-
Posts
3,978 -
Joined
-
Days Won
331
Everything posted by Sebkinne
-
Dear All, First off, let me apologize for earlier this year, I promised to release my work on the OM1P work on things and just didn't ever really get the chance to. Now that MK3 has been released, I thought I would build the MK3 interface into my previous work. The files in the link below are your complete set up. No need to install extra packages or awkwardly copy files over! So, without further ado, here are the .lzma and .squashfs files: 1.9 Release I do not accept any responsibility if you brick your device. I doubt you will but flashing is always risky! The files should work for the MK2, MK3, OM1P and most Atheros based routers. If you have a different router and want to get this firmware, let me know and I will see what I can do. After flashing these two files, the pineapple is available under 172.16.42.1. The first boot after flashing will take around five minutes, depending on your device, maybe longer. It is executing boot scripts configuring itself. Don't worry though! After about five minutes, ssh into the router. If you can't ssh, wait a bit longer. It will work. When you ssh, use "root" as the username and "pineapplesareyummy" as the password. To change the password please execute "passwd" and change it there. There you go, you should be all set up now! I hope you enjoy this and accept my apology ;) Credits go to Darren and Robin for Karma and MK3. Thank you guys for your amazing work! If there are any questions, do not hesitate to ask. Best Regards, Sebkinne Changelog: 1.0: Initial Release 1.1: Fixed Mac address in /etc/conf/wireless 1.2: Added boot scripts 1.3: Enabled SSH by default. Set root password. 1.4: Sped up boot process. 1.5: Eliminated reboot + added macchanger (Not added to the startkarma script though, I will be adding a toggle / I am sure Darren has thought of that) 1.6-Beta: Fixed startup WIFI. (Not tested yet) 1.7: Protected pineapple interface, fixed wifi, added tweaks. 1.8: Added wifi LED. Note: Wifi LED will only activate when karma is activated. Normal wifi will not turn LED on. 1.9: Fixed the "restore factory defaults" in pineapple interface. Upcoming / todo: *Look into ngrep not working *Fix de-auth webinterface *fix wifi mode to g
-
Uninstall Php On My Pineapple
Sebkinne replied to Scurvey's topic in WiFi Pineapples Mark I, II, III
Simply "vi httpd.conf" and remove the unwanted line. Try then, if it still does not work, try obtaining a tarball containing the php files. Seb -
Hey guys, I am just creating an extra thread in hope that someone knows the answer: What exact open-mesh router model is the V2? It looks like an OM1P, but that seems unlikely, except if Darren found a way to make the old firmware work (which I would still be interested in, just to know how). So what model is it? Could someone that has a Pineapple v2 check the back? Best, Seb
-
No, there is no "master reset", but you could try running a ping to the router with it not having power. Then connect the power and see if you get any returned pings. Make sure that you are on the same subnet. If you do get a reply, you can manually use something like putty or if you are using linux the built in client to telnet to the routers IP. I had that problem with the old Fon, I cant use any standard flash app for some reason, I can only do it by going into redboot myself. Lastly there is always using a serial cable to access redboot, allowing you to flash and enable telnet listening. Hope that helped a bit, Seb
-
Does it flash anyway? I get the same error with an OM1P, but it still flashes after about 5-6 seconds. If it flashes I would not worry about it. Best, Seb
-
How Redirect Traffic From Jasager Passing My Mac
Sebkinne replied to niels's topic in WiFi Pineapples Mark I, II, III
It is quite easy as ICS is built into OSX. You do however make your pineapple listen on 192.168.2.1 (that being your osx machine), you can set the pineapple to 192.168.2.2, with the default route set to 192.168.2.1. As far as I know, it is not easily possible to change the ip. It is fairly simple and works out of the box on the mac side. Seb -
MK2: Jasagerpwn [script] [video]
Sebkinne replied to leg3nd's topic in WiFi Pineapples Mark I, II, III
Thank you for posting this again! I will give it a shot and let you know how it went! Best, Seb -
[Version 1] Compiling With Gcc-avr (backtrack4)
Sebkinne replied to Sebkinne's topic in Classic USB Rubber Ducky
Yeah, the idea of updating came to mind to me too of course, tried it, even recompiled the toolchain. As SWFu said, BT4 repos are way out of date, which is kind of sad but yeah...oh well. I got it working now actually, i messed up my avr install, removed it, and reinstalled using apt-get. suddenly it recognized the chip and yeah, thanks for the suggestions though Seb -
Hey everyone, As many of you, i have been busily coding for the ducky. Now, I have run into a problem: AVR for backtrack4 does not support the teensy 2.0 yet (it does support the 2.0++). Now, I do have a 2.0++ too but I want to make use of the 2.0 on my version of backtrack. Did anyone have the same problem? Can anyone point me in the right direction? Thanks in advance, Seb
-
Yeah, sorry to break you the bad news.. :) Wait, thats not how its done? More beer? :)
-
[Version 1] Disabling Standard Defences
Sebkinne replied to 1n5aN1aC's topic in Classic USB Rubber Ducky
Didnt think of that, great :) Ill add it to my list..should really write that up today :) Seb -
[Version 1] Uploading Executables?
Sebkinne replied to AndrewFaulds's topic in Classic USB Rubber Ducky
In regards of disconnecting the ducky, great idea, good that you thought of that! I dont think copy con will work if the antivirus running (if not killed as discussed in another thread) has an instant scanning feature scanning contents of currently modified files.. Seb -
[Version 1] Downloading File With Ducky
Sebkinne replied to nox404's topic in Classic USB Rubber Ducky
Looks good, I will try it out on a range of different machienes, good work! Seb -
[Version 1] Disabling Standard Defences
Sebkinne replied to 1n5aN1aC's topic in Classic USB Rubber Ducky
You have a point there. However, when I gave it a try with McAfee, after 10 minutes the program will start the processes again. That does however give us a timeframe of 10 minutes.. :) Seb -
[Version 1] Speculative Developments
Sebkinne replied to anthrounit's topic in Classic USB Rubber Ducky
The Duck hunt program blocks HIDs I believe (correct me if Im wrong..). That would mean any HID device. Nice thought, but not going to work. Seb Source: DuckHunt 1.1.1: This application will prevent all keyboard and mouse input when new USB devices are attached and will only allow input again when the device is removed. It will prevent the USB Rubber Duck from functioning and on Vista and higher it will also prevent the use of the Autorun dialog. Requires .net Framework 3.5 and on Vista/7 also requires Administrator privileges. -
[Version 1] Ducky And Sensing Key Strokes
Sebkinne replied to Pinni3's topic in Classic USB Rubber Ducky
All really good ideas, but it would really require it to be between the keyboard and computer.. OR another thing you could do is execute TWO payloads. One that is dormant waiting for it to be activated, the other would be executed right away, sniffing the packets from the keyboard to the computer. Im pretty sure that that is the only software way this is possible. Seb -
[Version 1] Uploading Executables?
Sebkinne replied to AndrewFaulds's topic in Classic USB Rubber Ducky
Dyndns normally should work, but surprisingly i noticed that metasploit will generate a payload that seems to resolve the dns name and use the ip adress to create the payload.. Meaning that its still not going to update the ip.. I might be wrong, but thats what I noticed when i did my experimentations.. But reverse TCP is always better than using a bind, who now doesnt own a router that blocks all the standard ports..? Seb -
What I would do in your case: Open the casing up, see if on the top part of the casing you see any black / brown marks (caused by heat). If that is the case, it is most likely fried. Did you experiment with any battery packs or other way of powering? 4 double A batteries should not fry your device, and a USB cable cut off should also be allright. I suggest you dont try with other batteries, cables etc. as there is the potential of it going "boom" Seb
-
[Version 1] Uploading Executables?
Sebkinne replied to AndrewFaulds's topic in Classic USB Rubber Ducky
Yeah, thats why I was a little unsure but bytes sounds right, otherwise we have a problem. ;) I guess we can then tie in metasploit reverse shells, they are below the 32 bytes I think... although I think the reverse vnc is 36 bytes, but still, this method should help a lot. Maybe we should start a thread with a compilation of ideas or methods such as this? -
[Version 1] Uploading Executables?
Sebkinne replied to AndrewFaulds's topic in Classic USB Rubber Ducky
Actually, thats a good idea, I will take a look at that in a bit. Problem could potentially be space though? Seb -
[Version 1] Disabling Standard Defences
Sebkinne replied to 1n5aN1aC's topic in Classic USB Rubber Ducky
^- Exactly. -
[Version 1] Downloading File With Ducky
Sebkinne replied to nox404's topic in Classic USB Rubber Ducky
Actually, the av will recognize it when the ducky just creates it like above in the CommandPromt.. when you write the commands to the file dl.vb with the > and >>, it writes to the file. once the last part of the file is complete, the av will call it, because it monitors files that are JUST being written to... so, a different method needs to be found...