Jump to content

Warwalking with Pineapple and Battery


Caecilius

Recommended Posts

Can anyone suggest a single infusions solution or perhaps a set of infusions that would create a solution to what I thought would be a simple fix but alas, I'm missing something.

I want to do the following on a pentest:

- Warwalk my client's campus

- full packet capture with radio spinning on channels 1-11

- ability to save the full packet, multiple channel, survey to a dump, or cap file for review in Wireshark

****************************

I tried Wifi Survey - doesn't allow channel spinning and writing to a file like Kismet or airodump

I tried tcpdump - it seems to work intermittently, but when I choose the monitor mode option it says it doesn't support monitor mode which seemed strange to me

I tried Karma - hoping that maybe the same data would basically be in the log files but the radio doesn't spin on the various channels and do full packet capture resulting in a dump file unless I just missing something obvious

******************************

Basically, I need Kismet with GPS, full packet capture on channels 1-11 and save it to a dump/cap file. I'm hoping to set everything up, unplug, stick in my bag and warwalk.

Link to comment
Share on other sites

Good idea. I've gotten so used to the web interface and infusions I didn't even think about that. https://wifipineapple.com/ says there's a Kismet package available as well. Is there a pineapple reposity from which we can wget the or install Kismet??

I've got another post about the GPS integration piece into airodump-ng on another page so I will close this as solved.

Edited by Caecilius
Link to comment
Share on other sites

Thanks Whistle, thanks Barry. I've got Kismet server and client running on my Pineapple successfully now. I found this link http://soliloquyforthefallen.net/blog/2014/04/12/wardriving-with-the-wifi-pineapple-mark-v/ about working with the kismet.conf file.

The conf file is usually in /usr/local/etc, but there is no "local" on the pineapple. The reason I need to find it is so I can make sure the output files are save to the SD card and not internall. I also want to mess with the GPS settiings a bit.

Does anyone know where the .conf file is on the pineapple after downloading the kismet_server, and kismet_client packages?

Link to comment
Share on other sites

This is to help anyone else that might need it:

/usr/bin/kismet_client

As shown above for location of kismet.conf from soliloquy's blog, then modify kismet.conf for this

logprefix=/sd/name of directory you add to sd card
#gpstype=gpsdgpstype=serial# What serial device do we look for the GPS on?gpsdevice=/dev/ttyUSB0

**** Make sure you comment out the gpstype=gpsd and uncomment the serial line and then modify the gpsdevice line to read as above.

I'm using a BU-353 GPS and it's working perfectly. Good lat/lons, altitude etc.

Make sure your sd card has a directory if you put a directory in your kismet.conf file's logprefix= line as seen above.

Link to comment
Share on other sites

Heh. I've done the warwalking thing recently by installing screen into the pineapple. Then I disable wlan0 (to allow channel skipping) and activate mon0 on the pineapple web interface, then ssh into the pineapple, start a screen session and run airodump-ng mon0 in there. Oh yes, remember to have everything stored into /sd, first time I did this I forgot changing dirs and filled up / real fast!

Link to comment
Share on other sites

Danix,

You definitely need to killall hostapd and take both wlan0 and wlan1 down. I did not however, that when I changed the interface to wlan1 in the kismet.conf file that I wasn't getting collect on all my test APs. I added an additional source - wlan0 via the Kismet GUI and then I could see everything. After a little digging I realized the wlan1 radio on the Pineapple doesn't do n, it's only b/g thus I was missing collect on all the n APs.

So, you can either mod the .conf file to use wlan0 or just have both radios spinning as sources to Kismet.

Link to comment
Share on other sites

Overview: Working on a script to create a heatmap for APs based on the GPS, RSSI and other info found in the ppi header of the dump file.

My kismet.conf file is set up for ppi headers instead of 80211 headers.

I run kismet on my Pineapple.

gpsxml file has GPS data

I view the pcapdump in Wireshark and there is no GPS data in the ppi header section.

Pineapple is running libpcap version 1.1.1 which is compatible for creating the ppi info.

Any ideas why the GPS data is NOT being added to the ppi header in the pcapdump file?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...