sbb Posted April 6, 2017 Share Posted April 6, 2017 I received my Nano a few days ago and watched several videos on the site to make sure I was up to speed when it arrived. I got it all set up and installed a few modules. From here, I ran recon and saw all of the results in my area. Many of them were my own but there were a couple in range from neighbors, one of which agreed to let me "audit" him. After adding all of the MAC addresses associated with his SSID to the "Allow Mode" client filtering, I waited... I have about 20 MAC addresses in my filter, a dozen SSID's in the Pine AP Pool (including his) as well as all of the options checked in the Pine AP section. When I view the near by wireless networks on my own phone, I see all of these Access Points being sent out as "Open" with the same names as the ones in the pool which is expected. With an up time of 29 hours, I have yet to have a single client connect to any of the AP's (other than myself as a test). I have restarted it several times as well as re-flashing the firmware today. Many of the SSID's in recon are Mixed WPA, WPA, and WPA2. From what I have read, this would only work with WPA due to the handshake? To make sure it wasn't just an issue with my friends SSID, I added several of the nearby ones to the pool (the clients connected to them). I have tried running Deauth through the scan results as well as the Deauth module. Am I doing something wrong here? I feel like the only way this will end up working is if some one in the area connects to one of the SSID's that are being emulated vs getting any existing connections to my AP. Just trying to see where I have went wrong here. Thanks for any info you can provide! Quote Link to comment Share on other sites More sharing options...
Just_a_User Posted April 6, 2017 Share Posted April 6, 2017 (edited) 5 hours ago, sbb said: I feel like the only way this will end up working is if some one in the area connects to one of the SSID's that are being emulated vs getting any existing connections to my AP you pretty much came to the conclusion by yourself :) Forcing clients off of a secured network isnt the real strength of the pineapples - not saying its not possible but in most cases the client devices prefer a secured network over an open one and have a stronger signal to them than your pineapple - your options are a deauth attack in the hope to harass a user enough to click connect to an open network. Or you can attempt a WPS attack (if WPS is enabled on network) or a more traditional handshake capture and take the successful capture and run a password brute force attack against it. Where the pineapples come into there own is around unassociated clients looking for known networks. - such as personal devices at a work office location. The real vulnerable clients are the ones who have associated with an open network in the past (these will mostly be picked up by the pineapple like a sponge soaking up water) Or you could try making a new network that a client might be looking for such as an open guest network in a lobby area of a corporation that actually has no guest wifi. Keep it legal :) Edited April 6, 2017 by Just_a_User 1 Quote Link to comment Share on other sites More sharing options...
drowZ Posted April 14, 2017 Share Posted April 14, 2017 I had a similar problem when first setting up mine, until I realised that the network that Darren used in his starter video was open. I went to a shopping center the other day, and at one point I managed to get around 15 clients connected to me, through 5 different networks. Obviously, the only reason this had worked, was because all of the networks the devices were connecting to were open, but beside that, it worked like a charm... Quote Link to comment Share on other sites More sharing options...
sbb Posted April 14, 2017 Author Share Posted April 14, 2017 21 minutes ago, drowZ said: I had a similar problem when first setting up mine, until I realised that the network that Darren used in his starter video was open. I went to a shopping center the other day, and at one point I managed to get around 15 clients connected to me, through 5 different networks. Obviously, the only reason this had worked, was because all of the networks the devices were connecting to were open, but beside that, it worked like a charm... Awesome, I assumed that a public location or a de-auth would be the best way to do it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.