ToxicPanda Posted October 1, 2020 Posted October 1, 2020 I like Hak5, I really do. I ordered the Rubber Ducky 10 kit and loved it, ordered the Elite kit and loved it. The only problem? I cannot justify 'upgrading' the WIFI pineapple as it just seems completely useless. I've had better luck using a WIFI adapter and Linux install in favor of the pineapple in the elite field kit for my engagements as I absolutely cannot rely on the pineapple. I've only ever read terrible things about them and they just seem like kind of a novelty and a fun conversation piece.. Besides being interesting to play around with it has never actually functioned as advertised. It doesn't always scan, doesn't save ssid and when connected to C2 which I paid $250 for it does not function what so ever, I made a post asking for help and just noticed that I got a reply claiming they could reproduce the issue a month and 2 weeks after posting.. I noticed after ordering and coming to the forums that there have been a lot of people disappointed with Hak5 products and I can't help but be surprised. I've always thought Hak5 was one of the best and usually everything I get from Hak5 is amazing! I'm just not sure if im a fan of the Pineapple anymore. I actually feel like this post ive quoted below is accurate.. Quote "Yeah there is no way I would take this into an engagement. I REALLY want to Pineapple to work, and I really wish it would. But it can't do 50% of the things it is supposed to out of the box, and I am not talking about 3rd party modules, The bread and butter of what the Pineapple should do is: 1. Enumerate APs and clients associated to those APs 2. Capture and broadcast the SSIDs of the APs it has discovered 3. Deauth clients in order to get them to connect to the Pineapple's rogue SSIDs. It does point 1 perfectly. Points 2 and 3, not so much. 2. It can't even properly take an SSID and load it into the pool without corrupting the name. This is just poor coding. 3. It cannot dauth anything. I mean nothing. I made a small deauther using a Nodemcu Amica, and it works better than the Pineapple, and it didn't cost 200USD. I own several Rubber Duckies and those are excellent pentesting tools, so long as you write your scrips and customise your attacks depending on your target. I cannot say the same for the Pineapple. Much hype, little delivery. It's actually disappointing that Darren refuses to acknowledge this problem. " --- binned. /rant
DF00 Posted October 1, 2020 Posted October 1, 2020 I find the Tetra doing points 1-3 above very well... I am not seeing the same from the Mk7, while I had wished there woudnt be a whole new level newness to the Mk7 due to how solid I felt the Tetra 2.7 Firmware release was - it does seem we are in a very early adoption phase of dealing with newness of product and software instead of it building against what was already worked on for the Tetra. To each their own - good luck with your efforts...
ToxicPanda Posted October 1, 2020 Author Posted October 1, 2020 6 minutes ago, DF00 said: I find the Tetra doing points 1-3 above very well... I am not seeing the same from the Mk7, while I had wished there woudnt be a whole new level newness to the Mk7 due to how solid I felt the Tetra 2.7 Firmware release was - it does seem we are in a very early adoption phase of dealing with newness of product and software instead of it building against what was already worked on for the Tetra. To each their own - good luck with your efforts... Thank you for the reply, I will definitely have a look at running the tetra 2.7 with updated C2. I'll be honest though, it is rather alarming that they are so quick to hype it up and sell it to their fans when it is not ready yet. Especially weird cause they are releasing an enterprise edition that my company would laugh at if they saw someone using it in the field.. lol Can I ask if you have any favorite modules you swear by or what your favorite thing to do with the pineapple is? I avoid using it for any kind of engagements because of the luck I've had using it but definitely tempted to keep trying.
DF00 Posted October 1, 2020 Posted October 1, 2020 I am specifically using it for the PineAP, broadcast and capture SSIDs, capture of the handshakes, deauth and site survey stuff... I havent gotten involved with the C2 stuff...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.