Viertakt Posted November 28, 2015 Posted November 28, 2015 Hi guys, Got a Mk V to play with from my employer two days ago, and they expect me to show some nice things. So far, all I've been able to make it do is harvest SSID's. I have set it up both as rouge AP (one antenna connected to my home network, the other broadcasting as "Free WiFi"), and sharing the Internet connection with my home computer through ethernet. I think I've tried all the different setups by now.. Turned on everything under the PineAP tab, and although I do see SSID's being collected, there are no connections made. No mentions are made in the logs, nothing... When looking on various wireless devices (win 7, android, linux) I'm also not seeing a list of insecured networks that correspond to the SSID's that are on the preferred lists of the devices. Something you do see in some tutorials on youtube. I can manually connect with the Mk V broadcasting its "free wifi"-dubbed network, and then it does see me as a client. The I try SSLstrip.. doesn't do antyhing anymore (fixed that bug probably...), but also, dns spoofing does not do anything. In short, I have a fancy black box with four glowing LEDs, that so far hasn't been able to do anything. Is a pineapple still capable of doing anything these days? Or am I two years to late in expecting devices to connect just because I'm replicating their preferred networks? Quote
Viertakt Posted November 29, 2015 Author Posted November 29, 2015 45 views already, and nobody who has anything to say? Come on guys.... Quote
WPA3 Posted November 29, 2015 Posted November 29, 2015 45 views already, and nobody who has anything to say? Come on guys.... Well i can confirm that pineAP work's great, to get the best out of it you need wlan2, sslstrip is a waste of time as most sites use https and Evil portal works and gets cred's if setup correctly. Have a look at these videos might get some answer's/ https://www.youtube.com/playlist?list=PL2SUsWKTO12BpTXGf75VdHnJJORBJPd4k Quote
Viertakt Posted November 29, 2015 Author Posted November 29, 2015 Well i can confirm that pineAP work's great, to get the best out of it you need wlan2, sslstrip is a waste of time as most sites use https and Evil portal works and gets cred's if setup correctly. Have a look at these videos might get some answer's/ https://www.youtube.com/playlist?list=PL2SUsWKTO12BpTXGf75VdHnJJORBJPd4k WLAN2 ??? could you elaborate a bit on that please? Quote
Xcellerator Posted November 29, 2015 Posted November 29, 2015 Although the pineapple does indeed only have two wireless radios, (namely wlan0 and wlan1), you can plug in a USB wireless adapter (as long as its supported see here: http://wiki.wifipineapple.com/#!compatible_wifi_cards.md) and it will show up as wlan2 (as you'd imagine). The best use for wlan2 is to use it for your connection to the AP as it suffers less from the rate-limiting issues in wlan1 (I think its due to a timing issue over the internal bus, correct me if I'm wrong anyone..). This frees up wlan1 for things like deauthing, packet captures, etc.. Quote
Fira Posted December 24, 2015 Posted December 24, 2015 2 Radios in the Pineapple, and neither of them are good enough? Or have I just read you wrong? Quote
barry99705 Posted December 24, 2015 Posted December 24, 2015 (edited) 2 Radios in the Pineapple, and neither of them are good enough? Or have I just read you wrong? You read wrong. The built in radios are already busy doing other things. One's listening for probes, one's pretending to be your fake AP. If you want to do man in the middle you need to tether your pineapple to something with an internet connection. You can't use the built in radios, so you add the third for this. They also found out late into production that the radio that does the spoofed APs has a throughput issue, so it can only do around 10mbps on a good day. Edited December 24, 2015 by barry99705 Quote
Fira Posted December 24, 2015 Posted December 24, 2015 (edited) They also found out late into production that the radio that does the spoofed APs has a throughput issue, so it can only do around 10mbps on a good day. Thanks for the reply. So is the third radio just because the other 2 are busy, or if the issue highlighted in the quote above was not a factor, would it be able to do that job without the need for a third radio? Is the fake AP doing the karma attack, or occupineapple attack, or both? Edited December 24, 2015 by Fira Quote
barry99705 Posted December 24, 2015 Posted December 24, 2015 (edited) You can run it without the third radio, but it will limit the client's connection speed. Edited December 24, 2015 by barry99705 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.