Get the connection sharing script, wp6.sh, with wget
root@attack1:~# wget wifipineapple.com/wp6.sh
Make wp6 executable
root@attack1:~# chmod +x ./wp6.sh
If I only use the USB cables (a.k.a. in the hack truck with no power), the attack laptop will being missing the DHCP address on eth0. To perform a release/renew go to the terminal and type:
sudo dhclient -r eth0
sudo dhclient eth0
Actions on the Objective
On the Attack LAPTOP, connect UBS wireless adapter.
Power up the Attack LAPTOP.
On the Attack LAPTOP, after it boots, log in as usual.
In the BROWSER, Verify you have an Internet connection via wireless or tethering through your mobile phone, by going to any .com of your choosing.
In the TERMINAL, watch ifconfig
Connect The ‘Y’ cable on the WifiPineapple to the Attack laptop to power it up and provide connectivity to it.
Watch for eth0 to get an address in the 172.16.42.0/24 subnet after the WifiPineApple has finish booting (solid blue center LED).
T-Shooting, if it doesn’t get an IPv4 address, type sudo dhclient eth0 in another terminal window.
In the TERMINAL, turn on connection sharing.
Type ./wp6.sh in the terminal.
If this is the first time on target, type G for Guided Setup. If you’ve been here before and no where else afterwards then just type C for Connect using saved settings.
In the BROWSER, go to http://172.16.42.1:1741 and log in with root and the password.
In the BROWSER, verify the WifiPineapple can get to the internet.
Click the Dashboard link on the left to verify you are on the main page.
Go to the Bulletins section.
Click the Load Bulletins from WifiPineapple.com button.
If you see a bunch of news clipping, then the Wifi Pineapple can reach the Internet.
In the BROWSER, it’s time to recon
Click the Recon side tab
Scan setting to Both and 1 Minute
After the scan is complete, you should see a table of results
SSID, is obviously the access points SSID
MAC, shows you the MAC address of the access point or client depending on which row you are looking at. If the SSID is populated that MAC address is for it. If the SSID is blank, then it’s the MAC of the client associated to that access point.
Security, shows you Open, Mixed WPA, WPA2, etc. depending on the strength of the network.
WPS, yes or no.
Channel, the numeric value of which channel the access point is operating on.
Signal, the strength of the signal that is reaching the Wifi Pineapple. I use this to range how far away the access points are.