My setup:
1. TP-Link 722 USB plugged into the USB port providing wlan2
2. Wifi Pineapple updated to firmware v2.4.0
3. A 12v 1a wall power adapter providing power
4. MacBook Pro connected via ethernet port to control MKV
Steps:
1. Make sure you can connect to your MKV via http://172.16.42.1:1471 and login.
2. If you have any script blockers on your browser make sure you allow access to the above IP.
3. Confirm you have v2.4.0 running.
4. Lets connect to a network to provide internet to our victims.
5. Notice my network connections. Wlan0 is running, Wlan1 not running, and Wlan2 running. Wlan0 pulls in the clients. This is the radio that clients connect to. Wlan1 is put into monitor mode, does beacon responses, beacons, deauth and the likes. Wlan2 or Ethernet can also be used for Internet access while in PineAP mode. I have also tried using Wlan1 and attached to the internet while running PineAP but it took a couple restarts to finally get it activated. I decide to go back to the Wlan2 mode as it was more stable.
6. Select the Network tile to get to the sub menu. Select Client Mode tab --> Join a Network --> wlan2 Scan
7. Locate your internet connection for your victims and connect. Your connection should obtain an IP address on wlan2.
8. Close the Network window.
9. Refresh your Network tile. Wlan2 should have remained on and after refresh should show your Wlan2 IP. Select show Internet IP and you should get an IP which is your outside IP to the internet.
10. Install ettercap from the Pineapple Bar.
11. Select Pineapple Bar Available tab --> select the User Infusions - Show --> and find ettercap.
12. Select Install --> install to SD storage. This is because the SD has more space then the internal memory and ettercap will write to where its stored.
13. Close Infusions.
14. Ettercap will appear as follows. Select install.
15. Ettercap will then load. Close the window. We are not ready for this.
16. Ettercap tile will appear as follows.
17. Time to get PineAP running and spoofs some access points for our victim.
18. Locate the PineAP tile.
19. Turn on MK5 Karma. If you wish to view the log for Probes and Associations turn those on as well.
20. Now turn on PineAP Daemon. Could take a couple seconds. Turn on Send Beacon Responses to call the devices. Turn on Harvest to collect the SSID names and Dogma to use that list and call the devices to your access point. Autostart is only necessary on reboots to start this process automatically.
21. You should start to notice OPEN wifi points being populated be your MKV.
22. Select the PineAP tile to view the sub menu --> select the PineAP tab. Notice the SSID Management area. If you see your own WiFi access point you should remove it by entering it below and selecting the remove SSID button.
23. After you have removed your own SSID you should probably add it to Karma to prevent it from being populated again. Type the SSID into the SSID Filtering field and select Add.
24. Now that you have started PineAP unsuspecting victims should begin to attach to your MKV. The Client tab will possibly start to show victims attached to your MKV. These victims are devices that are not currently attached to an access point. Free roaming victims if you will. Other victims are already attached to access points and you will have to deauth those victims from their access point to hopefully attach to your MKV.
25. Free roaming victims should automatically start to attach, this is because they have preset SSIDs and the device will beacon to determine if the access point is reachable. This is when your MKV will populate that SSID for the victim it wants to attach to. Example the WiFi access point SSID "Guest" was requested by my android device (Samsung S5 Android v4.4.2) and is now connected.
26. Checking my internet connection from the phone that is now connected to the Guest WiFi (MKV) shows good.
27. Checking my MKV Client tab under PineAP shows a connect android device.
28. Now back to ettercap. Close PineAP window. Open ettercap tile.
29. Lets setup ettercap to listen to traffic on interface br-lan.
30. Target 1: /IP you want to sniff/. You could also leave // to sniff all.
31. Target 2: /MKV IP/
32. Notice the command line is being generated.
33. Select tab MITM and select arp. This will add the -M arp switch. You could also specify oneway and remote.
34. After refreshing the windows will appear as follows indicating sniffing is active after starting.
35. Switch to tab History and select refresh. You will then notice your .pcap data.
36. You could also install tcpdump infusion.
37. Select br-lan --> Capture
38. Go to a web on the phone.
39. Stop the capture.
40. Select the tcpdump tile switch to history for the pcap.
41. Preview the pcap through Wireshark provide its not encrypted (https).
