Jump to content

Modules Requests Discussion


WiFiJuice

Recommended Posts

15 hours ago, NovaSam said:

Enjoy Wifite goodness,

opkg update

opkg install reaver

wget https://raw.github.com/psyvisions/wifite/master/wifite.py

mv wifite.py /bin/

cd ..

cd /bin/

chmod +x wifite.py

wifite.py -mac -aircrack

Pretty neat my only problem with wifite is that most of the time it's been a hit and miss.

for example their have been times where its failed to capture a handshake and I have manually ran the airodump-ng and replay-ng and gotten the handshake with no problems also wifite doesn't really work to well with the pixiewps attack it's been hit and misses with that personally I've had better luck with https://github.com/aanarchyy/bully when it comes to wps attacks it will either work or not find the pin and that happens normally within the first 45 seconds of running the tool.

Link to comment
Share on other sites

  • 3 weeks later...

The pineapple is an evil twin attack on steroids. If you want to ask for a wifi password then just install Evil Portal and create a nice looking portal for them to enter their wifi password.

Link to comment
Share on other sites

  • 2 weeks later...

With DeadUpdate having come out recently, the first thing I thought was to build a module for the pineapple. I haven't had the chance to pick up a new nano yet so I'm not able to develop it right now, but I figured I'd drop the idea here in case anyone else wanted to run with it :) Though one interesting thing to note is that since this is a vulnerability in an automatic updater tool, it's likely that it'll automatically be patched and end users would be none the wiser. So it's debatable how useful a module such as this might be.

 

TL;DR push arbitrary executables to ASUS laptops for fun and profit.

 

Link to comment
Share on other sites

  • 4 weeks later...
15 minutes ago, ale said:

You've said it "it's debatable how useful a module such as this might be" 

I did indeed say that. It's hard to know how long a bug will stay valid when that bug is in software that is literally designed to automatically update.

Link to comment
Share on other sites

  • 3 weeks later...

I know its not using the web UI but I like using Horst on a terminal UI from my tetra as a similar tool.
I find using a 3rd radio (wlan2mon) can be a bit choppy with update frequency (guess USB issue) but if your not using wlan1mon for anything else and use it for Horst its flawless. Not tried it on the Nano yet tho so not sure how it would perform.

https://wiki.openwrt.org/doc/howto/wireless.tool.horst

Link to comment
Share on other sites

23 minutes ago, Just_a_User said:

I know its not using the web UI but I like using Horst on a terminal UI from my tetra as a similar tool.
I find using a 3rd radio (wlan2mon) can be a bit choppy with update frequency (guess USB issue) but if your not using wlan1mon for anything else and use it for Horst its flawless. Not tried it on the Nano yet tho so not sure how it would perform.

https://wiki.openwrt.org/doc/howto/wireless.tool.horst

Great info, thanks! I'll check it out and report back how this performs on the Nano. 

  • Upvote 1
Link to comment
Share on other sites

Can confirm it seems to run well on the nano. For the benefit of anyone in my (previous) shoes:

Install

opkg update
opkg install horst

Run Horst

iw wlan1 interface add mon0 type monitor
horst -i mon0

 

Haven't yet confirmed whether output can be logged to file or work with GPS, which was my original intent with Kismet.

Link to comment
Share on other sites

  • 3 months later...

Hey guys, 

Just started writing my first module for the NANO. I'm quite new to php, html and js. Maybe thats why I encountered some little problems here and there.

The biggest one in the moment is: If I get the module on my NANO and try to open it - nothing happens. I assume I've got a syntax error or something, but just cant find it. 

Is there a way to get some output, so I see the error messages that would pop up ?

Or maybe someone of you could help me with my code. Its here on github: https://github.com/nrohsak/TestModule

Thanks in advance 

greetings nrohsakul

Link to comment
Share on other sites

Hey nrohsakul,

You can see JS errors in your browsers developer console

https://developer.chrome.com/devtools

https://developer.mozilla.org/en-US/docs/Tools/Browser_Console

And I recommend showing PHP errors

nano /etc/php.ini

press crtl + w and search for "display_errors" and set it to "On"

display_errors = On

then restart nginx

/etc/init.d/nginx restart

Now your developer environment should be all good to go!

Link to comment
Share on other sites

11 minutes ago, newbi3 said:

Hey nrohsakul,

You can see JS errors in your browsers developer console

https://developer.chrome.com/devtools

https://developer.mozilla.org/en-US/docs/Tools/Browser_Console

And I recommend showing PHP errors


nano /etc/php.ini

press crtl + w and search for "display_errors" and set it to "On"


display_errors = On

then restart nginx


/etc/init.d/nginx restart

Now your developer environment should be all good to go!

 Thank you very much newbi3 ! 

Found the mistake in under a minute with your advice.

Now I'm facing the next problem..

I got this Button:

<button type="button" class="btn btn-sm" ng-show="scanning" ngclick="abortScan()">Stop Scan</button>
$scope.abortScan = (function() {
      $api.request({
        module: 'Wardriver',
        action: 'abortScan'
      });
      
      $scope.scanning = false;
  });
private function abortScan()
    {
      exec("killall -9 airodump-ng && mv /pineapple/api/wardrive-01.kismet.csv /pineapple/modules/Wardriver/log/");
    }

Which should kill airodump-ng and move the log to the logs dir. But when I press it, nothing happens. 

Any Ideas ?

Link to comment
Share on other sites

You module.php file needs to implement the route() method

http://wiki.wifipineapple.com/#!./creating_modules.md#module.php

this method is what maps an action in the request to a function that gets called

public function route()
{
	// create a case for each possible action passed in the request
	switch($this->request->action) {
		// what happens when an "abortScan" action is requested
		case "abortScan":
			// call the abortScan method
			$this->abortScan();
			// break the case - don't forget to do this otherwise what ever case comes next will also get called
			break;
	}
}

 

Link to comment
Share on other sites

1 minute ago, newbi3 said:

You module.php file needs to implement the route() method

Got that already. Sorry that I'd only showed the function to you. 

That would be my whole module.php:

<?php namespace pineapple;

class Wardriver extends Module
{
    public function route()
    {
        switch ($this->request->action) {
            case 'scanForNetworks':
              $this->scanForNetworks();
              break;
            case 'abortScan':
              $this->abortScan();
              break;
        }
    }

    private function scanForNetworks()
    {
      $this->execBackground("airodump-ng --write wardrive --output-format kismet wlan1mon &> /dev/null ");
    }

    private function abortScan()
    {
      exec("killall -9 airodump-ng && cp -f /pineapple/api/wardrive-* /pineapple/modules/Wardriver/log/");
    }
}

 

Link to comment
Share on other sites

It might be working, one thing you arent doing is giving a response back.

private function abortScan()
{
	exec("killall -9 airodump-ng && cp -f /pineapple/api/wardrive-* /pineapple/modules/Wardriver/log/");
	// give some sort of response back
	$this->response = array("aborted" => true);
}

and then handle the response in your JS

$scope.abortScan = (function() {
      $api.request({
        module: 'Wardriver',
        action: 'abortScan'
      }, function(response){
        console.log(response);
        if (response.aborted) {
			$scope.scanning = false;
        }
      });
});

 

Link to comment
Share on other sites

18 minutes ago, nrohsakul said:

Just tried it out. But still nothing. Not even the logs get moved..

Thanks for your help though. Argh I guess it's something really easy so nobody gets it.

 

Test if your abortScan method is getting called by writing something to a file

Link to comment
Share on other sites

private function abortScan()
{
    // this will write to a file in /tmp called does_it_work.txt
    // if the abortScan method is getting called then this file will exist
    file_put_contents("/tmp/does_it_work.txt", "this function got called!");

	exec("killall -9 airodump-ng && cp -f /pineapple/api/wardrive-* /pineapple/modules/Wardriver/log/");

	// give some sort of response back
	$this->response = array("aborted" => true);
}

you can also test by starting airodump and then checking if its still running from the command line after the abortScan method is called

ps | grep airodump

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...