Jump to content

SSLStrip + DeAuth + PineAP All are not working


Recommended Posts

Hey Everyone,

I am using Mark V and Firmware Version: 2.4.0

I am able to set up successfully, internet is shared, infusions are installed etc. Even I am able to use the recon module but when I try to use PineAP its getting failed, not sure the reason why?

Even SSLStrip is not showing any logs etc.. It seems the SSLStrip is not working properly, however it shows that SSLStrip is started.

Even DeAuth is not working.

It seems none of the pentest tools working.

 

Can anyone help me??

Link to post
Share on other sites

Sounds like it's bugged 2 things you can try.

1. Unplug it wait 15 seconds plug it back it and try again.

2. Reset the pineapple back to default factory settings and try again.

Issue continues might be an issue with the pineapple, however it sounds like after you messed with the recon you might have triggered a bug that caused more issues when you tried using other infusions.

Also SSLStrip really doesn't work to well on modern browsers that have HSTS and cached history anyways.

As for deauth eh! you need to make sure your using the right interface if your using client mode then you can't use deauth without using a external compatible wireless card.

Because client mode shares your internet you can't use client mode and use deauth with the same antenna which is why you need a 3rd wireless card for the pineapple. 

Link to post
Share on other sites

Hey,

Thanks for the prompt response.

I tried but I am  not able to start "PineAP" and again "DeAuth" is not working

SSLStrip: Am able to sniff the communication (password etc) only for HTTP Sites, but when I tried to access any HTTPS Sites (non supporting HSTS) using safari browser then the page loads, loads and loads....which means am not able to access the login page itself !!

DeAuth: In my laptop, I have shared the internet connection with PineApple and accessing the pineapple access point via mobile. Now using DeAuth but getting the error "PineAP not started ...."

 

Any suggestion/videos where I can go through about DeAuth & PineAP Configuration ??

 

Link to post
Share on other sites

How are you getting your internet connection into the pineapple? If you are using wlan1 you might break some deauth functionality?

As for the https site reloading when using ssl strip. If the webserver is setup to reroute http traffic to https, by for example  using url rewrite or simular , you will end up in a infinitive loop. Ssl strip will reroute 443 to port 80 by  changing the url, and the webserver will redirect the client to back to https://somesite.com. SSL strip will kick back in and your browser ends up in a loop.

Link to post
Share on other sites

Hi Smarty,

I am sharing my Wireless Internet connection. Here is the architecture:

I am connected to my wireless network (internet) IP: 192.168.10.X

PineApple Wireless (without internet) IP: 172.16.42.1

Then I shared internet connection and configured the IP 172.16.42.42 [ Screenshots Attached ]

So, I can use internet into pineapple.

 

 

SSLStrip: I have used in Kali Linux where I need to change the route etc but here after seeing the videos I simply enabled SSLStrip and leads to infinite loop. Any video where I can configure the route in windows etc....

IP Config.png

Network Sharing.png

SSH - Internet Access.png

Link to post
Share on other sites

No need to change route on windows. If you have a second cliënt connected to the pineapple wich is able to use internet thru the pineapple you are fine. Otherwise use "route" on the pineapple to display its default gw route.

Try ssl strip on a diferent site and browser. I would use a second test client for it and not the windows laptop you use to share the connection.

As for pineapp, all i know is, it  needs the default network config to be intact to work. Dont know if it has additional logging, maybe check the modules directory if it has?

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...