Questions about PineAP

[PK_420]

Again,

I performed an AP & Clients scan while PineAP was running and I managed to freeze the device one more time,

Tried an ifconfig and it never completed... even Ctrl+C wouldn't stop it.. I had to close my terminal window and reconnect via ssh to issue the reboot command.

This time though issuing the reboot command didn't solve the problem completely, upon completing the reboot all was fine except for the Wlan1 that was missing somehow,

I issued the "iw phy1 info" command and didn't get the expected output, only help was displayed,

Simply disconnecting the power and reconnecting it solved the issue,

Idk if this is somehow linked, I thought it might help the devs to share it.

[QwerHak]

Since 1.0.1 > and today on 1.0.2 :

If I perform AP & Clients scan it stucks on 100% and I dont get any Clients > AP only scan is working current without issue.

[QwerHak]

Hi

Can you try and do this in Google Chrome and activate the developer console (CTRL+SHIFT+J) and tell us what you see in the "Console" tab and the "Network" tab.

In the "Network" tab, you should see lots of requests from modules, When you click on those in the list and click the "Preview" tab, do you get a "Module returned empty response"?

Thanks,

Foxtrot

I get multipl

POST

XHR

http://172.16.42.1:1471/api/

etc.

What should I see if AP + Client Scan should work propely?

[QwerHak]

Also, if I use the command line "/usr/bin/pineapple/site_survey 15" it does the same behavior as the WebGUI, provoking a fail every now and then, and when the error happens, every network-related commands on the pineapple fails.

.

If i use command line, it popups near AP but without clients. "No cleints detected" under each AP.

PS. Last post allowed to do until tomorrow? I cant Edit my posts :(

[digininja]

Posting this on behalf of QwerHak:

iw phy1 info

- no device detected

iw phy0 info

- seems like everything if fine

ifconfig

got wlan0

and wlan0-1

no phy1 ?

[jermzz]

Posting this on behalf of QwerHak:

iw phy1 info

- no device detected

iw phy0 info

- seems like everything if fine

ifconfig

got wlan0

and wlan0-1

no phy1 ?

Seems like exact same problem I had. No wlan1 and phy1 no info. Scans got stuck at 100% with AP + client and would lock the nano up until a reboot. Normal AP scan worked. Lsusb didn't show the radio either. They ended up replacing my nano and my new one works perfectly.

[QwerHak]

Hm, who I need to contact to order replacement?

[Darren Kitchen]

Hm, who I need to contact to order replacement?

shop@hak5.org and copy support@hak5.org with your logs. We'll get you up and running in short order.

[Onus]

I just pulled an update on the pineapple nano, and now when ever i try to start PineAP by checking the box and clicking save settings i get the message: Notice: In order to use these features, PineAP must first be enabled by started by selecting the "PineAP Daemon" checkbox and then saving the settings.

but that is the exact feature i trying to start :(

Help

[Just_Another_Node]

It will give that message if you click any of the boxes below PineAP Daemon before selecting PineAp Daemon. It thats not it then it could be a browser flub, try a refresh.

[Darren Kitchen]

What browser are you using? Sounds like a caching issue. Can you try clearing it or doing a hard refresh?

[Foxtrot]

It is definitely a caching issue, a few have had the same problem in IRC.

Clearing the cache should work.

[Onus]

clearing the cache worked.. im using iceweasel fyi, cant seem to get chrome installed on kali 2.0.. that said, i can now also see something besides "coming soon"
under modules, but it says failure to connect to wifipineapple.com even though the internet connection is up and running.. what a tease, for a second i thought i could get mods..

[Foxtrot]

clearing the cache worked.. im using iceweasel fyi, cant seem to get chrome installed on kali 2.0.. that said, i can now also see something besides "coming soon"

under modules, but it says failure to connect to wifipineapple.com even though the internet connection is up and running.. what a tease, for a second i thought i could get mods..

Some modules are available... Make sure your pineapple has a connection.

[Onus]

I have a connection

[r3g3x]

I have a couple of questions I wanted to ask to help me understand how pieces of the pineapple tie together. I did read the help, have been working with the system, reading forums and watched videos. I understand some of this may be basic, but it might help someone with similar questions.

When I scan and select the AP or AP and Client option, how does the pineapple determine when I can send a deauth found resources? There are times when the drop down has the deauth option and times it does not. I understand the deauth method and choosing deauth on client versus AP.

Do the AP’s found in the scan have any relationship to PineAP? Does PineAP use the list of found AP’s and broadcast those out, or does it discover on its own AP’s being probed and broadcast those back?

When I select all the options for PineAP, I am seeing a lot of probes and no connections. How does one force a connection or get a connection to happen. I had my pineapple running for many hours and turned my phone on and off, nothing. Does having a WPA2 network type make the connection more difficult because of the PSK?

I thank everyone in advance for patience and answers.

Jim

[RobinTheKayOh]

I was wondering why my NANO doesnt get in internet while PineAP is running? It's connected to my desktop and I enabled sharing from the video tutorial, it works before I use PineAP but not after. I thought it would work? Or am I wrong?

Thanks

EDIT: NEVERMIND!!! I changed my default route to the word "Pineapple" because of the chrome auto filling thingy.... Oops!

[zoro25]

HI guys

I have a Nano that has never "fully" worked, previously I put this down to the firmware not being fully functional , however after 1.04 release I figured that it must be my device.

I'll explain my issue.

Its PineAP , I can never get SSIDs to show (unless I manually connect to an accesspoint) , it should be picking up AP's which are being broadcasted by clients looking for connections, If I do a recon I can see about 20 SSID's and clients , but nothing is logged in PineAP (nothing at all)

And as it can't get SSID's it never broadcasts any and as it never broadcasts any I can never get connections , unless I manually connect to the AP which I have set on the Nano.

My Recon mode works really well. No issues there

However under PineAP I want to just scan all devices close by, and log SSID's and then broadcast.

Are there any commands that I can run once I SSH into the Nano to check all is functioning okay.

Also I should note that I pressed the button to change Wlan1 to a random Mac address (not sure if this broke the Nano PineAP functionality)

I've done about 4 factory resets and all still not working as it should, PS I have a MK5 so I know the basics of how PineAP mode should work and what to expect is returned.

Thanks in advance

[confuded]

You haven't mentioned what settings you've set in PineAP.

Here is are the steps to ensure your targets connect:

0. First and foremost, this will only work with open networks - meaning the clients need to have an open network saved in their AP list.

1. Set your PineAP settings (making sure the service is on) to "Allow Associations", "Capture SSIDs to Pool", "Beacon Response" and if you want to be a little more certain and aggressive also "Broadcast SSID Pool".

2. Go back to your recon tab (I keep it open as it does not save scan results) and click deauthenticate your clients, which kicks them off their current networks.

a) You can either do it one by one, by clicking the arrow next to their MAC, at the bottom of the new window you can set the deauth multiplier (2 is 2 times more, 4 is 4 times more aggressive etc).

b) Or if you want to kick all the clients off from a particular AP, you can click the arrow next to the SSID of an AP and perform a similar procedure.

Works for me.

As in regards to the randomisation of the MAC - i do it out of paranoia. If you are practicing on your own gear - who cares. For some reason that button does not work for me...

~confuded

[confuded]

Is this intended behaviour, that the recon scan find the open APs created by PineAP? Shouldn't the MAC address be filtered out from the recon list?

Not quite sure if this is a bug or intended functionality. I already know that PineAP is broadcasting those SSIDs and know how many clients are connected to PineAP. The only useful purpose I can see, is to know which clients connected to which spoofed SSIDs.

~confuded

[zoro25]

Yes testing on my own devices.

I have tried all PineAp combinations and still nothing, also I shouldn't have to deauth as I purposely have my devices not connected to my main protected AP so they should be looking for any open AP they have saved.

But the Nano never sees anything in PineAp mode.

I did a great on my mk5 this morning and on that device PineAp works fine, just the Nano giving issues.

I've also made sure that all filters are clear so I'm not just looking for a certain ssid or client but still no go.

I'm looking for a list of commands that I would need to replicate the behavior of PineAp as my guess is that the ui is doing something strange or there is some type of race condition happening when scripted commands are sent.

[M47H3W]

This could possibly be a bug. I have noticed this too.

[r3g3x]

Confuded:

For any client AP's that use WPA they cannot connect to PineAP because of the shared secret or certificate? If I have a client and it does not have an open network in the PNL it cannot connect to the NANO?

Is that correct?

Jim

[confuded]

Confuded:

For any client AP's that use WPA they cannot connect to PineAP because of the shared secret or certificate? If I have a client and it does not have an open network in the PNL it cannot connect to the NANO?

Is that correct?

Jim

This isn't so relevant to the thread... but as far as I can understand, yes. You can associate a client theoretically with your rogue AP, but your AP has no idea what the client is saying since its encrypting the traffic. I don't know which precisely which portion is the problem and is probably different for different protocols (WPA, WEP), but the basic point is clear anyway.

On a side note, if you have the time I am at the moment watching this DefCon 23 where Darren and Sebastian talk about the Pineapple and describe some of the implementation and a lot of the basics quite nicely - very helpful to understand how some of the options work to know how to use them effectively.

~confuded

[confuded]

As in regards to the randomisation of the MAC - i do it out of paranoia. If you are practicing on your own gear - who cares. For some reason that button does not work for me...

~confuded

It actually does work - you just have to wait a few seconds ^_^. So impatient nowadays with all this fastness of processing and internet...

Sorry zoro25 for hijacking your post. I just booted my pineapple to see if I can find something to help you (don't bet on it though - i am not proficient with the command line tools underlying the pineapple).

~confuded