Jump to content

Pinesniffer consuming too much CPU


bad2da
 Share

Recommended Posts

Hello,

I've noticed that pinesniffer is consuming quite a bit of CPU, to a point where the nano becomes unusable and doesn't even update the web interface any longer. There also seems to be a bug in 1.13 which backgrounds continuous scans and doesn't report ones already running, resulting in multiple pinesniffer processes running in the background, bricking the Nano. Commands such as ifconfig cannot run and the Dashboard will not show any data for uptime, connected clients or SSID's in pool until the recon has finished or been killed. The CPU consumption also seems to hurt pinesniffer which cannot report back all available AP's and just presents a subset of them.

root@Pineapple:~# ps w
  PID USER       VSZ STAT COMMAND
    1 root      1412 S    /sbin/procd
    2 root         0 SW   [kthreadd]
    3 root         0 SW   [ksoftirqd/0]
    5 root         0 SW<  [kworker/0:0H]
    7 root         0 SW<  [khelper]
   59 root         0 SW<  [writeback]
   60 root         0 SW<  [bioset]
   64 root         0 SW<  [kblockd]
   66 root         0 SW   [kswapd0]
   67 root         0 DW   [kworker/0:1]
   68 root         0 SW   [fsnotify_mark]
   70 root         0 SW   [spi0]
  243 root         0 SW<  [deferwq]
  301 root         0 SW   [kworker/0:2]
  327 root         0 SWN  [jffs2_gcd_mtd3]
  382 root       892 S    /sbin/ubusd
  467 root       772 S    /sbin/askfirst /bin/ash --login
  696 root         0 SW<  [cfg80211]
  717 root         0 SW<  [rpciod]
  748 root         0 SW<  [nfsiod]
  924 root         0 SW<  [kworker/0:1H]
 1044 root      1044 S    /sbin/logd -S 16
 1076 root      1564 S    /sbin/netifd
 1124 nobody     792 S    /usr/sbin/atd
 1140 root      1380 S    /usr/sbin/crond -f -c /etc/crontabs -l 5
 1151 root         0 SW   [scsi_eh_1]
 1152 root         0 SW<  [scsi_tmf_1]
 1153 root         0 SW   [usb-storage]
 1276 root      3780 S    nginx: master process /usr/sbin/nginx
 1278 root      4228 S    nginx: worker process
 1709 root     11116 S    php-fpm: master process (/etc/php5-fpm.conf)
 1739 root      3284 S    /usr/sbin/sshd -D
 1936 root      1380 S    /usr/sbin/ntpd -n -S /usr/sbin/ntpd-hotplug -p 0.openwrt.pool.ntp.org -p 1.openwrt.pool.ntp.org -p 2.open
 1997 root      1816 S    /usr/sbin/wpa_supplicant -B -P /var/run/wpa_supplicant-wlan2.pid -D nl80211 -i wlan2 -c /var/run/wpa_supp
 2072 root      1872 D    /usr/sbin/hostapd -P /var/run/wifi-phy0.pid -B /var/run/hostapd-phy0.conf
 2158 root      1380 S    udhcpc -p /var/run/udhcpc-wlan2.pid -s /lib/netifd/dhcp.script -f -t 0 -i wlan2 -C
 2201 root       788 S    log_daemon /tmp/pineap.log 30
 2246 nobody     932 S    /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf -k -x /var/run/dnsmasq/dnsmasq.pid
 2561 root     12364 S N  /usr/sbin/pineap 11 00:C0:CA:8F:6B:29
 2581 root      1052 S N  /usr/sbin/pinejector wlan1mon
 2591 root         0 SW   [kworker/0:0]
 2619 root         0 SW   [kworker/u2:2]
 2631 root         0 SW   [kworker/u2:0]
 2749 root      5884 S    sshd: root@pts/0
 2751 root      1388 S    -ash
 2787 root     11376 S    php-fpm: pool www
 2823 root         0 SW   [kworker/0:3]
 2824 root     11484 S    php-fpm: pool www
 2999 root     11376 S    php-fpm: pool www
 3020 root         0 SW   [kworker/u2:1]
 3104 nobody     796 S    /usr/sbin/atd
 3105 root      1380 S N  sh
 3106 root      6640 S N  pinesniffer wlan1mon 120 0 /tmp/recon-538267047
 3118 root      1380 D    ifconfig
 3119 root      5868 S    sshd: root@pts/1
 3121 root      1384 S    -ash
 3126 root      1380 R    ps w
                                     
root@Pineapple:~# uptime
 21:41:44 up  1:44,  load average: 2.70, 2.78, 2.03

dmesg reports some timeouts during the scan

[  143.810000] device wlan1mon entered promiscuous mode
[  663.150000] rtl_usb: reg 0x820, usbctrl_vendorreq TimeOut! status:0xffffff6f value=0xf7900f0
[  673.150000] rtl_usb: reg 0x8b8, usbctrl_vendorreq TimeOut! status:0xffffff6f value=0x4f132b09
[  683.150000] rtl_usb: reg 0xc80, usbctrl_vendorreq TimeOut! status:0xffffff6f value=0xf4085c00
[  693.150000] rtl_usb: reg 0xa24, usbctrl_vendorreq TimeOut! status:0xffffff6f value=0x4f000000

ifconfig

root@Pineapple:~# ifconfig
br-lan    Link encap:Ethernet  HWaddr 00:C0:CA:8F:97:D3
          inet addr:172.16.42.1  Bcast:172.16.42.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13160 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7687 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:16102078 (15.3 MiB)  TX bytes:1025153 (1001.1 KiB)

eth0      Link encap:Ethernet  HWaddr 00:C0:CA:8F:97:D3
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:4

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:35 errors:0 dropped:0 overruns:0 frame:0
          TX packets:35 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2893 (2.8 KiB)  TX bytes:2893 (2.8 KiB)

wlan0     Link encap:Ethernet  HWaddr 00:C0:CA:8F:6B:29
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13158 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7770 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:16286278 (15.5 MiB)  TX bytes:1186356 (1.1 MiB)

wlan0-1   Link encap:Ethernet  HWaddr 02:C0:CA:8F:6B:29
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:128 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:10861 (10.6 KiB)

wlan1mon  Link encap:UNSPEC  HWaddr E4-6F-13-2A-75-02-00-44-00-00-00-00-00-00-00-00
          UP BROADCAST NOTRAILERS RUNNING PROMISC ALLMULTI  MTU:1500  Metric:1
          RX packets:264789 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:62670025 (59.7 MiB)  TX bytes:0 (0.0 B)

wlan2     Link encap:Ethernet  HWaddr 00:C0:CA:8F:81:13
          inet addr:192.168.0.110  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:24247 errors:0 dropped:5 overruns:0 frame:0
          TX packets:21427 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4678590 (4.4 MiB)  TX bytes:19794120 (18.8 MiB)

/etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option channel '11'
        option hwmode '11g'
        option path 'platform/ar933x_wmac'
        option htmode 'HT20'

config wifi-iface
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option ssid 'Pineapple_6B29'
        option encryption 'none'
        option hidden '1'

config wifi-iface
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option encryption 'psk2+ccmp'
        option ssid 'To fly for a WiFi'
        option key '99%FulSocker!'
        option disabled '0'

config wifi-device 'radio1'
        option type 'mac80211'
        option channel '11'
        option hwmode '11g'
        option path 'platform/ehci-platform/usb1/1-1/1-1.3/1-1.3:1.0'
        option htmode 'HT20'

config wifi-iface
        option device 'radio1'
        option ifname 'wlan1'
        option network 'lan'
        option mode 'sta'
        option ssid 'Pineapple_7502'
        option encryption 'none'

config wifi-device 'radio2'
        option type 'mac80211'
        option channel '11'
        option hwmode '11g'
        option path 'platform/ehci-platform/usb1/1-1/1-1.1/1-1.1:1.0'
        option htmode 'HT20'

config wifi-iface
        option device 'radio2'
        option ifname 'wlan2'
        option mode 'sta'
        option network 'wan'
        option ssid 'noʎ ʞɔɐɥ ןןıʍ ı'
        option encryption 'psk2+ccmp'
        option key 'notgoingtosharethat'

Trying to load the network page using the web interface results in several processes waiting to run:

 3672 root      4592 S N  pinesniffer wlan1mon 60 0 /tmp/recon-385629274
 3683 root      1380 S    sh -c iwconfig 2>&1 | grep ESSID:\"
 3684 root       964 D    iwconfig
 3685 root      1376 S    grep ESSID:"
 3686 root      1380 S    sh -c ifconfig | grep encap:Ethernet | awk "{print \$1}"
 3687 root      1380 D    ifconfig
 3688 root      1376 S    grep encap:Ethernet
 3689 root      1380 S    awk {print $1}
 3702 root      1380 S    sh -c ifconfig -a | grep wlan | awk '{print $1" "$5}'
 3703 root      1380 D    ifconfig -a
 3704 root      1376 S    grep wlan
 3705 root      1380 S    awk {print $1"  $5}
 3706 root     11444 S    php-fpm: pool www
 3707 root      1380 S    sh -c ifconfig -a
 3708 root      1380 D    ifconfig -a
 3709 root     11636 S    php-fpm: pool www
 3710 root      1380 S    sh -c ifconfig | grep encap:Ethernet | awk "{print \$1}"
 3711 root      1380 D    ifconfig
 3712 root      1376 S    grep encap:Ethernet
 3713 root      1380 S    awk {print $1}
 3714 root      1380 R    ps w

And in even worse scenarios, the next pinesniffer session starts before the last one stops which will eventually brick the Nano

 

 3870 root      6640 S N  pinesniffer wlan1mon 60 0 /tmp/recon-1140408413
 3871 nobody     796 S    /usr/sbin/atd
 3872 root      1380 S N  sh
 3873 root      6640 S N  pinesniffer wlan1mon 60 0 /tmp/recon-1942950050
 3876 nobody     796 S    /usr/sbin/atd
 3877 root      1380 S N  sh
 3878 root      6640 D N  pinesniffer wlan1mon 60 0 /tmp/recon-1199643600
 3897 nobody     796 S    /usr/sbin/atd
 3898 root      1380 S N  sh
 3899 root      2544 D N  pinesniffer wlan1mon 60 0 /tmp/recon-1082710631
 3908 root      1380 S    sh -c ifconfig 'wlan0' | grep HWaddr | awk '{print $5}'
 3909 root      1380 D    ifconfig wlan0
 3910 root      1376 S    grep HWaddr
 3911 root      1380 S    sh -c ifconfig 'wlan0' | grep HWaddr | awk '{print $5}'
 3912 root      1380 S    awk {print $5}
 3913 root      1380 D    ifconfig wlan0
 3914 root      1376 S    grep HWaddr
 3915 root      1380 S    awk {print $5}
 3916 root      1380 S    sh -c ifconfig 'wlan0' | grep HWaddr | awk '{print $5}'
 3917 root      1380 D    ifconfig wlan0
 3918 root      1376 S    grep HWaddr
 3919 root      1380 S    awk {print $5}
 3920 root      1380 S    sh -c ifconfig 'wlan0' | grep HWaddr | awk '{print $5}'
 3921 root      1380 D    ifconfig wlan0
 3922 root      1376 S    grep HWaddr
 3923 root      1380 S    awk {print $5}
 3924 root      1380 S    sh -c ifconfig 'wlan0' | grep HWaddr | awk '{print $5}'
 3925 root      1380 D    ifconfig wlan0
 3926 root      1376 S    grep HWaddr
 3927 root      1380 S    awk {print $5}
 3928 root      1380 R    ps w

 

Link to comment
Share on other sites

The first thing that comes to my mind as it is running linux is: 'nice'

nice is a command that can limit a process/background-process cpu-usage.
which also works quite "nice" (no pun intended) on the Pineapples! :)

Maybe Pinesniffer should be run with that command? :)

Link to comment
Share on other sites

Good find. I'll do some experimenting very soon.

48 minutes ago, Zylla said:

The first thing that comes to my mind as it is running linux is: 'nice'

nice is a command that can limit a process/background-process cpu-usage.
which also works quite "nice" (no pun intended) on the Pineapples! :)

Maybe Pinesniffer should be run with that command? :)

This is not a good fix. Maybe a better fix would be to stop the incomplete processes once navigating away from the recon page.

Link to comment
Share on other sites

  • 3 weeks later...

I have to say that trying to get support for a Nano that doesn't work as described on the company website, despite being extremely thorough, seems to be quite impossible. I have emailed various different contacts at Hak5, tried to reach people here on the forums, talked to people on IRC. But, nothing, Hak5 is NOT committed to their community or their customers. Its gone as far that I've now had to open a dispute using Paypal because Hak5 will not even honor their hardware warranty!

This was a huge disappointment!

Edited by bad2da
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...