Forkish Posted April 23, 2016 Share Posted April 23, 2016 (edited) I'm creating this thread for myself and others that are newish to the Pineapple, Openwrt, CLI and linux. Please apply salt as this will probably be an ongoing thread. I tend to jump the gun with garishly heavy hands, often accompanied with moith feet. I come from a background of outsourcing, photography and color correction. None of which speak Linux or networking and nary a command line. (I did create a batch file once that deletes massive Lightroom catalogs in minutes; doesn't count though). I learn quickly but it's been slightly more than hairy. here are some of the Linux tools that the nano can utilize. The links go to the tool via kali.org tool page. PineAP - PineAP is a highly effective rogue access point suite for the WiFi Pineapple. Nmap - Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. p0f - P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way responder - This tool is first an LLMNR and NBT-NS responder, it will answer to *specific* NBT-NS (NetBIOS Name Service) queries based on their name suffix. SSLsplit - SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. SSLstrip - sslstrip is a tool that transparently hijacks HTTP traffic on a network, watch for HTTPS links and redirects, and then map those links into look-alike HTTP links or homograph-similar HTTPS links. | Not in the module list but will be soon (https://forums.hak5.org/index.php?/topic/37077-sslstrip/) Aircrack-ng - Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. wifite - To attack multiple WEP, WPA, and WPS encrypted networks in a row. BeEF - Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors | Not a module but possible to use for the landing page. I just installed it and will play with it some. Not really sure of the extent of it's abilities.. PixieWPS - Pixiewps is a tool written in C used to bruteforce offline the WPS pin exploiting the low or non-existing entropy of some APs (pixie dust attack). | Not available yet, but will be ported over soon. This is all I know of so far. For more information about your modules, check out the Nano/tetra modules thread here. I'll try to keep this updated if my focus stays focused. There are a ton of great videos in these forums so use the search and as always, Keep Practe. Edited January 22, 2018 by Spoonish Updated my intent with this thread. 1 2 Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.