Jump to content

MARK VII is Highly Disapointing Beta Device - Pretty Useless - No Packet Injection, No Modules, No Support, - Should Not be Released in Test Phase


ventures2021

Recommended Posts

Pretty disappointed with this new Pineapple not sure why they released it when it is pretty much useless. The only thing functioning on the current up to date Mark VII is recon scanning networks. Packet injection as in gathering WPA2 Handshakes is not functioning, very limited modules available, No Support for this "new" device and limited basic videos on its capabilities that don't function. Would not have bought this brick If I knew it was in this phase of completion. Greed seems to have caused them to release a broken product tbh.

Link to comment
Share on other sites

  • 2 weeks later...

I can see you're disappointed. I want to understand your frustration so we can do better. I put a lot into this product and feel that it's the best WiFi Pineapple yet -- both in terms of the hardware and software, and want the experience to be the best it can. I'll see to addressing your concerns:

 

- Packet injection does indeed work on all 3 interfaces. You can test this with the aireplay-ng -9 command.
- Gathering WPA2 handshakes is a passive process and does not require packet injection. Handshake capture does indeed work.
- We have a highly documented module API and went as far as to commission modules for launch by one of the communities best developers. If there is a specific module you want, please let us know and we will put resources behind that.
- The support for this device has not changed from the last generations of WiFi Pineapple, and you will find us responsive and helpful on the forums, in our Discord, and if you reach out to open a ticket.
- I believe the videos I've published should get you started with a good understanding of the basics. Otherwise, I'm confident that the user interface is intuitive enough to figure out -- but if there is a specific concern you have please share it, maybe it'll make for a good video topic.
- Greed? We're make *less* on each WiFi Pineapple generation than the one before because we *increase* the hardware capabilities, not to mention the non-recoverable engineering and software development costs. Over 7 generations now, with each new version, we've added physical radios, increased the CPU power, increased the RAM, increased the storage, refined the UI -- and we've never increased the price.

 

In short, you get out what you put in. Which is to say that if you constructively bring specific criticism it may be addressed thoughtfully, and you will find us very receptive to making the product and your experience with it better. But broad, emotional, "pretty useless" strokes don't lend to addressing your concerns.

Link to comment
Share on other sites

13 hours ago, Darren Kitchen said:

 

- Gathering WPA2 handshakes is a passive process and does not require packet injection. Handshake capture does indeed work.
 

I have been having just about zero luck with capturing handshakes. I have tried with various SSID and leaving it running for hours at a time then disconnecting devices and reconnecting them. The first time I tried I got 2 "half" handshakes (2 out of 4 packets captured), but I haven't got anything since despite multiple tests. No idea what I am doing wrong, I just do a scan, pick an SSID and it's associated AP, then turn on handshake capture. I am testing with SSID I control, so that I can disconnect/reconnect devices for testing. In addition I have tried on busy production wifi networks with similar (none) results.

The platform, compared to the previous generation seems quite empty/lacking compared to previous generation which is unfortunate. I had hoped the new gen would have compatibility with the previous modules/functions.

Speed on using the pineapple to "man in the middle" between rogue SSID and a working SSID with actual internet access is quite terrible from a performance standpoint. It is really slow, enough that I believe it would be instantly noticed during any red team activity.

The lack of AC for WiFi is puzzling and the add-on module is not available either. 

All of the above is from the context of using the GUI, so maybe that is part of the problem. Reading the forums it appears these issues I am experiencing are the ones many others are experiencing. Can you help?

Link to comment
Share on other sites

13 hours ago, Darren Kitchen said:

- The support for this device has not changed from the last generations of WiFi Pineapple, and you will find us responsive and helpful on the forums, in our Discord, and if you reach out to open a ticket.

In short, you get out what you put in. Which is to say that if you constructively bring specific criticism it may be addressed thoughtfully, and you will find us very receptive to making the product and your experience with it better. But broad, emotional, "pretty useless" strokes don't lend to addressing your concerns.

I'm not sure if we're all doing something wrong in the forums then, as I posted a pretty thorough explanation of a handshake issue and it hasn't got any response from those folks on the team. I thought it would be best to post in the forums as others are having this issue too it seams, so that we all can learn from whatever the solution is.

Is the forums not the best place for technical issues to be raised?

Link to comment
Share on other sites

 

15 hours ago, baseball said:

Hello Hak 5 team
I am new and very sincerely, I expected more modules and efficiency. Results, I don't even get full hash after a few hours ... Is there any way you can improve this? thank you

What module in particular were you looking for? 

Link to comment
Share on other sites

35 minutes ago, Darren Kitchen said:

 

What module in particular were you looking for? 

Just like to have 5GHz to used open access point.

just that will be nice..

But foxtrot decide the WHEN ,So he told me maybe version 1.10.0 and we are 1.0.2 mean in the next five years if lucky 😛 

It just sucks ,cause if i could do it i  would release it the how to already.

Link to comment
Share on other sites

11 hours ago, Darren Kitchen said:

 

What module in particular were you looking for? 

I have to agree Darren, there is no reaver, ssl strip,dns spoof modules which are some of the most important when it come to WiFi pen testing. I think the most disappointing to most people is they think these modules are on the mark 7 because of the videos we watch but your actually using a terra. The hardware isn’t an issue except the fact I sometime max out the ram or cpu because it starts to lag but all in all great product hardware wise

Link to comment
Share on other sites

I'm with @Darren Kitchen on this one. Things work. I got what I paid for. It's hard to buy 3 good wifi dongles for the price of this 3 radio device. I sell hardware from time to time and I honestly don't know how they turn of profit. As far as modules, if I want a module, I'll either write it or pay someone to do it. 

The platform is good agnostic hardware. My use cases are highly niche and change from week to week. The Pineapple has not forced me into a corner by being over bent towards a particular type of pentest. For the price, I cannot match the capability.

Link to comment
Share on other sites

On 3/11/2021 at 11:17 PM, ExR90 said:

I have been having just about zero luck with capturing handshakes. I have tried with various SSID and leaving it running for hours at a time then disconnecting devices and reconnecting them. The first time I tried I got 2 "half" handshakes (2 out of 4 packets captured), but I haven't got anything since despite multiple tests. No idea what I am doing wrong, I just do a scan, pick an SSID and it's associated AP, then turn on handshake capture. I am testing with SSID I control, so that I can disconnect/reconnect devices for testing. In addition I have tried on busy production wifi networks with similar (none) results.

The platform, compared to the previous generation seems quite empty/lacking compared to previous generation which is unfortunate. I had hoped the new gen would have compatibility with the previous modules/functions.

Speed on using the pineapple to "man in the middle" between rogue SSID and a working SSID with actual internet access is quite terrible from a performance standpoint. It is really slow, enough that I believe it would be instantly noticed during any red team activity.

The lack of AC for WiFi is puzzling and the add-on module is not available either. 

All of the above is from the context of using the GUI, so maybe that is part of the problem. Reading the forums it appears these issues I am experiencing are the ones many others are experiencing. Can you help?

It’s kinda crazy how everyone just skipped over this question

im in the same boat

haveing so many issues with this device

im new to it but I am constantly doing research trying to learn more

but I can barley capture any handshakes and I am constantly having to reboot the device because the recon says scanning but nothing comes up I let it run for 10 min sometimes with no luck

Since this is such a new device with a new layout it should be move tutorials on how to troubleshoot any problems, its so many instructional videos for older device but very very few for this

Link to comment
Share on other sites

I am also new,

I have seen on previous versos a lot more selection of tools and exploits, i would of amused the 7 would of had all the tools form previous version to make the tool
the best it can be from previous versions.

And how do you install extra modules that are not in the list i seen a few on other videos and cant find a repository for them ? i got a copy of the older field guide and its vage on things 😞

Cheers,

Mick

Link to comment
Share on other sites

Don't expect an old field guide to cover a new variant of the Pineapple even though there are similarities between them. It's like bringing forward a Nokia 8110 manual when you have a brand new iPhone. It will for sure be vague in some aspects.

What modules have you seen in videos that you can't find? Link/reference please...

What exact modules from previous generations would you like to have? Is it on a "nice to have basis" or on a "need to have" basis? What are you going to do with modules that are based on concepts that are obsolete since years?

I posted this on Discord yesterday, and it's still valid to me:

Quote

I guess the demand for modules has become some sort of "illness" as if volume itself is important ("if there's not a lot of modules, it's a bad product"), and in many cases ppl just don't really seem to know what they want to do with all the modules they want, they just want "a lot", because "a lot" is for some reason equal to "good", however, it's not about quantity, it's about quality and actual need

 

Link to comment
Share on other sites

Hi,

the most of modules were in the past nice to see but not really in practical use from most of people. 
The new UI seems more sorted and the first steps with the mk7 seems simplier to me.

Finally in the past I never took and recommended as a tool for professional use but more for awareness and other types of training.

Let's see what will possible with MK7 now and in the future.
 

Best Regards

 

c

 

 

Link to comment
Share on other sites

I'm also disappointed in the product.   After watching many videos waiting for my Mark 7 to arrive it's disappointing to learn that so many modules featured in videos are not available.    I would have though that many of the popular modules like SSL Strip would be comparable.     

Link to comment
Share on other sites

I've recieved my MK7 yesterday. Spend about 12 hours with it.

I was waiting for that stuff for about couple of years. I've paid 100$ for item and 100$ more for delivery. I love that thing from the dark interface to thick usb cable and pineapple stickers.

However.. my item seems very unstable for me. On 1.0.2 firmware actually. 1.0.1 wasn't fluctuating. Probably the reason is - i just don't understand what it's doing right now.

Initial setup. "push button once, to disable wifi..." You know that sometimes it goes to "disabled" mode even with button holded more that 5 seconds?

Maybe you need to just type "for initial setup connect it with usb. open web-interface on http://xx.xx.xx.xx:1471. Done."

Ok, after the second firmware updateI I'vemade a mistake in root password configuration. Can't get in. And I can't just reset it with one button like other routers - I need to turn it in maintenance mode, connect with usb, config new ethernet adapter, download default image from hak5.org, upload it to the device and waaait. ORLY? Everyone are using just one button way. Just hold main button for 10-30 seconds for reset. Ok you want to make it safer - button must be pushed with a paperclip. That's enough.

I see that this is my high expectations - I was waiting something like iPhone for wardriving. Ready for fun just from the box. For scriptkiddies. Something that will make my job easier.

BlHowever it's very complex stuff. Almost complex as my RaspberryPi with Kali onboard and 2xAlfa adapters. And sadly less stable.

How about Pixiedust attack module? Or colorful one-button Karma with SSLstrip?

Handshakes? You know that there are some troubles with it.

Sorry, this is just about my expectations. I love that stuff, i'll be waiting for new modules and stable firmwares.

But now i'll continue working with my Franken-Raspberry-Kali-stein. And hold my MK7 under my pillow. So nobody can steal my treasure. 🙂

Link to comment
Share on other sites

2 hours ago, Zaagr said:

I've recieved my MK7 yesterday. Spend about 12 hours with it.

I was waiting for that stuff for about couple of years. I've paid 100$ for item and 100$ more for delivery. I love that thing from the dark interface to thick usb cable and pineapple stickers.

However.. my item seems very unstable for me. On 1.0.2 firmware actually. 1.0.1 wasn't fluctuating. Probably the reason is - i just don't understand what it's doing right now.

Initial setup. "push button once, to disable wifi..." You know that sometimes it goes to "disabled" mode even with button holded more that 5 seconds?

Maybe you need to just type "for initial setup connect it with usb. open web-interface on http://xx.xx.xx.xx:1471. Done."

Ok, after the second firmware updateI I'vemade a mistake in root password configuration. Can't get in. And I can't just reset it with one button like other routers - I need to turn it in maintenance mode, connect with usb, config new ethernet adapter, download default image from hak5.org, upload it to the device and waaait. ORLY? Everyone are using just one button way. Just hold main button for 10-30 seconds for reset. Ok you want to make it safer - button must be pushed with a paperclip. That's enough.

I see that this is my high expectations - I was waiting something like iPhone for wardriving. Ready for fun just from the box. For scriptkiddies. Something that will make my job easier.

BlHowever it's very complex stuff. Almost complex as my RaspberryPi with Kali onboard and 2xAlfa adapters. And sadly less stable.

How about Pixiedust attack module? Or colorful one-button Karma with SSLstrip?

Handshakes? You know that there are some troubles with it.

Sorry, this is just about my expectations. I love that stuff, i'll be waiting for new modules and stable firmwares.

But now i'll continue working with my Franken-Raspberry-Kali-stein. And hold my MK7 under my pillow. So nobody can steal my treasure. 🙂

https://github.com/adde88/openwrt-useful-tools Pixiedust?

Link to comment
Share on other sites

2 hours ago, Powdersnow said:

Do you see the difference between

 "Hey, you can use my collection of stuff, i've united in this toolpack. Just check if firmware is compatible. I'm not responsible for any damage"

and

"We are Hak5. And this is our best product for all types of Wi-Fi pentesting. All tools are accessible with one click in a menu"

?

Internet is full of thing of the first type.

We'd like to see the second one. The one and only 😍

 

 

Link to comment
Share on other sites

On 3/23/2021 at 1:18 AM, Slimthuggin101 said:

It’s kinda crazy how everyone just skipped over this question

im in the same boat

haveing so many issues with this device

im new to it but I am constantly doing research trying to learn more

but I can barley capture any handshakes and I am constantly having to reboot the device because the recon says scanning but nothing comes up I let it run for 10 min sometimes with no luck

Since this is such a new device with a new layout it should be move tutorials on how to troubleshoot any problems, its so many instructional videos for older device but very very few for this

It seems comparible to when I capture handshakes in Kali. I wouldn't expect a better result other than trying with directional antennas

Link to comment
Share on other sites

So, i read this post while waiting for my own Pineapple to be delivered and got this today.

I do love the product and once you look at the modules that are actually available, you'll find you've got the capability to do a lot of the things you've seen in videos on channels like modern rogue. 

But, if there isn't one that does what you need to, make it and publish it! 

The shell also works amazingly well so don't forget to play about with this and learn it!!

The only issue i had, was with wifi setup.... I tried to do this through my phone and tablet, when it said to press the button for 4 seconds to continue with the radios enabled i did that but it disconnected me straight away and turned the radios off. To get around it, i just plugged USB C cable into my laptop and it worked fine.

If you've got a pineapple and think its a brick..... learn more about it, play with it and you'll learn so much about what it can do!

Link to comment
Share on other sites

  • 2 weeks later...

A few quick points:

1. I love hak5 gear, but as a previous software developer turned security guy - I know how frustrating it is when you create software and then learn there are other use cases that are not working as well for others. I want to remind everyone that the software is open source. You are paying for the hardware.

2. In the open source world - nothing always just "works". It needs tweaks - you need to understand the linux kernel and the version of linux that is installed. Open source means we have to work together to make things better. So Darren only got some of you 80% there. Quit complaining and add constructively to the conversation and if it's beyond your current learning - TRY HARDER!

3. If you're having issues with the GUI and that is all you are relying on - you need to go learn the aircrack-ng suite. This way you can test your own scenarios. The best course out there (albeit aged) is from OffSec - the OSWP course - you will definitely understand the ins and outs better. Learn some raw commands and quit complianing about the GUI - you only sound like an ungrateful N00B - and noobs shouldn't be wifi testing - go learn network pentesting first.

4. I also do get frustrated - especially with the Signal Owl - I thought this device to be a mini-pineapple form factor because it has aircrack-ng suite. But it was compiled with a version of nmap that does not support -sC nor can it do terminal multiplexing (screen) out of the box to handle wifi attacks well unless you can master bg/fg/jobs- but even that had errors. I wish these were still available because I still do love it for what it CAN do. I do use mine to test out guest and corporate networks, use airodump-ng to see the SSID and STAs and Associations - everything short of wifi and network attacking - which if I need that - I send a pineapple. Also - I had one environment where it kept disconnecting from C2. Instead of complaining - I reviewed the OS and scripts Hak5 wrote - and created my own script to reconnect to wifi and c2 every hour if things got disconnected using a crontab.

Many of you complianing do not understand low-level hardware and hardware hacking and protocols. Be thankful for what you have and never keep learning.

Link to comment
Share on other sites

Thank you, Mark.

I know that you are right in your way. As i said - this is just about my expectations.

I was buying a product. Neither just a hardware, nor a DIY kit. Finished product. Like a Skyrim from pentesting - huge list of mods, but also awesome as itself. At least something equal to previous version.

Tetra is an epic THING, and also an awesome product.

Just give me the same tools built-in at MK7, and i'll be happy.

By the way you can store all sources for modules on a little memory card. So it will be unnecessary to use internet connection for work.

One more suggestion - how about changing MAC addresses right in a GUI? Three modes - built-in, random and programmed.

 

Sunshine for everyone.

 

Link to comment
Share on other sites

Hi everyone, it is actually disappointing not having modules as advertised before getting my pineapple.

Darren if you can please come up with solution regarding the previous modules like SSLsplit and other famous modules to be included in the Mk7 is will be very much appreciated as this makes the WiFi pineapple standout.

Pineapple has gone very far is its been used for education purposes in several continents.

Even if the modules are obsolete, knowledge of how they worked will go a long way in educating future pen testers.

Regards.

 

 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...