echoblack

Sorry for the late reply. Hum, it should work. I am super busy right now but I'll try to help out tomorrow.

Owe boy :P This is why I almost never ask for help. I always feel so stupid when I solve the problem. [root@CrossTalk:~]# for each in {1..254} Linux Powered for> do for> ifconfig eth0 192.168.$each.58 for> nmap -T4 -F 192.168.$each.0/24 for> done Starting Nmap 5.51 ( http://nmap.org ) at 2011-02-20 16:32 HST Nmap scan report for 192.168.1.58 Host is up (0.000010s latency). All 100 scanned ports on 192.168.1.58 are closed Nmap done: 256 IP addresses (1 host up) scanned in 27.30 seconds Starting Nmap 5.51 ( http://nmap.org ) at 2011-02-20 16:32 HST Nmap scan report for 192.168.2.58 Host is up (0.0000090s latency). All 100 scanned ports on 192.168.2.58 are closed Nmap scan report for 192.168.2.112 Host is up (0.023s latency). Not shown: 97 closed ports PORT STATE SERVICE 22/tcp open ssh 53/tcp open domain 80/tcp open http MAC Address: 00:18:84:1E:97:88 (FON) Nmap done: 256 IP addresses (2 hosts up) scanned in 44.51 seconds

Awe that is why all i get is junk. I find it strange that a pineapple from the hak shop shipped with redboot disabled.

Okay, so ya, I set my fon to get an IP form a DHCP server.... boy I don't really know any more it was along time ago. I don't know what IP it has anymore and it will not give me one. I figure I'll just reflash it. I tried to use the fon-flash program on Linux but I got the... No packet. No packet. No packet. Peer MAC: 00:18:84:1e:97:88 Peer IP : 0.0.0.0 Telnet for RedBoot not enabled. I bought the fon form Darren a wile back form the hack shop. So, it was pre-flashed. I am guessing now I need to connect a serial cable to it. I have a USB-DB9 connector and a Cisco Console cable DB9-RJ45. My Question is, Do I connect to the fon like this. USB-to-DB9 -> TO-> Pins on Fon OR USB-to-DB9 -> TO -> DB9-to-RJ45 (Cisco con Cable) -> To pin's on the Fon The First option right? Because the Cisco console Cable is just like a Rollover Cable correct. So, I don't need it; I can just do the Tx->Rx when I attach the wires to the Pins on the Fon...... Right ? ####################### Or, is there some way I can connect to the Fon on Layer-2 over the Ethernet port? ++++++++++++++++++++ Okay, I don't know why I ask questions I already know the solution too. Sure, don't 'need' the cisco console cable, but it is much easier to just cut the RJ45 off off the console cable. Then solder the wires to the pins on the Fon. When I'm done I'll just connect a new RJ45 to the console cable agin.

Owe, okay, now that this thread has been Pinned. I'll make sure to check back more often to see if anyone has any questions. Also, I have figured out much nicer ways to program this so I may re-do it all so it is clean, BUT, it should be working. P.S. Okay I am now all done with the Cisco CCNA NetAdacamy courses, and plan to git my CCNA at the end of this semester. I am taking CCNA Security now too :) I think I will also go for my Red Hat Linux Certs too. I think I can get the RHCE with a cupple weeks of cramming.

Alright, I am now CompTIA A+, Network+, and Security+ Certified. :) It's a start right... Help Desk job here I come :P I'll work on this script this weekend and hopefully upload Pineapple-1.0 by Monday. Please test out this Pineapple-0.9.1 and let me know of any bugs. EDIT: Meh, now some more targeted certs. I'm on the track for MCITP Enterprise Administrator and I'll get the 2008 AD cert first. It seem a lot of jobs ask for AD so I guess I need to learn that stuff. I'd go for the RHCE right now but I don't have $800. I really dislike windows but hell it is everywhere. I'll be getting the Cisco certs in school.

OKAY. . . . Sorry about all that crap. If anyone has DNS problems it is not a problem with pineapple.sh It is ether a problem with the /etc/config/dhcp Configuration file and/or go to the routers Web admin page, under networking make sure there are no DNS IP addresses in there or put 8.8.8.8 ONLY. I put out Pineapple-0.9.1 Ya, you were mostly correct about most of the stuff, what you did would work. There was a typo that made only Y work. I also didn't change the X variable to Y to get out of the loop. However, I did change the X to = Y if for the default path. Also, I change it to.... bla just read it. I made this change in both places. There were a few typos :P read -p "So you sure ?: Y/N" Verify echo "" if [ $Verify == "Y" -o $Verify == "y" -o $Verify == "yes" ]; then echo "$Sslstrip_Log path User verified" echo "" Y="Y" X="Y" else echo "Asking agin. . ." fi Also, I had forgotten to set Py26="Y" if python2.6 is installed. However, the script still worked fine with this typo, but I fixed it anyway. Pleas let me know if anyone finds anything ells wrong. I am calling this 0.9.1 because I am going to reformat all the output to the screen so it is readable for 1.0. I will get to work soon on it. I just got my CompTIA A+ & Security+ certifications (I'm glad I waited for the 2009 A+ test. They dropped off everything before the year 2000 i.e. Win 3.1 95 98 Me... non of that is on the test anymore). I am taking Network+ on Wednesday and then I'll have some time free to work on this.... Until I get some Tier-1 Tech Support or Help Desk job, fingers crossed. EDIT: woops I found something ells that is stupid but it is not a problem.

It never starts the iptables daemon. It doesn't have to for the rules to take effect. The iptables daemon is for loading/unloading the iptables configurations but iptables is in the kernel and running all the time. So it is just setting the rules for the already running iptables in the kernel.

Now you need to edit the /etc/config/dhcp Configuration file. Change the IP address to ones that are appropriate for your setup. Read the comments in there... config 'dnsmasq' option 'domainneeded' '1' option 'boguspriv' '1' option 'filterwin2k' '0' option 'localise_queries' '1' option 'local' '/lan/' option 'domain' 'lan' option 'expandhosts' '1' option 'nonegcache' '0' option 'authoritative' '1' option 'readethers' '1' option 'leasefile' '/tmp/dhcp.leases' option 'resolvfile' '/tmp/resolv.conf.auto' config 'dhcp' 'lan' option 'interface' 'lan' option 'start' '100' option 'limit' '150' option 'leasetime' '720m' option 'ignore' '0' list 'dhcp_option' '3,10.110.0.1' # This is the IP address of . . #. . The Host Laptop's Net-Interface acting as GW list 'dhcp_option' '6,10.110.0.2,8.8.8.8' # This is Option 6 define the DNS server, . . # . . Then IP of Pineapple, Then Googles DNS IP config 'dhcp' 'wan' option 'interface' 'wan' option 'ignore' '1' option 'start' '100' option 'limit' '150' option 'leasetime' '720m' ! Don't Reboot Yet ! Now, Navigate to the Webif Admin Web Page of Network/Networks i.e. http://<IP ADDRESS OF YOUR PINEAPPLE AT THIS TIME>/cgi-bin/webif/network.sh OK Now, Fill in the input fields with this information. . .Agin change the IP address to ones that make sens for your setup. Connection Type = Static IP Type = Bridged IP Address = 10.110.0.2 Netmask = 255.255.255.0 Default Gateway = 10.110.0.1 Lan DNS servers = MAKE SURE THERE ARE NONE SET HERE... or make it 8.8.8.8 Now, hit the "Save Changes" Button then Apply Changes at the bottom. It probably will not reconnect so just let it sit for like 5min's then Power Cycle ---------------- If your losing Internet connection on the Windows Laptop then you need to reset the Default GW on your Laptop. You can do this with the ROUTE command. Like so.... If your real GW is say... 192.168.1.1 then do this... route delete 0.0.0.0 netmast 0.0.0.0 route add 0.0.0.0 netmask 0.0.0.0 192.168.1.1

NEW Pineapple-0.9 I moved the route setting after the iptables setting like how it was before. I never did really test 0.8 but I think I broke it by putting the route setting before the iptables setting. I'd suggest everyone use the new Pineappe-0.9.... Link posted in the first post. ---------- I plan on making Pinapple-1.0 soon. I want to reformat ALL the output to the user so it is readable. However, don't hold your breath, because I have Finals these next few weeks and I am taking the CompTIA Security+ on Monday, as well as, CompTIA A+ & Network+ by the end of May..... I need a job.

It's always good to have a few HowTo's. I'm glad to see another one for ICS on Linux. Before I wrote one I could not find any thing specifically for setting up the pineapple. Just to clarify, both the iptables rules and the value set in /proc/net/ipv4 will be back to defaults after a reboot of the Linux system. The iptables would be persistent if you save them like so... sudo /etc/init.d/iptables save The /proc directory is dynamically built on boot up, so any modifications in there are not persistent. If you would like to make IP_Forwarding persistent you should add this line to... /etc/sysctl.conf net.ipv4.ip_forward=1 ------------ To remove the iptables rule in this HowTo you run this... iptables -t nat -D POSTROUTING -o wlan0 -j MASQUERADE Ya, to disable the ip forwarding in the /proc you just do this... echo 0 | sudo tee /proc/sys/net/ipv4/ip_forward ------------- Owe, and Pineapple.sh is updated to PINEAPPLE-0.9 now. http://www.hak5.org/forums/index.php?showtopic=15200

Hoe, well I found out what that allin1.py thing is about.... It was my mistake, not a mistake in the script but a mistake in the instructions. You need to run ... ./install.sh from with in the unpacked directory. If you run just... "install.sh" in backtrack4 "Allin1 for sleuthkit" start to install. http://www.netmon.ch/allin1.html

Hum, ya I just have no idea how you are getting toughs errors. Even if you did not remove the files. The installer would just overwrite /usr/bin/pineapple.sh and /usr/src/sslstrip-0.7 I just told you to remove them to be on the safe side. You are running install.sh from within the unpacked pineapple-0.8 folder right? Because in the installer, I say copy pineapple.sh form the current directory to /usr/bin and copy the folder sslstrip-0.7 to /usr/src So, if you moved the install.sh to a different directory it would not work. However, it still would not say anything about copying allin1.py or allin1.sh because I never try to copy toughs files, at lest not explicitly. I even did a "locate allin1.py" and "locate allin1.sh" and thoughs files are not anywhere to be found on my system, so they must not even be part of sslstrip-0.7 --------------------------------------- I edited out the script form the first post. I posted it in the code block for two reason. One, to be completely transparent about what the script was doing i.e. I'm not making you part of my bot-net. Two, if I got lazy, and rapidshare deleted the scripts, it would not be lost forever. However, it was just to long and just confusing. Also, I also messed up in the instructions and said this... run "sudo install.sh" ... Now I corrected it and have... run "sudo ./install.sh"

Hum, I really don't know why your getting that error. The installer works for me in BackTrack4, both the bt4 vertion and the normal vertion. Did you remove the files and directories you made before? There is no file named allin1.py nor allin1.sh. None of the lines of text you posted can be found anywhere in my scripts. SSLstrip is a collection of python scripts but I just copy the whole file to /usr/src not /usr/bin. I am at a loss. I need more information to help out. The output you should get is this.... root@bt:~/pineapple-0.8# ./install.sh Are you Installing this to BackTrack... Y/N ? y pineapple.sh was coppied to /usr/bin/pineapple.sh /usr/src/sslstrip-0.7 was made Read, Write, &amp; Executable by Everyone sslstrip-0.7 was coppied to /usr/src/sslstrip-0.7 # - - sslstrip-0.7 - - # # GNU GENERAL PUBLIC LICENSE # Version 3, 29 June 2007 # # Author = Moxie Marlinspike # # email = moxie@thoughtcrime.org # url = http://www.thoughtcrime.org/software/sslstrip/ # # Description = A MITM tool that implements Moxie Marlinspike's HTTPS stripping attacks. # # - - sslstrip-0.7 - - # - - pineapple.sh - - # # GNU GENERAL PUBLIC LICENSE # Version 3, 29 June 2007 # # Author = Alex Herrick # # email= alex.herrick@gmail.com # url = http://alex.hrck.net/ # #--------------------- # # Author = Thomas Dwyer # # email = ThomasADwyer@gmail.com # url = http://digiassistant.com # # - - pineapple.sh - - pineapple-0.3 and sslstrip-0.7 where successfully installed You can now run this scrip by simply running sudo pineapple.sh

Hum, Ya I messed up in the installer.... Delete the files and folders you made and try the new installer. http://rapidshare.com/files/377906412/pineapple-0.8.tar.gz The installer will copy the modified /bt4/pineapple.sh to /usr/bin if you say yes to if it is BackTrack and will copy the regular pineapple.sh to /usr/bin if you say no. BUT you do not want Both scripts in /usr/bin and you do not want any /usr/bin/bt4 directory.... That was the mistake I made in the installer. I meant to copy form /bt4/pineappl.sh TO /usr/bin not to /pinapple.sh to /usr/bin/bt4. SSLstrip is installed to /usr/src and I make it R,W,X to everyone, so I can write log files to it... Not really a good thing to do, but I have so many hang-ups to deal with, so this is the easiest way to do it. If you think of a better way let me know. However, I do not want to install SSLstrip with it's installer because that just causes more problems. I also want the script to work if the user just hits Enter,Enter,Enter,Enter.... Then you just run it like this.... [user@LinuxBox ~]$ sudo pineapple.sh or [root@LinuxBox ~]# pineapple.sh There is no need to specify the directory or be in a certain directory because the scrip was copied to /usr/bin The SSLstrip log file is written to /usr/src/sslstrip-0.7/ by default but when asked you can specify any place you would like it to log to. ------------------------- The only difference between the normal pineapple.sh and the BT4 one is that the BT4 one runs SSLstrip as Root. Which is not a good thing to do but I can't span a new Xterm as UserID #1000 if you are running the Xserver as Root, such as in BackTrack.