search

insecurityofthings / jackit

JackIt - Exploit Code for Mousejack
810 stars 145 forks source link

Cannot find Crazy PA USB dongle - Pineapple Nano #40

Open metalkey opened 6 years ago

metalkey commented 6 years ago

I have jackit running fine on my laptop but i thought i'd see if it was possible to get it up and running on a WiFi Pineapple Nano.

I've installed all of the correct dependencies on the Nano:

I've confirmed the Nano recognises the Crazy PA:

lsusb
Bus 001 Device 005: ID 1915:0102 Nordic Semiconductor ASA

I've installed jackit correctly but when i attempt to run jackit, i receive the following:

[!] Cannot find Crazy PA USB dongle.
[!] Please make sure you have it preloaded with the mousejack firmware.

Is there anything that i'm missing?

Sliim commented 6 years ago

I got similar issue installing jackit on pineapple nano, can you try with this patch: insecurityofthings/jackit/pull/31. It will catch NoBackendError when searching for dungle and give you more info.

Also, you can try my workaround for libusb on openwrt: https://github.com/Sliim/jackit/tree/openwrt-libusb . This is the branch I use on my nano.

P.S. Works fine on pineapple nano: https://www.youtube.com/watch?v=Z7BBdgQPlgw :)

metalkey commented 6 years ago

Thanks for the info. I tried the patch and your libusb workaround but unfortunately no luck. I'm receiving: usb.core.NoBackendError: No backend available

Do you happen to have a step-by-step process for the Pineapple NANO?

Sliim commented 6 years ago

Do you have /usr/lib/libusb-1.0.so on your pineapple nano? I will search in my notes for a step-by-step process

metalkey commented 6 years ago

Confirmed.

root@Pineapple:/usr/lib# ls libusb*
libusb-1.0.so        libusb-1.0.so.0      libusb-1.0.so.0.1.0

I'll try a factory reset and do some fiddling. If i can get it all going i'll also do up a full walkthrough that we can use as a reference for future use.

infamy commented 6 years ago

I have a nano, and can try and take a peak, it was on my todo to get it running on the nano. So if we get some step by step instructions, I can turn it into a setup script.

On Mon, Feb 5, 2018 at 3:30 PM, metalkey notifications@github.com wrote:

Confirmed.

root@Pineapple:/usr/lib# ls libusb*libusb-1.0.so libusb-1.0.so.0 libusb-1.0.so.0.1.0

I'll try a factory reset and do some fiddling. If i can get it all going i'll also do up a full walkthrough that we can use as a reference for future use.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/insecurityofthings/jackit/issues/40#issuecomment-363257043, or mute the thread https://github.com/notifications/unsubscribe-auth/AAL_D9djAtqq8kXK0ExUo4Z4f7HF8l8Kks5tR473gaJpZM4R4cui .

Sliim commented 6 years ago

Retrieved my notes:

opkg update
opkg install -d sd python-pip libusb-1.0 libusb-compat
export PYTHONPATH=/sd/usr/lib/python2.7/site-packages/:/sd/usr/lib/python2.7:/sd/usr/lib/python2.7/lib-dynload
pip install click pyusb tabulate six
PYTHONPATH=$PYTHONPATH:. bin/jackit

This should work after a factory reset (PYTHONPATH may be ignored/changed..) I use my branch available here: https://github.com/Sliim/jackit/tree/openwrt-libusb - This is only what I needed to change to have jackit working on the nano.

Sliim commented 6 years ago

My wrapper script:

#!/bin/bash
pushd /sd/jackit
PYTHONPATH=/sd/usr/lib/python2.7/site-packages/:/sd/usr/lib/python2.7:/sd/usr/lib/python2.7/lib-dynload:. bin/jackit $@
popd
metalkey commented 6 years ago

Thanks Sliim. I've made a step-by-step process that worked for me as follows:

Droid-MAX commented 6 years ago

My Nexus5 mobile phone with NetHunter installed also encountered the same problem. The Crazy PA USB dongle could not be found. It is not recognized after the branch in the nrf24.py file has no backend modification, but the device information can be seen when dmesg is executed.

Sliim commented 5 years ago

@Droid-MAX do you see your device with lsusb command? See also https://github.com/insecurityofthings/jackit/issues/61