lholo Posted August 30, 2022 Posted August 30, 2022 https://www.linkedin.com/posts/lcrahay_got-it-all-working-together-wifi-pineapple-activity-6966709291420426241-L_Q8?utm_source=share&utm_medium=member_desktop
lholo Posted August 30, 2022 Author Posted August 30, 2022 Hi all, sorry the previous link is only available via LinkedIn... and couldn't attach a picture here... but goal was to use the pineapple as a recon-all-the-things box or a SIGINT mobile setup here are the technical steps summarized... Inspired by Glytch - Adding GPS to Tactical WiFi Pineapple and this post https://forums.hak5.org/topic/33855-warwalking-redux-and-a-question/#comment-252170 I used the same USB hub Amazon.com: SABRENT 4 Port Portable USB 2.0 Hub (9.5" Cable) for Ultra Book, MacBook Air, Windows 8 Tablet PC (HB-MCRM) : Electronics> the usb hub has 4 ports USB 2.0 , - mk7 adapter - RTL-SDR/ADS-B dongle - GPS dongle - .... any idea?? 🙂 maybe Bluetooth.. purchased a GPS dongle Amazon.com: HiLetgo VK172 G-Mouse USB GPS/GLONASS USB GPS Receiver for Windows 10/8/7/VISTA/XP : Electronics and used a standard RTL-SDR NESDR Mini 2+ 0,5 PPM TCXO RTL-SDR & A-DS-B Récepteur USB avec antenne, support à ventouse et adaptateur SMA femelle. Tuner RTL2832U & R820T2, récepteur radio défini par logiciel : Amazon.fr: Informatique Then added the following packages from the OpenWRT repo with the opkg install command, ↓ Name Version Dependencies ...........................................Description........................................... File size Installed size License Maintainer Bug report Source code utilities readsb 3.8.3-2 libc, libncurses6, libpthread, librt, librtlsdr Mode-S/ADSB/TIS decoder for various devices (readsb) 74kB 73kB GPL-3.0-or-later Stijn Tintel Bug reports Sources utilities viewadsb 3.8.3-2 libc, libncurses6 Mode-S/ADSB/TIS decoder for various devices (viewadsb) 51kB 50kB GPL-3.0-or-later Stijn Tintel Bug reports utilities dump1090 4.0-1 libc, libncurses6, librtlsdr, uhttpd Dump1090 is a Mode S decoder specifically designed for RTLSDR devices. 3162kB 3169kB GPL-2.0-or-later Álvaro Fernández Rojas Bug reports Sourc utilities dump1090 4.0-1 libc, libncurses6, librtlsdr, uhttpd Dump1090 is a Mode S decoder specifically designed for RTLSDR devices. 3162kB 3169kB GPL-2.0-or-later Álvaro Fernández Rojas Bug reports Sources libraries librtlsdr 0.6.0-2 libc, libpthread, librt, libusb-1.0-0 rtl-sdr allows DVB-T dongles based on the Realtek RTL2832U to be used as an inexpensive SDR. This package contains the librtlsdr shared library. 19kB 18kB GPLv2 Vasilis Tsiligiannis Bug reports Sour utilities rtl-ais 0.3-4 libc, libpthread, librt, librtlsdr rtl_ais uses a rtl2832u dvb-t dongle to tune AIS (Automatic Identification System) used on ships and by vessel traffic services 15kB 14kB GPL-2.0-or-later Nuno Goncalves Bug reports Sources libraries librtlsdr 0.6.0-2 libc, libpthread, librt, libusb-1.0-0 rtl-sdr allows DVB-T dongles based on the Realtek RTL2832U to be used as an inexpensive SDR. This package contains the librtlsdr shared library. 19kB 18kB GPLv2 Vasilis Tsiligiannis Bug reports Sources utilities rtl-sdr 0.6.0-2 libc, libpthread, librt, librtlsdr rtl-sdr allows DVB-T dongles based on the Realtek RTL2832U to be used as an inexpensive SDR. This package contains the utilities and daemons. 43kB 43kB GPLv2 Vasilis Tsiligiannis Bug reports Sources From <https://openwrt.org/packages/table/start?datasrt=version-short&dataflt%5BDescription_wiki%2A~%5D=DVB-T> then I also used a couple of of custom IPKs from that github GitHub - adde88/openwrt-useful-tools: A repo containing different tools compiled specifically for the Hak5 WiFi Pineapple MK6 and MK7. kmod-rtl88x2bu_4.14.248+2021-01-21-48e7c19c-1_mipsel_24kc.ipk librtlsdr_0.6.0-2_aarch64_cortex-a72.ipk libwifi_0.0.1-1_mipsel_24kc.ipk python3-cython_0.29.21-1_mipsel_24kc.ipk python3-numpy_1.19.1-1_mipsel_24kc.ipk (this one is a tricky one / as the archittecture seems not supported / but still Kismet can work...) python3-websockets_8.1-1_mipsel_24kc.ipk readsb_3.8.3-2_aarch64_cortex-a72.ipk python3-protobuf_3.13.0-1_mipsel_24kc.ipk rtl_433_20.11-1_aarch64_cortex-a72.ipk rtl-ais_0.3-4_aarch64_cortex-a72.ipk rtl-sdr_0.6.0-2_aarch64_cortex-a72.ipk viewadsb_3.8.3-2_aarch64_cortex-a72.ipk optional : still to be tested bettercap_2.32.0-1_mipsel_24kc.ipk Kismet; opkg install kismet and need capture packages (the ADS one may give error because of the python-numpy package -> use the custom ipk from below = python3-numpy_1.19.1-1_mipsel_24kc.ipk ) to see all pakages for kismet opkg list | grep kismet for the Dump1090 config mkdir -p /var/run/dump1090 touch /var/run/dump1090/aircraft.json and launch Dump1090 = dump1090 --quiet --write-json /var/run/dump1090 GPS - opkg install gpsd gpsd-clients plug the usb dongle then dmesg | grep tty or lsusb should show you your GPS dongle either ttyACM0 or ttyUSB0 launch gpsd /dev/ttyACM0 or gpsd /dev/ttyUSB0 to test your GPS => gpsmon or cgps (should return "caught signal ..." -> should display RAW data and coordinates of your GPS (will blink green... always a good sign 🙂 ) you will now have your gpsd running on localhost:2947 then configure kismet nano /etc/kismet/kismet.conf locate the lines for GPSD and add/uncomment the following line "gps=gpsd:host=localhost,port:2947" launch kismet either via kismet or kismet -g localhost:2947 kismet is now available on your WiFi Pineapple => http://172.16.42.1:2501 to test your RTL-SDR dongle; rtl_sdr -d 0 rtl_test rtl_fm the pineapple was powered by a 20.000 mAh USB powerbank being locate in Europe, Belgium; Brussels Capital, the National Airport is just a few Kilometers (Miles) away, I could spot 10 planes in 10-15 minutes. be sure your rtl-sdr antenna has open skies... PS: never unplug/plug (or even play) with your antennas when the device is powered on... you may fry something... all references; https://forums.hak5.org/topic/34942-setting-system-time-using-gps-nmea-0183-strings/#comment-259455 https://forums.hak5.org/topic/55361-how-to-install-working-kismet-on-mkvii/#comment-339926 https://flylib.com/books/en/2.434.1/hack_22_map_wi_fi_networks_with_kismet_and_gpsd.htmlhttps://www.kismetwireless.net/docs/readme/kml/ useful note (cannot find back the source, sorry) "- CONFIGURING KISMET - The Kismet capture driver is implemented as a Python datasource; you will need the Kismet-related Python modules from the python_modules/ directory of Kismet (which will be installed automatically in most cases). The rtladsb support also requires the NumPy Python module; you can typically get this as a package from your distribution (often python-numpy) or via pip. rtlsdr hardware will be automatically detected and shown in the Datasources window, or it can be configured as 'rtladsb-X', where 'X' is the radio you wish to use. If you have only one radio, this will always be zero; for instance: source=rtladsb-0:name=some_sdr" Thanks to the all HAK5 Community for making this crazy setup possible and their inspirations... PS: why not plug a WiFi Coconut into my WiFi Pineapple? why? Why not? it is fun for techies 🙂 (sponsorship for a coconut hosted in Belgium anyone?) Hope those instructions help Take care Have fun / Hack yourself first Lho
Recommended Posts
Archived
This topic is now archived and is closed to further replies.