Jump to content

MK7 Manual use vs Automation / Campaign


r00tyMcr00tFace
 Share

Recommended Posts

I have recently purchased the Mark VII and have had a few days to try out the interface. Like some others have pointed out the GUI can be a bit unresonsive at times, but I have had zero issue with actually using the device for it intendid purpose. Not sure what those who were unsucessful getting thiers to work were doing exactly, but I was previously using a laptop running Kali and a TP-Link TL-WN722N and find that the range and speed of the pineapple is significantly better plus it is still linux so I can make changes I need for my use cases. 

Some things I have noticed that others might find helpful:

 - The way you setup your use of the network interface cards is important, so consider this when making adjustments.
 - You will want to make sure you have one NIC in monitor mode for most uses. This can be done by running a Recon Scan, or from the command line with ipconfig.
 - To manually capture handshakes, I have had success using 2 methods:

1. Recon Scan to ID target Access Point, make Evil Twin of AP with arbitrary password (12345678) Clients attempt to connect and deliver a half handshake to the device, but are refused a connection for wrong password and bounce back to original authentic network.

2. Recon Scan to ID target AP (optional can be done from aircrack also), from command line use aircrack-ng tools set as typical. 
 

*** If you are still confused, or not having success you may want to step back to the basics of 802.11 and wifi auditing and or check for hardware/firmware issues***

Now my questions, I am interested in creating a campaign that I can setup and mail the device to a site where it is plugged in and AUTOMATICALLY goes to work, collecting all the AP's it can see and then capturing the handshakes. How feasable is this with the current PineAP? Has anyone else had any success with this type of automation?
I have the c2 software and could set it up in AWS but I would prefer to just have it capture everything for a few days and then have them send it back and I can analyse the findings from the audit. 

As a final plan I could use python to automate the steps but I am hoping this is a matter of setting up the campaign/ editing the campaign file after creation.

Thanks to anyone who finds time to respond on this dreary Sunday. 

- r00tyMcr00tFace
 

  • Like 1
Link to comment
Share on other sites

  • 2 weeks later...
On 1/16/2022 at 6:47 PM, r00tyMcr00tFace said:

I have recently purchased the Mark VII and have had a few days to try out the interface. Like some others have pointed out the GUI can be a bit unresonsive at times, but I have had zero issue with actually using the device for it intendid purpose. Not sure what those who were unsucessful getting thiers to work were doing exactly, but I was previously using a laptop running Kali and a TP-Link TL-WN722N and find that the range and speed of the pineapple is significantly better plus it is still linux so I can make changes I need for my use cases. 

Some things I have noticed that others might find helpful:

 - The way you setup your use of the network interface cards is important, so consider this when making adjustments.
 - You will want to make sure you have one NIC in monitor mode for most uses. This can be done by running a Recon Scan, or from the command line with ipconfig.
 - To manually capture handshakes, I have had success using 2 methods:

1. Recon Scan to ID target Access Point, make Evil Twin of AP with arbitrary password (12345678) Clients attempt to connect and deliver a half handshake to the device, but are refused a connection for wrong password and bounce back to original authentic network.

2. Recon Scan to ID target AP (optional can be done from aircrack also), from command line use aircrack-ng tools set as typical. 
 

*** If you are still confused, or not having success you may want to step back to the basics of 802.11 and wifi auditing and or check for hardware/firmware issues***

Now my questions, I am interested in creating a campaign that I can setup and mail the device to a site where it is plugged in and AUTOMATICALLY goes to work, collecting all the AP's it can see and then capturing the handshakes. How feasable is this with the current PineAP? Has anyone else had any success with this type of automation?
I have the c2 software and could set it up in AWS but I would prefer to just have it capture everything for a few days and then have them send it back and I can analyse the findings from the audit. 

As a final plan I could use python to automate the steps but I am hoping this is a matter of setting up the campaign/ editing the campaign file after creation.

Thanks to anyone who finds time to respond on this dreary Sunday. 

- r00tyMcr00tFace
 

I haven't done the above personally but there was a gentleman on the Discord who mentioned mailing a whole bunch of these out with the intention of doing the same as yourself and I believe the advice given to him was similar to what I'm about to say now.

Test it internally in the comfort of your own environment first. Configure the reports, set the campaign etc. power the machine down and fire it back up, run it for a day or two and then power it back down etc. if it does what you're expecting it to do in that scenario my money says you're good to go with mailing it out.

The one thing to remember is that the \root\loot\ directory is non persistent i.e. it'll get wiped on a reboot. 

You can change this to a persistent directory or external USB drive but bear in mind weird things may happen if you fill up the internal storage. 

It has been a while since I've used the Pineapple with C2 so I can't remember how reporting / loot exfiltration works with that now but if that's an option it's certainly the road I'd go down.

I'll see if I can spin my C2 back up this evening and get everything updated / take it for a spin and report back.

 

  • Thanks 1
  • Upvote 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...