Jump to content

Can't connect to the Pineapple


Phini
 Share

Recommended Posts

Hi,

something odd is happening with my new Wifi Pineapple. I set it up, also WPA2 for secure connections to manage the pineapple from my tablet or phone.

I used this names:

WPA2 Wifi: WifiAP

honeypott-wifi: Wifi

Though oddly enough I only see this in Win8(sorry for the inconvenience of german language):

post-49807-0-61251400-1429793960_thumb.p

It looks like the Pineapple is spamming SSIDs of it's own network, though I put the SSID already in the Karma-Blacklist.... and the open "Wifi" and the secured "WifiAP" are only shown as "hidden network" at the bottom. I can't connect to the hidden networks with "Wifi" or "WifiAP" as SSID, only the "Wifi 2 3" lets me connect and then I can log into the Pineapple controlpanel. Somehow I'm sure that was meant to work different?

Any idea what I'm doing wrong?

Edited by Phini
Link to comment
Share on other sites

Problem persists. Oddly enough, even if I set it to factory settings. Is there a config-setting (perhaps for the dip-switches) that I could try to test it to be fail-safe? Kinda looks like there's a hardware/config prob with one of the radios. I can't connect to the WPA2-interface, tested with 3 different devices.

Link to comment
Share on other sites

Yeah, I did the unbrick-procedure and it starts properly, though I still have probs to connect to the WPA2 network of th Pineapple. Could it be that the problem is the Microsoft Surface Pro 3 or Windows 8.1? Windows shows only "hidden networks"....

Edited by Phini
Link to comment
Share on other sites

  • 1 month later...

Since I played today again with the Pineapple I encountered the same prob again: I can't login on the WPA2 wifi of the Pineapple. Sometimes I see its configured name, sometimes I only see "hidden network", not only on the Surface Pro but also on my S5.

So, I assume it is a hardware-issue? Or did I config anything wrong that explains the behaviour? Another question: hows it done that with 2 Wifi-nics you get the honeypot, the WPA2 access and the packetinjectionstuff needed for everything else?

Link to comment
Share on other sites

Yes and no, I did both, did not make a difference, or should it?

I feel a bit exhausted to factory-reset the Pineapple again and again just to end in the same scenario.... I also see no reason why windows tells me not the SSIDs but only the "hidden network" label while the webinterface shows that the SSID is transmitted. I doubt that Win8 would detect actually networks that don't transmit an SSID? Or is this a new feature?

Link to comment
Share on other sites

Might want to check your Network tile --> Access Point tab.

There are two areas Open Access Point and Secure Management Access Point. Take note of the ? and review for their purpose.

By default the Open Access Point will be hidden and the Secure Management Access Point you would have first setup during your initial flash.

Link to comment
Share on other sites

By default the Open Access Point will be hidden and the Secure Management Access Point you would have first setup during your initial flash.

Yes, I really did read everything and (as far as I see) I understood for what it is used. The Open Access Point is the honeypot here, SSID is not hidden. And the Secure Management Access Point is set, too. But I can't connect over it, I enter the correct key but (even if I use something failsafe like 12345678) I don't get a connection.

Can somebody make clear if both APs can run simultaneously AND that WLAN1 can be used for PineAP, too? Perhaps I miss something and WLAN1 can't be used for PineAP while the secure Management-AP is running? Please

clarify this. Thanks :)

Link to comment
Share on other sites

Others correct me if I'm wrong but as I understand ref; PineAP wlan0 pulls in the clients and is the radio that clients connect to. Wlan1 is put into monitor mode, does beacon responses, beacons, deauth etc. So yes both wlan0 and wlan1 are supposed to be in use at the same time. Now as it relates to Network --> Access Points --> Open Access Point and Secure Management Access Point are running from wlan0. See /etc/config/wireless (ssh to your pineapple) radio0 you should see wifi-iface --> option ssid "Pineapple5_####" and an additional wifi-iface --> option ssid "YOUR CREATED SSID AT INSTALL CONFIG". Make sure your option key 'stupidpassword' is correct and your typing the right key.

config wifi-device 'radio0'
	option type 'mac80211'
	option channel '11'
	option hwmode '11ng'
	option macaddr '00:13:37:##:##:##'
	option htmode 'HT20'
	list ht_capab 'SHORT-GI-20'
	list ht_capab 'SHORT-GI-40'
	list ht_capab 'RX-STBC1'
	list ht_capab 'DSSS_CCK-40'

config wifi-iface
	option device 'radio0'
	option network 'lan'
	option mode 'ap'
	option ssid 'Pineapple5_####'
	option encryption 'none'
	option hidden '1'

config wifi-iface
	option device 'radio0'
	option network 'lan'
	option mode 'ap'
	option encryption 'psk2+ccmp'
	option ssid 'Roomba'
	option key 'stupidpassword'
	option disabled '0'

config wifi-device 'radio1'
    option type 'mac80211'
    option channel '11'
    option hwmode '11g'
    option macaddr '00:13:37:##:##:##'

config wifi-iface
    option device 'radio1'
    option network 'lan'
    option mode 'sta'
    option ssid 'Pineapple5_%%%%'
    option hidden '0'
    option encryption 'none'

Those wifi's are running on one device wlan0. Radio1 (wlan1) should have another Pineapple5_#### but the last four numbers are different. Wlan1 should not be up and running as an AP because its being used to listen and other stuff in PineAP.

If after looking at your /etc/config/wireless and verifying your password, I'm not sure whats going wrong. I hate to tell you to factory.bin again, trust me I've done that alot myself, but I would also recommend doing the factory.bin and then manual upgrade-2.2.0.bin. See if the other firmware allows you to connect to your Secure Management Access Point.

Link to comment
Share on other sites

Thank you very much, as far as I can see everything is fine...

Perhaps I did got the meaning of the MAC-blacklist wrong? I thought it will only blacklist Karma/Dogma/PineAP stuff do be done with the device, though "could it be" that it actually refuses already the wifi-connection?

Then I did something stupid.... :blink::grin:

Is there a right way to keep my own devices from connection to the honeypot? Or is it only done by blacklisting my own networks SSID's?

Thanks!

Link to comment
Share on other sites

To prevent your own SSIDs from being faked you should black list them.

Now there is an issue within firmware 2.3.0 where some SSIDs are not getting black listed.

I went back to firmware 2.2.0 and the black list is working fine.

We really cannot reproduce this issue. What SSIDs are you unable to blacklist?

Link to comment
Share on other sites

I'll try to reproduce again.

Stock loaded firmware 2.3.0 with no infusions.

Connected via laptop eth0 (kali) to MKV. Power via MKV provided wall power.

./wp5.sh to provide internet

Screenshot_from_2015_06_13_15_43_04.png

Laptop connect to SSID 3MTA3_nomap, Linksys e4200 Tomato Firmware 1.28, via Kali wifi.

Screenshot_from_2015_06_13_15_50_21.jpg

Internet functioning

Screenshot_from_2015_06_13_15_47_47.png

PineAP --> Karma --> add 3MTA3_nomap to SSID black list black mode

Screenshot_from_2015_06_13_15_49_35.png

Karma log still set to /tmp

All PineAP started

Screenshot_from_2015_06_13_16_04_17.png

ssh connection with top running just after starting PineAP

Screenshot_from_2015_06_13_16_05_38.jpg

added a spare cell phone via wifi to SSID 3MTA3_nomap to beacon the request

reviewed karma log and found 3MTA3_nomap after the cell phone beacon

MKV set to UTC

Screenshot_from_2015_06_13_16_18_06.jpg

reviewed current active faked SSIDs and 3MTA3_nomap is there

Screenshot_from_2015_06_13_16_13_49.png

Let me know if I'm doing something wrong.

That last SSID is pretty funky.

Anyway...focus.

Hey do you think its because of the _ ?

Cleared SSIDs, black list, karma log.

Change wifi AP to 3MTA3.

Reconnected to 3MTA3 SSID on kali laptop.

./wp5.sh again

Internet still good and PineAP off.

Added 3MTA3 to SSID black list in black mode

Sorry reached my image limit in the forum so bear with me.

All PineAP started.

Added cell beacon to 3MTA3.

3MTA3 shows in PineAP.

Screenshot_from_2015_06_13_16_55_21.png

Shows as faked also.

Screenshot_from_2015_06_13_16_56_42.png

So not the _

Maybe my MKV is sP3ci4L...

Link to comment
Share on other sites

This is a little crud but might help some people in the mean time if they are experiencing their SSIDs being replicated.

ssh to your MKV

cd /sd

nano remove_these_ssid.sh

copy and paste...replace <YOUR SSID> here

#!/bin/bash
sed -i '/<YOUR SSID>/d' /etc/pineapple/ssid_file
exit 0

save (ctrl+o) exit (ctrl+x)

chmod +x /sd/remove_these_ssid.sh

add * * * * * /sd/remove_these_ssid.sh to configuration --> schedule task and save

Screenshot_from_2015_06_13_17_21_47.png

should remove your SSID from the fake list every minute

Link to comment
Share on other sites

Thank you for the detailed report!

Right now, the SSID will be replicated only by dogma (and collected by harvester) and not karma. What this does show is that we will still harvest blacklisted SSIDs, something we did intentionally (to harvest everything around us).

We'll make sure that once blacklisted, an SSID cannot be harvested.

Best regards,

Sebkinne

Link to comment
Share on other sites

  • 1 month later...

Perhaps I found a bug in the driver of my Surface Pro 3, too? That one Honeypot-AP name that the Pineapple normally does stays in my Wifi-list in Windows 8.1 forever now, if I turn Wifi off it vanishes, if I turn wifi on it's back there, with other existing wifi-networks. The Thing is, the pineapple is turned off. :P WTF is my pineapple doing to my hardware? XD

Do'h, never mind. Win8 just "saved" the network-name. The labeling in Win8 is so ridicules userunfriendly :P

Edited by Phini
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...