Karma is not associating

[SixKids]

I am now on the Mark V (Previously a Mark IV owner as well), I survived the upgrade, and had the perfect opportunity to monitor traffic with Karma. My Son had a sleep over with friends, all using my WiFi.

I have multiple requests for SSID Informaiton but none of the Devices associate with Karma, therefore the are no Clients listed. Why? Is it something that I am doing wrong? Did something changed?

[overwraith]

One possibility is that none of them have ever connected with free WiFi, or perhaps their devices have been patched so that this vulnerability is closed on them. I would suggest some testing, with an open AP, and another wireless device. WiFi devices are a pretty broad spectrum, so I doubt everybody has patched this vulnerability away. Your device may have also not had enough amplitude (is this the right word) to override the existing AP. Another question one must ask is whether the devices are programmed to favor encrypted AP's over open AP's. My guess is probably yes. I haven't been pineappleing very long though, so others may have more to contribute. Another thing you could try is deauthing clients, but when I tried deauthing on my network I found that I had to send dozens of packets in order to deauthenticate a client. I was trying to collect a handshake for wpa2 on my own network. They may have tweaked the protocols there so that the AP has to send more packets in order to deauthenticate. I would like to get my hands on a script that automatically deauthenticates anybody not connected to me.

[SixKids]

I had thought about the DeAuth process as well. Darren's airport video quickly came to mind. So I tried using the Jammer to deauth the existing devices. Nothing appearred to associate with the Karma device, not even my wife's iPad mini, which was sitting right next to me! (I did hear her say, what do you mean I am not connected to the Internet now!).

So, While I was see SSID requests on the Karma logs, none of the devices came to associate with the Pineapple's AP.

The ONLY thing that I can honestly say is the that AP I was attempting to deauth with was 10 feet away, and is a Cisco Linksys EA4500. So is this too powerful for the WiFi Pineapple? Or am Idoing something incorrectly? I had thought that I was able to deauth with the Mark IV, so I am wondering if everything is configured correctly. BTW, I am a Computer Security Professional, but working with the GUI Displays, does not give me the access to the command line, logs, and other resources I am used to (but I do appreciate it!).

So if you can help me debug the problems I currently have, I would greatly appreciated.

Edited May 17, 2014 by SixKids

[overwraith]

I don't think the jammer works like that. When I think jammer I think of something sending malformed packets or interference across a channel, that would not deauth a client. What you need is to actually generate a packet. It is entirely possible that the jammer does work like you describe, I will have to look into it. I used this website in my WPA2 crack:

http://www.aircrack-ng.org/doku.php?id=cracking_wpa

If you try it out you will need to know about the "iwlist wlan0 scan" command to get specific channels, and MAC addresses of APs. Later on in the tutorial they teach you how to deauthenticate using aireplay-ng.

aireplay-ng -0 l -a 00:14:6C:7E:40:80 -c 00:0F:B5:FD:FB:C2 ath0

You will need to change the MAC addresses, as well as your interface, which I think will probably be wlan2 for injection, wlan1 for monitoring.

I do not think that the GUI display gives you access to the full range of commands available on the pineapple. If you are using Windows, download putty to create a command line session with the pineapple. I believe they call it SSH'ing. If you are using a linux or unix box, then I believe there are built in commands for this type of thing, probably named 'ssh'.

Others will have to help with this too because I can only jump online for a few minutes at a time. Getting close to the end of the semester at my school.

[xrad]

BTW, I am a Computer Security Professional, but working with the GUI Displays, does not give me the access to the command line, logs, and other resources I am used to (but I do appreciate it!).

You can ssh into the pineapple, full command line.

If your in linux even Mac just open a terminal and ssh into the pineapple.

If on Windows use putty.

To transfer files you can scp.

Edited May 17, 2014 by xrad

[overwraith]

On windows transfer files with winscp.

[SixKids]

Thanks for all of the responses, I totally agree with the tools that everyone was presenting. But I think that this issue here is possibly a matter of the signal from the pineapple not being stronger than the Linksys AP. If this is true, that would explain a lot of problems I have been seeing.

I will reattempt this again with a Free Wifi site with potentially less powerful equipment.