Sebkinne Posted January 24, 2013 Posted January 24, 2013 *** DISCLAIMER ***Jasager is a projected intended for the security professional. It can be a valuable tool for penetration testing or other such security auditing. We do not encourage using Jasager with malicious intent.As with any tools, this tool can be used for good or bad. Here are some of the good uses: In your office - Set it up to capture laptops before the bad guys do. Use a website to remind them of the rules. On penetration tests - Lure in target clients to find a back door into networks. At home - Have fun with neighbors who try to steal your WiFi bandwidth. - Please read through the wiki page and FAQ before posting problems. - Ensure you are using the most current compiled firmware before creating a bug/problem thread/post.WARNING: DO NOT firmware flash your device on battery power.If you have ordered your WiFi Pineapple from the HakShop, you may need to flash with the newest compiled firmware.Most Current Information:http://cloud.wifipineapple.com
Mr-Protocol Posted January 24, 2013 Posted January 24, 2013 How-to Ask For Help With The Jasager Before posting a question, read the firmware changelog.In order to troubleshoot and improve overall experience with the WiFi Pineapple, there is criteria that should be supplied when asking for assistance. This gives developers feedback on making the Wifi Pineapple more user friendly and information to address issues that may currently exist.Providing as much of the information below, if it applies, along with the issue will help the community better assist with the problem. Pineapple Hardware Version (ex: Mark III, Mark IV, etc.): Pineapple Software Version (ex: 2.5.0, 2.6.4): OS used to connect to the pineapple: Network layout of how your setup is connected (including IP information): All the tools/options that are running on the pineapple when the issue happened: Ping results from computer to pineapple: Is the problem repeatable (Yes/No): Steps taken which created the problem: Error Messages: Log file information(use spoiler tags for large logs): Anything else that was attempted to 'fix' the problem: Feel free to copy/paste the list to your post and fill out the information.
Sebkinne Posted January 24, 2013 Author Posted January 24, 2013 WiFi Pineapple Booklet - A free download (Darren Kitchen) After weeks of researching, writing, rewriting and more fun then I care to mention with page layout software, I present to you the first WiFi Pineapple book.Booklet really. It's just 50 pages. This booklet outlines basic usage of the WiFi Pineapple including; Connectivity, Power Considerations, Windows and Linux setup, Inside the Web Interface, SSH Management, Meterpreter, Expansion Modules and more.Download the PDF:https://www.dropbox.com/s/dr6sedfteu8atwq/hak5-mk4-book1e.pdfOr buy one on the HakShop for $5:http://hakshop.myshopify.com/products/wifi-pineapple-booklet
Sebkinne Posted January 24, 2013 Author Posted January 24, 2013 Wireless Encryption - Robin Wood (Digininja) Seeing as people keep asking various questions about the Pineapple and encryption I thought I'd do a quick write up on how wifi encryption works. I'm not going to go into technical detail just cover the basics but hopefully it will answer the questions we keep getting asked. AssociationThe first thing a client does when it wants to talk to an AP is to associate. It does this by asking to AP if it can associate. The AP will check things like MAC address filtering and other stuff and say either yes or no.There is no proving anything at this point, no challenges etc.If the association is allowed then they move on to the next stage, if it isn't allowed then the association fails and the client is disconnected.AuthenticationFor our purposes there are three types of authentication, none, WEP and WPA-PSK.none - No authentication happens and the client is allowed on to the network. This is the way open networks work and the way the Pineapple works by defaultWEP - The AP sends a challenge to the client, the client manipulates the challenge using the key and sends it back to the AP. The AP checks the generated value and if it matches the client is authenticated. Both parties can then use the key to encrypt traffic and communicate securely. The key is never sent in the open, just the response to the challenge. This is why we can't capture the key which is a common question we get asked.Authentication is one way, the client authenticates to the AP but the AP isn't authenticated back to the client.As far as the Pineapple is concerned we can send the challenge and accept any response the client sends to authenticate the client but we would then be stuck without the key to encrypt/decrypt the traffic so we couldn't actually talk to the client.Very dumbed down but cracking the key is done by capturing a lot of traffic then brute forcing the key that is used to encrypt the traffic.WPA-PSK - The AP sends a challenge to the client, the client manipulates it and sends it back to the AP along with a challenge of its own. The AP manipulates the challenge and sends that back to the client. This is called the four way handshake as 4 packets are sent during the communication.Authentication is mutual, the AP authenticates the client and vice-versa.As with WEP, the key is not sent in the air so it can't be captured.Cracking the PSK is done by capturing the 4 way handshake, in reality most of the time all you need is the first two packets, the challenge that is sent to the client and the reply from the client to the AP. You then fire the cracker off against those two packets.What you should note here is that the key you are cracking is the key the client is using as you have the client challenge and the response it generated.If the client doesn't know the PSK then the response it generates isn't accepted by the AP and the authentication fails, the client is disassociated.If the AP doesn't know the PSK then it can accept the response from the client but it can't generate a valid response to send to the client so the client will abort the authentication process. This means we can't fake the authentication process.As I said a the start, this isn't designed to be a technical description of how it all works. If you want full technical details I highly recommend you watch the Security Tube WiFi Megaprimer . I know a lot about wifi but I learnt things from it so it is definitely worth watching.
Recommended Posts