levisiccard Posted November 6, 2013 Share Posted November 6, 2013 (edited) Hello guys, This question is about capturing the handshake.cap file on the pineapple to have it decrypted on a later time on my Kali machine In my kali machine this would look like: # airodump-ng --bssid xx:xx:xx:xx:xx:xx -c [channel] -w handshake.cap after capturing the handshake wich will be in the .cap file I could run # aircrack-ng handshake.cap -o wordlist I think this needs no further explanation... 1st question: where will the capfile be saved on the pineapple, so I can run it on a later time on my kali machine using aircrack? 2nd question: If I find a device probing for a WPA2 AP and I run #airbase-ng --essid [the WPA2 AP] -c [channel] -W 1 -Z 2 mon0 (wich would be a twin for the real acces point) will I still be able to catch the capfile when the device tries to connect to the WPA2 rogue acces point and run it thru aircrack at a later time -> #aircrack-ng handshake.cap -o wordlist This could be done when the actual AP is not around but only a device that is probing for it. Hoping this discribes my question. So far I have no experience writing infusions but if it's possible I think it would be nice to have an infusion that - enables to easily make twins of WEP/WPA/WPA2 AP's and -capture the PSK for WEP, produce enough packets to crack WEP and crack with aircrack. I think the pineapple would be able to do so # aireplay-ng -3 -b xx:xx:xx:xx:xx:xx -h xx:xx:xx:xx:xx:xx mon0 -capture the handshake file for WPA/WPA2 to have it cracked at a later time using aircrack. I guess this would be better to do on a linux machine with a better processor then the pineapple Something to think about i guess, regards! Edited November 6, 2013 by LeeVai Quote Link to comment Share on other sites More sharing options...
1337 Posted November 6, 2013 Share Posted November 6, 2013 Answer to your first question: Whatever currently directory you are in when you run that airodump-ng command will be the directory where that capture file will be saved at. If you are unsure of where this file wil be located, type the pwd command to show the current working directory. Answer to your second question: Some wifi cards will listen to probe requests at the same time its doing something else. Keep in mind, the wireless card is still in managed mode (hense you are just using a relay interface to turn it into monitor mode and then master mode aka access point). I don't see why the card wouldn't capture a handshake as long as you are zero in on the channel. As long as you have the .cap file, you can copy that to any machine and crack it. You dont want to decrypt the .cap file at the same time you running everything else. The pineapple is powerful for its size, but doesn't necessary have 4GB of ram and a 2Ghz processor either. Lol Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.