bytedeez Posted August 10, 2014 Posted August 10, 2014 From my understanding the new firmware offers the ability to collect SSIDs of currently broadcasting APs and shows which clients are connected to them. It also can take those SSIDs and rebroadcast them in order to aid in karma attacks. My question is this: Wouldn't it make more sense if the recon section picks up ssids from client side probe request and then offers the ability to rebroadcast them? I mean if you are sitting at one location you can already determine what APs are around and set the pineapple to rebroadcast those SSIDs. Gaining SSIDs from clients would allow you to collect SSIDs of APs from other locations and rebroadcast them. Quote
rottingsun Posted August 11, 2014 Posted August 11, 2014 It was my understanding that pineap did work in that manner - that is, broadcast out SSIDs based on client probes. I could easily have gotten that wrong though. The audio on the talk was pretty bad. We may just have to wait for a tech doc or a follow up hangout. Quote
Darren Kitchen Posted August 11, 2014 Posted August 11, 2014 We will have a proper presentation to more formally introduce the new feature sets of 2.0 upon our return from (and survival of) defcon. Also, it works as described. Harvester captures probe requests. Beacons may be manually added from recon. Quote
bytedeez Posted August 11, 2014 Author Posted August 11, 2014 Cool, thanks for explaining Darren! from my test it seemed like it would only rebroadcast surrounding APs. Myself and the rest of the community is highly grateful for all of yours, Sebs and the rest of the crew's hard work! Hope your enjoying Defcon! Quote
bytedeez Posted August 13, 2014 Author Posted August 13, 2014 Ah Ha! For whatever reason Pineapple still wasn't working as described above. Decided to re - flash and it seemed to fix my issue. However I do not see all ssid that my device should be probing for show up. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.