it nothing is a bit inappropriate I think. I do understand your frustration.

See if you don't like the things the pineapple has to offer. You will notice it is a very useful tool.

Link to comment
Share on other sites

You don't have to use Karma to run MITM attacks. The pineapple can pretend to be a secured ap with the same bssid and WPA key (if you know it) as a popular secure ap and get victims.

Exactly. Enable the deauth module and kick people from their APs. Chances are, they will connect back. There is a thread on the forums here about exactly this.

Link to comment
Share on other sites

Sorry Sebkinne about calling that "nothing".... you're right it's a powerful tool they did... I was not thinking before writing...

Yeah I'll take a look about the "death module" you spoke about. What if I was on a network that each person has his own ID with his own personnal password? Should I use mine to connect my pineapple wifi to the real router and let people connecting to my pineapple wifi and using MY secured connection? Or there is an another way?

Link to comment
Share on other sites

Sorry Sebkinne about calling that "nothing".... you're right it's a powerful tool they did... I was not thinking before writing...

Yeah I'll take a look about the "death module" you spoke about. What if I was on a network that each person has his own ID with his own personnal password? Should I use mine to connect my pineapple wifi to the real router and let people connecting to my pineapple wifi and using MY secured connection? Or there is an another way?

That is what we designed it for. To do more than just capture clients ;)

Anyway, if on a pentest, I would try to harvest a clients connection information. ie their own personal ID and password.

You could do that by setting up a phishing page or similar.

Then you can use that information to connect to the AP and from there share to victims. Just make sure you don't deauth yourself ;)

Standard Disclaimer: Remember to get permission to use the pineapple beforehand.

PS: Make sure to upgrade your firmware in case it isn't 2.7.0 yet. If your firmware is below 2.6.4 you will need to go to this page: http://172.16.42.1:1471 instead of the old http://172.16.42.1/pineapple/.

We keep introducing new features and it will hopefully be even more to your liking ;)

Link to comment
Share on other sites

@newfylox

What works to your advantage, is the fact that almost EVERYONE's phone, or laptop has an open access point saved and ready to auto-connect when in range.

Even if you're in a place, such as school, with an encrypted network nearby, your target's phone can still connect to 'MyHome' even though they aren't home, as the pineapple will automatically impersonate this, or any other open network saved in their device.

What's even better, is you can use any number of methods to 'steer' targets to your pineapple, such as deauthing them from other valid networks near you.

If you're a beginner, take a look at Hak5 episodes 1122, 1123 and 1124. Darren does a good job breaking down how wifi fundamentally works, and where the pineapple jumps in to take advantage of its weaknesses.

Link to comment
Share on other sites

That is what we designed it for. To do more than just capture clients ;)

Anyway, if on a pentest, I would try to harvest a clients connection information. ie their own personal ID and password.

You could do that by setting up a phishing page or similar.

Then you can use that information to connect to the AP and from there share to victims. Just make sure you don't deauth yourself ;)

Standard Disclaimer: Remember to get permission to use the pineapple beforehand.

PS: Make sure to upgrade your firmware in case it isn't 2.7.0 yet. If your firmware is below 2.6.4 you will need to go to this page: http://172.16.42.1:1471 instead of the old http://172.16.42.1/pineapple/.

We keep introducing new features and it will hopefully be even more to your liking ;)

Wow thanks a lot! Of course I'm a beginner and I will have to figure out how to set all those steps but HEY, you gave me those steps so it's a gift from you and it will give me the chance to try my skill and learn.

Thank you, you've been such a good help. (sorry about my english)

@newfylox

What works to your advantage, is the fact that almost EVERYONE's phone, or laptop has an open access point saved and ready to auto-connect when in range.

Even if you're in a place, such as school, with an encrypted network nearby, your target's phone can still connect to 'MyHome' even though they aren't home, as the pineapple will automatically impersonate this, or any other open network saved in their device.

What's even better, is you can use any number of methods to 'steer' targets to your pineapple, such as deauthing them from other valid networks near you.

If you're a beginner, take a look at Hak5 episodes 1122, 1123 and 1124. Darren does a good job breaking down how wifi fundamentally works, and where the pineapple jumps in to take advantage of its weaknesses.

WOW!!! You're right!!! I didn't think about it. As I said to Sebkinne, I'm a newbie about "hacking" or testing security and stuff like that, but I understood what you told me and I will listen those episodes you talked about. You guys are all helping me!

Link to comment
Share on other sites

@newfylox

What works to your advantage, is the fact that almost EVERYONE's phone, or laptop has an open access point saved and ready to auto-connect when in range.

Even if you're in a place, such as school, with an encrypted network nearby, your target's phone can still connect to 'MyHome' even though they aren't home, as the pineapple will automatically impersonate this, or any other open network saved in their device.

What's even better, is you can use any number of methods to 'steer' targets to your pineapple, such as deauthing them from other valid networks near you.

If you're a beginner, take a look at Hak5 episodes 1122, 1123 and 1124. Darren does a good job breaking down how wifi fundamentally works, and where the pineapple jumps in to take advantage of its weaknesses.

Hey GoAxe32...

I just watched 1122 and that's cool... but after that, it becomes really technical for a newbie as me :( Is there a post somewhere That I can read to start with my new pineapple wifi?

I mean, I can't go like I'm a professional hacker... I have to learn steps by steps with (maybe) module or else, trying to spy people around me at school or knowing how to make people connect to my pineapple wifi and "fake" them!

thanks

Link to comment
Share on other sites

Keep in mind, advanced networking knowledge as well as linux knowledge is what will really help understand how this works.

Also keep in mind.

WiFi Pineapple is a wireless penetration testing tool

for use in authorized security audits where permitted.

Check laws and obtain client permission before using.

Hak5, LLC., Darren Kitchen, Robin Wood, Rob Fuller,

Sebastian Kinne and affiliates claim no responsability for

unauthorized use. Please Hack Responsibly.

The Book.

http://hakshop.myshopify.com/collections/accessory/products/wifi-pineapple-booklet

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...