MK2: Best HowTo - Setup Internet Connection Forwarding on "Linux" & Jasager

[g3rax]

Thanks for the information. unfortunately that will not work for me. My gateway is 192.168.0.1. any other ideas?

What I would do is comment the whole line and type in your gateway directly.

# This sets up the Default Route
#
#GW=`ifconfig $Wan | grep "inet addr:"| grep -v "127.0.0.1" | cut -d: -f2 | awk '{ print $1}' | cut -d. -f1,2,3`
GW="192.168.0.1"

If this does not work then you have other problems.

Also can you post your interfaces and corresponding IPs. That way, it will be easier to track down where the connection is failing.

Edited March 13, 2010 by g3rax

[echoblack]

Quick question, im sure i must be missing something. I have run the script on my Fon, and confimed the configs were transfered correctly. and I have run the script on my netbook. (running Ubuntu 9.10) and it also seems to have run correctly. before i connect the etho to fon i am able to get to the internet. however after I am no longer able to and the other computer (mac) i am testing with cannot either. Please help

Hum, so when you run pineapple.sh on your Laptop, your laptop is already connected to the Internet correct?

Also, is your computer speaking English?

Although, I think now that I changed the way I get the Gateway IP in the new, just posted, pineapple-0.5 should work with any language.

-----------------------------------------------------------------------------

Ok I updated to pineapple.sh-0.5

I changed the way I get the GateWay IP. This way wil hopefully work better. Please let me know if it brakes anything.

CHANGED

# This sets up the Default Route
#
GW=`ifconfig $Wan | grep "inet addr:"| grep -v "127.0.0.1" | cut -d: -f2 | awk '{ print $1}' | cut -d. -f1,2,3`
GW=`echo $GW.1`

TO THIS

    # This sets up the Default Route
    #
    GW=`netstat -nr | awk 'BEGIN {while ($3!="0.0.0.0") getline; print $2}'`

    route add default gw $GW $Wan
    
    echo "Default route set to $GW through $Wan"
    echo ""

Edited March 14, 2010 by echoblack

[echoblack]

Updated to pineapple-0.6

-------------------------

Ok, I've just done a bunch of messing around with this today and have fixed a couple things.

First, I now get the GW IP with that new way but I had to move it above all the iptables stuff for it to work. And it is working for me now. However, one thing to check is this....

When the script runs it tells you what route it set i.e.

sslstrip will write it's log file to: /usr/src/sslstrip-0.7/sslstrip.log

eth0 is given the IP address of 10.110.0.1 & netmask 255.255.255.0

IP forwarding enabled!

All iptables chains and rules cleared. . . Setting new iptables rules

iptables configured...

Default route removed. . .
Default route set to 192.168.1.1 through wlan0

Plug in the Pineapple

You see that ^ "Default route set to 192.168.1.1 through wlan0" Now look at that when you run the scrip. If it didn't set the route correctly then that line could say.... "Default route set to through wlan0" with no IP address for the GW.

If it dose mess up like that you can set the route yourself like this with the IP your GW IP address and where "wlan0" is the Internet facing NIC.

route add default gw 192.168.1.1 wlan0

----------

Also in pineapple-0.6 I changed the way I check to see if python Twisted is installed. Before I was just doing this...

ls /usr/lib/$Py_Version/*/twisted/im.py
    if [ $? != 0 ]; then

However, in the new version of Python Twisted in Archlinux that file is not there anymore. So, instead I just do this to see if I can ls the whole twisted directory. It spits a bunch of junk to the screen but it is more reliable.

ls /usr/lib/$Py_Version/*/twisted
    if [ $? != 0 ]; then

Edited March 15, 2010 by echoblack

[echoblack]

Hum,... well it is not working in backtrack4 for some reason. But an easy fix is just to comment out all the junk making sure python an python/twisted is installed... It is. I'll fix this up tomorrow.

So, comment out everything from Line # 117 -217

Then add this after all that

Py="Y"
Twisted="Y"
Sslstrip="Y"

Owe also you have to comment out this line...

sudo -u \#1000 xterm -e python $SSLSTRIP_INSTALL_DIR/sslstrip-0.7/sslstrip.py -w $Sslstrip_Log &

And use this line instead

sudo -u \#1000 python $SSLSTRIP_INSTALL_DIR/sslstrip-0.7/sslstrip.py -w $Sslstrip_Log &

Edited March 31, 2010 by echoblack

[fjux]

oke i have done all this, with the same ip's ect. though i just cant get the dns going right.....

i am useing BT4 (i commented the lines out)

but i can ping 8.8.8.8 from the fon though not google.com

it just says bad address......

anyone know what could be wrong? and where to fix it?

ps. is there any way to reset all the things ive setup? becous i did some testing tried different guides ect. (total noob in the beginnning) and i am afraid there is somewhere a setting not right wich is fucking it all up...

or is the only way reflashing it??

[digininja]

If you can ping but can't get DNS then you've got connectivity so stay with it you are probably close. Check /etc/resolv.conf and see what it has as the nameserver. You should have something like:

nameserver 208.67.222.222
nameserver 208.67.200.200

along with a few other lines probably. Check the IP address is one for a valid name server and then check you can ping it. If not then edit it and set it to a valid IP. The ones above are opendns so should work for anyone.

You can also try to resolve a name with dig, try

dig @208.67.200.200 google.com

from the fon. That will ask opendns for the IP address for google.com, see if you get an answer.

[Encrypted_Soldier]

Okay so I am all out of idea's. I can SSH into the pineapple. I can ping 4.2.2.2 and get a response from a client and the computer directly connected. I can ping any site (such as google.com or yahoo.com) but I cannot get the webpage to show up on the connected client. So it is as if i have internet but don't have internet. Also I can still get the webpages on the computer the pineapple is connected to. I find this very strange that I can ping any website but cannot actually view the page.

BTW here is my wireshark output maybe this can give some insight to the problem.

Wireshark output: http://www.sendspace.com/file/y0egp9 (its just a text file)

[digininja]

Someone else has had this problem and I don't know how it got sorted.

You could try doing a web connection by hand with netcat

# nc google.com 80
GET / HTTP/1.0
<press enter again>

and see what comes back, see if it gets any data.

[Encrypted_Soldier]

Connection refused

Used both netcat and that GET /Http/1.0 thing both said connection refused.

This is getting stranger by the day.

[digininja]

so you can get icmp through but not tcp to port 80, try using netcat to get to other ports you know are open on other machines. Try connecting with both IP address and domain name.

[Encrypted_Soldier]

Pinging ip of google: sudo nc 66.249.91.104 80

response: (UNKOWN) [66.249.91.104] 80 (www) : connection refused

Oh BTW I also ran netcat on the computer that the pineapple is connected to and netcat just hangs there then stops. Although the GET / HTTP/1.0 thing works fine.

I tried using Net Cat on my desktop and WHS on port 80 both from the client and the computer that the pineapple is connected to.

It said connection refused.

________________________________________________________________________________

________________

Okay so instead of running the pineapple with BT4 i switched to ubuntu but something similar is happening there too.

I get internet on the host machine (ubuntu) but no internet on the connected client (bt4) i pinged google.com on the client machine and it said "unknown host google.com" lastly on the host machine i cannot connect to the pineapple to turn on karma and all that stuff.

Man this is getting REALLY weird.

P.S. on the BT4 machine i connot get Sslstrip to run but on the ubuntu machine i can.

here is my edited pineapple.sh script:

#!/bin/bash
#
#
# pineapple.sh-0.6
#
#
# Enables "Internet Connection Sharing" on Linux
# Also runs sslstrip if python2.5 or python2.6 & pythons-twisted-web is installed and user requested
# Also sets up port forwarding for sslstrip if user requested
#
# For sslstrip all port 80 traffic is sent to the Default sslstrip port of 10000
#
# 10.110.0.0/24 # Is the IP address block sets up for the Pineapple
# 10.110.0.2 # Is what the Pineapple IP is set to
# 10.110.0.1 # Is what the Host Laptop's NIC acting as the Gateway for the Pineapple is set to
#
#
######################
#
# - - sslstrip-0.7 - -
#
# GNU GENERAL PUBLIC LICENSE
# Version 3, 29 June 2007
#
# Author = Moxie Marlinspike
# 
# email = moxie@thoughtcrime.org
# url = http://www.thoughtcrime.org/software/sslstrip/
# 
# Description = A MITM tool that implements Moxie Marlinspike's HTTPS stripping attacks.
#
# - - sslstrip-0.7 - -
#
######################
#
# - - pineapple.sh - -
#
# GNU GENERAL PUBLIC LICENSE
# Version 3, 29 June 2007
#
# Author = Alex Herrick
#
# email = alex.herrick@gmail.com
# url = http://alex.hrck.net/
#
#---------------------
#
# Author = Thomas Dwyer
#
# email = darden.tyler@gmail.com
# url = No Url at this time
#
# - - pineapple.sh - -
#
######################








#
# SET GLOBAL VARIABLES
#

# This sets the IP variables that are used in the script
# If you change these you also need to change the setting on the Pineapple
#
FON_IP_BLOCK="10.110.0.0/24"
NETMASK="255.255.255.0"

GW_NIC_IP="10.110.0.1"
FON_IP="10.110.0.2" # Not yet needed to be used in the script


# These will be used as the Default Network Interfaces
#
WAN_BKP="wlan0"
LAN_BKP="eth0"


# This is the port all Port 80 traffic form Pineapple is sent to for sslstrip
#
SSLSTRIP_PORT="10000"


# This is the default sslstrip install directory
#
SSLSTRIP_INSTALL_DIR="/usr/src"


# This is sets the default log directory for sslstrip
# 
SSLSTRIP_LOG_BKP="$SSLSTRIP_INSTALL_DIR/sslstrip-0.7/sslstrip.log"


# This is the default pineapple.sh install directory
# If you change this make sure to change it in pineapple.sh
#
PINEAPPLE_INSTALL_DIR="/usr/bin" # Not yet used in this script








# Make sure script is running as Root
#
#
USER=`whoami`
if [ $USER == "root" ]; then

    # Check if Python-2.6 is installed
    #
    # This looks for Python-2.6 installed in /usr/bin/python2.6
    # Sets the Python version to python2.6 and puts it in variable $PY_VERSION
    #
    # This also sets the variable $PY to "Y" or "N" for use latter in the scrip
    #
    # If /usr/bin/python2.6 is not found $PY26 will be set to "N"
    #
#    ls /usr/bin/python2.6
#    if [ $? != 0 ]; then
    
#        Py26="N"
#        echo "Python-2.6 is NOT installed"
        
#    else
#        Py="Y"
#        Py_Version="python2.6"
#        echo "Python-2.6 is installed"
        
        
#    fi


    # Check if Python-2.5 is installed if Python-2.6 is not
    #
    # This looks for Python-2.5 installed in /usr/bin/python2.5
    # Sets the Python version to python2.5 and puts it in variable $PY_VERSION
    #
    # This also sets the variable $PY to "Y" or "N" for use latter in the scrip
    #
    # If /usr/bin/python2.5 is not found $SSLSTRIP & $PY25 will be set to "N"
    # Otherwise they will be set to "Y"
    #
#    if [ Py26 == "N" ]; then

#        ls /usr/bin/python2.5
#        if [ $? != 0 ]; then
        
#            $Py25="N"
#            Py="N"
#            Sslstrip="N"
#            echo "You Must have Python-2.5 or newer installed to use sslstrip"
#            echo "sslstrip Option Disabled"
#            echo ""
            
#        else
#            Py="Y"
#            Py_Version="python2.5"
#            echo "Python-2.5 is installed"
#            echo ""
            
            
#        fi
        
    
#    fi


    # Check if Python Twisted is installed
    #
    # This Looks for one of the Twisted files "im.py" installed in . . .
    # /uar/lib/$PY_VERSION/site-packages/twisted
    #
    # This only runs if python2.6 or python2.5 was found in /usr/bin
    # By checking if $PY is set to "Y" or "N"
    #
    # If Twised is not found it will set $TWISTED & $SSLSTRIP to "N"
    # Otherwise they well be set to "Y"
    #
#    if [ $Py == "Y" ]; then

#        ls /usr/lib/$Py_Version/*/twisted
#        if [ $? != 0 ]; then
        
#            Twisted="N"
#            Sslstrip="N"
#            echo "Python Module Twisted is NOT installed"
#            echo ""
#            echo "Python Module Twisted MUST be installed to use sslstrip"
#            echo "In ubuntu you can install this Module with"
#            echo "apt-get install python-twisted-web"
#            echo ""
#            echo ""
#            echo "sslstrip Option is Disabled"
#            echo ""
            
#        else
#            Twisted="Y"
#            Sslstrip="Y"
#            echo "Python Module Twisted is installed"
#            echo ""
#            echo ""
#            echo ""


#        fi


#    fi
    Py="Y"
    Twisted="Y"
    Sslstrip="Y"

    # This sets the Internet facing Network Interface
    #
    # Asks the user what NIC they would like to use and set it to $Wan
    # If user leave blank $Wan will be set to Global Variable $WAN_BKP
    #
    # This also tests the user supplied NIC by running ifconfig $Wan
    # If ifconfig doesn't exit with return code 0 the while loop will not end
    #
    X="N"
    while [ $X == "N" ]; do
    
        echo ""
        echo ""
        echo "Please enter Internet facing interface"
        echo "If left blank Internet facing Network Interface will be set to wlan0"
        echo ""
        read -p "Please enter Internet facing interface, i.e. wlan0: " Wan
        echo ""

        if [ -z $Wan ]; then
    
            Wan="$WAN_BKP"
            echo "Internet facing Network Interface set to $Wan"
            echo ""
        
            X="Y"
    
        else
            ifconfig $Wan
            if [ $? != 0 ]; then
        
                echo "$Wan is not a valid Network Interface please try again or leave blank"
        
            else
                echo "Internet facing Network Interface set to $Wan"
                echo ""
            
                X="Y"
        
        
            fi
    
    
        fi


    done


    # This sets the Pineapple facing Network Interface
    #
    # Asks the user what NIC they would like to use and set it to $Lan
    # If user leave blank $Lan will be set to Global Variable $LAN_BKP
    #
    # This also tests the user supplied NIC by running ifconfig $Lan
    # If ifconfig dosen't exit with return code 0 the while loop will not end
    #
    X="N"
    while [ $X == "N" ]; do
    
        echo ""
        echo ""
        echo "Please enter Pineapple facing Network interface"
        echo "If left blank Pineapple facing Network Interface will be set to eth0"
        echo ""
        read -p "Please enter Pineapple facing interface, i.e. eth0: " Lan
        echo ""

        if [ -z $Lan ]; then
    
            Lan="$LAN_BKP"
            echo "Pineapple facing Network Interface set to $Lan"
            echo ""
        
            X="Y"
    
        else
            ifconfig $Lan
            if [ $? != 0 ]; then
        
                echo "$Lan is not a valid Network Interface please try again or leave blank"
        
            else
                echo "Pineapple facing Network Interface set to $Lan"
                echo ""
            
                X="Y"
        
        
            fi
    
    
        fi


    done


    # Asks user if they want to set up iptables for sslstrip answer is sent to $SSL
    #
    Ssl="N"
    if [ $Sslstrip == "Y" ]; then
    
        read -p "Do you want to enable sslstrip? Y/N:" Ssl


        # Check $SSL if it is Y, y, or yes - If it is
        # Asks user where the log for sslstrip should be written answer is sent to $SSLSTRIP_LOG
        #
        # This also makes sure that the touch command can write a file in the specified path
        # If it can not then the $X variable will remain "N" and not leave the loop
        #
        # If the user leaves the question blank then it will it to the variable $SSLSTRIP_LOG_BKP
        # You can change $SSLSTRIP_LOG_BKP variable at the top of the script
        #
        if [ $Ssl == "Y" -o $Ssl == "y" -o $Ssl == "yes" ]; then
        
            X="N"
            while [ $X == "N" ]; do
    
                echo ""
                echo ""
                echo "Where would you like the sslstrip log file to be located?"
                echo "Enter the /Full/Path/And/LogName.log - If left blank  $SSLSTRIP_LOG_BKP  will be used"
                echo ""
                read -p "Enter: " Sslstrip_Log
                echo ""

                if [ -z $Sslstrip_Log ]; then
                
                    Sslstrip_Log=$SSLSTRIP_LOG_BKP
                    X="Y"
                    
                else
                    # This Varifies the /full/log/path/and/logname.log my User
                    # 
                    # Would be better if script could verify
                    #
                    Y="N"
                    while [ $Y == "N" ]; do
                
                        echo "Are You sure you want sslstrip to write to log file $Sslstrip_Log?"
                        echo "If $Sslstrip_Log is not a valid path or"
                        echo "normal user dosen't have write permition in that directory sslstrip will fail"
                        echo "And Block Port 80 i.e. HTTP traffic. . ."
                        echo ""
                        read -p "So you sure ?: Y/N" Verify
                        echo ""


                        if [ $Verify != "Y" -o $Varify != "y" -o $Varify != "yes" ]; then
                            
                            echo "Asking agin. . ."
                            
                        else
                            echo "$Verify path User verified"
                            echo ""
                            
                            Y="Y"
                            
                            
                        fi
                        
                        
                    done
                
                
                fi
                
                
            done
        

            echo "sslstrip will write it's log file to: $Sslstrip_Log"
            echo ""

        else
            echo "sslstrip is disabled"
            echo ""
            
            
        fi
        
        
    fi


    # This get's the GateWay IP address and sets it to the varable $Gw
    #
    Gw=`netstat -nr | awk 'BEGIN {while ($3!="0.0.0.0") getline; print $2}'`


    # Sets $Lan's IP address to 10.110.0.1 and netmask 255.255.255.0
    #
    ifconfig $Lan $GW_NIC_IP  netmask $NETMASK

    echo "$Lan is given the IP address of $GW_NIC_IP & netmask $NETMASK"
    echo ""


    # Enables IPv4 Forwarding it alredy enabled it dose nothing
    #
    IPFWD=`cat /proc/sys/net/ipv4/ip_forward`
    if [ $IPFWD -eq 1 ]; then
    
        echo "IP forwarding enabled!"
        echo ""
        
    else
        echo '1' > /proc/sys/net/ipv4/ip_forward
        echo "IP forwarding enabled!"
        echo ""


    fi


    # This next IF statement block sets all the iptables rules
    # And the default route
    #
    iptables --version > /dev/null 2>&1
    if [ $? -eq 0 ]; then


        # Clear all iptabes Chains and Rules
        #
        iptables -X
        iptables -F
        echo "All iptables chains and rules cleared. . . Setting new iptables rules"
        echo ""


        # This checks if the user entered Y or y to the question asking if they wanted to use sslstrip
        # If they did it will set an iptables rule to forward all Port 80 traffic from $Lan to
        # The default sslstrip listening Port 10000
        #
        if [ $Ssl == "y" -o $Ssl == "Y" -o $Ssl == "yes" ]; then

            iptables -t nat -A PREROUTING -i $Lan -p tcp --destination-port 80 -j REDIRECT --to-ports $SSLSTRIP_PORT


        fi


        # This sets up the IPv4 forwarding form the $Wan to $Lan
        #
        iptables -A FORWARD -i $Wan -o $Lan -s $FON_IP_BLOCK -m state --state NEW -j ACCEPT
        iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
        iptables -A POSTROUTING -t nat -j MASQUERADE
        echo "iptables configured..."
        echo ""


    
        # Removes the Default Route
        #
        route del default
    
        echo "Default route removed. . ."


        # This sets up the Default Route
        #
        #
        # This is an alternant way of getting the Gatway IP address
        #Gw=`ifconfig $Wan | grep "inet addr:"| grep -v "127.0.0.1" | cut -d: -f2 | awk '{ print $1}' | cut -d. -f1,2,3`
        #Gw=`echo $GW.1`

        route add default gw $Gw $Wan
    
        echo "Default route set to $Gw through $Wan"
        echo ""


        # This command runs with UID-1000
        #
        # This spawns a new xterm and runs sslstrip in it
        # And sslstrip will wright it's log file to what the $Sslstrip_Log variable was set to
        #
        #
        if [ $Ssl == "Y" -o $Ssl == "y" -o $Ssl == "yes" ]; then

            #sudo -u \#1000 xterm -e python $SSLSTRIP_INSTALL_DIR/sslstrip-0.7/sslstrip.py -w $Sslstrip_Log &
            sudo -u \#1000 xterm -e python $SSLSTRIP_INSTALL_DIR/sslstrip-0.7/sslstrip.py -w $Sslstrip_Log &
        
        
        fi


        echo "Plug in the Pineapple"
        echo ""




    else
        echo "Please run as root or install iptables..."
    
    
    fi




else
    echo "Please run as root."


fi




# exit clean
#
exit

Edited April 10, 2010 by Encrypted_Soldier

[echoblack]

boy I have to start checking this more often....

About the DNS. Make sure you have done (Section 1) and everything looks identical.

About the Block on Port 80. That is the SSLstrip iptables rule doing that. If you say yes to starting SSLstrip then I route all traffic destined for Port 80 to internal port 10000. For some reason I have not figured out yet, BT4 will not let you spon a Xterm so you have to change the line running it to just run it in the same terminal you ran pineapple.sh.

However, in the code you posed you did not do this correctly, so SSLstrip is not running and listening on lo-10000 and redirecting to the web server. Instead all Port80 traffic is just being sent to loop back port 10000 and ending there.

Your code you posted....

if [ $Ssl == "Y" -o $Ssl == "y" -o $Ssl == "yes" ]; then

            #sudo -u \#1000 xterm -e python $SSLSTRIP_INSTALL_DIR/sslstrip-0.7/sslstrip.py -w $Sslstrip_Log &
            sudo -u \#1000 xterm -e python $SSLSTRIP_INSTALL_DIR/sslstrip-0.7/sslstrip.py -w $Sslstrip_Log &
        
        
        fi

This is what it should look like....

if [ $Ssl == "Y" -o $Ssl == "y" -o $Ssl == "yes" ]; then

            #sudo -u \#1000 xterm -e python $SSLSTRIP_INSTALL_DIR/sslstrip-0.7/sslstrip.py -w $Sslstrip_Log &
            sudo -u \#1000 python $SSLSTRIP_INSTALL_DIR/sslstrip-0.7/sslstrip.py -w $Sslstrip_Log &
        
        
        fi

Edited April 11, 2010 by echoblack

[echoblack]

Ok I edited the script to work for BT4 and uploaded it. So this one.

http://rapidshare.com/files/374573763/pine...-BT4-0.6.tar.gz

[XXXX@XXXX ~/src]$ md5sum pineapple-BT4-0.6.tar.gz

85b2ad8b293a0ea8bfa64d2f8aff5ee7 pineapple-BT4-0.6.tar.gz

[XXXX@XXXX ~/src]$ sha1sum pineapple-BT4-0.6.tar.gz

6cb3f4b2f25bd24e75bcd6d2e88f0d121671da52 pineapple-BT4-0.6.tar.gz

Edited April 11, 2010 by echoblack

[Encrypted_Soldier]

Ssl Strip still does not spawn another Xterm and i still do not have internet on connected client. Even if a choose not to start Ssl Strip i still have no internet. im going back to step one.

[Encrypted_Soldier]

okay i was able to SSH into the pineapple:

here is my edited /etc/config/DHCP

config 'dnsmasq'
    option 'domainneeded'    '1'
    option 'boguspriv'    '1'
    option 'filterwin2k'    '0' 
    option 'localise_queries'    '1'
    option 'local'    '/lan/'
    option 'domain'    'lan'
    option 'expandhosts'    '1'
    option 'nonegcache'    '0'
    option 'authoritative'    '1'
    option 'readethers'    '1'
    option 'leasefile'    '/tmp/dhcp.leases'
    option 'resolvfile'    '/tmp/resolv.conf.auto'

config 'dhcp' 'lan'
    option 'interface'    'lan'
    option 'start'     '100'
    option 'limit'    '150'
    option 'leasetime'    '720m'
        option 'ignore' '0'
        list 'dhcp_option' '3,10.110.0.1'
        # This is the IP address of . .
        #. . The Host Laptop's Net-Interface acting as GW
        list 'dhcp_option' '6,10.110.0.2,8.8.8.8'
        # This is Option 6 define the DNS server, . .
        # . . Then IP of Pineapple, Then Googles DNS IP

config 'dhcp' 'wan'
    option 'interface'    'wan'
    option 'ignore'    '1'
        option 'start' '100'
        option 'limit' '150'
        option 'leasetime' '720m'

now here is my network configuration:

connection type = Static IP
type = bridged
Ip address = 10.110.0.2
netmask = 255.255.255.0
default gateway = 10.110.0.1
lan DNS server = 10.110.0.2

will try with blank lan DNS server

didn't work

rebooting and trying again

rebooted and still did not work, SSL strip does not spawn Xterm nor does it run in the same windows i just ran the script in.

Edited April 11, 2010 by Encrypted_Soldier

[echoblack]

Is DNS and ping to 8.8.8.8 working, but everything to port 80 blocked?

SSlstrip will run in the background not in a new Xterm in the BT4 one. Check with ps aux

Hum so also remember to kill it when your done.

Edited April 12, 2010 by echoblack

[echoblack]

Okay, I did quite a bit of work on this today. I am fairly sure it is all working in Backtrack now. It should also work better in general. I fixed a few errors....

Change log...

- Send unwanted output to /dev/null

- Check if user left the question asking if they wanted to run SSLstirp blank and if so set value to "N"

- Moved all route setting commands together.

- Made a modified version of pineapple.sh that will run if the user is loged in as Root i.e. like in BackTrack4

- Now the installer asks if it is being installed to BackTrack

I'd advise everyone to use this new Pineapple.sh.

Please post here or email me if you have any problems.

Pineapple-0.7

Edited April 19, 2010 by echoblack

[Encrypted_Soldier]

OMG it worked! Thank you VERY VERY VERY VERY VERY VERY VERY VERY VERY much echoblack!

First the script did not want to copy "pineapple.sh" or create the necessary dir(s). So I made them by hand (the "/usr/bin/bt4/" and copied pineapple.sh into it, along with coping the same file into "/usr/bin") this allowed me to run the script without any stupid errors. I then proceeded to run the script in "/root/pineapple-0.7" this didn't work, then I remembered the "bt4 (/root/pineapple-0.7/bt4/") folder had the same script, so I ran it from there and voila everything worked! Although I don't think Ssl Strip is saving the logs but this is the first time I really used it so I will do more research and more tests tomorrow and post the results here.

P.S. SSL strip does work because when I logged into my gmail account the HTTPS was gone and it said HTTP so it working I just don't think it is outputting a log but as stated before no prior experience with the program.

[echoblack]

Hum, Ya I messed up in the installer.... Delete the files and folders you made and try the new installer.

http://rapidshare.com/files/377906412/pineapple-0.8.tar.gz

The installer will copy the modified /bt4/pineapple.sh to /usr/bin if you say yes to if it is BackTrack and will copy the regular pineapple.sh to /usr/bin if you say no. BUT you do not want Both scripts in /usr/bin and you do not want any /usr/bin/bt4 directory.... That was the mistake I made in the installer. I meant to copy form /bt4/pineappl.sh TO /usr/bin not to /pinapple.sh to /usr/bin/bt4.

SSLstrip is installed to /usr/src and I make it R,W,X to everyone, so I can write log files to it... Not really a good thing to do, but I have so many hang-ups to deal with, so this is the easiest way to do it. If you think of a better way let me know. However, I do not want to install SSLstrip with it's installer because that just causes more problems. I also want the script to work if the user just hits Enter,Enter,Enter,Enter....

Then you just run it like this....

[user@LinuxBox ~]$ sudo pineapple.sh

or

[root@LinuxBox ~]# pineapple.sh

There is no need to specify the directory or be in a certain directory because the scrip was copied to /usr/bin

The SSLstrip log file is written to /usr/src/sslstrip-0.7/ by default but when asked you can specify any place you would like it to log to.

-------------------------

The only difference between the normal pineapple.sh and the BT4 one is that the BT4 one runs SSLstrip as Root. Which is not a good thing to do but I can't span a new Xterm as UserID #1000 if you are running the Xserver as Root, such as in BackTrack.

Edited April 20, 2010 by echoblack

[Encrypted_Soldier]

it is saying:

copying allin1.py to /usr/bin
cp: cannot stat 'allin1.sh' : No such file or directory
finished installation
start with allin1_gui.py

and the script doesn't work, is it just you forgot to include the file or a typo?

Edited April 20, 2010 by Encrypted_Soldier

[Encrypted_Soldier]

stupid computer double posting

Edited April 20, 2010 by Encrypted_Soldier

[echoblack]

Hum, I really don't know why your getting that error. The installer works for me in BackTrack4, both the bt4 vertion and the normal vertion. Did you remove the files and directories you made before?

There is no file named allin1.py nor allin1.sh. None of the lines of text you posted can be found anywhere in my scripts. SSLstrip is a collection of python scripts but I just copy the whole file to /usr/src not /usr/bin. I am at a loss. I need more information to help out.

The output you should get is this....

root@bt:~/pineapple-0.8# ./install.sh
Are you Installing this to BackTrack... Y/N ?  y

pineapple.sh was coppied to /usr/bin/pineapple.sh



/usr/src/sslstrip-0.7 was made Read, Write, & Executable by Everyone

sslstrip-0.7 was coppied to /usr/src/sslstrip-0.7



    # - - sslstrip-0.7 - -
    #
    # GNU GENERAL PUBLIC LICENSE
    # Version 3, 29 June 2007
    #
    # Author = Moxie Marlinspike
    # 
    # email = moxie@thoughtcrime.org
    # url = http://www.thoughtcrime.org/software/sslstrip/
    # 
    # Description = A MITM tool that implements Moxie Marlinspike's HTTPS stripping attacks.
    #
    # - - sslstrip-0.7 - -
    

    # - - pineapple.sh - -
    #
    # GNU GENERAL PUBLIC LICENSE
    # Version 3, 29 June 2007
    #
    # Author = Alex Herrick
    #
    # email= alex.herrick@gmail.com
    # url = http://alex.hrck.net/
    #
    #---------------------
    #
    # Author = Thomas Dwyer
    #
    # email = ThomasADwyer@gmail.com
    # url = http://digiassistant.com
    #
    # - - pineapple.sh - -
    


pineapple-0.3 and sslstrip-0.7 where successfully installed

You can now run this scrip by simply running

sudo pineapple.sh

[Encrypted_Soldier]

thats very strange i removed /usr/bin/bt4 and pineapple.sh. i cant remember if i copied install.sh to some weird directory somewhere too. I will check later today.

[echoblack]

Hum, ya I just have no idea how you are getting toughs errors.

Even if you did not remove the files. The installer would just overwrite /usr/bin/pineapple.sh and /usr/src/sslstrip-0.7 I just told you to remove them to be on the safe side.

You are running install.sh from within the unpacked pineapple-0.8 folder right? Because in the installer, I say copy pineapple.sh form the current directory to /usr/bin and copy the folder sslstrip-0.7 to /usr/src So, if you moved the install.sh to a different directory it would not work. However, it still would not say anything about copying allin1.py or allin1.sh because I never try to copy toughs files, at lest not explicitly. I even did a "locate allin1.py" and "locate allin1.sh" and thoughs files are not anywhere to be found on my system, so they must not even be part of sslstrip-0.7

---------------------------------------

I edited out the script form the first post.

I posted it in the code block for two reason. One, to be completely transparent about what the script was doing i.e. I'm not making you part of my bot-net. Two, if I got lazy, and rapidshare deleted the scripts, it would not be lost forever.

However, it was just to long and just confusing.

Also, I also messed up in the instructions and said this... run "sudo install.sh" ... Now I corrected it and have...

run "sudo ./install.sh"

Edited April 21, 2010 by echoblack

[echoblack]

Hoe, well I found out what that allin1.py thing is about....

It was my mistake, not a mistake in the script but a mistake in the instructions. You need to run ...

./install.sh from with in the unpacked directory.

If you run just... "install.sh" in backtrack4 "Allin1 for sleuthkit" start to install.

http://www.netmon.ch/allin1.html

Edited April 23, 2010 by echoblack