Haz3 Posted August 12, 2014 Share Posted August 12, 2014 Looks like I missed a great Defcon this year, including a presentation from Senseposts Dominic White and Ian de Villiers on their new Wireless attack toolkit - MANNA https://github.com/sensepost/mana It includes amongst other things: hostapd-manna - modified hostapd that implements new karma attacks and looks a lot like PineAP crackapd - a tool for offloading the cracking of EAP creds to an external tool and re-adding them to the hostapd EAP config (auto crack 'n add) sslstrip-hsts - Modified sslstrip Firelamb - captures and writes cookies to a firefox profile for easy use. I've only had a quick play with it, but there's some great ideas and I love the way the different attacks are rolled into a toolkit. Maybe some ideas here for future Pineapple development? Quote Link to comment Share on other sites More sharing options...
bytedeez Posted August 21, 2014 Share Posted August 21, 2014 Awesome!!!!!!!!!!!!!!!!!!!!! Quote Link to comment Share on other sites More sharing options...
dustbyter Posted August 21, 2014 Share Posted August 21, 2014 I think looking into the modified sslstrip may be a good start. Quote Link to comment Share on other sites More sharing options...
dustbyter Posted August 21, 2014 Share Posted August 21, 2014 Missed this presentation while at Defcon, but reading through the presentation, slide 25 seems to be describing the PineAP functionality... rebroadcasting the probed requests. Quote Link to comment Share on other sites More sharing options...
Karit Posted August 23, 2014 Share Posted August 23, 2014 The video http://www.irongeek.com/i.php?page=videos/defcon-wireless-village-2014/08-manna-from-heaven-improving-the-state-of-wireless-rogue-ap-attacks-dominic-white-ian-de-villiers Quote Link to comment Share on other sites More sharing options...
singe Posted August 25, 2014 Share Posted August 25, 2014 Hello, I'm Dominic from SensePost. Happy to answer any questions about the research? Quote Link to comment Share on other sites More sharing options...
elkentaro Posted September 4, 2014 Share Posted September 4, 2014 A verbal step by step demo video would be cool. Quote Link to comment Share on other sites More sharing options...
Barney_Rubble Posted November 2, 2014 Share Posted November 2, 2014 Hello, i'm looking to port this toolkit to the PineApple. I have taken a look at the script (start-nat-full.sh) and it's basically sending data from wlan0 tot eth0 (uplink to internet). So i connected the uplink of my PineApple to the wlan0 of my Kali-machine which was running the Mana-Toolkit. That way i manipulated the traffic and got it to work. But this is WAAY to insecure and difficult. Is there any way to "normally" set up the PineApple with the wp5.sh script and tunnel all the data from the PineApple through Mana-Toolkit running on my Kali-machine? The script of Mana-Toolkit has to be rewritten to tunnel the data coming in from eth0 to wlan0, but.. we won't be needing hostapd (which does the BSSID for the Mana-Toolkit), because the PineApple is sending the BSSID. Anybody any thoughts? Quote Link to comment Share on other sites More sharing options...
Barney_Rubble Posted November 4, 2014 Share Posted November 4, 2014 So i have changed the script to work with the PineApple. At this moment the PineApple forwards all the data to my machine (just as it does with the wp5.sh script) and my machine does all the stuff (dns2proxy and sslstrip). I am looking to get this done on the PineApple, so i don't need my machine anymore. But i am not sure if the PineApple is strong enough to do all this stuff on the fly for say - 5 - connected users. My machine had a load of 58% with 6 connected users. Quote Link to comment Share on other sites More sharing options...
cooper Posted November 4, 2014 Share Posted November 4, 2014 My machine had a load of 58% with 6 connected users. Without identifying your machine in more detail than the current "my Kali-machine" it's kina difficult to relate the load it sees with what the pineapple can take. 58% sounds like rather a lot though. Quote Link to comment Share on other sites More sharing options...
mw3demo Posted November 4, 2014 Share Posted November 4, 2014 So i have changed the script to work with the PineApple. At this moment the PineApple forwards all the data to my machine (just as it does with the wp5.sh script) and my machine does all the stuff (dns2proxy and sslstrip). I am looking to get this done on the PineApple, so i don't need my machine anymore. But i am not sure if the PineApple is strong enough to do all this stuff on the fly for say - 5 - connected users. My machine had a load of 58% with 6 connected users. Hey Barney, Great job! As Cooper said, if it's giving you that sort of load on a laptop/desktop, it will probably be too heavy for the pineapple. Can you share your script and details of the setup? Quote Link to comment Share on other sites More sharing options...
Barney_Rubble Posted November 5, 2014 Share Posted November 5, 2014 Hey Barney, Great job! As Cooper said, if it's giving you that sort of load on a laptop/desktop, it will probably be too heavy for the pineapple. Can you share your script and details of the setup? I just connect the PineApple to the Evil AP which you set up with hostapd. I disabled the karma-attack and set the MAC of the PineApple as the only one allowed to connect. Furthermore i edited hostapd.conf so that the Evil AP SSID is hidden. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.