lholo Posted August 30, 2022 Share Posted August 30, 2022 https://www.linkedin.com/posts/lcrahay_got-it-all-working-together-wifi-pineapple-activity-6966709291420426241-L_Q8?utm_source=share&utm_medium=member_desktop Link to comment Share on other sites More sharing options...
lholo Posted August 30, 2022 Author Share Posted August 30, 2022 Hi all, sorry the previous link is only available via LinkedIn... and couldn't attach a picture here... but goal was to use the pineapple as a recon-all-the-things box or a SIGINT mobile setup here are the technical steps summarized... Inspired by Glytch - Adding GPS to Tactical WiFi Pineapple and this post https://forums.hak5.org/topic/33855-warwalking-redux-and-a-question/#comment-252170 I used the same USB hub Amazon.com: SABRENT 4 Port Portable USB 2.0 Hub (9.5" Cable) for Ultra Book, MacBook Air, Windows 8 Tablet PC (HB-MCRM) : Electronics> the usb hub has 4 ports USB 2.0 , - mk7 adapter - RTL-SDR/ADS-B dongle - GPS dongle - .... any idea?? 🙂 maybe Bluetooth.. purchased a GPS dongle Amazon.com: HiLetgo VK172 G-Mouse USB GPS/GLONASS USB GPS Receiver for Windows 10/8/7/VISTA/XP : Electronics and used a standard RTL-SDR NESDR Mini 2+ 0,5 PPM TCXO RTL-SDR & A-DS-B Récepteur USB avec antenne, support à ventouse et adaptateur SMA femelle. Tuner RTL2832U & R820T2, récepteur radio défini par logiciel : Amazon.fr: Informatique Then added the following packages from the OpenWRT repo with the opkg install command, ↓ Name Version Dependencies ...........................................Description........................................... File size Installed size License Maintainer Bug report Source code utilities readsb 3.8.3-2 libc, libncurses6, libpthread, librt, librtlsdr Mode-S/ADSB/TIS decoder for various devices (readsb) 74kB 73kB GPL-3.0-or-later Stijn Tintel Bug reports Sources utilities viewadsb 3.8.3-2 libc, libncurses6 Mode-S/ADSB/TIS decoder for various devices (viewadsb) 51kB 50kB GPL-3.0-or-later Stijn Tintel Bug reports utilities dump1090 4.0-1 libc, libncurses6, librtlsdr, uhttpd Dump1090 is a Mode S decoder specifically designed for RTLSDR devices. 3162kB 3169kB GPL-2.0-or-later Álvaro Fernández Rojas Bug reports Sourc utilities dump1090 4.0-1 libc, libncurses6, librtlsdr, uhttpd Dump1090 is a Mode S decoder specifically designed for RTLSDR devices. 3162kB 3169kB GPL-2.0-or-later Álvaro Fernández Rojas Bug reports Sources libraries librtlsdr 0.6.0-2 libc, libpthread, librt, libusb-1.0-0 rtl-sdr allows DVB-T dongles based on the Realtek RTL2832U to be used as an inexpensive SDR. This package contains the librtlsdr shared library. 19kB 18kB GPLv2 Vasilis Tsiligiannis Bug reports Sour utilities rtl-ais 0.3-4 libc, libpthread, librt, librtlsdr rtl_ais uses a rtl2832u dvb-t dongle to tune AIS (Automatic Identification System) used on ships and by vessel traffic services 15kB 14kB GPL-2.0-or-later Nuno Goncalves Bug reports Sources libraries librtlsdr 0.6.0-2 libc, libpthread, librt, libusb-1.0-0 rtl-sdr allows DVB-T dongles based on the Realtek RTL2832U to be used as an inexpensive SDR. This package contains the librtlsdr shared library. 19kB 18kB GPLv2 Vasilis Tsiligiannis Bug reports Sources utilities rtl-sdr 0.6.0-2 libc, libpthread, librt, librtlsdr rtl-sdr allows DVB-T dongles based on the Realtek RTL2832U to be used as an inexpensive SDR. This package contains the utilities and daemons. 43kB 43kB GPLv2 Vasilis Tsiligiannis Bug reports Sources From <https://openwrt.org/packages/table/start?datasrt=version-short&dataflt%5BDescription_wiki%2A~%5D=DVB-T> then I also used a couple of of custom IPKs from that github GitHub - adde88/openwrt-useful-tools: A repo containing different tools compiled specifically for the Hak5 WiFi Pineapple MK6 and MK7. kmod-rtl88x2bu_4.14.248+2021-01-21-48e7c19c-1_mipsel_24kc.ipk librtlsdr_0.6.0-2_aarch64_cortex-a72.ipk libwifi_0.0.1-1_mipsel_24kc.ipk python3-cython_0.29.21-1_mipsel_24kc.ipk python3-numpy_1.19.1-1_mipsel_24kc.ipk (this one is a tricky one / as the archittecture seems not supported / but still Kismet can work...) python3-websockets_8.1-1_mipsel_24kc.ipk readsb_3.8.3-2_aarch64_cortex-a72.ipk python3-protobuf_3.13.0-1_mipsel_24kc.ipk rtl_433_20.11-1_aarch64_cortex-a72.ipk rtl-ais_0.3-4_aarch64_cortex-a72.ipk rtl-sdr_0.6.0-2_aarch64_cortex-a72.ipk viewadsb_3.8.3-2_aarch64_cortex-a72.ipk optional : still to be tested bettercap_2.32.0-1_mipsel_24kc.ipk Kismet; opkg install kismet and need capture packages (the ADS one may give error because of the python-numpy package -> use the custom ipk from below = python3-numpy_1.19.1-1_mipsel_24kc.ipk ) to see all pakages for kismet opkg list | grep kismet for the Dump1090 config mkdir -p /var/run/dump1090 touch /var/run/dump1090/aircraft.json and launch Dump1090 = dump1090 --quiet --write-json /var/run/dump1090 GPS - opkg install gpsd gpsd-clients plug the usb dongle then dmesg | grep tty or lsusb should show you your GPS dongle either ttyACM0 or ttyUSB0 launch gpsd /dev/ttyACM0 or gpsd /dev/ttyUSB0 to test your GPS => gpsmon or cgps (should return "caught signal ..." -> should display RAW data and coordinates of your GPS (will blink green... always a good sign 🙂 ) you will now have your gpsd running on localhost:2947 then configure kismet nano /etc/kismet/kismet.conf locate the lines for GPSD and add/uncomment the following line "gps=gpsd:host=localhost,port:2947" launch kismet either via kismet or kismet -g localhost:2947 kismet is now available on your WiFi Pineapple => http://172.16.42.1:2501 to test your RTL-SDR dongle; rtl_sdr -d 0 rtl_test rtl_fm the pineapple was powered by a 20.000 mAh USB powerbank being locate in Europe, Belgium; Brussels Capital, the National Airport is just a few Kilometers (Miles) away, I could spot 10 planes in 10-15 minutes. be sure your rtl-sdr antenna has open skies... PS: never unplug/plug (or even play) with your antennas when the device is powered on... you may fry something... all references; https://forums.hak5.org/topic/34942-setting-system-time-using-gps-nmea-0183-strings/#comment-259455 https://forums.hak5.org/topic/55361-how-to-install-working-kismet-on-mkvii/#comment-339926 https://flylib.com/books/en/2.434.1/hack_22_map_wi_fi_networks_with_kismet_and_gpsd.htmlhttps://www.kismetwireless.net/docs/readme/kml/ useful note (cannot find back the source, sorry) "- CONFIGURING KISMET - The Kismet capture driver is implemented as a Python datasource; you will need the Kismet-related Python modules from the python_modules/ directory of Kismet (which will be installed automatically in most cases). The rtladsb support also requires the NumPy Python module; you can typically get this as a package from your distribution (often python-numpy) or via pip. rtlsdr hardware will be automatically detected and shown in the Datasources window, or it can be configured as 'rtladsb-X', where 'X' is the radio you wish to use. If you have only one radio, this will always be zero; for instance: source=rtladsb-0:name=some_sdr" Thanks to the all HAK5 Community for making this crazy setup possible and their inspirations... PS: why not plug a WiFi Coconut into my WiFi Pineapple? why? Why not? it is fun for techies 🙂 (sponsorship for a coconut hosted in Belgium anyone?) Hope those instructions help Take care Have fun / Hack yourself first Lho Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.