[Support] WPS

[cheeto]

Many thanks Whistle Master for your hard work on this particular infusion.

Unfortunately it doesn't work for me.

If i understand correctly this will not work unless I use a LAN connection or an additional wifi radio?

Many thanks!!

cheeto

Edited September 13, 2014 by cheeto

[Whistle Master]

Not at all. It works with default interfaces, no needs for additional wifi radio. Please try the steps described above.

[ARDETROYA]

It is sometimes due to channel hopping issue, where the interface is "locked" on a specific channel and wash doesn't show any APs.

I had better results with a USB Alfa wifi card, on wlan2.

Try to disable first the interface, then to start the monitor. It helps sometimes.

didn´t work for me either... wondering where the problem can be...

[cheeto]

@Whistle Master:

I'm having a problem in step 4.

1. Reboot your pineapple.

2. Start the WPS infusion.

3. Start a monitor interface on wlan0

4. Disable wlan0 interface.

5. Select wlan1, mon0, a scan duration (e.g. 30 sec) and hit the refresh APs link.

If I disable my wlan0 then I lose my connection to the MK5.

This is why I asked if an additional radio is needed. My MK5 is running on the newest firmware (2.0.4) and it's wifi radio connects to the mk5's wlan0.

So disabling it will drop the connection.

Any suggestions?

Many tanks.

cheeto

[0150r]

Any suggestions?

Connect via a network cable. You can't crack WPS with the radio you are connected to.

[GermanMeat]

Connect via a network cable. You can't crack WPS with the radio you are connected to.

Doesn't this contradict the whole purpose of having two radios? Someone please elaborate why Wlan0 needs to be disabled. Is this a bug/problem with the configuration or a hardware RF issue?

I have been using wifite.py in a terminal instead of using the infusion. I could have sworn a while back it works that way.

I am working on a Raspberry PI w/ Kali project using two radios to be connected like the Pineapple (Remotely)

[cheeto]

I'm a bit lost.

Whistle Master mentioned: "Not at all. It works with default interfaces, no needs for additional wifi radio. Please try the steps described above."

This does not mean that I need to use a network cable. This means that I could use my wlan0 and wlan1, right?

Am I the only one having problems here?

Again, THANKS A MILLION TO WHISTLE MASTER.

cheeto

[ARDETROYA]

I'm a bit lost.

Whistle Master mentioned: "Not at all. It works with default interfaces, no needs for additional wifi radio. Please try the steps described above."

This does not mean that I need to use a network cable. This means that I could use my wlan0 and wlan1, right?

Am I the only one having problems here?

Again, THANKS A MILLION TO WHISTLE MASTER.

cheeto

Actually Whistle Master it´s right. Well, I do not get it to work but, what whistle Master explains (or that is what i think), it´s that you can use your Wlan0 and Wlan1 if you are connected to the pineapple through the Ethernet, on your case, if you do not want to use your Ethernet you would need a Wlan2.

[Whistle Master]

Could you try the following:

- Restart your pineapple

- Connect through SSH

# ifconfig wlan0 down

# airmon-ng start wlan0

# wash -i mon0 -C

Can you see APs ?

Note: This has to be done when connected through ethernet cable !

didn´t work for me either... wondering where the problem can be...

[0150r]

Doesn't this contradict the whole purpose of having two radios? Someone please elaborate why Wlan0 needs to be disabled. Is this a bug/problem with the configuration or a hardware RF issue?

I have been using wifite.py in a terminal instead of using the infusion. I could have sworn a while back it works that way.

I am working on a Raspberry PI w/ Kali project using two radios to be connected like the Pineapple (Remotely)

Yes...but he's trying to crack WPS with wlan0 for some reason. He seems to want to connect to wlan0 and crack with wlan0.

What he should be doing is using wlan0 as an access point to connect to the pineapple and use wlan1 for cracking..

[ARDETROYA]

Could you try the following:

- Restart your pineapple

- Connect through SSH

# ifconfig wlan0 down

# airmon-ng start wlan0

# wash -i mon0 -C

Can you see APs ?

Note: This has to be done when connected through ethernet cable !

I just did without good results, I just get :

Wash v1.4 WiFi Protected Setup Scan Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner@tacnetsol.com>

BSSID              Channel  RSSI  WPS Version  WPS Locked  ESSID
--------------------------------------------------------------------------------------

but anything else it´s displayed

[GermanMeat]

Nothing seems to work, does not work for me either. I am using wlan0 to connect PC and manage.

1.)When I do a scan , no wps show up and have an enabled router here with it enabled.

2.) WPS gives [!] WARNING: Failed to associate with xxxxxxxxxx (ESSID: xxxxxxx

The new version is out with WPS detection.

Make sure you have started a monitor interface, disable the logical interface linked to that monitor interface, select a scan duration and then, in the WPS column, you will see if WPS is enabled on the AP or not.

[janus]

Hi,

I recently aquired the Mark V and I'm somewhat disappointed with its performance, specifically with wireless tools like reaver and bully.

I flashed the latest firmware and installed the WPS infusion without probs. Unfortunately running reaver or bully always failed because in the initial scan for targets the infusion always shows the wps field empty for all APs in my area.

This makes no sense since I'm sure there are plenty of wps enabled APs in my area. To test out my theory that something's wrong with my Mark V, I used my kali laptop to run wash from reaver side by side with the Mark V. Sure enough kali showed all those APs running wps as I suspected.

This leads me to believe that either there's a hardware problem with my new Mark V (grrr) or, more likely, something's wrong with the wireless drivers.

I tested out reaver using both wlan0 and wlan1 and they both show all the APs with a . under the wps field. I also SSHed into the pineapple and ran the wash command directly with the same poor results.

I also ran PineAP and although I see no errors, the client intelligence panel remains empty even after many hours running in a target rich environment. Again, I suspect something wrong with the wireless drivers.

Anyone else experiencing this with a brand new Mark V?

Before I reflash it from scratch (again), are there any suggestions I should try?

Thanks

[fringes]

Are you using the stock antennas? Check their connections. You might try with an external dongle to see if there's any difference.

[janus]

Thanks Fringes.

I have tried with stock antennas and with others too. Same negative results.

I also tried using a USB wifi dongle which I use without probs in Kali (TL-WN722N), and again got negative results. I am able to place it monitor mode, but running wash -i mon0 leads to loads of fcs errors. I then try wash -i mon0 --ignore-fcs and wash runs fine but shows no APs at all (there are close to 40 around me, so obviously something's very wrong).

This leads me to conclude that my Mark V is defective which is really frustrating considering I just bought it.

I assume that others aren't seeing these problems with WPS and WiFi injection in general?

Any other tips or suggestions before I send it back? Should I try flashing an older firmware instead of the latest?

[Sebkinne]

This is nothing to do with the firmware, but with a WiFi Pineapple infusion.

Please see the infusions forum (and the appropriate thread in there) for support.

Best Regards,

Sebkinne

[newbi3]

Yeah this is not a firmware, driver, or hardware problem just a problem with the infusion. For the record the infusions available are developed by community members and not necessarily by people associated professionally (getting paid) by hak5. So development, maintenance and support of infusions are all done voluntarily

[Whistle Master]

Not at all I would say

not necessarily by people associated professionally (getting paid) by hak5.

@janus: please try the steps here: https://forums.hak5.org/index.php?/topic/31454-support-wps/page-15#entry250709

Edited October 15, 2014 by Whistle Master

[newbi3]

Not at all I would say

Well Darren does have an infusion out

[janus]

Not at all I would say

@janus: please try the steps here: https://forums.hak5.org/index.php?/topic/31454-support-wps/page-15#entry250709

Thanks Whistle Master.

I did follow those steps and now I don't even see any APs, nevermind the WPS detection.

Clearly something's wrong. I enabled mon0, disabled wlan0 (wlan1 was already disabled) and then set the scan time to 15 secs using mon0. When I click Refresh APs I get the WPS loading message and then nothing. Nada. Zilch. Not even one AP out of the 50 or so around me.

I've decided to reflash the firmware and this time only install the WPS infusion to internal storage. I will not install any other infusions yet so I can try to narrow down the problem to either the WPS infusion or a defective Mark V.

I'll keep you posted.

[Sebkinne]

Don't use wlan0 to create the monitor interface.

[janus]

Don't use wlan0 to create the monitor interface.

Hmmmm, ok, I'm reflashing the MKV and formatting the SD card and will try again only with WPS infusion installed.

[janus]

OK, there definitely seems to be something wrong with my MKV.

I have followed the instructions carefully, including connecting through ethernet (https://forums.hak5.org/index.php?/topic/31454-support-wps/page-15#entry250912) but I don't see any APs at all. My MKV gets stuck at WPS - v1.7 Loading.... and nothing happens. When I close out the infusion and go back to the main tile menu, I see the spinning pineapple in the WPS infusion view. I then try to go to the Configuration tile to reboot it, but it get stucks with the entropy bunny message forever! Now I have to pull the power plug to reboot it.

I don't know what else to do. Clearly something's broken, no?

[Whistle Master]

I meant "paid"

Well Darren does have an infusion out

[GermanMeat]

Ok, this bring up two questions..

1.) In the snapshot below , you have 3 wlan's (Radios) , are you using an external usb RTL8187 attached to pineapple? If so, why? Most people as myself use Pineapple as followes;

Pinapple standalone pluged in another room. Connect to client mode on Pineapple wlan0 to manage the pineapple web/ssh/ etc.. Use wlan1 as the "attacking" radio. I hardly ever connect directly to pineapple using Cat5 cable unless there is a problem.

2.) I set up a router (in my office) to test it out . I made sure WPS is enabled on the test router. It DOES NOT show WPS for that ssid when using WPS enfusion (latest update as of today and 2.0.4 firmware). I know WPS is enabled and working additionally because it asks if I want to use WPS when connecting to that ssid via pc.

I have never been able to sucessfully use WPS enfusion. I have always ssh into Pineapple and used wifite.py

The new version is out with WPS detection.

Make sure you have started a monitor interface, disable the logical interface linked to that monitor interface, select a scan duration and then, in the WPS column, you will see if WPS is enabled on the AP or not.