Jump to content

Recommended Posts

Posted

I want to play a prank on neighbor and he is totally ok with it, I have his WPA2 password already and have a Mark V as well as an alfa USB adaptor and tmobile 4g hotspot.

I would like to take down his Access Point and replace it with a clone, Since I have the password and MAC address it should not be too hard to accomplish this, I can't unplug his router because its in the middle of his living room but he is literally right next door and is one of my best friends.

I just got my mark V a few days ago and have been playing around with it but don't know what the best route would be to accomplish this. Ideally I want to DNSspoof and put his picture on the most wanted list as a prank. I plan on recording the entire thing and getting a good laugh at it. Any tips or tutorials will be much appreciated.

im thinking deauthing his current access point, But im not sure how the blacklist/whitelist works and since im cloning his MAC wouldn't I just end up deauthing my clone too? I can use DNSspoof and host the page on the mark 5 connected to my home network or a tmobile 4g hotspot. I just need to figure out how to get his current access point offline and replaced with my clone.

-icas0r

Posted

You would probably need a Yagi antennae in order to have comparable signal strength to coax his hardware to prefer yours. The Yagi is directional, and can therefore make stronger signals at greater distances. I am not sure how well de-authing the AP would be, I have never tried it, perhaps deauth the client, then when it tries to connect you may be able to snag it. You would also need to utilize the DNS spoofing built into the pineapple to forward your web content (it's DNS spoofing right? I got this one right? ). Not sure how you would host the web page, you may want to ask some other pineapple people how this DNS spoofing attack normally works I only have introductory knowledge of pineapple.

P.S. If my "friend" did this to me I would probably do very unfriendly things back to him. Just saying.

Posted

You would probably need a Yagi antennae in order to have comparable signal strength to coax his hardware to prefer yours. The Yagi is directional, and can therefore make stronger signals at greater distances. I am not sure how well de-authing the AP would be, I have never tried it, perhaps deauth the client, then when it tries to connect you may be able to snag it. You would also need to utilize the DNS spoofing built into the pineapple to forward your web content (it's DNS spoofing right? I got this one right? ). Not sure how you would host the web page, you may want to ask some other pineapple people how this DNS spoofing attack normally works I only have introductory knowledge of pineapple.

P.S. If my "friend" did this to me I would probably do very unfriendly things back to him. Just saying.

yes it is DNS spoofing, I have been doing some testing on my own network and can't seem to get the DNS spoofing to work. I think the browser has it cached, I have been reading about delorean command line infusion. I have three long range +9 Dbi antennas but I can also order a Yagi if you think it would work better.

-icas0r

Posted

You are masquerading as his AP in order to pull his clients off their network, so yes I think if you de-auth his AP, you would essentially be de-authing yourself. I think that most wireless devices automatically try to reconnect when de-authed which is why I recommend de-authing the client. That is how I got handshakes on my own network when trying to crack my own WPA-2 password, I would de-auth the client, then it would reconnect, then I would repeat until I had enough connection packets. Airodump would tell me when it got the handshake. In your case you want to redirect the client to connect to your AP. It would make sense to de-auth it then. You would have to check on whether you get better performance out of the yagi or the antennae you have. There should be something in the form of stats in the store or somewhere. While watching some of the Hak 5 videos however it appeared that the yagi would get ridiculous range, but somebody else could probably fill you in on better specifics. When I needed to de-auth I ended up having to send a ridiculous amount of packets in order to actually make my targets disconnect, I think there is a certain number of packets they will just ignore. There is a count flag in Aerodump/whatever though, so you can specify like 10 or in my case 100 until it works. Writing a batch script might help with the timing for something like this. Scripts usually execute faster than people can type, and could help you get the traffic sent just right. If all else fails you could essentially get another device like a laptop or a raspberry pi or something and use the extra radios/device in order to get things working. If they were connected via fast/Ethernet you could possibly make a script that tells one device to do one thing, and the other device, the pineapple to do the AP portion, bringing up the right MAC address after the de-auth packets have been sent. I make no promises for the supported hardware/software on the raspberry pi this is just an idea. I also have never made a script that was distributed in this fashion so make sure it is actually possible (it should be).

Posted

I cant figure out how to setup the clone SSID, I have tried setting it up as an accesspoint through the network infusion. Do i have to setup the clone under mk5?

Posted

I wonder if the jammer infusion uses de-auths or something else? Someone else may know more about what you're trying to do than me. Anyone else have any ideas?

Posted

It's a shame. I hardly use my pineapple any more because what you are trying to accomplish on the pineapple is really simple on Kali by using MITMF - unfortunately the pineapple doesn't support MITMF and it never will due to hardware limitations according to the author.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...