Mark V rebooting using karma (wlan0) and jammer( wlan1)

[infosecwriter]

I have used the Mark V only a couple of times. I was using Karma on wlan0/mon0 and turned on the wifi jammer on wlan1/mon1 using either aireplay-ng and mdk3. After I start the jammer, the markV reboots within a minute.

I am also having some issues with the wlan1 working (indicator light rarely turns on).

Any suggestions?

[mw3demo]

No suggestions, but possibly some information: https://forums.hak5.org/index.php?/topic/32013-pineapple-ap-is-incredibly-slowinconsistent/

Your issue may be linked.

[infosecwriter]

mw3demo

Thanks. It is the RT card. I can consistently reproduce the issue. If it is a USB issue, that would make sense. I did not realize that they made the hardware themselves, that is awesome. I was trying to be patient while waiting for a resolve, but I reported the bug tracker a while ago and emailed a month+. I understand they are a small team and respect the grumpiness of the developer that lashed out on that link since I was a programmer in a previous life. It is still frustrating to have to wait for someone to finally respond. Especially when using the product in front of clients. My work around has been to deauth with another device which in not an automated drop and go attack.

With all this said, the rest of the product seems to work well for the most part. Bugs here and there, but it is a great path and direction they are going.

[Sebkinne]

InfoSecwriter,

I cannot reproduce this issue, but I'll take a look. From what I can see it is not related to the linked post above, as that shouldn't case reboots of the device.

In regards to the LED, the red LED is programmed to turn on only when associated with a network. This is why you won't see it light up when in monitor mode etc. It is possible that some other actions make it light up if there is some transmission going on, but that should be rare.

In regards to the bugtracker, if it is in there it will be addressed. Some other issues we have had to fix did take priority over this though.

Best Regards,

Sebkinne

[mw3demo]

I'll try and reproduce this on my end over the weekend. Can you give an exact step by step guide to help us reproduce, as well as any other information you think is relevant.

[infosecwriter]

Thank you for the responses. As long as I do not use wlan0, the device works fine. It may be hardware failure. not sure. I will have to wait until next month before I can justify another purchase for testing.

As far as consistency, I get it to reboot after I use karma on wlan0 with mon0 and use jammer on wlan1 with mon1. Then hot the refresh. Takes about 10 seconds. I will try an alfa card on wlan2 this coming week to see if I still get the reboot.

Keep up the good work with the custom hardware product.

[infosecwriter]

I'll try and reproduce this on my end over the weekend. Can you give an exact step by step guide to help us reproduce, as well as any other information you think is relevant.

I'm not trying to talk down to anyone, but here are the steps so I don't miss anything

Default install with jammer, site survey, RandomRoll, tcpdump, and network tools installed

1.) Start the pineapple

2.) wait 5 min until only the green and blue lights are solid

3.) Log in

4.) Configure Karma SSID "Linksys" with persistent checked

5.) Left click update

6.) close windows

7.) Enable Karma

8.) Left click Jammer

9.) WLAN Interface wlan1 [start]

10.) WLAN interface wlan1 [start monitor]

11.) Monitor Interface mon0

12.) WiFi Jammer [start]

13.) wait 5 seconds [Refresh]

If fails with both aireplay-ng and mkd3

I'm not sure of any other variables. I have reset the firmware a dozen times. Next time, I will only install the jammer. Then the occupineapple to see if that makes a difference.

[mw3demo]

I'm not trying to talk down to anyone, but here are the steps so I don't miss anything

Default install with jammer, site survey, RandomRoll, tcpdump, and network tools installed

1.) Start the pineapple

2.) wait 5 min until only the green and blue lights are solid

3.) Log in

4.) Configure Karma SSID "Linksys" with persistent checked

5.) Left click update

6.) close windows

7.) Enable Karma

8.) Left click Jammer

9.) WLAN Interface wlan1 [start]

10.) WLAN interface wlan1 [start monitor]

11.) Monitor Interface mon0

12.) WiFi Jammer [start]

13.) wait 5 seconds [Refresh]

If fails with both aireplay-ng and mkd3

I'm not sure of any other variables. I have reset the firmware a dozen times. Next time, I will only install the jammer. Then the occupineapple to see if that makes a difference.

Perfect, I'll try it out later today. Drop this post in the bug tracker so we can keep track: https://wifipineapple.com/?bugs_pub

[thesugarat]

infosecwriter,

A few suggestions you might try.

1. Install Jammer to the internal memory to rule out SD card issues.

2. If you want the name of your Pineapples AP to be "linksys" and persistent, do that, then reboot before you proceed. Then log on to the linksys AP. Because you are turning on Karma it doesn't really matter anyway as your victims will see many different SSIDs. But best to have that set and stable before Jamming.

3. Don't do step 9. In fact if there is a Stop WLAN1 button hit that. Once you know wlan1 is in the Down state turn on monitor mode. Then turn on Jammer.

I can't guarantee any of this will help but it's what I would do.

[infosecwriter]

thesugarat

Thanks. I assumed the start in step 9 was just an ifconfig up.

1.) it was removed from SD and installed internal

2.) rebooted and connected to

3.) hit stop [auto], then start monitor, then wifi jammer | start.

waited 5 seconds and hit refresh.

It found half a dozen APs and started to deauth.

Within 10 seconds it rebooted.

[thesugarat]

For 3. I would ssh in and run ifconfig just to double check what the state of wlan1 is before turning on Monitor Mode.

But assuming that is good lets talk about power... Are you using a battery or wall plug?

[infosecwriter]

Power... OK... I was using the battery. My moron self didn't even think about that option.

Ok.

I connected to wall power and when powered up, connected through wifi. Once logged in, Karma was started. Went into jammer and started mon0.

It started to deauth. It seems to reboot at the 10 second sleep cycle.

I changed the sleep to 30 and deauths to 20

Reboots around 30 seconds now, so the consistency seems to revolve around the sleep cycle and not the refresh.

P.S. Thanks for the quick responses on a weekend.

Edited March 16, 2014 by infosecwriter

[thesugarat]

I can't seem to reproduce your problem... That ran for over a minute... I didn't try mdk3 yet though. Have you gone to the configuration tab and hit Save? Have you setup a whitelist or black list?

[ethicaldesign]

I too am plagued by this issue. I have tried every combination through the pineapple, but as soon as I turn on Jammer on Wlan0 in monitor mode and hit start, it freezes and reboots.

[thesugarat]

Don't use wlan0 . Try it with wlan1 or plug in an Alfa and use wlan2.

[ethicaldesign]

I have solved this with a work around by using the command interface with a python package installed for WiFi Jamming that does not require obtaining another wireless adapter,

1) The Mark V comes equipped with Python but not Scapy. So download the latest Scapy: http://www.secdev.org/projects/scapy/ here.

2) Download WifiJammer.py @ https://github.com/DanMcInerney/wifijammer

2) SSH into your pineapple. I use PuTTY. host name should be '172.16.42.1.' Port 22. Username usually 'root.' Then your password you chose at setup.

3) Download Winscp to file browse your Mark V similarly like SSH'ing into it.. On the left locate the files you downloaded. Copy Scapy contents in the /tmp folder. Then copy wifijammer.py to the root of your device.

4) In the command window, type "CD /tmp"

5) then type "python setup.py install" <-- a bunch of commands will be displayed

6) You may reboot your Mark V.

7) Now, repeat step 2.

8) type 'python wifijammer.py'

This will launch the program. You can now use Karma on the interface webpage of your Mark V in conjugation with this program. See the programs website for its arguments. For a reason I am not sure, it successfully uses both wireless controllers without freezing.

Edited March 24, 2014 by ethicaldesign