zubr Posted December 7, 2014 Posted December 7, 2014 Hi, I have set up my WiFi Pineapple as discribed here: https://scotthelme.co.uk/wifi-pineapple-setup/. Pineapple is working in general and I can snif some traffic using sslstrip. I connected with several different devices (active connection indicated in Karma log). However, most of the traffic going throug my Pineapple is not recorded (i.e. I cannot see it in the Output menu of sslstrip). For example, when I visit www.amazon.com, some packages are recorded by sslstip (however no real user data, more packages like "Gateway&browserWidth"). Other websites like www.facebook.com or www.twitter.com are not indicated in "Output" at all. Also Apps traffic from my connected Smartphone is not indicated. Is my Pineapple not configured properly? Where are some details about the device configuration: - Firmware 2.0.4 - sslstrip v2.0 - Pineapple connected to a Windows machine (via ethernet cable) or directly in Client mode (with my Samsung Galaxy using tethering) - MK5 Karma, PineAP, Dogma, Beacon Response disabled 1) Is sslstrip the only tool that shows me which traffic goes through my Pineapple? 2) Any ideas how to capture more traffic (e.g. other configuration)? Thank you. Best Chris Quote
zubr Posted December 7, 2014 Author Posted December 7, 2014 Sorry, I meant: https://scotthelme.co.uk/wifi-pineapple-mark-v-introduction-setup/ Quote
dustbyter Posted December 8, 2014 Posted December 8, 2014 Part of the reason that you are not seeing data in the output is because some of the major sites you are listing like facebook, twitter, etc have all implemented a defense to SSLSTRIP. Search the forum and you will see more discussions for this. Quote
HorseCode Posted December 8, 2014 Posted December 8, 2014 Related: https://forums.hak5.org/index.php?/topic/33413-hsts-sslstrip-mobile-apps/ Once you have traffic going through the pineapple, you can use tcpdump to capture everything or use filters to discriminate interesting traffic. Or are you looking to get more clients to associate with your pineapple? If that's the case, you should look into enabling the other features of pineAP. Quote
Smart-Aswood Posted December 8, 2014 Posted December 8, 2014 sslstrip did its job - that is, pointing out various problems with the transport layer. Sites like Facebook and Amazon and Twitter owe it a huge "Thank You." So it's now semi-retired with much less work to do. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.