Sebkinne

Almost. UCI will take care of it too. I forgot about the persistence. Update pushed to the bar!

You are not following the instructions. Follow https://wifipineapple.com/?flashing at the very bottom word by word and you'll have it working again.

Timezone changing has been added to the UI, based on the above patches, modified to fit in better with our usual style! Thanks!

Most of these have been added and installed. In regards to the AbuseFilter, do you have any example rules we should implement?

Good call! Added.

Thank you! Kind words are always appreciated! I never said Randomroll wasn't a great infusion, or that it wasn't a big deal that it was broken. Just that fixing it isn't a big deal! An update to randomroll was already released, so all good now anyway ;) Best Regards, Sebkinne

In your eyes, what are essential MW extensions? If you have any pointers, do let me know. I wonder if someone can come up with a better (keeping it simple and professional) theme though. Other than that, I think once the Wiki is fully up and running we'll take care of spam etc.

The firmware upgrade DID break randomroll, but it was intentional. It is part of a set of security fixes we implemented. The fix is very simple though: Just install randomroll as you normally would. Before setting it set up, SSH in and edit the following file: /sd/infusions/randomroll/assets/files/index.php. Go to the VERY end of the file and add <?php exit(); ?> to it. This needs to be the last entry in the file. Once you have completed that step, proceed setting up randomroll (especially the enable index.php). If you have already set up randomroll, first disable index.php and then do the above changes. Then re-enable it. Done. Best Regards, Sebkinne

Hey everyone, Let me clear a few things up: SSLStrip: I know many of you are having issues. The easiest way to resolve them is build the fixes (uninstalling some python libraries, creating symlinks, installing sslstrip, etc) right into the SSLStrip infusion, at least right now. What I'll be doing this week, is adding a postinstall script to the SSLStrip package. That means it will run all of these fixes for you upon install. However, this is NOT a bug in the firmware. It is a bug in SSLStrip, at least with newer libraries. However, as we haven't changed SSLStrip or anything to do with it in 1.0.1, I'm not sure what is going wrong. Randomroll: The reason randomroll is broken is because of our recent security fixes. The fixes and the result were intentional though. What happens is that ANY file that is not in the /www/ folder has a file prepended and appended. Those check if you are logged in or not and potentially do a few different things in the future. The issue here is that Foxtrot is using symlinks, like he should, as the files are too large. So, the issue is that the files aren't actually in /www/ but rather in a subfolder of /sd/. So, the script we wrote will automatically protect any .php files there. So, how can we fix it? I'm sure Foxtrot will be pushing this as an update later, but for now, install randomroll as you normally would. Before setting it set up, SSH in and edit the following file: /sd/infusions/randomroll/assets/files/index.php. Go to the VERY end of the file and add <?php exit(); ?> to it. This needs to be the last entry in the file. Once you have completed that step, proceed setting up randomroll (especially the enable index.php). If you have already set up randomroll, first disable index.php and then do the above changes. Then re-enable it. Karma has in no way changed. It was just brought up in the context of the broken randomroll. I just wanted to clarify this as people might otherwise be deterred from upgrading. So, if overall the only complain is randomroll, I think it was a successful upgrade. Best Regards, Sebkinne

Instead of making a thread like this, please keep the discussion to the thread that was created for exactly that. The release thread. There is a reason I ask for feedback in that post, to keep this organized. Thanks, Sebkinne

Seeing as it just got released, no ;) It will take a little while till updates make their way to units that are being shipped out. Best Regards, Sebkinne

Hey everyone, Now that the WiFi Pineapple MKV has been out for just over a month, it is time for the first firmware upgrade. (This is the real deal, sorry about the leaked 1.0.1). While we are able to update and fix a lot of things through the WiFi Pineapple Bar (and have if you have been following the bar releases), not everything can or should be fixed like that. Not only does the WiFi Pineapple MKV firmware version 1.0.1 come with all the latest system infusions already installed, but it also contains the following fixes: Fixing radio0/1 switching after a factory reset Some userinterface functions have been improved Security fixes Smaller bugfixes. We are aware of a few other issues, especially regarding the SD card stability and of course Karma's stability. We want to reassure you that we are working on fixes and they will be coming very soon. In general we have some pretty big things planned for the near future, so keep an eye out for that! A more detailed post of upcoming features, projects and future on the WiFi Pineapple MKV will also be surfacing in the next couple of days. Download: Over the air through the web-interface. (alternatively at https://wifipineapple.com?downloads) MD5: 17e4384a79e7fef9c267f7da34ed4743 Note: To flash this over the web-interface, please make sure your info tile is at version >= 1.4 As usual, please leave any feedback in this thread. Bugs, suggestions can also be left here. We hope you enjoy this release! -The WiFi Pineapple Team

The real 1.0.1 was just released.

The 1.0.1 you have isn't the final 1.0.1 - sorry! It was a build that showed up for a few minutes that shouldn't have been visible but due to a bug was. Don't worry, the final version has that fixed.

First of all, wrong forum. Second of all, it is impossible. On the WiFi Pineapple MKV, that's how the interface looks. It is not just CSS. If you wanted the old interface back, you can try to port it over, but you will loose all functionality and software support. Best Regards, Sebkinne

Sure! We are going to be making use of the sqlite database we have onboard now for exactly this. It will also mean that the entries remain after a re-boot, or at least load them from the database.

At the moment they are kept in RAM, not flash. Our next iteration of karma actually has a lot more when it comes to usability and versatility. Stay tuned.

I suggest 12V if you can, but 9V is fine. I wouldn't go down to 5V.

NOTE: This is NOT needed in 1.0.4 anymore and could harm your device. For anyone having issues with the SD card not mounting to /sd because it shows up as /dev/sdb, please follow the instructions below. Please note that this is just a fix for anyone having issues, a real fix in terms of USB drivers is coming soon. Bear with us on that one. //make sure to have a working internet connection on your pineapple. Otherwise you will be left without the mount command. //remove the old mount utils by busybox rm /bin/mount rm /bin/umount //Install the new mount utils with UUID support opkg update opkg install mount-utils Now that you have the new mount installed, run the "blkid" command. The output should look something like this: root@Pineapple:~# blkid /dev/mtdblock2: TYPE="squashfs" /dev/sda1: UUID="bfeae94e-79bd-4ed4-af0d-eed86f666df9" TYPE="ext4" Make note of that UUID. Now, edit the file /etc/config/fstab and remove the entire "mount" section. It should contain references to sda1 and /sd. Also edit the /etc/fstab file and remove the line that references /sd and sda1. Once you have done that, simply edit your /etc/rc.local file and add the following line: mount UUID=bfeae94e-79bd-4ed4-af0d-eed86f666df9 /sd Make sure you swap my UUID for yours found in the previous step. Save the /etc/rc.local file and reboot. You should now have access to everything, no matter if your device is sda, sdb, sdc etc. Remember, this is a temporary fix. While UUID mounting is great, it is a bit flaky to automate the process for our users. That is why we are modifying the USB drivers to prevent this from being needed. Best Regards, Sebkinne

Personally, the only thing I ever do in coffee shops in regards to the Pineapple is develop. It's great to sit in a comfortable big chair, sipping your coffee / tea and coding. A nice change in scenery. Saying that, I fully agree with everyone above. The original scenario is not really a good example. Using encryption on your SD cards is entirely possible in the future and something we thought about already. It is at least something we can agree has a realistic scenario: You are on a legit pentest. You are on your way back home and for whatever silly reason you leave your bag on the bus. Or it get's stolen. Or it is deployed on a pentest and some employee wonders what it is, grabs it and wants to check out what's on it, but the SD card / pineapple may contain sensitive data even to some employees of the company. All of the above are realistic scenarios and therefore encryption is something we can push -- a little later. We are doing lots of USB / SD improvements right now and this will be one of the upcoming things. Think encFS etc. Best Regards, Sebkinne

Ach, verdammt. Yeah, fixed and being pushed to the bar right now! Danke! Sebkinne

In that case, please contact shop@hak5.org. We'll sort you out!

It looks like you might have a hardware failure. Just to verify, you have shut down your pineapple, flipped to DIPs to up, up, up, down (left to right), booted it with an Ethernet cable plugged in and a static IP of 192.168.1.2 and are not able to reach the web-interface? If so, contact shop@hak5.org for an exchange. Doesn't sound like it broke. Please follow the instructions found at https://wifipineapple.com/?flashing at the very bottom (Unbricking a bricked MKV). Best Regards, Sebkinne

The reason this is happening is because of a small bug with the disconnect function. If your interface is set to STA mode and there is no SSID, it will always connect to the default SSID - sorry. Update your network tile through the pineapple bar to 1.2 (just released) and head over to the clientmode section. From there, you are able to hit disconnect and it will permanently disconnect you. You also will not see the connection to wlan0. Best Regards, Sebkinne

I have updated the network tile to change the channel. The encryption detection is working fine from what I can see, with the logs you provided. Other updates are that disconnect now doesn't re-connect at times and that you can choose your default route. Hope this helps. Best Regards, Sebkinne