98 replies to this topic

[echoblack]

Internet Connection Sharing on "LINUX"
& Jasager Pineapple Setup

All credit for this HowTo go's to taiyed14
I just made this HowTo page for the Hak5 forums and commented/tidied up the shell scrip & added the sslstrip stuff

---------------------------------------

When you get to setting the IP address in the Webif and the /etc/config/dhcp
Set then to the IP address I have in there

i.e. 10.110.0.2 for the pineapple and stuff

---------------------------------------

- On Pineapple -
IP address = 10.110.0.2
Ethernet Interface = ETH0
WiFi Interface = WiFi

- On laptop -
Ethernet Interface - Pineapple GW IP address = 10.110.0.1
Internet Facing Interface & Wireless Interface = wlan0
Pineapple Facing Interface & Ethernet Interface = eth0



This is how it will all work in the end.
[Internet+DNS > ("DHCP"GW > wlan0) > (eth0 > "DHCP"ETH0 > WiFi)]


----------------------------------------------
If you have a FON La Fonera NOT a la Fonera+
Then you can just use this scrip to set up your pineapple for use with the Pineapple.sh script below

And then skip to section - 2 -

Otherwise just keep on reading the HowTo. It is simple anyway.

Follow the README file inside

Uploaded at these two sites

pineapple-setup-0.1
http://rapidshare.co...etup-0.1.tar.gz
http://www.filefacto...etup-0_1_tar_gz

sha1-sum = 096eba367c6d570685f623ae84ba5288aef0e08e
md5-sum = 11a48e9a7e73c7729daeb32b5cee06bd

----------------------------------------------

( Section - 1 - )

First lets set up the Jasager-Pineapple

Connect to the Jasager-Pineapple and SSH into it

CODE

ssh -c blowfish root@<IP ADDRESS OF YOUR PINEAPPLE AT THIS TIME>

Now you need to edit the /etc/config/dhcp Configuration file. So, it looks like this.

CODE

config 'dnsmasq'
    option 'domainneeded' '1'
    option 'boguspriv' '1'
    option 'filterwin2k' '0'
    option 'localise_queries' '1'
    option 'local' '/lan/'
    option 'domain' 'lan'
    option 'expandhosts' '1'
    option 'nonegcache' '0'
    option 'authoritative' '1'
    option 'readethers' '1'
    option 'leasefile' '/tmp/dhcp.leases'
    option 'resolvfile' '/tmp/resolv.conf.auto'

config 'dhcp' 'lan'
    option 'interface' 'lan'
    option 'start' '100'
    option 'limit' '150'
    option 'leasetime' '720m'
    option 'ignore' '0'
    list 'dhcp_option' '3,10.110.0.1' # This is the IP address of . .
     #.  . The Host Laptop's Net-Interface acting as GW
    list 'dhcp_option' '6,10.110.0.2,8.8.8.8' # This is Option 6 define the DNS server, . .
     # .  . Then IP of Pineapple, Then Googles DNS IP

config 'dhcp' 'wan'
    option 'interface' 'wan'
    option 'ignore' '1'
    option 'start' '100'
    option 'limit' '150'
    option 'leasetime' '720m'

! Don't Reboot Yet !

Now, Navigate to the Webif Admin Web Page of Network/Networks i.e.
http://<IP ADDRESS OF YOUR PINEAPPLE AT THIS TIME>/cgi-bin/webif/network.sh

OK Now, Fill in the input fields with this information. . .

CODE

Connection Type = Static IP
Type = Bridged
IP Address = 10.110.0.2
Netmask = 255.255.255.0
Default Gateway = 10.110.0.1

Lan DNS servers = Leave Blank Or Set To 10.110.0.2

NOTE: Make sure there is not 10.110.0.1 in the DNS box or Anything ells It will mess things up.


Now, hit the "Save Changes" Button then Apply Changes at the bottom.
It probably will not reconnect so just let it sit for like 5min's then Power Cycle

------------------------------------------------

OK Jasager Powered Pineapple is all setup
------------------------------------------------

( Section - 2 - )


Now connect to the Internet through a Wireless Router with your Host Laptop's Wireless Interface "wlan0"


You can download this script pineapple-0.9.1 from this link.
Extract the tar.gz file. Navigate into it and run the installer as root

CODE

sudo ./install.sh

NEW PINEAPPLE-0.9.1 Support for BackTrack4 included in the installer!
http://rapidshare.co...le-0.9.1.tar.gz

md5sum = 317f6e9fd878d0e062950b435d22f6e9
sha1sum = e2f982e6f9bebfd7fee2b5c02065a5fd75456ac0


OLD PINEAPPLE-0.9
http://rapidshare.co...pple-0.9.tar.gz

md5sum = d904beabab441a8990d6423d7a02e9fb
sha1sum = b29583126a3ad4e8dc65ea219b56f293d46a8bd9


OLD PINEAPPLE-0.8
http://rapidshare.co...pple-0.8.tar.gz

md5sum = d6db93a2befab50a23a92785934a9289
sha1sum = b4f04d06e99361c7dbeb48cfeacd810182710d22



===========================
OLD PINEAPPLE-0.6
http://rapidshare.co...pple-0.6.tar.gz

md5sum = aedec7f15ff5f37f0ceaa6ddbe740232
sha1sum = 4f641e61455eac36af2bb036812e10770d44d084


OLD PINAPPLE-0.4
http://rapidshare.co...pple-0.4.tar.gz

----------------------------------

All Right then
----------------------------------

Now you can just connect to a Wireless Router with the Wireless Interface on the Host Laptop


Then run this command after install with root privileges

CODE

sudo pineapple.sh

Then Plug in the Pineapple
----------------------------------------------------------------------

Navigate to the Jasager Admin Webpage and turn Karma ON.
Make sure you add Your Fon Routers essid of "pineapple" or "OpenWrt" to the "Black List" - Every Time you Reboot the router ! ! !

Now Start up Wireshark on your Host Laptop and listen on interface "eth0" and get your packet sniffing on.


Check out the dsniff tools too.
Maybe Run an Attacker WebPage with all the latest Exploits & redirect victims there.
Maybe inject Javascrip or Flash and take control of the users WebCam

Also, If you deauth victims and maybe run a DOS on there AP they will connect to your Pineapple.
Maybe have an open WiFi LAN with an essid of "Free Public WiFi" and victims will connect on purpose.

--------------------------

The possibilities are endless.
SOOO much better then attacking one network at a time.


================================================
To Kill all of this just Run these commands with Root privileges

CODE

iptables -X
iptables -F
/etc/init.d/iptables stop

================================================
If you have problems with Pineapples Clients not being able to connect to the internet.
Ping your way out... Watch Wireshark and find out where the brake is.

Start up a VirtualBox. Give it it's own Wireless NIC Via USB Pass Through
Open a Shell and . . .

CODE

ping 10.110.0.2
ping 10.110.0.1
ping (The wlan0 IP address)
ping (The GW address)
ping 8.8.8.8
ping google.com

Edited by echoblack, 30 May 2010 - 06:21 AM.

[taiyed14]

Thanks for doing this write up. It looks good!

You can make the SSLStrip config section of the bash script cleaner by doing combining both IF statements

CODE

if [ $SSL == "y" -o $SSL == "Y" -o $SSL == "yes" ]; then

<SNIP>

if $SSL is y OR $SSL is Y OR $SSL is yes. Now there is only one IF.


More troubleshooting tips:

1. SSH into the Fon.
2. ping 4.2.2.2
3. Is there a responds?
No: ICS is not set up properly
Yes: ping 4.2.2.2 from a client connected to the Fon.
1. Is there a responds?
No: Please post the output of ipconfig /all (I want to see the IP/Gateway/DNS server of the client)
Yes: ping google.com
1. Is there a responds?
No: The clients aren't getting a DNS server
Yes: What's the problem?

[echoblack]

Nice, I was looking how to convert the text to lower case or how to do that IF [1=x OR 1=y]; then but just gave up.

Thanks, I put that in now and also made all the IP's variables and the sslstrip port a variable. I was going to have the user input the IP's they want but that mite cause problems because the Pineapple needs to be set up for them too. So, I didn't but it is now a lot easyer for the user to change the IP's to the ones they want.

I also figured that just hard coding in sslstrip port of 10000 is fine too because with the default port there is no need to specify the port for sslstrip to listen on.

---------

I'd like to have the scrip make sure sslstrip is installed but it is just a Python scrip that the user may not have in /usr/bin OR they may have even changed the name. This is the same reason I didn't have it open a Xterm and start sslstrip for the user.. . . .

HUM, I "Could" just include sslstrip In the script itself! That would be cool. Then I'd just have to check if Python is installed. I mean come on why would you not run sslstrip ?. . .

Ya, man I am doing that right now. I'm going to put this script and the sslstrip scrip in a tar.gz and write an installer.

Any other cool tools you think I could install with it?

[echoblack]

You know what. that line with all the IF [ 1 == x -o 1 == y -o 1 == z ]; then

That give me a "Too many arguments specified" error

--------

I'm also having problems gettting the output of commands converted to strige values. If you feel like giveing me the answer that'd be cool.

-----------
Never mind I just changed the code so I don't have to do that.

[Samurai]

Hey guys,

I just got this loaded up on my Fon and am stuck on something. I'm sure it's user error on my part, but I cannot get DNS to the wireless client I'm testing with. Pinging 8.8.8.8 works perfectly from the client i'm connecting wirelessly to the fon, but pinging google.com gives me the "no host" error. Pinging google from an ssh into the fon resolves fine.

One thing I am doing differently is rather than using

CODE

list 'dhcp_option' '3,10.110.0.1' # This is the IP address of . .
#.  . The Host Laptop's Net-Interface acting as GW
list 'dhcp_option' '6,10.110.0.2,8.8.8.8' # This is Option 6 define the DNS server, . .
# .  . Then IP of Pineapple, Then Googles DNS IP

I'm using

CODE

option 'gateway' '10.110.0.1'
option 'dns' '8.8.8.8'

I might be using an out of date version of kamikaze (7.09), because i get errors when using the list commands instead of the option commands. Any tips as to what I have messed up?

[echoblack]

Ya, go ahead and up grade to Kamakaze 9.01 I think it is now.....

That mite not be the problem your haveing though.

What do you meen your useing
option 'gatway' 10.110.0.1'
option 'dns' '8.8.8.8'

?

Try just Cut and Past my /etc/config/dhcp into your Fon router and try that.

-----------
Also, NOTE the BUG in the script I just pointed out in that section of the HowTo

[Samurai]

I'm gonna give the lil' pineapple a flash to the latest version and see if that fixes the issues. I think the 'list' parameters are not supported by the old version I'm working with. Pray I don't brick it. Don't have time to solder up a serial connection before heading home for Christmas.

[echoblack]

Ya, I was thinking the only reason you would have put that stuff in the /etc/config/dhcp is if there were alredy thoughs option in there.

You should be fine upgrading. Use the opkg thing. I'd give you a like to the packages and can if you can't find them.
But I am lazy

[Samurai]

echoblack, I could use that link. The links in the install post in this forum and the wiki are out of date. At this point, i have 8.09.1 on the router (latest stable Kamikaze) and need the new .ipk files (I used all the old ones, but the jasager-madwifi_1.ipk is for the old kernel, and i'd rather use the driver if you have the ipk already). Thanks in advance if you have the links.

Update: I found the new haserl, webif, libruby, and ruby packages. Still looking for updated jasager-madwifi and planning to use jasager 2.1 (latest on digininja's site). I have absolutely no experience with patching madwifi drivers, so I'll give it a shot if I can find clear instructions... otherwise, a link to an ipk would be very appreciated.

[taiyed14]

This is telling the DHCP server on the Fon to PUSH the default gateway (option 3 - 10.110.0.1) and PUSH the primary and secondary DNS (option 6 - 10.110.0.2 and 8.8.8.8) to any clients connecting to Fon:

CODE

list 'dhcp_option' '3,10.110.0.1' # This is the IP address of . .
#.  . The Host Laptop's Net-Interface acting as GW
list 'dhcp_option' '6,10.110.0.2,8.8.8.8' # This is Option 6 define the DNS server, . .
# .  . Then IP of Pineapple, Then Googles DNS IP

This is only setting the gateway (fine) and DNS for the Fon:

CODE

option 'gateway' '10.110.0.1'
option 'dns' '8.8.8.8'

In other words, the Fon is a client to the DNS server, it cannot send request for its wireless clients, they must send a request themselves. That is why you are getting a "no host" error.

[Samurai]

In other words, the Fon is a client to the DNS server, it cannot send request for its wireless clients, they must send a request themselves. That is why you are getting a "no host" error.

Ah, thanks for the clarification.

I'm in the process of updating firmware to support the "list" option. Looking for the new patched madwifi drivers to go with the new kernel version. You don't happen to know where I might find an updated jasager-madwifi.ipk do you? Google's giving me nothing tonight.

Update: Ok, i'm a noob. I found around page 6 or 7 of this forum that digininja has repackaged jasager into a prebuilt openwrt firmware package. I'm flashing to that now.

[echoblack]

boy, sorry I bought a Pineapple for Darren. So, I don't really know where to get all the stuff that you need. All i needed to do when I got it was get the new haserl, webif but you already have found that.

If you get a working setup I am sure it will work with toughs lines put in the /etc/config/dhcp


---------

You know just and idea could be totally wrong. But my Pineapple Darren made had Both the ipkg packages manger and opkg package manager intalled? Maybe they are really the same but if not then maybe the packages your are looking for are only for the opkg package manager and you need to install that first.

[echoblack]

You know what. that line with all the IF [ 1 == x -o 1 == y -o 1 == z ]; then

That give me a "Too many arguments specified" error

You know what I think I was doing something ells wrong and that is way I was getting that error.

I am almost done with new new "pineapple.sh + sslstrip". I'll probably have it up tomorrow.
I just has to spend 2hr's helping my roommate get ripped off on a new laptop form BestBuy. They made him pay $70 for some crappy antivirus software... And I am just going to install Linux on it anyway... What a rip off !
He refused to change his billing address on his credit card so Newegg.com kept rejecting his order.

[chasebadkids]

echoblack, I was wondering.... Ive initially setup my fon with jasager to use 192.168.*.* for everything thus far, Id like to switch it up and use what you are usually, especially since I would like to use this awesome script youve come up with. I was wondering if you would be able to post your /etc/config/network , /etc/config/wireless, etc... basically the main files youve used to setup your network... you could use the option in OpenWRT to save a config file backup and upload that, it would make it a lot easier to follow the tutorials too wouldnt it, wouldn't I be able to replace my config files with yours and then boom, everything should plug in together and become a working environment?

[Netshroud]

I tried this, and couldn't get a connection on HTTP at all. I ended up doing:

CODE

echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward > /dev/null
sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 64123
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo ifconfig eth1 192.168.0.1 netmask 255.255.255.0
sudo dhclient eth0
python sslstrip.py -l 64123 -f lock.ico

and now it's working fine

( 2 ethX interfaces because I'm using a VM right now to be the gateway. eth0 is connected to the internet, eth1 connected to the Fon)

[echoblack]

OK, I got v0.1 of the pineapple.sh w/sslstrip uploaded

There are some typos in the comments but other then that I think it is one sexy script
If I do say so myself

But, I am sure I'll have v0.2 up tomorrow LOL

[Darren Kitchen]

looking forward to seeing your /etc/config/network and /etc/config/wireless settings.

I'm thinking that Webif simply configures those files.

[echoblack]

Installer-0.1 has BUG !

LINE #55 - cp ./sslstrip-0.7 /usr/src/sslstrip-0.7

Corrected #55 cp -r ./sslstrip-0.7 /usr/src/sslstrip-0.7

======================

I'll post toughs files in a little bit. But you can just do this to change the IP to 10.110.0.0/24

Edit the /etc/config/dhcp FIRST to the 10.110.0.0/24

THEN "With out rebooting"

++++++++++++++++++++++

Now, Navigate to the Webif Admin Web Page of Network/Networks i.e.

""""

http://192.168.*.*/ cgi-bin/webif/network.sh

""""


OK Now, Fill in the input fields with this information. . .
CODE
Connection Type = Static IP
Type = Bridged
IP Address = 10.110.0.2
Netmask = 255.255.255.0
Default Gateway = 10.110.0.1

Lan DNS servers = Leave Blank Or Set To 10.110.0.2

NOTE: Make sure there is not 10.110.0.1 in the DNS box or Anything ells It will mess things up.


Now, hit the "Save Changes" Button then Apply Changes at the bottom.
It probably will not reconnect so just let it sit for like 5min's then Power Cycle
+++++++++++++++++++++++++++++++++++++

[echoblack]

you know what give me a few more hr's on this script.

The xterm sslstrip window is not staying open for me.

I'd like to clear the "Default route" on fail and start up because it troughs "SIOCADDRT: File exists" if you run twice
I don't really know how to do that yet though.


Also, the installer-0.1 will tell you it install correctly even if it didn't

-----------------------

I guess I could just write a scrip to set up the Pineapple too

Then this how to would be nothing but

RUN this on Pineapple

&

RUN this on laptop

-------------------------------

[Netshroud]

Why not run "sudo python ./sslstrip-0.7/setup.py install" ?