[Introducing the WiFi Pineapple NANO]

If I were to order just the NANO, would I be able to buy everything else in the tatical bundle at a later time? (Case and battery)

I ask because the tactical bundle is out of stock and christmas is in a few hours for me :p

Yes, we will have an upgrade path available in an upcoming WiFi Pineapple mini-store on the HakShop that'll house all of the accessories.

[Introducing the WiFi Pineapple NANO]

Hi,

Any chance on documentation on how to use this thing?

Just got mine in the mail today...very excited but lost as to "what to do and how to do it".

It was the developers kit, and quite impressed.

Would love to learn the full power of this machine.

Thanks

This is subject to change as the project moves forward. Updates will be pushed to the system Help module. Here's 1.0

Dashboard

The dashboard provides an at-a-glance view of the WiFi Pineapple status, landing page browser stats, notifications and bulletins.

Landing Page Browser Stats will display hits from popular web browsers when the Landing Page is enabled from Configuration. Notifications will display notifications from modules. The Bulletins feature fetches the latest project information from wifipineapple.com.

Recon

Unlike traditional War Driving, whereby the auditor passively listens for beacons being advertised by Access Points to paint a picture of the surrounding WiFi landscape, the WiFi Pineapple Recon goes one giant step further.

By monitoring channels for both beacons and data activity, Recon paints a more complete picture by combining Access Points with their respective clients. With the WiFi landscape displayed in this manner, a tester can quickly identify potential targets from Recon and immediately take action.

Recon allows the auditor to scan for nearby Access Points, or Access Points and their respective Clients. Clients are identified by sniffing for active traffic and are displayed underneath their parent Access Point. If a Client is associated to an Access Point but idle, it may not appear in the list. Increasing scan duration from the drop-down allows the sniffer to see more potential traffic on each channel.

The SSID, MAC, Security, Channel and Signal of Access Points are displayed in the table view. Clients are listed as MAC addresses only.

Clicking the menu button next to an MAC address shows a menu providing buttons to add or remove the MAC from the PineAP Filter or PineAP Tracking feature. Deauth uses the multiplier to send multiple deauthentication frames to the target Client. A multiplier of 2 is twice as many deauthentication frames as a multiplier of 1.

Clicking the menu button next to an SSID shows a menu providing buttons to add or remove the SSID from the PineAP Pool or PineAP Filter. Deauth Client will send deauthentication frames to all associated clients currently recognized by Recon using the multiplier. A multiplier of 2 is twice as many deauthentication frames as a multiplier of 1.

Unassociated Clients show in a unique table listed by MAC Address. These Clients have active radios, however are not associated to an Access Point.

Out Of Range Clients will display in a unique table along with their relationship to their parent Access Point by MAC address only.

Checking the Continuous box will enable an ongoing scan. The tables will update the the latest information the the scan duration interval until the scan is stopped.

Clients

The WiFi Pineapple will allow clients to connect if Allow Associations is checked in PineAP. Connected clients will list in the Clients view along with their respective MAC Address, IP Address, the SSID to which they have connected (if Log Probes is enabled in PineAP) and Hostname. If the SSID or Hostname is unavailable it will display as such.

The Kick button allows the auditor to remove a client from the WiFi Pineapple network.

Clicking the menu button next to an MAC address shows a menu providing buttons to add or remove the MAC from the PineAP Filter or PineAP Tracking feature.

Clicking the menu button next to an SSID shows a menu providing buttons to add or remove the SSID from the PineAP Pool or PineAP Filter.

The Clients table can be updated by clicking the Refresh button.

Filters

Filtering may be performed by Client MAC Address or SSID. Both Deny and Allow modes are supported and this option may be toggled using the switch button.

Client Filtering

In Deny Mode, Clients with MAC Addresses listed in the Client Filter will not be able to connect to the WiFi Pineapple. In Allow Mode, only Clients with MAC Addresses listed in the Client Filter will be able to connect. When performing an audit, it is best to use Allow Mode to ensure that only clients within the scope of engagement are targeted.

Client MAC Addresses and SSIDs may be added from menu buttons associated with their respective listings in Recon or Client views.

SSID Filtering

In Deny Mode, clients will not be able to associate with the WiFi Pineapple if they are attempting to connect to an SSID listed in the filter. In Allow Mode, clients will only be able to associate with the WiFi Pineapple if the SSID they are attempting to connect to is listed in the filter.

SSIDs may be added to the filter from the menu buttons associated with their respective listings in Recon.

Managing Filters

Filtered Clients and SSIDs will display in the lists. Client MAC addresses and SSIDs may be added to the list manually by using the text input field and Add button. Clicking a Client MAC or SSID will populate the text input field and clicking Remove will remove the entry from the Filter list.

PineAP

PineAP is an effective, modular rogue access point suite designed to aid the WiFi auditor in collecting clients by thoroughly mimicking Preferred Networks.

Allow Associations - when enabled, Client devices will be allowed to associate with the WiFi Pineapple through any requested SSID. E.g. If a Client device sends a Probe Request for SSID "example" the WiFi Pineapple will acknowledge the request, respond and allow the Client device to associate and connect to the WiFi Pineapple network. This feature works in conjunction with Client and SSID filtering. When disabled, clients will not be allowed to associate. Formerly named Karma.

Log Probes - when enabled, Client device Probe Requests will be logged. This feature provides information for analysis from the Logging view.

Log Associations - when enabled, Client Associations to the WiFi Pineapple will be logged. This feature provides information for analysis from the Logging view. If disabled, Associations will not be logged and may not appear in the SSID column from the Clients view.

PineAP Daemon - This daemon must be enabled in order to use the Beacon Response, Capture SSIDs to Pool and Broadcast SSID pool features. The PineAP Daemon will coordinate the appropriate actions based on Source and Target MAC settings as well as the Beacon Response and SSID Broadcast intervals. This feature requires access to wlan1 and cannot be used in conjunction with WiFi Client Mode if wlan1 is used. PineAP Daemon must be enabled and PineAP Settings must be saved before the associated features will be available.

Beacon Response - when enabled, targeted beacons will be transmitted to Client devices in response to a Probe Request with the appropriate SSID. These beacons will not be transmitted to broadcast, but rather specifically to the device making the probe request. This prevents the beacon from being visible to other devices. If Allow Associations is enabled and the Client device associates with the WiFi Pineapple, then targeted Beacon Responses will continue to transmit to the Client device for a period of time. Beacon Responses will use the Source MAC setting, which is also shared with the Broadcast SSID Pool feature.The Beacon Response Interval will dictate how frequently to transmit.

Capture SSIDs to Pool - when enabled, the sniffer will save the SSID data of captured Probe Requests to the SSID Pool. This passive feature benefits the Broadcast SSID Pool feature. The SSID Pool may also be managed manually.

Broadcast SSID Pool - when enabled, the SSID Pool will be broadcast as beacons using the Source MAC and Target MAC settings at the interval specified. Formerly named Dogma.

Source MAC - by default, this is the MAC address of wlan0 on the WiFi Pineapple. This is the interface for which associations may be allowed and also hosts the Management Access Point. The MAC address of wlan0 may be changed from the Networking view. This MAC address may be set to that of a secondary WiFi Pineapple if desired.

Target MAC - by default, this is the broadcast MAC address FF:FF:FF:FF:FF:FF. Frames transmitted to broadcast will be seen by all nearby Client devices. Setting the Client MAC address will target PineAP features at the single device. Similar to Beacon Response, only SSIDs Broadcast from the Pool will be visible to the targeted Client device. When used in conjunction with Filtering, this feature enables precision device targeting.

Broadcast SSID Pool Interval - Specifies the Interval in which to Broadcast SSIDs from the Pool. Aggressive requires more CPU usage while Lower requires less.

Beacon Response Interval - Specifies the Interval in which to transmit Beacon Responses. Aggressive requires more CPU usage while Lower requires less.

Save as Default on Boot - From the Configuration menu, Saving as the Default on Boot will remember the saved PineAP features and settings for use on next boot.

SSID Pool - populated automatically when the Capture SSID Pool feature is enabled. May also be added to manually using the text field and Add button. Similarly, clicking a listed SSID will populate the text field allowing for the removal of the entry using the Remove button. From the SSID Pool Menu, Clear SSID Pool will remove all entries.

Tracking

The tracking feature will continuously scan for specified Clients by MAC address and execute a customizable Tracking Script. This feature requires the Log Probes and/or Log Associations features of PineAP to be enabled.

Clients may be specified manually using the text field and add button. Clients may also be added to the Client Tracking List by using the PineAP Tracking Add MAC button from an associated MAC address within the Clients view or Recon view. Selecting a MAC address from the Client Tracking List will populate the text field for removal using the Remove button.

When a client is identified by a logged Probe or Association, the customizable Tracking Script will execute. The Tracking Script defines variables for the Client MAC address, the identification type (Probe or Association) and the SSID with which the Client is Probing or Associating.

Logging

The Logging view displays the PineAP Log, System Log, Dmesg and Reporting Log.

PineAP Log - chronologically displays PineAP events if Log Probes and/or Log Associations are enabled. Each event contains a timestamp, event type (Probe Request or Association), the MAC address of the Client device, and the SSID for which the device is Probing or Associating.

PineAP Log Filtering

The Display Probes and Display Associations checkboxes enable the auditor to toggle the display of Probes or Associations. The Remove Duplicates checkbox will remove any duplicate entry, regardless of timestamp. For example, if a Client transmits a Probe Request for SSID "example" 10 times in 1 hour, checking the Remove Duplicates box will show only the first entry.

Filtering by MAC address and SSID is supported by completing the associated text fields. For example, if de:ad:be:ef:c0:fe is input in the MAC text field, only that Client device activity will show in the PineAP Log. Similarly the Log may be filtered by SSID.

Filters do not apply until the Apply Filter button is pressed. Clear Filter will reset to the default and display all captured data. Refresh Log will obtain the latest log data from PineAP and Clear Log will empty the Log File. By default the comma tab delimited PineAP log is located in /tmp and will not be saved after a reboot.

Reporting

This feature enables the auditor to generate reports at a specified interval. The report may be sent via email and/or saved locally on a suitable SD card. See the Format SD Card option from the USB menu on the Advanced view to setup a new card. Email Configuration must be complete in order for the Send Report via email function to operate successfully.

The Report Contents may contain: the PineAP Log with an option to clear after generating the report, a PineAP Site Survey similar to the Recon View with option to specify AP & Client scan duration, and PineAP Probing and Tracked Clients.

Networking

From the Networking view, the auditor may make changes to the Routing, Access Point, MAC Addresses, Hostname and connect to an Access Point using WiFi Client Mode.

Route - the Kernel IP routing table is displayed and may be modified for the selected interface. The Route menu enables the auditor to Restart DNS. By default the expected Default Gateway is 172.16.42.42. When using the WiFi Pineapple Connector Android app, IP routing will automatically update to use usb0 as the default gateway.

Access Point - The WiFi Pineapple primary open access point and management access point may be configured. Both the open and management access point share the same channel. The open access point may be hidden and the management access point may be disabled.

WiFi Client Mode - this feature enables the auditor to connect the WiFi Pineapple to another wireless access point for Internet or local network access. When using WiFi Client Mode, the IP routing will automatically update to use the selected interface. The WiFi Pineapple can be used with a number of supported USB WiFi adapters to add a third (wlan2) interface. wlan0 is reserved for use by the Access Point and wlan1 is required by PineAP and cannot be used if the PineAP Daemon and its subsequent features are being used.

To connect to a nearby Access Point, select the desired Interface and click Scan. From the Access Point list, choose the desired network, enter the Passphrase (if required) and click Connect. Once connected the WiFi Pineapple IP address will display and the Default Route will update to that of the newly connected network. Click Disconnect to end the connection.

MAC Address - The Current MAC address for the selected interface will display. A New MAC address may be specified manually, or set randomly using the New MAC text field and Set New MAC or Set Random MAC buttons. MAC Addresses may be reset to default from the MAC Address menu button. Changing MAC addresses may disconnect connected clients from the WiFi Pineapple.

Advanced - The Hostname may be updated using the hostname text field and Update Hostname button. Wireless configuration may be reset using the Reset WiFi Config to Defaults option from the Advanced menu button. The output of ifconfig is displayed.

Configuration

The Configuration view provides the auditor with means to set general settings and modify the landing page.

General - Timezone settings is displayed and may be manually selected. The system password may be set. The WiFi Pineapple may be rebooted or reset to factory defaults from the General menu button.

Landing Page - when enabled, this feature will act as a captive portal. New clients connecting to the WiFi Pineapple will be forwarded to this landing page. Some client devices will automatically launch a browser to this page upon connection. Landing page browser stats will display on the dashboard. PHP and HTML are accepted. The Landing Page may only display if the WiFi Pineapple has an Internet connection.

Advanced

The Advanced view provides the auditor with information on system resources, USB devices, file system table, CSS and the ability to upgrade the WiFi Pineapple firmware.

Resources - displays file system disk usage and memory. From the Resources menu button Page Caches may be dropped.

USB - displays connected USB peripherals and allows the auditor to set the file system table (fstab). SD cards may be formatted from the USB menu button.

CSS - The WiFi Pineapple Web Interface stylesheet may be modified.

Firmware Upgrade - displays current firmware version and allows the auditor to check for updates. This requires an Internet connection and will initiate a connection to WiFiPineapple.com. If an update is available, the changelog will display and the option to Perform Upgrade will be available. Users are advised to carefully read the warnings related to the firmware upgrade feature.

[When will Modules be ready ?]

USB tethering is disabled on my phone - I assume rooting and flashing the ROM could set me free; that said - I've already set up the nano and can get to the web admin; am I missing anything in admin that is app specific, or can I survive on web interface? Pros and cons? Thanks!

The pro of the WiFi Pineapple Connector app for Android is that it's a convenient way to setup Internet Connection Sharing with a mobile device and manage the WiFi Pineapple through the responsive Web Interface.

Couple that with tools on Android -- Like Kali Nethunter -- and you've have a really lethal combo.

The app does require USB Tethering ability. I didn't realize any carriers still disabled it in this day and age.

[Questions about Client mode Mac / Windows]

This should work - but I don't have a mac to test.

https://github.com/TGYK/OSXwp5

https://forums.hak5.org/index.php?/topic/33801-mac-osx-internet-sharing-with-wifi-pineapple-howto/

Can you report back?

[When will Modules be ready ?]

I'm planning on doing some videos covering the core functionality. For right now I highly recommend checking out the Help section in the new interface. I know it sorta sounds like I'm saying RTFM, but as the author of TFM -- I tend to think it's pretty good

[Introducing the WiFi Pineapple NANO]

Darren, thank you for that walk through on the qa process and updates you've made, it makes me feel much better about the nano, I had contacted support at the time and basically got a canned response about the return period. it was from the first release batch which was quite some time ago, I don't expect a replacement this late in the game but I appreciate the offer, that's encouraging as well.

Thanks for understanding. We were caught off guard with the first batch at release since it was so new and different. Took us a bit to get it all smoothed out and it's these lessons we're carrying forward into the next gen. Offer stands. Thanks for sharing!

[Introducing the WiFi Pineapple NANO]

k so let me first say congratulations on the next pineapple, I have mine ordered.

I don't mean to be a downer but I am terribly concerned it's going to be another let down for me on account of my mark V dying 45 days after purchase and now that it's being discontinued I can't help but wonder if there isn't more to it's being abandoned than just the chipset sourcing?

I'm honestly concerned about quality control and that this evaluation nano will also fail soon after the return period, i do understand it's a work in progress and I admire what you're doing I can't even imagine the hurdles you deal with bringing these products to market but why didn't you simply replace the chipset and continue perfecting the mark V why start from the ground up with a new product, is the quality of the nano going to be better than the mark v?

leathalinjexion, first let me personally say I'm sorry we let you down. Your WiFi Pineapple was still under warranty at that time and we work very hard to make the customer experience as best as possible. We have a very limited number of Mark Vs so you're welcome to contact shop@hak5.org and we'll see what we can do about getting the unit swapped after the holiday break.

Quality control wise, I feel strongly about your sentiments. We learned a lot about the Mark V once we performed proper failure analysis with our manufacturing partner, and that was a new experience for us since we weren't used to that with the Mark IVs made by ALFA. Using the knowledge we gain from failure analysis we made changes to both the PCB (v1.3 to v1.4) and to the box - moving from a cardboard stabilizer to foam.

We did attempt a 1.5 rev of the Mark V in anticipation of the RTL8187 discontinuation, however the prototype brought forth its own unique set of issues. Rather than continue down that road we decided to take things to the next level and build a whole new WiFi Pineapple line based on the feedback we had received, user testing, and some amazing new ideas that I can't wait to come to fruition.

MK5 with alternate 2nd radio

Going into Gen 6 we very much had these lessons in mind. We've been meticulous in design and testing - which is one of the reasons why the process has taken so long. We went back to ALFA for the NANO, as you can see with the 00:C0:CA OUI. Our forthcoming 5G solution is being manufactured by our partner who engineered the Mark V, and as such we've been especially careful in testing. The result on both fronts is nothing short of amazing in terms of RF performance. I'm proud of what we're making - we're doing something really unique here and I stand behind the WiFi Pineapple as much as you all stand for the community.

[Introducing the WiFi Pineapple NANO]

Sorry to double post but I just reviewed the video and forgot to mention there's a new WiFi Pineapple connection script for Linux -- wp6.sh

https://www.wifipineapple.com/wp6.sh

This version supports 4th - 6th generation WiFi Pineapples. The major change is that it'll save your network configuration back to the script itself (portable, no need for a config file) so that in subsequent runs of the script you can just breeze through by pressing enter at the first prompt. You can see an example in the above Linux setup video. Eventually I'd like to add auto detection capabilities based on IP addresses and default gateway. If you have any feature requests just let us know. Cheers!

[Introducing the WiFi Pineapple NANO]

Thanks for the kind words guys -- they keep us going. We know we're never going to please all of the people all of the time but we're very passionate about what we're doing and think that if it's something that we'd want in our pentest arsenal, it's something you'd like too.

I knew going into the NANO that the lack of Ethernet would be a point of contention, but in user testing we found that 1. newer laptops are lacking Ethernet all together (good in the sense that everyone is using WiFi, bad for us uber geeks who know better) and 2. the cable mess between a USB DC Barrel, retractable Ethernet and often times USB Ethernet adapter are cumbersome. I feel the form factor is pretty slick and don't detract from the usage for 99% of cases. Run a NANO in the tactical case with an Android and Nethunter and you'll see what I mean :). For those that need more power -- something with Ethernet and 5 Ghz to leave plugged in at the client site -- I feel we have the right solution coming.

Mostly it's just awesome to be a part of such a supportive community - so thank you!

PS: Made some setup videos that I'll post here since I know the thread is getting a lot of action and people will start receiving their packages today.

[WiFi Pineapple NANO Mount dev]

As Mr-Protocol said, 122 x 47 x 14 mm

I wish I still had the STL file from the 3D model we printed while in development. PCBs always get done way before plastics get shot so it was nice to have something. It doesn't look like much but was nice to have something in early dev. Cutout at the top if for the serial. Shouldn't be hard to come up with something.

[Introducing the WiFi Pineapple NANO]

Any idea how near in the future a 5G solution will be available? I'd rather save my money and buy a 5G capable Pineapple over the Nano but if it won't be available for a year or more I may reconsider.

The 5G solution has been in the works for quite some time and I think I speak for Seb and I when I say, man this stuff ain't easy. I guess if it were there'd be dual band APs littering the streets. Those gripes aside, I'm excited to say in the last few days some major milestones were made which'll bring the dual band WiFi Pineapples to us way ahead of schedule. Having boots on the ground at the factory saved a ton of time....timezones on the other hand aren't friendly to developers. Ask Seb if he remembers what sleep feels like

Hardware wise we're at the stage where we're just waiting on the final stamp but everything has passed in testing (after some rigorous tuning). The RF on this thing is insane. It'll be a completely different animal from the NANO though. Form factor, cost, etc but we're building 'em both on the same base platform. Porting wise we're in the early alpha stages. Stuff builds, but we still have some ways to go. Think Return of the Jedi Death Star, not A New Hope... (Empire Strikes Back FTW)

If all goes well we may have a very limited number of developer units (whatever fits in a suitcase) here before the new year.

[Introducing the WiFi Pineapple NANO]

In my current setup, I have an RPi2 connected to the mkV via ethernet. That way I can access it (kali) through the pineapple using ssh, vnc, etc. How would I do this with the Nano? (no ethernet)

https://www.dropbox.com/s/shq1on9eeoic87z/DSC_0049.JPG?dl=0

Rad setup! You'll be happy to know the NANO includes a 40cm USB Y extension cable so just routing that from your Pi's female USB to the NANO male USB will do the trick.

[Introducing the WiFi Pineapple NANO]

But I can't be the only one who notices that it's no different from the Mark V, just smaller and with a better web interface, something they could have easily accomplished with the Mark V, but then again that wouldn't drive sales. Rather cheeky if you ask me.

Not trying to be cheeky. The intent isn't to push everyone who bought a Mark V to buy a NANO. As always we're working hard to make the best product possible -- and we believe that the NANO is a massive improvement overall.

We developed the NANO with the highest performance, most reliable components we can obtain. They were arranged in such a way that the usage is streamlined. Wrapping it all together is the new software which focuses on workflow and integrates with multiple platforms easily.

Once you use the NANO you'll see it's a completely different experience.

Yes yes i understand the RTL8187 is discontinued and you had to come up with something new,

It is a shame that the RTL8187 was discontinued far before we expected. This caused a pineapple drought which put a huge burden on us at a time when we're very much invested in the next generation of the platform.

We prototyped a version of the Mark V with an alternate to the RTL8187, but it came with its own complications and by the time it was sourced, manufactured, tested, certified, etc -- we could have spun up development on a new system entirely. At the same time having received feedback and done user testing we realized an entirely new approach to the WiFi Pineapple was possible -- which we've now begun to realize through the NANO.

but come on, you can't seriously say you couldn't develop the new web interface for the Mark V as well.

We aren't saying that we won't be developing the new web interface for the Mark V. And it's more than just a UI -- it's a completely new system with compartmentalized components and a rich API to control the device that's agnostic from the web interface. This opens the door to some really great opportunities.

The point I'm trying to make is, a lot of people spent good hard earned money of the Mark V, and it's disappointing to see that you're just going to push that to the side with no updates or support, especially when the new Pineapple is pretty much the exact same thing.

If you bought a Mark V for $100 at launch you received over 2 years of firmware updates including additional features such as PineAP for free. That's the sort of customer service we're committed to and I'd say that's above and beyond the industry norm.

You can very easily continue support and updates for both side by side but i doubt you will.

The plan is to make a build of the 6th generation software available for the Mark V. There are various internal differences that add subtle complications, but nothing that can't be remedied. This won't happen immediately as we're focused on wrapping up the firmware for the NANO and the forthcoming 5G hardware. Based on our current timeline I think February is achievable.

This dev kit launch with the first dibs to the forums was done in order to get momentum behind new modules. The core functionality is complete, but it's only together as a community that we're going to realize the full potential of the new platform.

It should also be noted that we have only begun to scratch the surface of the new platform. Remember, the Mark V didn't realize PineAP until 10 months into its life. I'd say similar advances are feasible with the 6th gen system.

If this were any other industry you would probably expect software license fees and such -- but that's not our style. We toyed with the idea of charging for a software update, but in all honesty I have doubts anyone would pay for what they've come to expect for free. Would you pay for the new system on the Mark V?

Lastly, as you can imagine all WiFi Pineapple advances come at considerable cost. Not only in the hardware engineering, sourcing, manufacturing, testing, certification, licensing, etc -- but the continued software development we've enjoyed for the last several years. I think our sole full-time developer Sebkinne deserves significant credit alongside this community of module developers in making the WiFi Pineapple the best wireless auditing platform available.

[Introducing the WiFi Pineapple NANO]

I am having trouble enabling tethering on my rooted Moto E. I realize that this is probably because of the phone and not the app, but it makes using the app impossible on this device before I even get my hands on a pineapple. Is it possible that there will be wireless support for the Nano so that I will be able to use the WiFi or Bluetooth on my phone to connect and manage the interface?

If anyone is curious, it is a rooted Boost Mobile Moto E 2015 using TWRP. I removed the SIM card to use it as a microtablet, but I can't see why having cell service is a necessity for enabling tethering. I also tested the app on my Asus ZenPad, and it again works fine, so I know it must be the phone, as the tablet is not rooted, and does not have a SIM card slot at all. I am sure I will eventually find a fix, given enough digging through SQL databases. Again, my real question is not necessarily how to get it to work, but if support for other modes of wireless connections will eventually be available.

I have another phone on which the app works fine, so no worries. Just curiosity.

Speaking of curiosity...

Seb, were you aware that your coding is done in different colors? Y'know, being colorblind and all. ;)

You can absolutely manage the WiFi Pineapple NANO over WiFi on your phone -- though Internet Connection Sharing over that WiFi connection would depend on whether or not you can setup the routing with iptables. Since it's rooted I'd say - maybe?

[Introducing the WiFi Pineapple NANO]

What are the dimensions?

122 x 47 x 14 mm

[Introducing the WiFi Pineapple NANO]

when will we have access to the code. can we get some screenshots

jordan

The API is done and the documentation will be written as soon as firmware is finalized. We're on target for a 1.0 release by Monday. The current beta is functionally complete - we're just waiting on a few insundrys such as help text.

Units are just arriving and once we have them in developers hands we'll be preparing a hangout to go over the various technical aspects. This launch is developer centric and as such we're eager to share with you the latest innovations that will take this platform to the next level.

I can't express enough how fulfilling it has been to completely wipe the slate clean and reimagine the entire WiFi Pineapple experience in both a hardware and software aspect based on usability and workflow. The new WiFi Pineapple isn't just intuitive, it's fun to use -- and not just as a user. I'm personally looking forward to developing my first module with the new API.

Here are a few screenshots:

Dashboard on Desktop

Recon on Desktop

PineAP on Mobile

What about 5 ghz support

jordan

5G is an important factor in our 6th generation WiFi Pineapple strategy.

Thus far the WiFi Pineapple has been solely a 2.4G device. While this is sufficient for the vast majority of applications, there are cases where 5G is desired. Unfortunately 5G chipsets are complicated, large, power hungry, hot, lacking support, expensive, and take a fortune in time and money to certify.

That being said, we are sufficiently down the production pipeline to confidently say that if all goes according to plan, we'll have a dual band solution available in the near future. I can't guarantee that it will be similar in cost or as small in formfactor as the NANO - but I believe the opportunities that a 5G WiFi Pineapple afford outweigh either of those hurdles.

For now, the WiFi Pineapple NANO aims to deliver on our core mission of providing simple, affordable, expandable wireless auditing platforms. With the next generation web interface and new API we're confident that when the time comes to deliver a 5G solution, we'll have a robust firmware and module ecosystem to take full advantage of its hardware features.

Darrin:

The Mark V will no longer be sold, is that correct. The future direction is the NANO and will become the pineapple current standard? Based on the previous posts still will work with windows and buying the development version should be no different than the version that will be certified at some time in the future.

Do I have the above correct?

Jim

The Mark V is EOL due to parts availability. The RTL8187 was discontinued so we are no longer able to produce the Mark V. The NANO was developed as its successor and is functionally equivalent. It also has increased reliability and performance :). The NANO works with Windows the same way the Mark V did -- in fact setup is easier since the single USB plug is used to both power the device and for connectivity since as the NANO will enumerate as a USB Ethernet adapter using its onboard ASIX AX88772A chip.

The WiFi Pineapple NANO Evaluation and Development Kit is the same device as what will be released to mass market upon completion of certification in Q1-2016. We're making it available now to for evaluation and development as the new API and web interface require effort on the part of module developers to port infusions.

[Introducing the WiFi Pineapple NANO]

The NANO was developed with a focus on performance and usability with integration with existing wireless pentest workflows. The platform we've chosen, keeping with the Atheros, is due not only with our familiarity with the chipset for development but because of it's strengths on the networking side of things. It's a router chip built to handle the sorts of network loads we're accustom to putting it under and for that we're very happy with the performance. And this radio in particular is tuned so well, I think you're really going to notice the RF performance. We've learned a lot since the MK5 and applied that knowledge not only to the NANO but it's the same reason we're working on a 5G capable device using similar technology.

Integration wise we've already come out with an Android app that simplifies connection and setup to the extreme. Seriously it's dead simple -- check the box and everything just works. We're also working with Nethunter developers to get the NANO integrating well with that platform, which should be pretty epic! Similarly a new connector for Linux is being built similar to wp5.sh but taking it to the next level.

The new software is more than just the streamlined Web Interface (which looks awesome, BTW). It's about compartmentalizing functions and making it easy to administer so that down the line applications can communicate and control the NANO through it's API. For example, the entire web interface and additional applications could be run on a completely separate device.

Building on our strengths while integrating with the strengths of existing devices is one of the focuses with the NANO. Whether that's a tablet running nethunter, an unrooted Android, a Pi running Kali. We're never going to compete on price with the Zero - and that's ok. Eventually we'd like to have a sexy turnkey out-of-the-box ARM solution and for a while we've been developing what we call the "WiFi Pineapple Core" -- an ARM counterpart to the NANO. Essentially when plugged into the device it would act as the next node up on the network doing heavy lifting and even seamlessly controlling the device through the API.

It's all very possible since the hardware was designed with a single USB plug for both power and network connectivity. That said, in our experience talking with ODMs on ARM we've found it extremely expensive and time consuming, at least at our scale. That's not to say we're not keen on the Core - but we think focusing on working with what's out there now before rolling our own is the better bet. Once we have more of the software done I'd love to see our own distro or tighter connector tools for these platforms. The above photo is only a proof of concept -- but it works.

[Introducing the WiFi Pineapple NANO]

No - the software is completely different. The entire UI was re-imagined from the ground up based on feedback and user testing. It's built on modern web standards to be fast, responsive and intuitive and really focuses on the wireless pentest workflow. The hardware also differs from the Mark V not only on the outside, which should be obvious from the form factor with the streamlining of ports, but also within. Chipsets were chosen based on performance and reliability. For example now it's dual-Atheros with higher gain and throughput, and not only on the radios but also the storage.

[Introducing the WiFi Pineapple NANO]

no ethernet jack

Ports: (2) RP-SMA Antenna, Ethernet over USB, USB 2.0 Host, Micro SD

I just updated the specs to clarify that the Ethernet over USB is via an ASIX Electronics Corp. AX88772A Fast Ethernet chip.

So basically you plug it into your laptop and it'll recognize as a USB Ethernet adapter (e.g. eth1).

We looked at the MK5 when powered from the USB DC Barrel cable and connected via an Ethernet cable often to laptops which lack Ethernet (I hate this trend) using a USB Ethernet adapter. In the end it's a mess of cables and dongles - and we sought to remedy this with the NANO. The same plug that powers it offers your device a USB Ethernet adapter - which makes setup so much easier.

Of course if you're looking to plug it into a Cat5 outlet on a network you can similarly plug a USB Ethernet adapter into the USB 2.0 Host port - though we found this to be uncommon in user testing.

[Introducing the WiFi Pineapple NANO]

what are the specs? what is the difference between "EVALUATION AND DEVELOPMENT KIT" and the final shiping product?

jordan

The only difference between the Evaluation and Development kit and the final shipping product is the final certification. We have passed RF testing for CE and FCC but are currently underway with SAR since it's a mobile device. Once that is complete we can go to mass market. Until then the marketing is limited to development and evaluation.

Specifications:

CPU: 400 MHz MIPS Atheros AR9331 SoC

Memory: 16 MB ROM, 64 MB DDR2 RAM

Disk: ROM + Micro SD (not included)

Wireless: Atheros AR9331 + Atheros AR9271, both IEEE 802.11 b/g/n

Ports: (2) RP-SMA Antenna, Ethernet over USB (ASIX AX88772A), USB 2.0 Host, Micro SD

Power: USB 5V 1.5A. Includes USB Y-Cable

Configurable Status Indicator LED, Configurable Reset Button

I also forgot to link to the Android app:

https://play.google.com/store/apps/details?id=org.hak5.pineappleconnector

Only permission is network access. No root required.

[Introducing the WiFi Pineapple NANO]

Hey guys we're super excited to introduce our 6th gen wireless network auditing tool! We're calling it the WiFi Pineapple NANO. We engineered it from the ground up based on the successes and feedback from the Mark V with a focus performance and usability. What we ended up with is something total new. It's not a simple client radio, or just a router or access point. We believe the WiFi Pineapple NANO is the most powerful wireless network auditing tool you can put in your pants. It leverages our unique hardware design and intuitive new web interface to integrate with your pentest workflow.

There's a huge emphasis on workflow and usability with the WiFi Pineapple NANO. We completely re-engineered the web interface built on modern standards. It's fast, intuitive, responsive and familiar. For example new table views give you a detailed look of the WiFi landscape and context menus provide instant access to core PineAP features and modules. But it's not just the web interface either - the entire system was rebuilt on a modern base and compartmentalized in way that'll allow us to take the platform to the level.

Of course modules (ya know, Infusions ) remain a core feature. Over the air downloads of community developed add-ons and web front-ends to popular tools remain. The new API is extremely simple for seasoned developers and newcomers alike.

We also put together a really sweet Tactical kit. The case straps to your bag as an every-day-carry including a new Pineapple Juice battery pack. We even tailored the case with a nice Hak5 imprint liner and a cut out for the USB host port so you don't have to take it out of the case to plug in your phone.

Oh yeah, it works with your phone now. The new WiFi Pineapple Android app simplifies USB Internet connection sharing. You just tap to tether and it instantly connects to the beautiful new mobile friendly web interface. No root required. https://play.google.com/store/apps/details?id=org.hak5.pineappleconnector

You can also plug the NANO into your laptop and it'll both power on and enumerate as a USB Ethernet adapter so less cables and mess.

And if you're doing a long term deployment, you can just plug the NANO into any standard USB power plug. Getting out-of-band access is even easier seeing as it supports the new gen of QMI-based modems.

Here'a an intro video Seb and I made:

So it should be no surprise that we had been working very hard to bring the new device for our little WiFi Pineapple ecosystem. What really surprised us though was the Mark V availability ending so soon. We were caught off guard post-DEFCON when our parts supplier notified us that the RTL8187 would no longer be available.

We had developed a Mark V successor prototype using an alternative chipset, one that would allow for a somewhat inline change, but we found it came with a number of new complications that made the change unfeasible. At that time we had also anticipated the launch of our new WiFi Pineapple device to be much sooner.

That being said, with as meticulous as we have been throughout the development, it's added considerable time to the process. Thankfully though our attention to detail has paid off as what we've developed is nothing short of amazing. We're so proud of the new device! Design decisions were made based on feedback from users and directly by observing the way in which the Mark V is being used, and it's clear we have a real winner.

Unfortunately we underestimated the time in which certification takes to complete. For the last month and a half we've been anticipating the ability to launch for mass availability "in just another week or two". We have CE. We have FCC. We even have units in hand, awesome firmware, and a team raring to go. The latest development is that we're undergoing SAR testing, and sadly between labs being backed up and the new dongle requirement - we're looking at needing to wait just a while longer.

The good news is that we're ready to launch for development and evaluation - meaning software developers like you here on the forums will now have early access to the new device. I want to give the core community that has been so good to us first dibs. Link at the bottom of the post. We'll be updating the other sites soon in anticipation of the official launch.

Lastly, thank you for your patience and continued support for the project. I know it's not easy when we run into snags like this, especially while we're working tirelessly and quietly to bring something epic to the WiFi Pineapple community. And yes, we're rethinking that quietly part now. I'll keep you all updated with all of the latest as we take this next big step together and I'll try my best to answer any questions you have.

Order the WiFi Pineapple Evaluation and Development Kit here:

https://hakshop.myshopify.com/products/wifi-pineapple-nano-evaluation-and-development-kit

Specifications:

CPU: 400 MHz MIPS Atheros AR9331 SoC

Memory: 16 MB ROM, 64 MB DDR2 RAM

Disk: ROM + Micro SD Card Reader (card not included)

Wireless: Atheros AR9331 + Atheros AR9271, both IEEE 802.11 b/g/n

Ports: (2) RP-SMA Antenna, Ethernet over USB (ASIX AX88772A), USB 2.0 Host, Micro SD

Power: USB 5V 1.5A. Includes USB Y-Cable

Configurable Status Indicator LED, Configurable Reset Button

FCC NOTICE: This kit is designed to allow: (1) Product developers to evaluate electronic components, circuitry, or software associated with the kit to determine whether to incorporate such items in a finished product and (2) Software developers to write software applications for use with the end product. This kit is not a finished product and when assembled may not be resold or otherwise marketed unless all required FCC equipment authorizations are first obtained. Operation is subject to the condition that this product not cause harmful interference to licensed radio stations and that this product accept harmful interference. Unless the assembled kit is designed to operate under part 15, part 18 or part 95 of this chapter, the operator of the kit must operate under the authority of an FCC license holder or must secure an experimental authorization under part 5 of this chapter. For evaluation only; not FCC approved for resale.

[Sup?]

[is analyze.sh mentioned at defcon available?]

#!/bin/bash
if [ -z "$1" ]; then
    echo "Usage: analyze.sh input_file output_file"; exit
fi
if [ ! -f oui-small.txt ]
    then
        echo "Downloading OUI Database"
        wget http://standards.ieee.org/regauth/oui/oui.txt
        echo "Database downloaded. Fixing up oui.txt"
        cat oui.txt | grep "base 16" | sed "s/(base 16)//g" | cut -c 3- | sed "s/\t//g" | sed "s/     / /g" > oui-small.txt
fi
echo -e "Processing PineAP Log\n"
rm /tmp/analyze_tmp &>/dev/null
rm $2 &>/dev/null
while read i; do
    OUI=$(echo $i | awk {'print $7'} | cut -c 1-8 | sed "s/://g" | awk '{print toupper($0)}')
    grep $OUI oui-small.txt | awk {'print $2'} >> /tmp/analyze_tmp
done < $1
unique_manufacturer=$(cat /tmp/analyze_tmp | awk '{print tolower($0)}' | sed "s/,//g" | sort | uniq | wc -l)
printf "Unique:\n" >> $2
printf "       Probes: " >> $2 && cat pineap.log | awk {'print $10'} | sed "s/'//g" | sort | uniq | wc -l >> $2
printf "      Devices: " >> $2 && cat pineap.log | awk {'print $7'} | sort | uniq | wc -l >> $2
printf "         OUIs: " >> $2 && cat pineap.log | awk {'print $7'} | sort | cut -c  1-8 | uniq | wc -l >> $2
printf "Manufacturers: $unique_manufacturer\n\n" >> $2
printf "Top 10 Manufacturers:\n" >> $2
cat /tmp/analyze_tmp | sed "s/,//g" | sort | uniq -c | sort -g -r | head -10 >> $2
printf "\nTop 10 Probe Requests:\n" >> $2
cat $1 | awk '{print $10}' | sort | uniq -c | sort -g -r | head -10 >> $2
cat $2
printf "\n"

Here you go!

[What is the Best Dongle for Long range and Good fast connections.]

Two directional antennas (yagi, parabolic, patch panel) pointed at each other with a clear line of sight should have little problem communicating at either band. Water dense obstacles like trees are WiFi's worst nightmare. Most municipalities cannot prohibit a mast of up to 30 feet. I've had great success with 2.4 GHz matched with a parabolic and a patch -- it prevented me from having to order another Cable Internet line when I moved into an apartment a block away from the Hak5 office. Thank the heavens for roof access (and the Olympic size swimming pool on the roof of the Hak5 office ).

[Pineapple Standard Mk V - Out of Stock]

I'm just going to throw my suggestion in the mix... "Wi-Fi Bacon", Bacon is a fruit....sorta.

Also, are we talking Valve Half Life 3 "soon", or pizza in the oven will be done "soon"?

I'm going with called in the order with extra bread sticks and waiting on the pizza delivery guy soon.