confuded

audibleblink, hmm. Can't apache, or whatever is running the web server, configured to only listen to certain networks? Same for ssh? Then the victims can be segmented into their own network maybe not in the tethering network. Although if a victim decides to change his NIC to an address in the 192.168.2.1/24 pool, it probably can still reach everything. Is there a way to segment that whole victim or tethered network off? It's a bit of a flaw having victims on your tethered network... ~confuded EDIT (as not to double post): I found Sebastian Kinne at DefCon 23 here (41m, 46s) speaking and saying that it is currently a problem, that you as the pineapple user and your victims are on the same network, so you are vulnerable to arp poisoning too. SSL is also off by default (they mentioned this problem and that there is a wiki for it). So i guess it isn't so simple. Darren Kitchen, if you are reading this - do you have any information on this point. Why can't we have 2 networks, one for victims and one for the pineapple user? They are on different NICs after all (in case of using the USB NIC).

audibleblink, no I can't ping my Mac nor can I see it using Fing (network tool for android). What I could see, and is a huge derp, is my pineapple! I can even log in form my victim! Fing reports ports 22, 53 and 80 open (ssh, dns and http). This is a big problem. I really don't want my targets knowing that they are being pwned... My thread was moves here. Maybe it is appropriate to rename the thread as it has to do more with ICS for Mac than for Client mode... Here is my /etc/config/network: config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config interface 'lan' option ifname 'eth0' option type 'bridge' option proto 'static' option ipaddr '192.168.2.2' option netmask '255.255.255.0' option gateway '192.168.2.1' option dns '8.8.8.8, 8.8.4.4' config interface 'usb' option ifname 'usb0' option proto 'dhcp' option dns '8.8.8.8, 8.8.4.4' config interface 'wan' option proto 'dhcp' option dns '8.8.8.8, 8.8.4.4' And here if the output from ifconfig: br-lan Link encap:Ethernet HWaddr 00:C0:CA:8D:A6:55 inet addr:192.168.2.2 Bcast:192.168.2.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:9394 errors:0 dropped:64 overruns:0 frame:0 TX packets:5959 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1818930 (1.7 MiB) TX bytes:2447761 (2.3 MiB) eth0 Link encap:Ethernet HWaddr 00:C0:CA:8D:A6:55 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5732 errors:0 dropped:0 overruns:0 frame:0 TX packets:8048 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1646855 (1.5 MiB) TX bytes:2289132 (2.1 MiB) Interrupt:4 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:42 errors:0 dropped:0 overruns:0 frame:0 TX packets:42 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3442 (3.3 KiB) TX bytes:3442 (3.3 KiB) wlan0 Link encap:Ethernet HWaddr 00:C0:CA:8D:8F:E3 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:6540 errors:0 dropped:0 overruns:0 frame:0 TX packets:4011 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:571506 (558.1 KiB) TX bytes:648241 (633.0 KiB) wlan1mon Link encap:UNSPEC HWaddr 00-C0-CA-8D-C0-6D-00-44-00-00-00-00-00-00-00-00 UP BROADCAST NOTRAILERS RUNNING PROMISC ALLMULTI MTU:1500 Metric:1 RX packets:69413 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:10567832 (10.0 MiB) TX bytes:0 (0.0 B) ~confuded P.S. How can I make the code quotes collapsable as not to clutter the thread?

Well, it sounds like all you are doing is deauthenticating the client and allowing it to connect back to the network it was searching for. You need to ensure the client connects to a known (i.e. saved in the configuration of the client) open network. Here you have 2 choices: if you know the saved network, input it manually in the SSID Pool in PineAP (on the right). OR Enable Capture SSIDs to Pool so that the Pineapple captures any SSIDs any clients ask for. As you already have done, you need to ensure the "Beacon response" option is checked. Then you can proceed to deauth the client and allow it to connect to your rogue network (i.e. the pineapple). I've just tested it and it works. ~confuded

I didn't use package manager, rather tried using the GUI install dependencies button and got an "Error installing dependencies". ~confuded

Nexus 7 2013 is a nethunter tablet. Are you running nethunter? Maybe the kernel could be causing some issues. ~confuded

winter_soldier, thanks for the script. I won't try it as it works it seems otherwise. I saw that thread, but the first post mentioned other issues and I thought it was not related to mine. barry99705, at least they didn't completely hijack the thread... audibleblink, Nano: IP: 192.168.2.2 (or anything up to 192.168.2.253) Gateway: 192.168.2.1 OS X : IP: NOT 192.168.2.1. Anything but that. Gateway: Empty - or you will lose your internet connection. Just for kicks. ~confuded

xrad, unless you need the RAM... Please read the thread. audibleblink, thanks for the cron job tip (you can congratulate me as its my first time using cron =P; i wish it wasn't vi that opened though on the -e option - i am sure there is a way to change that). IT WORKS. But here is the trick... You need to have the the pineapple in the 192.168.2.1/24 network - that part is obvious and audibleblink showed how to change that (to a nobb like me). The non-obvious part is you need to set its gateway to 192.168.2.1 and make sure that is NOT the address of the Mac on that adapter. You can set it at DHCP if you want or make it static on the netowkr 192.168.2.1/24, but don't set it to 192.168.2.1. I was using the network configuration tab in the settings as opposed to the terminal and I guess that tab does not reflect the ICS settings. Thanks to all for explaining things and a special thanks to audibleblink. ~confuded

ZaraByte, thank you for that reply against "Mac sucks" comment. I was typing something out when I got a notification of 2 new posts. Gents, let us not make this thread about another OS war shall we. audibleblink, if I will have no access to the device via network, how would I reflash... I am not afraid of braking configs if I know how to reflash =). Also, that first link is not applicate to El Capitan as that plist do not exist... Reading the stackechange now... ~confuded EDIT: ZeraByte, I won't hate you if I brick =P. I just won't do anything until I know I can reflash safely... Its not exactly the price of a real pineapple ;).

b0N3z, thanks for the suggestion - I was not aware you can bridge that networks. I use VirtualBox and thought I can just select the USB device. I did mention though, that I am trying to avoid running a VM. audibleblink, thanks for the links; will check them out. Do you also know how to change the pineapple's IP safely so I don't lock myself out? I think this will be the easier option... ~confuded

ZeraByte, I lose internet sometimes too when I enable ICS... barry99705, you think it is worth it posting on apple forums somewhere of this issue? In truth, I don't really know exactly what the issue is, so I can't really report it properly. Is it something to do with a certain hardcoded local network in ICS? Can I not change NANO's network to match Apple's ICS? ~confuded

Greetings to all, I've been trying to tether my MBP's Wi-Fi to the Pineapple nano. For starters, I've set the network connection to the nano (via its USB networking adapter) to an IP of 172.16.42.42. Simply enabling ICS from Wi-Fi to Pineapple and adding the default route of 172.16.42.42 on the nano does not work. I've skimmed through this topic and tried TGYK's script to no avail. I also posted a ticket on the script's github page. Tethering from my Android phone is great, but I need the phone for other things. I am aware I can run a VM and pipe the USB to the VM, but I need that extra RAM for other things while I tinker with the nano. On a side note, really cool tactical package! Any help would be great, ~confuded

Hey, Rapidshare decided that any files not being downloaded for 90 days will be deleted of their servers if you use more than 25GB of space on your account. This new idiotic law starts from the 20th of October 2009. I currently use more than 25GB of RS storage space, which means that if no one downloads these tables at least once in 90 days then they will be deleted one by one <_< . Though I think only the first 5MB has to be downloaded or the download has to initialize for the file to count as ACTIVE. However, I do not have the bandwidth to do that (only have a stinky 3G modem at the moment with 3GB/month cap limit). Please, if anyone can try and just initialize the download once in 90 days, I would really appreciate it! I am sorry for not being able to upload the complete set; I lack bandwidth and speeds at the moment. I suspect if no one pays takes care of maintaining these tables active, the tables will disappear (starting from the 2WIRE tables, since no one uses them...). I hate RS... <_< Megaupload is s much better (service wise). ;) ~confuded

Really? So going through a 171,000 password list and brute forcing from "aaaaaaaa" (8 minimal length for WPA) to "ZZZZZZZZ..." (until 75 characters) is the same? I think there are way more strings used in a brute forcing process, than in your average wordlist... ;) ~confuded

That is if you have a good spec PC and need the file for later use. Otherwise just brute force it with a dictionary... ~confuded