Sebkinne

The pineapple doesn't have an FTP server installed. Use SCP instead.

The new repository can be found here.

http://forums.hak5.org/index.php?/topic/28600-wifi-pineapple-jasager-related-questions/

Please see my post above.

To elaborate on my previous answer: You have upgraded to a version above 2.6.4. This means that the webUI is now at http://172.16.42.1:1471 You can find all this information in the changelog and in the forum if you use the search function / read a few posts on the front page. You did nothing wrong with the upgrade, you just didn't read the changelog.

Http://172.16.42.1:1471

Please make sure that you connect to the pineapple using the POE / LAN port and not the WAN port. Once you have connected over the POE/LAN port, go to http://172.16.42.1:1471 or http://172.16.42.1/pineapple (depends on firmware version). Make sure that you set your IP (on your laptop) to be 172.16.42.42.

Use the search next time. http://172.16.42.1:1471

Sure thing! All versions above 2.7.0 have that command built in.

Ah, I'm sorry! You aren't on 2.7.1+. I have a fix for you ;) SSH into your device and execute: mtd -r erase rootfs_data

Yeah - as deathdealerxx said, it is but only on stable releases.

Right, in that case, navigate to the advanced UI and hit the factory reset button - that will sort it out for you.

Restart the pineapple and remove the infusions again.

Yeah, getting the RAM is not an issue. Getting the extra flash is. You can write the bootloader over JTAG, uboot or even through OpenWRT as long as the kernel supports it.

Yeah, no - What I meant was the actually 8mb flash space you get. RAM is a different matter. To me the most important reason I would get a bigger device was to get more main memory. People think that the 64MB board should do just that. It doesn't with what we have, at least not right now. We were working on a modified bootloader etc but it just isn't very viable.

Uboot doesn't support that flash size on this model. Neither does OpenWRT for the hornet.

Wireless Encryption - Robin Wood (Digininja) Seeing as people keep asking various questions about the Pineapple and encryption I thought I'd do a quick write up on how wifi encryption works. I'm not going to go into technical detail just cover the basics but hopefully it will answer the questions we keep getting asked. Association The first thing a client does when it wants to talk to an AP is to associate. It does this by asking to AP if it can associate. The AP will check things like MAC address filtering and other stuff and say either yes or no. There is no proving anything at this point, no challenges etc. If the association is allowed then they move on to the next stage, if it isn't allowed then the association fails and the client is disconnected. Authentication For our purposes there are three types of authentication, none, WEP and WPA-PSK. none - No authentication happens and the client is allowed on to the network. This is the way open networks work and the way the Pineapple works by default WEP - The AP sends a challenge to the client, the client manipulates the challenge using the key and sends it back to the AP. The AP checks the generated value and if it matches the client is authenticated. Both parties can then use the key to encrypt traffic and communicate securely. The key is never sent in the open, just the response to the challenge. This is why we can't capture the key which is a common question we get asked. Authentication is one way, the client authenticates to the AP but the AP isn't authenticated back to the client. As far as the Pineapple is concerned we can send the challenge and accept any response the client sends to authenticate the client but we would then be stuck without the key to encrypt/decrypt the traffic so we couldn't actually talk to the client. Very dumbed down but cracking the key is done by capturing a lot of traffic then brute forcing the key that is used to encrypt the traffic. WPA-PSK - The AP sends a challenge to the client, the client manipulates it and sends it back to the AP along with a challenge of its own. The AP manipulates the challenge and sends that back to the client. This is called the four way handshake as 4 packets are sent during the communication. Authentication is mutual, the AP authenticates the client and vice-versa. As with WEP, the key is not sent in the air so it can't be captured. Cracking the PSK is done by capturing the 4 way handshake, in reality most of the time all you need is the first two packets, the challenge that is sent to the client and the reply from the client to the AP. You then fire the cracker off against those two packets. What you should note here is that the key you are cracking is the key the client is using as you have the client challenge and the response it generated. If the client doesn't know the PSK then the response it generates isn't accepted by the AP and the authentication fails, the client is disassociated. If the AP doesn't know the PSK then it can accept the response from the client but it can't generate a valid response to send to the client so the client will abort the authentication process. This means we can't fake the authentication process. As I said a the start, this isn't designed to be a technical description of how it all works. If you want full technical details I highly recommend you watch the Security Tube WiFi Megaprimer . I know a lot about wifi but I learnt things from it so it is definitely worth watching.

WiFi Pineapple Booklet - A free download (Darren Kitchen) After weeks of researching, writing, rewriting and more fun then I care to mention with page layout software, I present to you the first WiFi Pineapple book. Booklet really. It's just 50 pages. This booklet outlines basic usage of the WiFi Pineapple including; Connectivity, Power Considerations, Windows and Linux setup, Inside the Web Interface, SSH Management, Meterpreter, Expansion Modules and more. Download the PDF: https://www.dropbox.com/s/dr6sedfteu8atwq/hak5-mk4-book1e.pdf Or buy one on the HakShop for $5: http://hakshop.myshopify.com/products/wifi-pineapple-booklet

*** DISCLAIMER *** Jasager is a projected intended for the security professional. It can be a valuable tool for penetration testing or other such security auditing. We do not encourage using Jasager with malicious intent. As with any tools, this tool can be used for good or bad. Here are some of the good uses: In your office - Set it up to capture laptops before the bad guys do. Use a website to remind them of the rules. On penetration tests - Lure in target clients to find a back door into networks. At home - Have fun with neighbors who try to steal your WiFi bandwidth. - Please read through the wiki page and FAQ before posting problems. - Ensure you are using the most current compiled firmware before creating a bug/problem thread/post. WARNING: DO NOT firmware flash your device on battery power. If you have ordered your WiFi Pineapple from the HakShop, you may need to flash with the newest compiled firmware. Most Current Information: http://cloud.wifipineapple.com

2.7.4 Released.

Yeah, if you look at the MK4 redirect.php file: <?php $ref = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; if (strpos($ref, "example")){ header('Location: example.html'); } require('error.php'); ?> The REQUEST_URI is important.

Please post any questions regarding the WiFi Pineapple to the appropriate forum.

I have to agree with some people here: OpenWRT is an OS that has a few downsides but many many more upsides. We like it a lot. If your devices start shutting down it is most likely a power issue, so a powered hub should fix your issues. The stability of USB has greatly improved in 2.7.1+, so if you are still having issues, make sure to upgrade when 2.8.0 (stable) is out. You never stated what firmware version you are on. Before you buy a hub, I would upgrade to 2.7.3. While it is not marked as stable, it pretty much is. Modules DO NOT all work as they haven't been moved over. That is fine though as that is how we do the dev releases. If this fixes your issues, you won't have to wait long for the new stable firmware to be out -- once it is, a lot of the issues people here are having in regards to USB (storage and other devices).

2.7.4 will be up shortly. It has the SSH bug fixed (for a while now, just needed to resolve some other issues) and a couple of other small bugs squashed. The next version up will have the module repository switch allowing for all modules to work (as long as they have been submitted properly).

Hey everyone, IPB 3.4 has introduced a new feature called "Choose Best Answer". We will be trialing this feature in the Jasager board as it could really benefit the information flow. Topic starters now have the ability to mark a reply to a post as the best answer. Doing so will mark the entire topic as "Answered". This is a good way to Point out that there is an answer in this thread in case others have the same issue. Show people what exactly fixed your issues / answered your questions. In case you fix the issue yourself or put a few answers together, why don't you make a post saying what fixed it or what the answer was and mark that as the best answer? Using this feature means that people can find important information much faster than before. Thanks!