Jump to content

Tetra PineAP attack issues


mr_shades
 Share

Recommended Posts

I've been following the video from Hak5 regarding using recon and PineAP to deauth and then capture clients in the pineapple tetra but cannot seem to actually capture any clients. The pineapple works well otherwise and the access point also works as intended. The landing page works when connecting to the access point from a client as well. I've been testing this on my home network to become more familiar with my pineapple and have been using an open 2.4GHz connection for the tests. In recon mode I can find my target and the MAC address, follow along in the video and everything else seems to work fine, but upon using the Deauth feature in recon the device simple reconnects after a few seconds and not to the pineapple. This is with the proper address in my filters and the allow setting turned on as well. Has anyone run into this issue or know of a fix? I do know the video is well over a year old so there may be some changes since then or something I'm missing but so far my searches have yielded little information that I've been able to use.

Link to comment
Share on other sites

AFAIK it will only work on clients already connected to "open networks". If a client is connected to a WAP* Secured network, it wont connect to a rouge AP with the same SSID.

The user has to explicit choose to connect the the "open" rouge SSID...    In my view, this is not likely to happen.

One solution is to install the module "site survey" and capture enough "IV's" to crack the WPA* hash...    (recommend onlinehashcrack.com - under 8 caracters its free)
(Take a look at this video)


Once you have cracked the WPA hash, set up a rouge AP, as a secured network, using the cracked key.
This should now make your targets (the wifi clients) connect to your AP if the signal is stronger.

Whats missing.:  I would like this option built ind to the Wifipineapple, so its not a manual process...   as far as i can tell (correct me if I'm missing somthing here) it is not possible to set a WPA key on the secondary WLAN adapter on the wifipineapple...   only on the management part.
This is in my oppinion, a critical function - hope it will come in the near future. 

Link to comment
Share on other sites

46 minutes ago, Cyberfox_DK said:

AFAIK it will only work on clients already connected to "open networks". If a client is connected to a WAP* Secured network, it wont connect to a rouge AP with the same SSID.

Thats what I was hinting at to the original poster. Its true for the devices I have tested but I have heard of a small number of devices that will still connect but im yet to see this with my own eyes.

46 minutes ago, Cyberfox_DK said:

One solution is to install the module "site survey" and capture enough "IV's" to crack the WPA* hash

Yep, another would be WPS attack but its mainly older routers that are vulnerable. Its actually surprising what WPS attacks sometimes works on still, like printers & IP cameras etc.

46 minutes ago, Cyberfox_DK said:

Once you have cracked the WPA hash, set up a rouge AP, as a secured network, using the cracked key.

This would be an EvilTwin attack and can be done with a module/modification called Networking plus

 

Edited by Just_a_User
  • Upvote 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...