Create Rogue Networks on the WiFi Pineapple (PineAP KARMA Attacks)
Вставка
- Опубліковано 31 тра 2024
- On this episode of HakByte, @AlexLynd demonstrates how to use the PineAP module on the WiFi Pineapple to run a KARMA WiFi Attack. This allows an attacker to trick your WiFi device into connecting to a malicious access point, by spoofing networks its connected to before.
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Buy a WiFi Pineapple: shop.hak5.org
WiFi Pineapple Docs: docs.hak5.org/wifi-pineapple
Capturing Half Handshakes: • HakByte: Capture Wi-Fi...
Alex Lynd's Twitter: / alexlynd
Alex Lynd's website: alexlynd.com
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Chapters:
Intro @AlexLynd 00:00
What is the WiFi Pineapple? 00:17
What are KARMA Attacks? 00:39
What You'll Need 00:58
Connecting your Pineapple 01:18
PineAP Interface 02:01
How PineAP Works 03:12
Using the Scanners 03:51
KARMA Attack Requirements 06:45
Broadcasting Open Networks 07:14
Setting up Filters 08:44
Deauthing our Victim 09:37
KARMA Attack Demo 10:18
MITM & WiFi Radios 10:53
Attack Implications 11:45
Mitigating KARMA 12:14
Outro 12:38
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → www.hak5.org
Shop → hakshop.myshopify.com/
Subscribe → ua-cam.com/users/Hak5Darr...
Support → / threatwire
Contact Us → / hak5
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong. - Наука та технологія
THANKS A LOT Alex, I requested a fresh PineAP tutorial several times on both channels, nice to see that you finally found some time... you guys are always great at answering questions live and from this comments, plus here you covered few other topics at once, like a practical use for those probe requests and a quick overall view of the mark7, Once again killing it with this content...
I love that “SMC” is on your network list!!! Go Corsairs!
Great video, i hace a pineapple and id love if you can make more videos about it!! Thanks a lot
fantastic presentation. You are doing grate!!!!!
Clear and Concise. Good job. Like a 3rd date... lots of crack (hopefully)
Very nice , Mine just arrived last week so this helps
thank you from Vietnam with love
thanks man this is great. I will need to update my pineapple and give it a shot.
An arp spoof option would be nice 👍
Great video
Anyway you can show yourself catching a handshake because once I press the capture handshake nothing happens but when I run it through the CMD line it works .and any reason why I get kicked off the manage AP
Thanks Alex.
Why is it when I plug my pineapple into an AC power source, I'm never able to access the login portal. Not from my laptop, VM , or cellphone. I let the boot up process do it's thing, and the light is solid blue
knowing the mdp of the wifi, is it possible to force client to wifipineapple without clicking?
How does the pineapples throughput speed lend itself to mass packet forwarding?
Can you do the same demo but from the C2 framework? Or if that's out there and I just missed it, give me the link? Thanks! Great video by the way...
I don't understand the marketing or target customer, please advise.
This is LEA or just a straight phish? 😮
It's interesting for sure. Good luck with whatever
can you please explain how you blurred your wifi and MAC address ? thank you
Could this be possible for the rpi 4?
Do a video on how to use the geolocation packagr
Also hot tip for all of you: deny your own devices or devices your connecting to or using in an engagement.
I’ve ran into some speed bumps where my phone or tablet to control the pineapple is joining a blank fake network while the connection to the real pineapple manage,ent network is being dropped, essentially locking me out and adding precious time to an engagement by fixing the issue.
Phones change their MAC now to avoid being tracked, usually every time they connect. I am making an anti-stalking suite that uses a beacon swarm to get cellphone MAC addr, among other measures like correlating BT traffic.
Any ideas on how to get a unique identifier from wifi traffic?
Just guessing, IP, make, machine, OS type, location.....
@@sotecluxan4221 good guess. But remember, the beacon swarm is just getting probes from phones thinking it’s a previously associated AP. I might sniff the probe request, then instantiate a AP, with the SSID the phone probed, let it connect and provide it actual internet off my mobile hotspot, do some kind of evil mitm stuff.
@@weirdsciencetv4999 how'd it go
@@Pidot31415 it works pretty well, but expanded it to look for a host of personal electronics, including bluetooth.
Iphones do change their MACs by default now, so it the technique doesnt work in isolation.
as I understood it, doesn't the MAC randomisation per-network rather than per-connection? that is, each network gets its own MAC rather than each instance of connection to that network
I dont understand. How can you disable the management access point but still interact with GUI
I think the description is missing the "link to Cody's video" mentioned in the outro.
Oh no! I linked it as a card in the outro, but I'll also paste in the description :)
On my desktop I can't see the SSID Pool window on the right, all I see is Status!?
Sadly deauthenication doesn't work on my devices somehow. Also my phone warns me that the network is suspicious if it's trying to connect to a pineapple AP .
All in all I never made a successful attack in my own environment, which is kinda disappointing
@McGregor Emmanuel neat workaround, but to be honest. If it gets advertised so hard and the product is kind of expensive for it's capabilities, it should simply work.
@McGregor Emmanuel How it's work, when he said that he was unsuccessful in his own environment.
I’d like to see a video of you successfully using dns spoof to spoof Facebook to any user on an iPhone connected to a pineapple that has ever been logged into Facebook on that device before (which is everybody)
Can yo do this with the new GUI?
Have you a link for the beta v2 firmware, as its not on the site or do i download using my pineapple
You have to put it on the beta update channel in Settings -> Advanced -> Alternative Updates.
Thanks i just see it
My neighbour hacked my network with this. What can I do against it ? Can I counter attack ?
You call the authorities lol
DDoS their printer as payback!
@@lmfao69420 lmao
@@cybertalkwithdevin They should just hack into their neighbor's printer, remotely control it, and make it print pictures of Rick Astley until it runs out of paper. Or something more devious perhaps ;)
Yes! Throw a rock trough his window as and act of self deffense.
My tetra wont factory reset. is there any solution?
Great video mate, always enjoy your content, I have a pineapple on the way! Is there a built in function to DNS spoof or serve up captive portal/ fake login pages like face book where it stores the credentials through the pineapple, like what wifiphisher does ? Or would I have to set one up through Kali and use my laptop or a rasp pi to achieve that ?
Yes there an evil portal module but may need updated prior to using it with the Beta 2 pineapple firmware. Modules are community driven and need the author to update.
@@drskizz thank you brother , appreciate the response, I am in Australia so got a month to wait till it arrives anyway hopefully it's updated by then ^_^
What’s the point of the video if your blurring out the SSIDs we are suppose to see
Where is the Link for the firmware you said you would link???
Great video! But how would you create a rouge AP that is password protected, but you know the password?
Same. I used Evil AP and it connects but won't route internet traffic to my client ap so I can capture packets.
Have you connected the pineapple to the legit wifi?
yes pineapples!!!!!!!!!!!!!!!!!!!!
Anyone else notice 4:20 when Alex opened his phone browser? Nice.
More In-Depth Videos would be nice, not much info in the way of using Pineapple MK7..
* But my question is.. WHY can't u use like SSLStrip to downgrade the connection & serve Fake router login pages based on OUI?
* Or.. How come you cant use a name like "Linksys" in PineAP.. then anyone whose connected to it will reconnect... and when they connect to it.. if it's password protected, why cant we serve them Fake router login pages based on OUI? you just said you cant.. but not WHY ? there HAS to be a way.. Karma has been around for a LONG time..
you can do this, you just have to disconnect them and create a fake login page.
i dont see ssid pool
Karma Points +50
what is the point of this? if a person connect to your mobile router wifi or a pineapple .. so what? people connect to cafes and hotels all the time.. just connecting does not really do anything... what after they connected? do you have full access to all content in their smart phone then? I like to know how I can get full access to a smart phone and so go in and see all chat forums, social media accounts , photo albums in someone else phone... what tools would one need for that type of hacking? is pineapple wifi really useful for this or is there another HAK5 tool useful for distance hacking into someone' s phone??
that's highly illegal dude
What do you call it when a linux server has a virus?
Answer: A terminal illness 😆
any hackers on here? i need yalls service hmu
Imagine having a acab sticker on your laptop but your teaching people how to brute force people’s personal info like you have the moral high ground 🤦🏻♂️
Karma? Are you still in 2014?
Lol
This video is good to learn hacking
You have a boyfriend? Wow inteligent man 😳😳🤔 how are you?
Is it true ? This would be a dream come true. For someone !
this guy its sooo cute hooly gyyat how old r u