Jump to content

PKMID Attack with Pineapple Mark VII?


NoPineapplePizza
 Share

Recommended Posts

10 minutes ago, NoPineapplePizza said:

Anyone able to help me through the PKMID Attach with a Pineapple Mark  VII?   Tried instructions for the Nano here, but was unable to install hcxtools.  Thanks!

https://forums.hak5.org/topic/44213-pmkid-attack-on-wifi-pineapples/

Sorry  PMKID attack.

10 minutes ago, NoPineapplePizza said:

 

 

Link to comment
Share on other sites

  • 1 month later...

The link you mentioned is a bit outdated, its no surprise it wont work. I don't own a mark 7, cant make a detailed tutorial. 

hcxpcaptool -z test.16800 test.pcapng 

This wont work as it was an older script. A good example is:

hcxpcapngtool -o test.22000 test.pcapng

use hcxpcapngtool -h for more info.. 

The hashcat command should also be changed of course, use hashcat -h to learn more.

Best of luck

 

Link to comment
Share on other sites

I got hcxdumptool installed just fine. The rest of the install throws an error about unknown package "hcxtools" but all you really need is the dumptool on the pineapple.  You can process the output on another computer where the full suite is installed anyway.

Here's what I did if anyone really needs to know.

Make sure that your pineapple has an internet connection.

SSH into your pineapple

ssh root@172.16.42.1

Download and install Git cuz it's not present on the pineapple. Then download the OpenWRT hcxtools package maintained by @Zylla

(githubuser adde88). Finally use the included install script after CDing into the new install directory. 
 

opkg install git git-http

git clone https://github.com/adde88/hcxtools-hcxdumptool-openwrt.git

cd hcxtools-hcxdumptool-openwrt

./INSTALL.sh

 

Try it out with something like:

hcxdumptool -o output.pcapng -i wlan1 -t 5 --enable_status=3

I'm trying to write this from memory so please correct me if I hiccuped anywhere.

Edited by whizdumb
Added git-http package to opkg.
Link to comment
Share on other sites

  • 1 year later...

How would you use hcxdumptool filters or BPF to avoid knocking your own device off of the wireless management interface when running hcxdumptool? I am unsure which interface's MAC address to filter to avoid interfering with hcxdumptool's activities while maintaining a wireless management connection. Currently, running hcxdumptool is only working through a wired connection. If I run it while managing the device wireless I am forced to restart the MK7 because the management interface becomes inaccessible. Thanks.

Link to comment
Share on other sites

9 hours ago, dark_pyrro said:

Have you tried using filterlist_ap and filtermode?

--filterlist_ap=[MAC address of mgmt AP] --filtermode=1

wlan0-1 should be used for the management AP

Thanks for the info, I will try this.

Link to comment
Share on other sites

10 hours ago, dark_pyrro said:

Have you tried using filterlist_ap and filtermode?

--filterlist_ap=[MAC address of mgmt AP] --filtermode=1

wlan0-1 should be used for the management AP

I tried this but I still get ejected off the management interface when connected wireless via my cell phone. Do I need to add my cell phone to the filter list also using --filterlist_client=<client MAC> ?

I appreciate your help so much, thanks!

Link to comment
Share on other sites

26 minutes ago, dogtoe23 said:

I tried this but I still get ejected off the management interface when connected wireless via my cell phone. Do I need to add my cell phone to the filter list also using --filterlist_client=<client MAC> ?

I appreciate your help so much, thanks!

This was my output:image.thumb.png.39544c9679d5488ce22116317989d6d7.png

Link to comment
Share on other sites

wlan1 is probably occupied by pineap if you haven't added any extra WiFi USB adapter. If you, for example, add a compatible 5 GHz USB WiFi adapter as wlan3, then wlan1 may be free to use for other things, such as hcxdumptool (or the other way around)

Link to comment
Share on other sites

  • 1 month later...
On 10/19/2020 at 5:34 PM, whizdumb said:

I got hcxdumptool installed just fine. The rest of the install throws an error about unknown package "hcxtools" but all you really need is the dumptool on the pineapple.  You can process the output on another computer where the full suite is installed anyway.

Here's what I did if anyone really needs to know.

Make sure that your pineapple has an internet connection.

SSH into your pineapple

ssh root@172.16.42.1

Download and install Git cuz it's not present on the pineapple. Then download the OpenWRT hcxtools package maintained by @Zylla

(githubuser adde88). Finally use the included install script after CDing into the new install directory. 
 

opkg install git git-http

git clone https://github.com/adde88/hcxtools-hcxdumptool-openwrt.git

cd hcxtools-hcxdumptool-openwrt

./INSTALL.sh

 

Try it out with something like:

hcxdumptool -o output.pcapng -i wlan1 -t 5 --enable_status=3

I'm trying to write this from memory so please correct me if I hiccuped anywhere.

Sorry to revive an old thread, but it looks like it was updated not too long ago. Anyway, when attempting to install, I get 'Unknown package *' and 'Cannot install package *.'

Link to comment
Share on other sites

On 6/15/2022 at 11:36 PM, DramaKing said:

Sorry to revive an old thread, but it looks like it was updated not too long ago. Anyway, when attempting to install, I get 'Unknown package *' and 'Cannot install package *.'

Never mind. I forgot to run 'opkg update.'

Link to comment
Share on other sites

On 5/13/2022 at 11:12 AM, dogtoe23 said:

I tried this but I still get ejected off the management interface when connected wireless via my cell phone. Do I need to add my cell phone to the filter list also using --filterlist_client=<client MAC> ?

I appreciate your help so much, thanks!

After some testing, I only got one PMKID and then had to pull the plug on the Pineapple. I tried button scripts, but nothing seemed to happen. Maybe I need to give the full path to the executable? If I'm understanding the developer correctly from this ticket, --filtermode doesn't have an effect, and BPFs should be used instead. Only hcxdumptool cannot read BPFs, no doubt because the repo only has v. 6.0.5(?), instead of 6.2.6.

Edited by DramaKing
Add link
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...