PineAp recon and multi broadcast of SSIDs

[bytedeez]

From my understanding the new firmware offers the ability to collect SSIDs of currently broadcasting APs and shows which clients are connected to them. It also can take those SSIDs and rebroadcast them in order to aid in karma attacks.

My question is this:

Wouldn't it make more sense if the recon section picks up ssids from client side probe request and then offers the ability to rebroadcast them?

I mean if you are sitting at one location you can already determine what APs are around and set the pineapple to rebroadcast those SSIDs.

Gaining SSIDs from clients would allow you to collect SSIDs of APs from other locations and rebroadcast them.

[rottingsun]

It was my understanding that pineap did work in that manner - that is, broadcast out SSIDs based on client probes. I could easily have gotten that wrong though. The audio on the talk was pretty bad. We may just have to wait for a tech doc or a follow up hangout.

[Darren Kitchen]

We will have a proper presentation to more formally introduce the new feature sets of 2.0 upon our return from (and survival of) defcon.

Also, it works as described. Harvester captures probe requests. Beacons may be manually added from recon.

[bytedeez]

Cool, thanks for explaining Darren! from my test it seemed like it would only rebroadcast surrounding APs. Myself and the rest of the community is highly grateful for all of yours, Sebs and the rest of the crew's hard work!

Hope your enjoying Defcon!

[bytedeez]

Ah Ha! For whatever reason Pineapple still wasn't working as described above. Decided to re - flash and it seemed to fix my issue.

However I do not see all ssid that my device should be probing for show up.