Jump to content

Recommended Posts

Also,

In the case of using multiple MKV's, in multiple locations on an engagement, the ability to remotely connect to a central file storage or database containing all harvested data would be very useful. Has this been thought of already anywhere else in the community?

Peace ,

3mrgnc3.

Great idea. I think either SSH tunnel (improved autossh infusion) or OpenVPN (infusion) would enable this if the client's DB URL could be easily configured.

Link to post
Share on other sites
  • 2 weeks later...
  • Replies 217
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

PineAP use wlan1 or not ?

If i use wlan1 for ICS and enable PineAP - it goes down! OK, no problem i have an Alfa and use wlan2.

But, if i enable PineAP why is wlan1 still disabled and the red light is off ?

Link to post
Share on other sites

Long story short, I see the victim (my Android phone) trying to authenticate and associate over and over but never succeeding. Steps taken:

1. I enable PineAP.
2. I enter the victim's Mac in the target field.
3. I put the open SSIDs that the victim is probing for in the SSID management frame.
4. I save settings.
5. I start Wireshark on a separate machine's wlan interface, recording in monitor mode on the same channel as the Pineapple's wlan0 interface.
6. I enable Dogma.
7. I see the victim authenticating to PineAP in Wireshark.
8. I see victim trying to associate to PineAp in Wireshark, but then I get a "status code: Unspecified failure" in the fixed parameters of the wireless LAN management frame (In Wireshark).

If I disable PineAP and enable Karma, the victim connects to Karma immediately.

Any thoughts as to why association fails in PineAP? I am running a spoofed MAC for wlan0 if that matters (i wouldn't think it should).

Edited by WiFi Cowboy
Link to post
Share on other sites

Works pineAP and deauth together. To run these simultaneously. I have alpha that is available from Hak5. so i have wlan0, wlan1 and wlan2 available.

//Masler77

Edited by masler77
Link to post
Share on other sites

BeNe,

I think when you start PineAP it starts a mon0 interface on wlan1 for deauthing peeps. You have the right idea by using an external USB adaptor for ICS.

Edited by WiFi Cowboy
Link to post
Share on other sites

Hi Seb

Maybe i never looked at this, but i noticed that when i start dogma and beacon response, the pineapple start to deauthenticate clients. Even the device that are using the web interface, so its not really a timeout.

Saw others have this problem. And as far asi tested, it happens only with dogma/beaconer. Karma alone works.

https://forums.hak5.org/index.php?/topic/31047-hostapd-deauthenticated-due-to-inactivity-timer-deauthremove/

Oct 13 13:19:24 Pineapple daemon.info hostapd: wlan0: STA 00:ee:bd:9f:cb:ec IEEE 802.11: authenticatedOct 13 13:19:20 Pineapple daemon.notice hostapd: wlan0: STA 00:ee:bd:9f:cb:ec IEEE 802.11: did not acknowledge authentication responseOct 13 13:19:15 Pineapple daemon.notice hostapd: wlan0: STA 00:ee:bd:9f:cb:ec IEEE 802.11: did not acknowledge authentication responseOct 13 13:19:14 Pineapple daemon.info hostapd: wlan0: STA 00:ee:bd:9f:cb:ec IEEE 802.11: deauthenticated due to inactivity (timer DEAUTH/REMOVE)Oct 13 13:19:13 Pineapple daemon.info hostapd: wlan0: STA 00:ee:bd:9f:cb:ec IEEE 802.11: disassociatedOct 13 13:19:13 Pineapple daemon.info hostapd: wlan0: STA 00:ee:bd:9f:cb:ec IEEE 802.11: associated (aid 5)Oct 13 13:19:13 Pineapple daemon.info hostapd: wlan0: STA 00:ee:bd:9f:cb:ec IEEE 802.11: authenticatedOct 13 13:19:11 Pineapple daemon.info hostapd: wlan0: STA 00:ee:bd:9f:cb:ec IEEE 802.11: associated (aid 5)Oct 13 13:19:11 Pineapple daemon.info hostapd: wlan0: STA 00:ee:bd:9f:cb:ec IEEE 802.11: authenticatedOct 13 13:19:09 Pineapple daemon.info hostapd: wlan0: STA 00:ee:bd:9f:cb:ec IEEE 802.11: deauthenticated due to inactivity (timer DEAUTH/REMOVE)Oct 13 13:19:08 Pineapple daemon.info hostapd: wlan0: STA 00:ee:bd:9f:cb:ec IEEE 802.11: disassociatedOct 13 13:19:08 Pineapple daemon.info hostapd: wlan0: STA 00:ee:bd:9f:cb:ec IEEE 802.11: authenticatedOct 13 13:19:07 Pineapple daemon.info hostapd: wlan0: STA 00:ee:bd:9f:cb:ec IEEE 802.11: authenticated
Link to post
Share on other sites

Hey Seb

Where can i ask about the disassociation problem.

Tried with a brandnew mk5 and suffers still the same problems...

Mr.miYagi,

This is an interesting issue and I would love for you to create a new thread about it, detailing all the information you can provide. While Darren was able to reproduce the issue, it was because of connectivity (range) issues between client and Pineapple. In a close / semi close environment, I am personally not able to reproduce the issue with my different phones / tablets / laptops. There would be ways to completely disable the deauth due to inactivity, but this could have rather unexpected results. The plan is to play around with this and release a beta specifically for people with this issue.

I am sorry that we haven't been on top of this issue in the past, but it was simply because it is not an issue that is easy to replicate for myself / some of the people that regularly test issues out for us.

Best Regards,

Sebkinne

Link to post
Share on other sites

Thanks Seb

We had a thread about that. Where Darren statet the same problem on his device:

https://forums.hak5.org/index.php?/topic/31047-hostapd-deauthenticated-due-to-inactivity-timer-deauthremove/#entry251626

Now we have a new one:

https://forums.hak5.org/index.php?/topic/33901-the-disassociation-problem/#entry252423

I have 3 Mkv5 here. You want some special tests?

I let run them over night, and post the logs. I can give you also ssh access.

Link to post
Share on other sites

Sorry for the repeat post, but im really stuck.

Long story short, I see the victim (my Android phone) trying to authenticate and associate over and over but never succeeding. Steps taken:

1. I enable PineAP.

2. I enter the victim's Mac in the target field.

3. I put the open SSIDs that the victim is probing for in the SSID management frame.

4. I save settings.

5. I start Wireshark on a separate machine's wlan interface, recording in monitor mode on the same channel as the Pineapple's wlan0 interface.

6. I enable Dogma.

7. I see the victim authenticating to PineAP in Wireshark.

8. I see victim trying to associate to PineAp in Wireshark, but then I get a "status code: Unspecified failure" in the fixed parameters of the wireless LAN management frame (In Wireshark).

If I disable PineAP and enable Karma, the victim connects to Karma immediately.

Any thoughts as to why association fails in PineAP? I am running a spoofed MAC for wlan0 if that matters (i wouldn't think it should).

Link to post
Share on other sites

PineAP use wlan1 or not ?

If i use wlan1 for ICS and enable PineAP - it goes down! OK, no problem i have an Alfa and use wlan2.

But, if i enable PineAP why is wlan1 still disabled and the red light is off ?

Can someone confirm this problem or did i something misunderstood ?

Link to post
Share on other sites

Can someone confirm this problem or did i something misunderstood ?

Yeah, PineAP uses wlan1 and therefore clientmode interferes with it.

As you said, you'd have to use wlan2 for clientmode.

The reason why the red LED doesn't show up is simply because it is bound to wlan1 and not the monitor interface.

I think in the future we'll make the red LED light up while PineAP is enabled as a further indicator.

Best Regards,

Sebkinne

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.


×
×
  • Create New...