Jump to content

[Infusion idea] WiFi crack


TheHackerNextDoor
 Share

Recommended Posts

I have an idea for an infusion. I will begin writing it as soon as my WiFi Pineapple arrives, but I want to know more features I should add.

Here is what is does

-----------------------------------------

1. Scan networks

2. If open networks are found, connect

3. If no open networks are found, launch reaver/bully and begin cracking a vulnerable network

4. Once cracked, record login information and connect

5. Make sure it can connect to the internet

Configuration options

-----------------------------------------

Crack networks no matter what - Boolean

Stop once n networks are cracked or there are no vulnerable networks left(0 to disable, -1 for all) - Integer

Run commands once internet access is achieved - String array

Run infusions once internet access is achieved - String array

White-listing based on mac address - String array

Bully or Reaver - Radio buttons

Where to store data(Locally, remote FTP, remote MySQL, or remote secure FTP) - Radio buttons and a text box to enter remote parameters

What are your thoughts on using MySQL to store everything? Would it be worth it, or should I just use a few text documents?

Edited by TheHackerNextDoor
Link to comment
Share on other sites

Hey Laptopdude and welcome to the forums! I suggest adding the option to choose between bully or reaver. The reason I suggest this is because depending on the use-case bully is much more reliable than reaver is. Best Regards, Sebkinne

I've updated my post.

Edited by laptopdude90
Link to comment
Share on other sites

Hey Laptopdude and welcome to the forums!

I suggest adding the option to choose between bully or reaver.

The reason I suggest this is because depending on the use-case bully is much more reliable than reaver is.

Best Regards,

Sebkinne

Since you're one of the developers, are there any built-in APIs to communicate with the radios? It would be so much easier to run a command like getNetworks() and have it return an array, and something like setNetwork(string SSID, string PSK) to set it!

Link to comment
Share on other sites

Some concerns I would have is that using MySQL is that once a connection to the net and data is uploaded to the DB, the person that runs the network could potenetially see the DB connection as well as if you were to upload the files. Caution would have to be taken in the way you choose to store/upload your data.

Link to comment
Share on other sites

Some concerns I would have is that using MySQL is that once a connection to the net and data is uploaded to the DB, the person that runs the network could potenetially see the DB connection as well as if you were to upload the files. Caution would have to be taken in the way you choose to store/upload your data.

I could have MySQL listen on localhost, and connect via localhost. Would that make it more secure?

Link to comment
Share on other sites

Are you planing to deploy this in the wild? What if someone found the device. Storing the data locally could then be accessed. I would look into encrypting the data for storage as well as a secure "drop" point for the data that you want to retrieve. There are many scenarios that can play out.

Link to comment
Share on other sites

Are you planing to deploy this in the wild? What if someone found the device. Storing the data locally could then be accessed. I would look into encrypting the data for storage as well as a secure "drop" point for the data that you want to retrieve. There are many scenarios that can play out.

My idea is that this would be as universal as possible. I will update my post with the option to store data, but not config, locally, remote MySQL, remote FTP, or remote FTPS.

Link to comment
Share on other sites

AutoHack? How about AutoCrack? As it seems to automate the Bully/Reaver WPS pin cracking techniques.

I'm just waiting for someone to use Ananas in their Infusion name one day just because...

Link to comment
Share on other sites

  • 2 weeks later...

Hello,

maybe a stupid idea but why not add an option to automaticly copy the SSIDof the open/cracked SSID to the pineapple so it looks like that AP. It would make a great tool for a MITM attack. Walk into any place and you don't have to configure your pineapple just turn it on, it connects / crack and connects and pretends to be the local SSID. Block the local AP for everyone else and just allow the pineapple to connect to it.

Sorry if this is already possible...

Edited by nabs
Link to comment
Share on other sites

Hello,

maybe a stupid idea but why not add an option to automaticly copy the SSIDof the open/cracked SSID to the pineapple so it looks like that AP. It would make a great tool for a MITM attack. Walk into any place and you don't have to configure your pineapple just turn it on, it connects / crack and connects and pretends to be the local SSID. Block the local AP for everyone else and just allow the pineapple to connect to it.

Sorry if this is already possible...

Karma and the jammer would work for that. It would kill all networks, and emulate them all, too.

Link to comment
Share on other sites

Would I be right in saying this infusion will basically try to crack all available wireless networks?

I have found that WPS attacks are becoming less prevalent every day now. Even the default ISP routers have rate limiting and lockout periods now.

Maybe some kind of phishing attack using karma would yield better results than wps bruteforcing.

Link to comment
Share on other sites

Would I be right in saying this infusion will basically try to crack all available wireless networks?

I have found that WPS attacks are becoming less prevalent every day now. Even the default ISP routers have rate limiting and lockout periods now.

Maybe some kind of phishing attack using karma would yield better results than wps bruteforcing.

Cool. Maybe I'll add that. In my community, the default ISP routers are WPS crackable.

Link to comment
Share on other sites

  • 1 month later...

@

TheHackerNextDoor

Take a look at this script i found it has the default configuration for quite a few router and works well in the UK i have found it to crack AOL and TALKTALK no problem

Had to upload it as the script is quite big

http://www.sendspace.com/file/nofrm8

Also it has to be in a folder named WPSPIN (this is important)

Kind Regards

Raz0r

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...