TheHackerNextDoor Posted March 13, 2014 Share Posted March 13, 2014 (edited) I have an idea for an infusion. I will begin writing it as soon as my WiFi Pineapple arrives, but I want to know more features I should add. Here is what is does ----------------------------------------- 1. Scan networks 2. If open networks are found, connect 3. If no open networks are found, launch reaver/bully and begin cracking a vulnerable network 4. Once cracked, record login information and connect 5. Make sure it can connect to the internet Configuration options ----------------------------------------- Crack networks no matter what - Boolean Stop once n networks are cracked or there are no vulnerable networks left(0 to disable, -1 for all) - Integer Run commands once internet access is achieved - String array Run infusions once internet access is achieved - String array White-listing based on mac address - String array Bully or Reaver - Radio buttons Where to store data(Locally, remote FTP, remote MySQL, or remote secure FTP) - Radio buttons and a text box to enter remote parameters What are your thoughts on using MySQL to store everything? Would it be worth it, or should I just use a few text documents? Edited March 18, 2014 by TheHackerNextDoor Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted March 13, 2014 Share Posted March 13, 2014 Hey Laptopdude and welcome to the forums! I suggest adding the option to choose between bully or reaver. The reason I suggest this is because depending on the use-case bully is much more reliable than reaver is. Best Regards, Sebkinne Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted March 13, 2014 Author Share Posted March 13, 2014 (edited) Hey Laptopdude and welcome to the forums! I suggest adding the option to choose between bully or reaver. The reason I suggest this is because depending on the use-case bully is much more reliable than reaver is. Best Regards, Sebkinne I've updated my post. Edited March 13, 2014 by laptopdude90 Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted March 13, 2014 Author Share Posted March 13, 2014 Coupling this with Karma, Jammer, and Autossh would be deadly! Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted March 15, 2014 Author Share Posted March 15, 2014 Hey Laptopdude and welcome to the forums! I suggest adding the option to choose between bully or reaver. The reason I suggest this is because depending on the use-case bully is much more reliable than reaver is. Best Regards, Sebkinne Since you're one of the developers, are there any built-in APIs to communicate with the radios? It would be so much easier to run a command like getNetworks() and have it return an array, and something like setNetwork(string SSID, string PSK) to set it! Quote Link to comment Share on other sites More sharing options...
thesugarat Posted March 16, 2014 Share Posted March 16, 2014 Sounds like you are going to turn wifite into an infusion.... Sounds good to me. :) Quote Link to comment Share on other sites More sharing options...
THCMinister Posted March 18, 2014 Share Posted March 18, 2014 Some concerns I would have is that using MySQL is that once a connection to the net and data is uploaded to the DB, the person that runs the network could potenetially see the DB connection as well as if you were to upload the files. Caution would have to be taken in the way you choose to store/upload your data. Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted March 18, 2014 Author Share Posted March 18, 2014 Some concerns I would have is that using MySQL is that once a connection to the net and data is uploaded to the DB, the person that runs the network could potenetially see the DB connection as well as if you were to upload the files. Caution would have to be taken in the way you choose to store/upload your data. I could have MySQL listen on localhost, and connect via localhost. Would that make it more secure? Quote Link to comment Share on other sites More sharing options...
THCMinister Posted March 18, 2014 Share Posted March 18, 2014 Are you planing to deploy this in the wild? What if someone found the device. Storing the data locally could then be accessed. I would look into encrypting the data for storage as well as a secure "drop" point for the data that you want to retrieve. There are many scenarios that can play out. Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted March 18, 2014 Author Share Posted March 18, 2014 Are you planing to deploy this in the wild? What if someone found the device. Storing the data locally could then be accessed. I would look into encrypting the data for storage as well as a secure "drop" point for the data that you want to retrieve. There are many scenarios that can play out. My idea is that this would be as universal as possible. I will update my post with the option to store data, but not config, locally, remote MySQL, remote FTP, or remote FTPS. Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted March 18, 2014 Author Share Posted March 18, 2014 Well, my pineapple hasn't come yet and I am eager to develop. If anybody would create a new infusion, zip it, and send it to me, that would be great! Then I'll be able to start even sooner! Also, the infusion needs a name. Thoughts? Quote Link to comment Share on other sites More sharing options...
THCMinister Posted March 18, 2014 Share Posted March 18, 2014 Call it AutoHack, I would like to collaboratively work on this infusion with you. Shoot me a PM and we can discuss details. Quote Link to comment Share on other sites More sharing options...
thesugarat Posted March 19, 2014 Share Posted March 19, 2014 AutoHack? How about AutoCrack? As it seems to automate the Bully/Reaver WPS pin cracking techniques. I'm just waiting for someone to use Ananas in their Infusion name one day just because... Quote Link to comment Share on other sites More sharing options...
THCMinister Posted March 19, 2014 Share Posted March 19, 2014 (edited) Maybe WildAnanas? AnanasGoneWild? Edited March 19, 2014 by THCMinister Quote Link to comment Share on other sites More sharing options...
cooper Posted March 19, 2014 Share Posted March 19, 2014 Wondering about the sensibility of using the dutch word for pineapple with english additives... AnanasPers? AnanasSapTap? Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted March 19, 2014 Author Share Posted March 19, 2014 I like the ones with 'ananas' is their name. Seems much more inconspicuous than 'autohack/autocrack' :P Quote Link to comment Share on other sites More sharing options...
THCMinister Posted March 19, 2014 Share Posted March 19, 2014 I like the ones with 'ananas' is their name. Seems much more inconspicuous than 'autohack/autocrack' :P Agreed. Quote Link to comment Share on other sites More sharing options...
SymPak Posted March 22, 2014 Share Posted March 22, 2014 Feel free to use parts of my script that I made for the MKIV. http://forums.hak5.org/index.php?/topic/29487-wifi-connect-script/ Quote Link to comment Share on other sites More sharing options...
nabs Posted April 2, 2014 Share Posted April 2, 2014 (edited) Hello, maybe a stupid idea but why not add an option to automaticly copy the SSIDof the open/cracked SSID to the pineapple so it looks like that AP. It would make a great tool for a MITM attack. Walk into any place and you don't have to configure your pineapple just turn it on, it connects / crack and connects and pretends to be the local SSID. Block the local AP for everyone else and just allow the pineapple to connect to it. Sorry if this is already possible... Edited April 2, 2014 by nabs Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted April 2, 2014 Author Share Posted April 2, 2014 Hello, maybe a stupid idea but why not add an option to automaticly copy the SSIDof the open/cracked SSID to the pineapple so it looks like that AP. It would make a great tool for a MITM attack. Walk into any place and you don't have to configure your pineapple just turn it on, it connects / crack and connects and pretends to be the local SSID. Block the local AP for everyone else and just allow the pineapple to connect to it. Sorry if this is already possible... Karma and the jammer would work for that. It would kill all networks, and emulate them all, too. Quote Link to comment Share on other sites More sharing options...
nabs Posted April 4, 2014 Share Posted April 4, 2014 Would Karma automaticly replace the SSID name of the pineapple to the name of the connected networks SSID? Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted April 4, 2014 Author Share Posted April 4, 2014 Would Karma automaticly replace the SSID name of the pineapple to the name of the connected networks SSID? Yes. Quote Link to comment Share on other sites More sharing options...
Sud0x3 Posted April 4, 2014 Share Posted April 4, 2014 Would I be right in saying this infusion will basically try to crack all available wireless networks? I have found that WPS attacks are becoming less prevalent every day now. Even the default ISP routers have rate limiting and lockout periods now. Maybe some kind of phishing attack using karma would yield better results than wps bruteforcing. Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted April 4, 2014 Author Share Posted April 4, 2014 Would I be right in saying this infusion will basically try to crack all available wireless networks? I have found that WPS attacks are becoming less prevalent every day now. Even the default ISP routers have rate limiting and lockout periods now. Maybe some kind of phishing attack using karma would yield better results than wps bruteforcing. Cool. Maybe I'll add that. In my community, the default ISP routers are WPS crackable. Quote Link to comment Share on other sites More sharing options...
raz0r Posted May 5, 2014 Share Posted May 5, 2014 @ TheHackerNextDoorTake a look at this script i found it has the default configuration for quite a few router and works well in the UK i have found it to crack AOL and TALKTALK no problem Had to upload it as the script is quite big http://www.sendspace.com/file/nofrm8 Also it has to be in a folder named WPSPIN (this is important) Kind Regards Raz0r Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.