Jump to content

MK4 + Karma = Unsecure networks ONLY


d1000

Recommended Posts

Hi again! This pineapple has been a tought one, every step is an issue! This time is Karma, I start it and no clients connect unless they have knowned networks with NO encryption at all. Only unsecure networks are grabbed my Karma. I have my homenetwork memorized in Android and the probe is not grabbed. Only new networks with no encrypton like a test one I create called "teste" worked fine.

Any ideias of what can been doing wrong?

Pineapple Hardware Version (ex: Mark III, Mark IV, etc.): Mark IV
Pineapple Software Version (ex: 2.5.0, 2.6.4): 2.7.3
OS used to connect to the pineapple: Win8 + Linux
All the tools/options that are running on the pineapple when the issue happened: Stock 2.7.3
Ping results from computer to pineapple: OK
Is the problem repeatable (Yes/No): Yes
Steps taken which created the problem: Just start Karma, and clients only connect if they have unsecure SSIDs on there knowned networks
Error Messages: not found
Log file information: Above in spoiler
Anything else that was attempted to 'fix' the problem: No more knowhow in Pineapple yet. In Status the client connected to "teste" network, a no encrypton network.

Detailed Report (Dismiss)


CPU Intensive. Do not re-run reports in rapid successionStation 00:00:00:00:00:00 (on wlan0)
ip address: 172.16.42.180
host name: android
Karma SSID: 'teste'
inactive time: 150 ms
rx bytes: 13141
rx packets: 121
tx bytes: 17218
tx packets: 82
tx retries: 43
tx failed: 0
signal: -73 [-73] dBm
signal avg: -70 [-70] dBm
tx bitrate: 43.3 MBit/s MCS 4 short GI
rx bitrate: 39.0 MBit/s MCS 4
authorized: yes
authenticated: yes
preamble: short
WMM/WME: yes
MFP: no
TDLS peer: no
Station 00:00:00:00:00:00 (on wlan0)
ip address:
host name:
Karma SSID:
inactive time: 830 ms
rx bytes: 925932
rx packets: 5977
tx bytes: 1509593
tx packets: 4382
tx retries: 1249
tx failed: 0
signal: -67 [-67] dBm
signal avg: -61 [-62] dBm
tx bitrate: 65.0 MBit/s MCS 6 short GI
rx bitrate: 72.2 MBit/s MCS 7 short GI
authorized: yes
authenticated: yes
preamble: short
WMM/WME: yes
MFP: no
TDLS peer: no

System Log (refresh)


16:15:01 Pineapple user.notice root: CLEANUP: memory looking good
16:15:01 Pineapple user.notice root: CLEANUP: Karma log looking good
16:15:01 Pineapple user.notice root: CLEANUP: Clean-up Script Executed
16:15:01 Pineapple user.notice root: 3G: Keep-Alive Script Executed
16:15:01 Pineapple user.notice root: 3G: Interface 3g-wan2 up and Internet Connection seems to be up. woot
16:15:01 Pineapple user.notice root: 3G: Interface 3g-wan2 seems up
16:15:01 Pineapple cron.info crond[1042]: crond: USER root pid 5717 cmd /pineapple/3g/3g-keepalive.sh
16:15:01 Pineapple cron.info crond[1042]: crond: USER root pid 5716 cmd /pineapple/scripts/cleanup.sh
16:10:01 Pineapple user.notice root: CLEANUP: memory looking good
16:10:01 Pineapple user.notice root: CLEANUP: Karma log looking good
16:10:01 Pineapple user.notice root: CLEANUP: Clean-up Script Executed
16:10:01 Pineapple user.notice root: 3G: Keep-Alive Script Executed
16:10:01 Pineapple user.notice root: 3G: Interface 3g-wan2 up and Internet Connection seems to be up. woot
16:10:01 Pineapple user.notice root: 3G: Interface 3g-wan2 seems up
16:10:01 Pineapple cron.info crond[1042]: crond: USER root pid 5691 cmd /pineapple/3g/3g-keepalive.sh
16:10:01 Pineapple cron.info crond[1042]: crond: USER root pid 5690 cmd /pineapple/scripts/cleanup.sh
16:08:59 Pineapple user.info autossh[838]: starting ssh (count 22)
16:08:59 Pineapple user.info autossh[838]: ssh exited with error status 1; restarting ssh
16:08:59 Pineapple user.info autossh[838]: ssh child pid is 5689
16:07:31 Pineapple user.info autossh[838]: starting ssh (count 21)
16:07:31 Pineapple user.info autossh[838]: ssh exited with error status 1; restarting ssh
16:07:31 Pineapple user.info autossh[838]: ssh child pid is 5688
16:07:23 Pineapple daemon.info hostapd: wlan0: STA 78:d6:f0:34:c4:49 IEEE 802.11: deauthenticated due to inactivity (timer DEAUTH/REMOVE)
16:07:22 Pineapple daemon.info hostapd: wlan0: STA 78:d6:f0:34:c4:49 IEEE 802.11: disassociated
16:07:12 Pineapple daemon.info dnsmasq-dhcp[1123]: DHCPREQUEST(br-lan) 172.16.42.215 78:d6:f0:34:c4:49
16:07:12 Pineapple daemon.info dnsmasq-dhcp[1123]: DHCPOFFER(br-lan) 172.16.42.215 78:d6:f0:34:c4:49
16:07:12 Pineapple daemon.info dnsmasq-dhcp[1123]: DHCPDISCOVER(br-lan) 78:d6:f0:34:c4:49
16:07:12 Pineapple daemon.info dnsmasq-dhcp[1123]: DHCPACK(br-lan) 172.16.42.215 78:d6:f0:34:c4:49 android-815b0be988054b94
16:06:59 Pineapple daemon.info dnsmasq-dhcp[1123]: DHCPREQUEST(br-lan) 192.168.107.134 78:d6:f0:34:c4:49
16:06:59 Pineapple daemon.info dnsmasq-dhcp[1123]: DHCPNAK(br-lan) 192.168.107.134 78:d6:f0:34:c4:49 wrong network
16:06:58 Pineapple daemon.info hostapd: wlan0: STA 78:d6:f0:34:c4:49 IEEE 802.11: authenticated
16:06:58 Pineapple daemon.info hostapd: wlan0: STA 78:d6:f0:34:c4:49 IEEE 802.11: associated (aid 3)
16:05:01 Pineapple user.notice root: CLEANUP: memory looking good
16:05:01 Pineapple user.notice root: CLEANUP: Karma log looking good
16:05:01 Pineapple user.notice root: CLEANUP: Clean-up Script Executed
16:05:01 Pineapple user.notice root: 3G: Keep-Alive Script Executed
16:05:01 Pineapple user.notice root: 3G: Interface 3g-wan2 up and Internet Connection seems to be up. woot
16:05:01 Pineapple user.notice root: 3G: Interface 3g-wan2 seems up
16:05:01 Pineapple cron.info crond[1042]: crond: USER root pid 5655 cmd /pineapple/3g/3g-keepalive.sh
16:05:01 Pineapple cron.info crond[1042]: crond: USER root pid 5654 cmd /pineapple/scripts/cleanup.sh
16:00:02 Pineapple user.notice root: 3G: Interface 3g-wan2 up and Internet Connection seems to be up. woot
16:00:01 Pineapple user.notice root: CLEANUP: memory looking good
16:00:01 Pineapple user.notice root: CLEANUP: Karma log looking good
16:00:01 Pineapple user.notice root: CLEANUP: Clean-up Script Executed
16:00:01 Pineapple user.notice root: 3G: Keep-Alive Script Executed
16:00:01 Pineapple user.notice root: 3G: Interface 3g-wan2 seems up
16:00:01 Pineapple cron.info crond[1042]: crond: USER root pid 5631 cmd /pineapple/3g/3g-keepalive.sh
16:00:01 Pineapple cron.info crond[1042]: crond: USER root pid 5630 cmd /pineapple/scripts/cleanup.sh
15:58:59 Pineapple user.info autossh[838]: starting ssh (count 20)
15:58:59 Pineapple user.info autossh[838]: ssh exited with error status 1; restarting ssh
15:58:59 Pineapple user.info autossh[838]: ssh child pid is 5629
15:55:31 Pineapple user.info autossh[838]: starting ssh (count 19)
15:55:31 Pineapple user.info autossh[838]: ssh exited with error status 1; restarting ssh
15:55:31 Pineapple user.info autossh[838]: ssh child pid is 5618
15:55:01 Pineapple user.notice root: CLEANUP: memory looking good
15:55:01 Pineapple user.notice root: CLEANUP: Karma log looking good
15:55:01 Pineapple user.notice root: CLEANUP: Clean-up Script Executed
15:55:01 Pineapple user.notice root: 3G: Keep-Alive Script Executed
15:55:01 Pineapple user.notice root: 3G: Interface 3g-wan2 up and Internet Connection seems to be up. woot
15:55:01 Pineapple user.notice root: 3G: Interface 3g-wan2 seems up
15:55:01 Pineapple cron.info crond[1042]: crond: USER root pid 5599 cmd /pineapple/3g/3g-keepalive.sh
15:55:01 Pineapple cron.info crond[1042]: crond: USER root pid 5598 cmd /pineapple/scripts/cleanup.sh
15:50:01 Pineapple user.notice root: CLEANUP: memory looking good
15:50:01 Pineapple user.notice root: CLEANUP: Karma log looking good
15:50:01 Pineapple user.notice root: CLEANUP: Clean-up Script Executed
15:50:01 Pineapple user.notice root: 3G: Keep-Alive Script Executed
15:50:01 Pineapple user.notice root: 3G: Interface 3g-wan2 up and Internet Connection seems to be up. woot
15:50:01 Pineapple user.notice root: 3G: Interface 3g-wan2 seems up
15:50:01 Pineapple cron.info crond[1042]: crond: USER root pid 5549 cmd /pineapple/3g/3g-keepalive.sh
15:50:01 Pineapple cron.info crond[1042]: crond: USER root pid 5548 cmd /pineapple/scripts/cleanup.sh
15:48:59 Pineapple user.info autossh[838]: starting ssh (count 18)
15:48:59 Pineapple user.info autossh[838]: ssh exited with error status 1; restarting ssh
15:48:59 Pineapple user.info autossh[838]: ssh child pid is 5547
15:47:48 Pineapple user.info autossh[838]: starting ssh (count 17)
15:47:48 Pineapple user.info autossh[838]: ssh exited with error status 1; restarting ssh
15:47:48 Pineapple user.info autossh[838]: ssh child pid is 5546
15:46:43 Pineapple daemon.info hostapd: wlan0: STA 00:37:6d:ee:66:06 IEEE 802.11: authenticated
15:46:43 Pineapple daemon.info hostapd: wlan0: STA 00:37:6d:ee:66:06 IEEE 802.11: associated (aid 1)
15:46:43 Pineapple daemon.info dnsmasq-dhcp[1123]: DHCPREQUEST(br-lan) 172.16.42.180 00:37:6d:ee:66:06
15:46:43 Pineapple daemon.info dnsmasq-dhcp[1123]: DHCPACK(br-lan) 172.16.42.180 00:37:6d:ee:66:06 android-e71bea6efda77859
15:46:27 Pineapple daemon.info hostapd: wlan0: STA 00:37:6d:ee:66:06 IEEE 802.11: deauthenticated due to inactivity (timer DEAUTH/REMOVE)
15:46:26 Pineapple daemon.info hostapd: wlan0: STA 00:37:6d:ee:66:06 IEEE 802.11: disassociated
15:46:21 Pineapple daemon.info hostapd: wlan0: STA 00:37:6d:ee:66:06 IEEE 802.11: authenticated
15:46:21 Pineapple daemon.info hostapd: wlan0: STA 00:37:6d:ee:66:06 IEEE 802.11: associated (aid 1)
15:46:21 Pineapple daemon.info dnsmasq-dhcp[1123]: DHCPREQUEST(br-lan) 172.16.42.180 00:37:6d:ee:66:06
15:46:21 Pineapple daemon.info dnsmasq-dhcp[1123]: DHCPACK(br-lan) 172.16.42.180 00:37:6d:ee:66:06 android-e71bea6efda77859
15:45:02 Pineapple user.notice root: 3G: Interface 3g-wan2 up and Internet Connection seems to be up. woot
15:45:01 Pineapple user.notice root: CLEANUP: memory looking good
15:45:01 Pineapple user.notice root: CLEANUP: Karma log looking good
15:45:01 Pineapple user.notice root: CLEANUP: Clean-up Script Executed
15:45:01 Pineapple user.notice root: 3G: Keep-Alive Script Executed
15:45:01 Pineapple user.notice root: 3G: Interface 3g-wan2 seems up
15:45:01 Pineapple cron.info crond[1042]: crond: USER root pid 5328 cmd /pineapple/3g/3g-keepalive.sh
15:45:01 Pineapple cron.info crond[1042]: crond: USER root pid 5327 cmd /pineapple/scripts/cleanup.sh
15:43:00 Pineapple user.info autossh[838]: starting ssh (count 16)
15:43:00 Pineapple user.info autossh[838]: ssh exited with error status 1; restarting ssh
15:43:00 Pineapple user.info autossh[838]: ssh child pid is 5326
15:40:02 Pineapple user.notice root: CLEANUP: memory looking good
15:40:02 Pineapple user.notice root: CLEANUP: Karma log looking good
15:40:02 Pineapple user.notice root: CLEANUP: Clean-up Script Executed
15:40:02 Pineapple user.notice root: 3G: Keep-Alive Script Executed
15:40:02 Pineapple user.notice root: 3G: Interface 3g-wan2 up and Internet Connection seems to be up. woot
15:40:02 Pineapple user.notice root: 3G: Interface 3g-wan2 seems up
15:40:01 Pineapple cron.info crond[1042]: crond: USER root pid 5201 cmd /pineapple/3g/3g-keepalive.sh
15:40:01 Pineapple cron.info crond[1042]: crond: USER root pid 5200 cmd /pineapple/scripts/cleanup.sh
15:39:39 Pineapple daemon.info hostapd: wlan0: STA 00:37:6d:ee:66:06 IEEE 802.11: deauthenticated due to inactivity (timer DEAUTH/REMOVE)
15:39:38 Pineapple daemon.info hostapd: wlan0: STA 00:37:6d:ee:66:06 IEEE 802.11: disassociated
15:38:59 Pineapple user.info autossh[838]: starting ssh (count 15)
15:38:59 Pineapple user.info autossh[838]: ssh exited with error status 1; restarting ssh
15:38:59 Pineapple user.info autossh[838]: ssh child pid is 5195
15:38:46 Pineapple user.info autossh[838]: starting ssh (count 14)
15:38:46 Pineapple user.info autossh[838]: ssh exited with error status 1; restarting ssh
15:38:46 Pineapple user.info autossh[838]: ssh child pid is 5194
15:36:04 Pineapple user.info autossh[838]: ssh exited with error status 1; restarting ssh
15:36:03 Pineapple user.info autossh[838]: starting ssh (count 13)
15:36:03 Pineapple user.info autossh[838]: ssh child pid is 4728
15:35:05 Pineapple user.notice root: 3G: Interface 3g-wan2 up and Internet Connection seems to be up. woot
15:35:03 Pineapple user.notice root: CLEANUP: memory below threshold, dropping pagecache, dentries and inodes
15:35:02 Pineapple user.notice root: CLEANUP: Karma log looking good
15:35:02 Pineapple user.notice root: CLEANUP: Clean-up Script Executed
15:35:02 Pineapple user.notice root: 3G: Keep-Alive Script Executed
15:35:02 Pineapple user.notice root: 3G: Interface 3g-wan2 seems up
15:35:01 Pineapple cron.info crond[1042]: crond: USER root pid 4336 cmd /pineapple/3g/3g-keepalive.sh
15:35:01 Pineapple cron.info crond[1042]: crond: USER root pid 4335 cmd /pineapple/scripts/cleanup.sh
15:33:55 Pineapple user.info autossh[838]: starting ssh (count 12)
15:33:55 Pineapple user.info autossh[838]: ssh exited with error status 1; restarting ssh
15:33:55 Pineapple user.info autossh[838]: ssh child pid is 3559
15:32:17 Pineapple user.info autossh[838]: starting ssh (count 11)
15:32:17 Pineapple user.info autossh[838]: ssh exited with error status 1; restarting ssh
15:32:17 Pineapple user.info autossh[838]: ssh child pid is 2766
15:31:14 Pineapple cron.err crond[1042]: time disparity of 22631969 minutes detected
15:31:05 Pineapple user.info autossh[838]: starting ssh (count 10)
15:31:05 Pineapple user.info autossh[838]: ssh exited with error status 1; restarting ssh
15:31:05 Pineapple user.info autossh[838]: ssh child pid is 2620
00:02:23 Pineapple daemon.info dnsmasq[1123]: using nameserver 88.214.182.1#53
00:02:23 Pineapple daemon.info dnsmasq[1123]: using nameserver 88.214.178.2#53
00:02:23 Pineapple daemon.info dnsmasq[1123]: using nameserver 8.8.8.8#53
00:02:23 Pineapple daemon.info dnsmasq[1123]: using local addresses only for domain lan
00:02:23 Pineapple daemon.info dnsmasq[1123]: reading /tmp/resolv.conf.auto
00:02:22 Pineapple daemon.notice netifd: Interface 'wan2' is now up
00:02:21 Pineapple daemon.warn pppd[2570]: Could not determine remote IP address: defaulting to 10.64.64.64
00:02:21 Pineapple daemon.notice pppd[2570]: secondary DNS address 88.214.178.2
00:02:21 Pineapple daemon.notice pppd[2570]: remote IP address 10.64.64.64
00:02:21 Pineapple daemon.notice pppd[2570]: primary DNS address 88.214.182.1
00:02:21 Pineapple daemon.notice pppd[2570]: local IP address 31.22.172.129
00:02:16 Pineapple daemon.notice pppd[2570]: CHAP authentication succeeded
00:02:16 Pineapple daemon.info pppd[2570]: CHAP authentication succeeded
00:02:15 Pineapple local2.info chat[2574]: send ( ^M)
00:02:15 Pineapple local2.info chat[2574]: expect (CONNECT)
00:02:15 Pineapple local2.info chat[2574]: ^M
00:02:15 Pineapple local2.info chat[2574]: CONNECT
00:02:15 Pineapple local2.info chat[2574]: ATD*99***1#^M^M
00:02:15 Pineapple local2.info chat[2574]: -- got it
00:02:15 Pineapple daemon.notice pppd[2570]: Connect: 3g-wan2 <--> /dev/ttyUSB0
00:02:15 Pineapple daemon.info pppd[2570]: Using interface 3g-wan2
00:02:15 Pineapple daemon.info pppd[2570]: Serial connection established.
00:02:14 Pineapple local2.info chat[2574]: timeout set to 30 seconds
00:02:14 Pineapple local2.info chat[2574]: timeout set to 10 seconds
00:02:14 Pineapple local2.info chat[2574]: send (ATE1^M)
00:02:14 Pineapple local2.info chat[2574]: send (ATD*99***1#^M)
00:02:14 Pineapple local2.info chat[2574]: send (AT+CGDCONT=1,"IP","internet"^M)
00:02:14 Pineapple local2.info chat[2574]: send (AT&F^M)
00:02:14 Pineapple local2.info chat[2574]: report (CONNECT)
00:02:14 Pineapple local2.info chat[2574]: expect (OK)
00:02:14 Pineapple local2.info chat[2574]: expect (OK)
00:02:14 Pineapple local2.info chat[2574]: expect (OK)
00:02:14 Pineapple local2.info chat[2574]: abort on (NO CARRIER)
00:02:14 Pineapple local2.info chat[2574]: abort on (ERROR)
00:02:14 Pineapple local2.info chat[2574]: abort on (BUSY)
00:02:14 Pineapple local2.info chat[2574]: ^M
00:02:14 Pineapple local2.info chat[2574]: ^M
00:02:14 Pineapple local2.info chat[2574]: OK
00:02:14 Pineapple local2.info chat[2574]: OK
00:02:14 Pineapple local2.info chat[2574]: OK
00:02:14 Pineapple local2.info chat[2574]: ATE1^M^M
00:02:14 Pineapple local2.info chat[2574]: AT+CGDCONT=1,"IP","internet"^M^M
00:02:14 Pineapple local2.info chat[2574]: AT&F^M^M
00:02:14 Pineapple local2.info chat[2574]: -- got it
00:02:14 Pineapple local2.info chat[2574]: -- got it
00:02:14 Pineapple local2.info chat[2574]: -- got it
00:02:13 Pineapple daemon.notice pppd[2570]: pppd 2.4.5 started by root, uid 0
00:02:12 Pineapple daemon.notice netifd: wan2 (2399): Trying to set mode
00:02:11 Pineapple kern.info kernel: [ 131.450000] EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts: (null)
00:02:08 Pineapple user.notice usb-modeswitch: 1-1:1.4: Switching seemingly failed
00:02:06 Pineapple user.notice usb-modeswitch: 1-1:1.4: Switching seemingly failed
00:02:05 Pineapple user.notice usb-modeswitch: 1-1:1.4: Switching seemingly failed
00:02:04 Pineapple user.notice usb-modeswitch: 1-1:1.4: Switching seemingly failed

Link to comment
Share on other sites

Oh dear... so sadddddddddddddddd............ Didn't spend enought atention on Darrens vídeos :(

So even with deauth attacks, only make sense in the presence of public open networks right? Like Deauth everyone but us+our equipament in a place like Sbucks?

Link to comment
Share on other sites

It is working exactly as designed, we can't impersonate encrypted networks. See the pinned thread on encryption for more information.

Exactly this. Though with the new 2.7.1+ releases I have noticed karma duplicates encrypted APs more often than it used to. I get all my secured APs shown.

No encryption of course and if I am close to an encrypted network, I will see the duplicate. So this could trick people into connecting to you if you can deauth the other AP.

Link to comment
Share on other sites

Exactly this. Though with the new 2.7.1+ releases I have noticed karma duplicates encrypted APs more often than it used to. I get all my secured APs shown.

No encryption of course and if I am close to an encrypted network, I will see the duplicate. So this could trick people into connecting to you if you can deauth the other AP.

Yep I understand, you freeze the public AP, and wait them to connect to you. Well thats something, but when I saw Darrens airport vídeo using mk4 + Alfa Deauth attack, I didn't realize that was mostly for clientes using open networks. obviously if they continue to have conectiviy problems, they could manually connect to MK4.

Thanks for headsup...

Edited by d1000
Link to comment
Share on other sites

Agreed. Most people tend to set up their new devices at home, and as such set their home networks as their first wifi listed. From personal testing any other network added default to higher on the list. By taking advantage of deauth attacks you can usually force people to connect to your pineapple.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...