Whistle Master Posted December 29, 2014 Share Posted December 29, 2014 (edited) Guys, let's me have a look at it and I will try to post a new version soon. Maybe the issue is in the channel hopping. Edited December 29, 2014 by Whistle Master Quote Link to comment Share on other sites More sharing options...
cheeto Posted December 29, 2014 Share Posted December 29, 2014 (edited) Thanks for jumping in Whistle Master. Nothing like having the architect of this infusion working on this. Again, Deauth works when deauthing my smartphone and from time to time it might deauth a pc. But's not 100% effective. Looking forward to the update. Thanks again. Edited December 29, 2014 by cheeto Quote Link to comment Share on other sites More sharing options...
siddharth Posted December 29, 2014 Share Posted December 29, 2014 reset the pineapple ..drop 2,3 dip switch and turn on... Quote Link to comment Share on other sites More sharing options...
pla12 Posted December 29, 2014 Share Posted December 29, 2014 Guys, let's me have a look at it and I will try to post a new version soon. Maybe the issue is in the channel hopping. Whistle Master, for me part of the issue seems to be with the blacklist file, Using the web UI and adding any mac addresses in the list, or selecting one from the available AP list always results in adding the following to the blacklist file root@Pineapple:/pineapple/components/infusions/deauth/includes/rules# cat blacklist.lst # Every AP [a-zA-Z0-9] Manually adding Mac addresses to the blacklist file fixed the mdk3 deauth for me. Once the mac was added, and setting the proper channel it deauth the client. Quote Link to comment Share on other sites More sharing options...
cheeto Posted December 29, 2014 Share Posted December 29, 2014 @Pla12, Are you able to deauth APs? including pcs? Cheers Quote Link to comment Share on other sites More sharing options...
pla12 Posted December 30, 2014 Share Posted December 30, 2014 I can confirm that it worked to deauth all clients connected to my test AP including IOS, MAC OSX, and various devices such as webcams, streaming devices, etc Quote Link to comment Share on other sites More sharing options...
cheeto Posted December 30, 2014 Share Posted December 30, 2014 @Pla12, Are Serious? Are you using mdk3? Can you please tell me if I'm missing something here?: 1) Enable wlan1 and start monitor mode 2) Whitelist your AP and mkv 3) blacklist your target AP 4) Start to Deauth on wlan1 mon0 Thanks!! Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted December 30, 2014 Share Posted December 30, 2014 There is a bug in the last version regarding the blacklist saving. I'm working one it. However, please note that mdk3 can only works in one mode: either blacklist or whitelist. This means that you have to choose in the configuration tab which mode you would like to use for mdk3. Then, put the MAC addresses accordingly in one or another tab. Only aireplay-ng can use both blacklist AND whitelist. So, @cheeto, if you want to make it: 1) Enable wlan1 and start monitor mon0 2) Assuming you are in blacklist mode: add your target AP mac address. 3) Start to Deauth on wlan1 and mon0 Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted December 30, 2014 Share Posted December 30, 2014 New version 2.1 is out ! Quote Link to comment Share on other sites More sharing options...
cheeto Posted December 30, 2014 Share Posted December 30, 2014 I was trying the steps you mentioned but it's still inconsistent. Sometimes it works and sometimes it doesn't. In the configuration menu, Which mode should i be using? Whitelist or Blacklist? I tried both but it's giving me the same result. Again, I'm just blackisting my target AP. Therefore I'm using mdk3 and Whitlelisting my MKV I'm going to update the infusion and get back to you. Thank you SO MUCH!! Quote Link to comment Share on other sites More sharing options...
cheeto Posted December 31, 2014 Share Posted December 31, 2014 (edited) update: objective is to deauth my LINKSYS ROUTER. 1) open deauth 2) blacklist LINKSYS router 3) whitelist MKV 4) configuration -> Method MDK3 Mode: Whitlist 5) start Deauth Results successful Objective 2 Start pineAP along with Dogma, Harvester, Karma & Beacon response + Deauth. Results: failed. Conclusion, it's not possible to deauth and use PineAP (Harverster etc... ) at the same time. Am I wrong? Thanks! By the way, Thanks Whist Mster for the UPDATE. IT's clearly BETTER! Edited December 31, 2014 by cheeto Quote Link to comment Share on other sites More sharing options...
cheeto Posted January 1, 2015 Share Posted January 1, 2015 Before making this video, I Reflashed my mkv and re-installed DEAUTH infusion. My objective is to Deauthenticate using WLAN0 (disabled) + mon0 Target AP: LINKSYS router. This method does work very well against smartphones. The problem is deauhing pc's. If you see's what im doing wrong, PLEASE let me know. Thanks guys Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted January 1, 2015 Share Posted January 1, 2015 As I said in the other thread, I cannot speak for the infusion, but running mdk3 from the command line along with pineap will deauth clients. At the very least it will send out the correct packets. Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted January 1, 2015 Share Posted January 1, 2015 (edited) Nothing wrong with the infusion as well, if you can deauth smartphones, you should be able to deauth workstations as well. I've just noticed that, if you put your target AP is in the blacklist list, you should use the "Blacklist" mode in the configuration tab, not the "Whitelist" mode. From mdk3 usage, option used by the infusion: d - Deauthentication / Disassociation Amok Mode Kicks everybody found from AP OPTIONS: -w <filename> Read file containing MACs not to care about (Whitelist mode) -b <filename> Read file containing MACs to run test on (Blacklist Mode) -s <pps> Set speed in packets per second (Default: unlimited) -c [chan,chan,chan,...] Enable channel hopping. Without providing any channels, mdk3 will hop an all 14 b/g channels. Channel will be changed every 5 seconds. -d [target] Enable WPA/WPA2-Downgrade-Attack Blocks clients only if they use WPA Encryption, WEP and unencrypted traffic still works Use this test to see if the Sysadmin thinks WEP is still enough security when WPA "doesn't work" Edited January 1, 2015 by Whistle Master Quote Link to comment Share on other sites More sharing options...
cheeto Posted January 1, 2015 Share Posted January 1, 2015 Thanks guys but unfortunately it's not deauthing. If i place my Deauth settings MODE TO BLACKLIST, it won't even deauth any of my smartphones. If i place it in Whitelist, it will deauth everything except for pcs. (as seen in the video) Quote Link to comment Share on other sites More sharing options...
cheeto Posted January 1, 2015 Share Posted January 1, 2015 OK, here's the unexplained. This is the ONLY combo that works against pcs, in fact it wipes EVERYTHING out. BLACKLIST my target AP (linksys) WNLAN1 ENABLED mon0 Configuration Mode: WHITELIST. This is totally backwards! I will make a video because seeing is believing. Quote Link to comment Share on other sites More sharing options...
cheeto Posted January 1, 2015 Share Posted January 1, 2015 Guys, Again, I really appreciate all the help. I hope that my situation could help others in the same boat. This is the set up works but if i use it, i can't use PineAP because PineAP requires Wlan1 down. :( Seeing is believing: Quote Link to comment Share on other sites More sharing options...
DataHead Posted January 1, 2015 Share Posted January 1, 2015 Your target ap should be in a whitelist, and use a whitelist mode ( whitelist meaning in the mdk3 sense, only attack the provided whitelist ap's, everything else is ignored ). Blacklist means in mdk3 sense, attack all other ap's except for those provided in the blacklist, ignore the aps in blacklist. Put your ap in the whitelist, and use mdk3 in whitelist Quote Link to comment Share on other sites More sharing options...
pla12 Posted January 1, 2015 Share Posted January 1, 2015 Cheeto, Just for testing purposes, have you tried deauth from the CLI? I know the web Ui should work but trying it first from the CLI can go a long way to troubleshoot this. I would first try aireplay-ng, then mdk3 via the CLI. if that works then you know it's with the infusion. Also what channel is the AP you are trying to deauth on? and is it running a,b,g, n or ac? I haven't tested a windows 8 client with the latest version of deauth but I can confirm that with the blacklist fixes I'm able to deauth IOS and Mac clients Quote Link to comment Share on other sites More sharing options...
pla12 Posted January 1, 2015 Share Posted January 1, 2015 New version 2.1 is out ! Whistle Master, thanks for the quick fix! very Awesome! Quote Link to comment Share on other sites More sharing options...
DataHead Posted January 1, 2015 Share Posted January 1, 2015 Well i stand corrected.actually mdk3 seems to whitelist / blacklist backwards. By looking at the options OPTIONS: -w <filename> Read file containing MAC addresses to ignore (Whitelist mode) -b <filename> Read from a file containing MAC addresses to attack (Blacklist Mode) -s <pps> Set the speed in packets per second (Default: unlimited) -c [chan,chan,chan,...] Enables channel hopping. Without providing any channels, mdk3 will hop all channels until it finds the target you specified Quote Link to comment Share on other sites More sharing options...
cheeto Posted January 2, 2015 Share Posted January 2, 2015 So, am I the only one experiencing these issues? Pla12, My target AP is a Linksys Wireless-G Broadband Router WRT54G2 operating on Ch.1. I have uninstalled and re-installed it in the internal memory abut I'm getting the same results. In video 2 you could clearly see that I enabled WLAN1 + mon0 and it deauthed EVERYTHING (including pc's). That alone is a problem since Wlan1 should be disabled. And for some reason the Black/White options are doing just the opposite. Blacklisting is actually whitelisting and vice versa. Anyway, thank you all for your help. Quote Link to comment Share on other sites More sharing options...
cheeto Posted January 2, 2015 Share Posted January 2, 2015 Btw, I accessed my mkv with putty and did the following: Set my wlan1 into monitor mode aireplay-ng -0 100 -a 00:21:29:D6:AC:06 mon0 Once again it does not deauth pc's but it does deauth smartphones. Quote Link to comment Share on other sites More sharing options...
cheeto Posted January 2, 2015 Share Posted January 2, 2015 SOLVED! THANK YOU ALL FOR ALL YOUR FEEDBACK! I'm going the share the solution in case someone happens to run into the same problem. First of all the Blackist/whitlist is INVERTED. For me to deauth anything i have to WHITELIST my target. Also make sure to use MODE: "Whitelist". (using MDK3) So after messing around with this thing all day, I thought why in the world am i scanning channels 1-11 if my AP target is on Channel 1. (Thanks for the tip PLA12) So i went to the Configuration channel and set my channel to 1 (instead of 1,2,3,4,5,6,7,8,9,10,11) And BOOOOOM Knock out!!! It deauthed everying on the AP. YES PC's too!! Guys, thank you all so much for your patience, I hope this tip could come in handy. Cheers! Quote Link to comment Share on other sites More sharing options...
pla12 Posted January 2, 2015 Share Posted January 2, 2015 do this reboot the pineapple use putty to ssh into and run the following commands - airmon-ng start wlan1 -iwconfig wlan1 channel 1 -aireplay-ng -0 100 -a 00:21:29:D6:AC:06 wlan1 I use wlan1 on this command not mon0, also make sure the -a argument has the access point MAC, to test death on the specific PC use the -c Mac of client this works for me every time. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.