+- PINE64 (https://forum.pine64.org)
+-- Forum: PINE A64(+) (https://forum.pine64.org/forumdisplay.php?fid=4)
+--- Forum: Linux on Pine A64(+) (https://forum.pine64.org/forumdisplay.php?fid=6)
+--- Thread: WiFi PineA64 Pineapple (/showthread.php?tid=2242)
WiFi PineA64 Pineapple - Ghelorn - 09-19-2016
im building a pineapple with one of my pines. well why not. i figured i would post my instructions. this is adapted from an install script i wrote for reaver a few months back.
remember that any of these tools must be used on networks that you own or have permission to use.
some of these tools on here can interfere with computers/devices on a network.
i will not be held responsible for killing your router, causing nuclear winter, you going to prison or your neighbour bashing the shit out of you for using all of his internet and costing him a small fortune.
i will also not answer questions on how to use the software included. everything has a "--help" or man page for usage. if you still dont know what your are doing then this is not the guide for you.
THIS IS ONLY FOR THOSE WHO KNOW WHAT THEY ARE DOING
my setup.
pine a64+ 2GB board + 64GB SD card. metasploit alone takes up 10gigs.
pine64 wifi module. used for connecting to personal wireless hotspot provided by my mobile device. dont plug this in just yet. we dont want this called wlan0 or wlan1
2 x external wireless network cards with reasonable antennas. most of the wireless tools out there only really attack the 2.4GHz band so the cards should be single band.
first download the latest debian longsleep base image.
burn SD card and boot your pine.
start by changing the default password
Code:
passwdupdate system
coz im a baddie for security.
Code:
sudo -suse all our avaliable storage space
Code:
resize_rootfs.shlets make sure kernel and uboot is updated
Code:
pine64_update_kernel.sh
pine64_update_uboot.sh
rebootlets su and run more updates
Code:
sudo -s
apt-get update
apt-get upgrade -y && apt-get dist-upgrade -y
reboot #it never hurts to do a reboot on a fresh system after updating.setup wireless hardware
now plug in the first of your wireless adapters
check it shows up.
Code:
iwconfigif nothing shows apart from wlan0 and wlan1 (presuming your using the built in wifi as well), you may need to load the wireless firmware.
i usually do this by running the following
Code:
lsusbQuote:root@pine64:/home/debian# lsusb
Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 002: ID 0cf3:9271 Atheros Communications, Inc. AR9271 802.11n
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
here i can see my card has an atheros chipset. so now i can run.
Code:
apt-cache search atheros|grep firmwareand i get the following output
Quote:firmware-atheros - Binary firmware for Atheros wireless cards
so i run
Code:
apt-get install firmware-atherosnow unplug and replug your wifi card.
check again for your wireless card
Code:
iwconfigQuote:wlan0 IEEE 802.11bgn ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=0 dBm
Retry long limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
you will need to do this for each of your wireless cards your using.
at the end i ended up with the following output from iwconfig and lsusb
Quote:root@pine64:/home/debian# iwconfig
eth0 no wireless extensions.
wlan0 IEEE 802.11bgn ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=0 dBm
Retry long limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
dummy0 no wireless extensions.
sit0 no wireless extensions.
lo no wireless extensions.
wlan1 IEEE 802.11bgn ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=0 dBm
Retry long limit:7 RTS thr=2347 B Fragment thr:off
Encryption key:off
Power Management:on
root@pine64:/home/debian# lsusb
Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 002: ID 0bda:8176 Realtek Semiconductor Corp. RTL8188CUS 802.11n WLAN Adapter
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 003: ID 0cf3:9271 Atheros Communications, Inc. AR9271 802.11n
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
shutdown the pine and plug in our built in wifi.
just to double check everything is good
Quote:debian@pine64:~$ lsusb
Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 002: ID 0bda:8176 Realtek Semiconductor Corp. RTL8188CUS 802.11n WLAN Adapter
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 002: ID 0cf3:9271 Atheros Communications, Inc. AR9271 802.11n
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
debian@pine64:~$ sudo iwconfig
eth0 no wireless extensions.
wlan0 IEEE 802.11bgn ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=0 dBm
Retry long limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
dummy0 no wireless extensions.
rename7 IEEE 802.11bgn ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=0 dBm
Retry long limit:7 RTS thr=2347 B Fragment thr:off
Encryption key:off
Power Management:on
wlan2 unassociated Nickname:"<WIFI@REALTEK>"
Mode:Managed Frequency=2.412 GHz Access Point: Not-Associated
Sensitivity:0/0
Retry:off RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality=0/100 Signal level=0 dBm Noise level=0 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
sit0 no wireless extensions.
lo no wireless extensions.
wlan1 unassociated Nickname:"<WIFI@REALTEK>"
Mode:Managed Frequency=2.412 GHz Access Point: Not-Associated
Sensitivity:0/0
Retry:off RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality=0/100 Signal level=0 dBm Noise level=0 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
hmmm something funny going on here. the wifi module has called itself wlan1 and wlan2 while my second external adapter is called rename7
i had to play around with the udev rules making a rule for the second interface on the wifi module.
file to look at is /etc/udev/rules.d/70-persistent-net.rules
after a reboot i get the following output from iwconfig. this is what i was expecting.
Quote:debian@pine64:~$ sudo iwconfig
wlan3 unassociated Nickname:"<WIFI@REALTEK>"
Mode:Managed Frequency=2.412 GHz Access Point: Not-Associated
Sensitivity:0/0
Retry:off RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality=0/100 Signal level=0 dBm Noise level=0 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
eth0 no wireless extensions.
wlan0 IEEE 802.11bgn ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=0 dBm
Retry long limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
dummy0 no wireless extensions.
wlan2 unassociated Nickname:"<WIFI@REALTEK>"
Mode:Managed Frequency=2.412 GHz Access Point: Not-Associated
Sensitivity:0/0
Retry:off RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality=0/100 Signal level=0 dBm Noise level=0 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
sit0 no wireless extensions.
lo no wireless extensions.
wlan1 IEEE 802.11bgn ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=0 dBm
Retry long limit:7 RTS thr=2347 B Fragment thr:off
Encryption key:off
Power Management:on
setup remote ssh wireless connection
we want to setup connection to our wireless hotspot so we can run our pentests from a tablet or even on mobile device via ssh.
edit the file /etc/network/interfaces and add the following to the end.
Quote:auto wlan2
iface wlan2 inet dhcp
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
now edit the file /etc/wpa_supplicant/wpa_supplicant.conf and add the following
Quote:network={
ssid="YOUR_NETWORK_NAME"
psk="YOUR_NETWORK_PASSWORD"
proto=RSN
key_mgmt=WPA-PSK
pairwise=CCMP
auth_alg=OPEN
}
wifi software
thats our hardware and remote side of things done and setup. time to install some wifi cracking software.
make us a nice working directory.
Code:
cd ~
mkdir working
cd workinginstall macchanger. because you should be changing your mac address on your wifi cards before doing any attack.
Code:
sudo apt-get install macchangerinstall aircrack-ng from source.
Code:
sudo apt-get install libnl-3-dev libnl-genl-3-dev libssl-dev libsqlite3-dev
svn co http://svn.aircrack-ng.org/trunk/ aircrack-ng
cd aircrack-ng
make sqlite=true experimental=true ext_scripts=true
sudo make sqlite=true experimental=true ext_scripts=true install
sudo airodump-ng-oui-updatenow lets test packet injection on our cards
Code:
sudo ifconfig wlan0 down && sudo macchanger wlan0 -r && sudo iwconfig wlan0 mode monitor && sudo ifconfig wlan0 up
sudo aireplay-ng --test wlan0
sudo ifconfig wlan1 down && sudo macchanger wlan1 -r && sudo iwconfig wlan1 mode monitor && sudo ifconfig wlan1 up
sudo aireplay-ng --test wlan1install pixiewps
Code:
cd ~/working
git clone https://github.com/wiire/pixiewps.git
cd pixiewps
cd src
make
sudo make installinstall wifite
Code:
cd ~/working
wget https://raw.github.com/derv82/wifite/master/wifite.py
chmod +x wifite.py
sudo cp wifite.py /usr/local/bin/install reaver with pixie dust source files. reaver-wps-fork-t6x.
reaver doesnt like the newer versions of libpcap so we will download the older ones.
Code:
cd ~/working
mkdir libpcap
cd libpcap
wget https://launchpad.net/ubuntu/+archive/primary/+files/libpcap-dev_1.4.0-2_all.deb
wget https://launchpad.net/ubuntu/+archive/primary/+files/libpcap0.8-dev_1.4.0-2_arm64.deb
wget https://launchpad.net/ubuntu/+archive/primary/+files/libpcap0.8-dbg_1.4.0-2_arm64.deb
wget https://launchpad.net/ubuntu/+archive/primary/+files/libpcap0.8_1.4.0-2_arm64.deb
sudo dpkg --install *.deb
sudo apt-mark hold libpcap-dev libpcap0.8 libpcap0.8-dbg libpcap0.8-devinstall reaver now.
Code:
cd ~/working
git clone https://github.com/t6x/reaver-wps-fork-t6x.git
cd reaver-wps-fork-t6x*/
cd src/
./configure
make
sudo make installnow on to Bully
Code:
cd ~/working
git clone https://github.com/aanarchyy/bully
cd bully
cd src
make
sudo make installnow to make things easy with this code a lovely guy made. thanks SilentGhost for making HT-wps breaker.
Code:
mkdir ~/code
cd ~/code
git clone https://github.com/SilentGhostX/HT-WPS-Breaker.git
sudo ln HT-WPS-Breaker/HT-WB.sh /sbin/HT-WB.shmy next step is installing this in an old wireless router with a battery.
more is to come. i will be adding some exploits like metasploit and some MITM attacks like sslstrip and such. this is just the base setup. i remember there was a web interface for this. just dont remember what it was called.
edit: i added macchanger to the wifi tools. cant believe i forgot it.
WiFi PineA64 Pineapple - Ghelorn - 09-22-2016
I went through some of my crap and found this old linksys wrt54g router and the big external n-type connector antennas.
Running through some airodump tests I found the big antennas being compairable to my 11db rp-sma antennas I have. So now if I can't mount my wireless cards securly with rp-sma, I can always use the original connectors
Now to do the mounting.
I also have a 5000mah 3.7v battery floating around for power options
Edit: I thought it was 5000mah as it was in a 5000mah battery pack I got for playing ingress ages ago but when I pulled it apart the battery is only rated at 2500mah. Ill do some tests with the 2 wireless cards and see how long it will last.
Edit2: just tried the battery, it charges nicely but not enough power to run the wifi cards.
Edit3: man I'm a dill. Forgot about the battery jumper so the usb ports didn't have power. So I have tested packet injection on both cards at the same time running only from battery and it works.
RE: WiFi PineA64 Pineapple - Ghelorn - 09-25-2016
when your moving house you tend to find stuff you forgot about. I just came across this router that I had running open wrt for a while.
![[Image: cc596210dfd3b409267b7db59691655f.jpg]](http://uploads.tapatalk-cdn.com/20160925/cc596210dfd3b409267b7db59691655f.jpg)
looking at the back pannel it looks like the rp-sma connectors are pannel mount.
![[Image: ea0be5905aaf52bc079f553f8acdf3ea.jpg]](http://uploads.tapatalk-cdn.com/20160925/ea0be5905aaf52bc079f553f8acdf3ea.jpg)
pulling it apart it has coax fly leads coming off the rp-sma connectors. This makes mounting the wireless cards a lot easier. Also there is pleanty of space for the pine and the battery pack.
![[Image: 32c44914a8d8b532b1576a148b4dc68e.jpg]](http://uploads.tapatalk-cdn.com/20160925/32c44914a8d8b532b1576a148b4dc68e.jpg)
And the front pannel has pleanty of indicators for power, charge, wireless, boot and anything else I could want.
![[Image: 8370750aca956137a1e409620589919f.jpg]](http://uploads.tapatalk-cdn.com/20160925/8370750aca956137a1e409620589919f.jpg)
This is going to be my pineapple box I think. bugger the wrt box. Ill save that for another project later down the track.