Jump to content

[Script] JasagerPwn 2.0 - Reborn

leg3nd

By leg3nd
in WiFi Pineapple Mark V

 Share

Recommended Posts

leg3nd Newbie

leg3nd

Posted
  • Author
Posted

So I've been trying to install JasagerPwn on the latest firmware, and it doesnt look like its gonna work. I got it to install on Kali 1.05 ok. but I can't seem to get it from my Kali box to the pineapple. I reall like the whole concept/idea of JasagerPwn Reborn. It sounds so bad ass. Do you think that i could inject those same exploits/payloads mentioned in this post with "strip-n-inject" ? sorry for askin, but im at my wits end here. I'v been reading this post all night and still havent had any luck.anyways, please hit me up.

I'm going to need a bit more information. I haven't had much time to try the new pineapple firmwares, but I would guess it should still work fine. There really isn't much to "install" on the pineapple other than the infusions (dnsspoof, sslstrip, strip-n-inject) which the attack vectors utilize.

What is the problem that's occurring? What steps should I take to reproduce your problem?

Link to comment
Share on other sites
  • 2 months later...
  • Replies 71
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Whistle Master Newbie

Whistle Master

Posted
Posted

This is not an infusion but a script. The instruction on how to install it are detailed in the first post.

Download / Update

Download via Subversion (sudo apt-get install subversion):
Update Script to Latest Revision:
./jasagerPwn -u
Link to comment
Share on other sites
lunokhod Newbie

lunokhod

Posted
Posted

This looks great. I'm going to try it out on my pen test lab at home in coming days.

A quick question about deauth... in jasagerPwn the first item in CONFIGURATION / VARIABLES is :-

# [System Information]deauth_interface="wlan0" # Interface for local deauthentication attacks

I'd prefer to use my Alfa 036H plugged into the WiFi Pineapple as wlan2. Does jasagerPwn allow you to select which interface you want to use to deauth clients?

I know I'll find this out when I get everything set up properly... :-)

Regards,

Lunokhod

Link to comment
Share on other sites
Carnivore Newbie

Carnivore

Posted
Posted (edited)

Hey there,

a quick basic question, since I failed to get a working internet connection for the pineapple when running jasagerpwn today:

The pineapple (mark IV) is connected at eth0 of my kali machine, which is connected to the net via wifi (wlan0), which I set up in the script. Do I need to disable the pineapples routing for the script to run (like with the first jasagerpwn script)? Or is it just setting a static ip, running the wp4.sh with that IP and finally starting jasagerpwn?

Thanks in advance,

Carni

PS:

I'd prefer to use my Alfa 036H plugged into the WiFi Pineapple as wlan2. Does jasagerPwn allow you to select which interface you want to use to deauth clients?

Just change this part in the script.

Edited by Carnivore
Link to comment
Share on other sites
  • 1 month later...
leg3nd Newbie

leg3nd

Posted
  • Author
Posted

This looks great. I'm going to try it out on my pen test lab at home in coming days.

A quick question about deauth... in jasagerPwn the first item in CONFIGURATION / VARIABLES is :-

# [System Information]deauth_interface="wlan0" # Interface for local deauthentication attacks

I'd prefer to use my Alfa 036H plugged into the WiFi Pineapple as wlan2. Does jasagerPwn allow you to select which interface you want to use to deauth clients?

I know I'll find this out when I get everything set up properly... :-)

Regards,

Lunokhod

Sorry if the comment was unclear but that is intended for local deauthentication attacks (local being the attacker computer). If you would like to execute deauth attack from the pineapple then I recommend using Whistle Master's "WiFi Jammer" infusion. I tend to perform deauth attack from both depending on the physical situation )interference and signal strengths).

Link to comment
Share on other sites
leg3nd Newbie

leg3nd

Posted
  • Author
Posted

Hey there,

a quick basic question, since I failed to get a working internet connection for the pineapple when running jasagerpwn today:

The pineapple (mark IV) is connected at eth0 of my kali machine, which is connected to the net via wifi (wlan0), which I set up in the script. Do I need to disable the pineapples routing for the script to run (like with the first jasagerpwn script)? Or is it just setting a static ip, running the wp4.sh with that IP and finally starting jasagerpwn?

Thanks in advance,

Carni

PS:

Just change this part in the script.

This script is a bit different then the original jasagerPwn (which was very poorly designed). The script will not touch any network configurations regarding ICS because it's assumed that the internet connection will be configured on the pineapple directly (3G Dongle, WiFi ICS on Pinepple, etc).

I'm sure you can run the internet through your laptop with the normal Linux ICS script. Since Hak5 did such a great job making general operating much more user friendly I didn't feel it was necessary to include any ICS configuration in the script.

Link to comment
Share on other sites
  • 1 month later...
leg3nd Newbie

leg3nd

Posted
  • Author
Posted (edited)

Fixed a bug with DNS spoof's "spoofhosts" file location. On the newer firmware it was causing many of the attacks not to function properly. Please be sure you're running the latest firmware then update the script.

./jasagerPwn -u

Also thinking about adding a client heart-bleed module here because I'm bored: https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb

Anyone interested in that?

Edited by leg3nd
Link to comment
Share on other sites
  • 1 month later...
toan3000 Newbie

toan3000

Posted
Posted

Fixed a bug with DNS spoof's "spoofhosts" file location. On the newer firmware it was causing many of the attacks not to function properly. Please be sure you're running the latest firmware then update the script.

./jasagerPwn -u

Also thinking about adding a client heart-bleed module here because I'm bored: https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb

Anyone interested in that?

I'm using mark 5 , installed strip&inject infusion already and it's works great. But how can i inject into http traffic only? I don't want to mess https, it make client can't login some page (gmail, twitter ...). Have any method so i can inject to http only and not touch to https traffic? Thank's you so much!

Link to comment
Share on other sites
  • 3 months later...
  • 8 months later...
Genin Newbie

Genin

Posted
Posted

Does anyone know why I might be getting this error message?

/root/jasagerPwn-Reborn/jasagerPwn: 61: /root/jasagerPwn-Reborn/jasagerPwn: source: not found
/root/jasagerPwn-Reborn/jasagerPwn: 62: /root/jasagerPwn-Reborn/jasagerPwn: main: not found

I'm able to run the script after a fresh install on Kali, but when I close the script and try to reopen it nothing happens.

I'm only able to get the above error message when running the script from the terminal using the 'sh' command.

I tried removing the JasagerPwn directory and reinstalling it, but it won't even run the first time.

I was able to run it after installing it on a Kali Live instance, but I would rather not have to go through the install process everytime I want to run the script :P

My setup:

  1. Pineapple MkV
  2. Kali Linux 1.1.0a

Thanks for your help!

I really enjoy your script when I am able to run it :D

Link to comment
Share on other sites
  • 4 weeks later...
Genin Newbie

Genin

Posted
Posted

Ok so, upon closer inspection I no longer can get any shell scripts (.sh files) to run as executable. Ever since I tried installing Jasager on my Kali machine I am having to copy/paste (from .sh file straight into a terminal) from any scripts I have written myself :dry: I'm still learning how to use Linux so any help is greatly appreciated :grin:, does anyone have any suggestions?

Link to comment
Share on other sites
  • 1 month later...
Genin Newbie

Genin

Posted
Posted

Well I completely wiped my HD today and reinstalled Kali from USB.

I am now running Kali 2.0 since they came out with the recent update.

But I am still getting the same error :dry:

I also tried the chmod +x with no effect.

The only thing I can really think of that I did (after the clean install), besides run an update via apt-get, was to install and run the wp5.sh script from wifipineapple.com as per the instruction booklet. I was looking to share the internet connection from Kali to the pineapple.

Any suggestions?

Link to comment
Share on other sites
Genin Newbie

Genin

Posted
Posted (edited)

Well I really don't know what to think now :ohmy:

The Pineapple was a little buggy (not saving settings) so I reset it and formatted the SD card.

So to recount I have entirely formatted the Pineapple and my laptop HD followed up with fresh installs of OS software.

  • 2.4.0 Mark V
  • Kali 2.0 as the only OS on the HD
    • previously I ran a dual-boot with first Win8 and then Win10
    • I hated Windows, so I got rid of it

I tried installing the script multiple times on live instances using both Kali 2.0 and the latest version of CrunchBang (running these instances off of USB drives).

I ran chmod on the entire folder and each file that the error (line 61 & 62) indicates is missing.

I tried it before making any changes to the files at all after downloading to a live instance.

I tried it after double checking the changes I made to the settings file and making sure all the hardware is in place and ready to go.

And I'm still getting the same error...

(basically this is what it is, I took out the file folder structure):

61: source: not found
62: main: not found

Maybe it's my laptop? That would suck.

Some Laptop Specs:

  • Dell Inspiron I3541
  • AMD Quad-Core A6-6210 Processor
  • 500GB Hard Drive
  • 4GB RAM

Should I try rolling back the pineapple firmware version to 1.0.0 and the OS ver to something earlier as well?

I am finding it strange that the same error persists after I have wiped everything out and started from scratch like this. Especially because the first several times I ran the script I saw it work for a few brief moments and it was exciting to say the least :ph34r: I recently upgraded the pineapple's antennas (1 or 2 9dbi SMA dipole and/or the 16dbi Yagi) as well as added a powered long range booster to the external alfa card for the de-auth :cool: .

So yeah, I am dying to get this script going in the lab!

Edited by Genin
Link to comment
Share on other sites
  • 9 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...