Jump to content

Darren Kitchen

Root Admin
  • Posts

  • Joined

  • Days Won


Everything posted by Darren Kitchen

  1. It extends the back of the case with a flush mounting. I'll post the industrial design renderings once we finalize, before it goes into injection molding. In the meantime, if you have an adapter there's 5 GHz support out of the box for compatible chipsets. See https://docs.hak5.org/hc/en-us/articles/360054071133-Compatible-802-11ac-adapters
  2. I believe I speak for the entire team when I say how excited we are to finally share with you the hard work that has gone into making the most refined, polished, and precision-fit WiFi Pineapple to date. I can say with confidence that the Mark VII introduces the most intuitive WiFi Pineapple experience. That is because, in addition to vastly improving the hardware and PineAP engine capabilities, all pain-points from previous generations were considered when developing the 7th generation. From initial setup and provisioning to PineAP configuration, reconnaissance, engagement automation with campaigns, Internet connection, shell access, recovery, a host of first-class modules written in-house, and so many more subtle but important refinements—I hope you will find the Mark VII a joy to work with. Please, as always, share your feedback here. We endeavour to continuously refine and enhance the product to the best of our abilities. If you would like to get involved with the project—contributing mods & modules—please see the subforum. Please also find the new Hak5 Developer Program, which brings compensation and collaboration means. Having already seen what renowned makers have built, what seasoned module developers have written, we are excited for the future of the 7th generation WiFi Pineapple platform. Welcome, and cheers! —Darren
  3. Support for the Mark VI generation will conclude when the devices reach the end of their 5-year lifecycle. Until then, they will continue to receive critical bug fixes—as they have with over 50 firmware upgrades to date. Module submissions will stay open, so developers may continue to enhance the platform. The Hak5 infrastructure will continue to host community modules for over-the-air downloads. Should industry-wide changes occur impacting our ability to securely offer module downloads (such as the TLS updates which rendered OTA module downloads infeasible for Mark IV devices) then side-load documentation will be published at docs.hak5.org The WiFi Pineapple NANO and WiFi Pineapple TETRA will continue to operate within the scope of their initial design—and then some, having received 10 major feature releases since introduction in 2015. We will continue to serve all firmware versions, from 1.0.0–current, at downloads.hak5.org
  4. That's so cool! I love these little bits of trivia. Thanks for sharing 🙂
  5. Username1031 – I understand you're upset. I'll try to shed some light on the situation. The notice isn't a pop-up, it's a large red note at checkout. See the screenshot below: I understand from your posts this wasn't apparent to you. I felt like this was an up-front and clear notice - however if you have ideas on how I could improve on making these notices should an item go into backorder again (rarely happens) I'd be keen on hearing your suggestions. I want to be as clear and up-front as possible when it comes to these situations, because the last thing I want is a customer feeling like you have in this situation. I'll speak with Jamie about the situation and see if we can't make it more clear going forward. There is no intention to blame anyone, but merely let you know the facts - which are simply that we were running out of the WiFi Pineapple TETRA at the same time that a shipment was coming in, and needed to allow the warehouse a few days to count and stock the inventory before they would be fulfilled. Let me know if there's anything I can do to make this right in your eyes. Best, Darren
  6. You are close in your understanding of the roles each radio plays. wlan0 runs the access point(s) (the "Allow Associations" checkbox) - though it's come a long way since the initial karma patches to hostapd digininja did back in 2007. wlan1 is responsible for monitor and frame injection functions, which are used by PineAP for Broadcast SSID Pool and Beacon Response, as well as Recon for Deauth and survey. There's a lot more going on - but that's the high level overview. I've found many IoT devices are eager to connect by simply allowing associations, while others are only interested when the SSID pool is broadcast with PineAP. Some devices require a beacon response to stay connected, and others require a little encouragement by way of deauth. It really depends on the client device and network in question. Hope that helps.
  7. Kali Linux 2020 includes a network manager that is aggressive about managing network interfaces. It will take over settings specifically set from a root shell, including that of wp6.sh. It's only if you follow the instructions from the linked page that you can get it to behave. Personally I disable network-manager all together, as I know what I'm doing in the shell and it tends to just get in the way.
  8. Click Add Device in Cloud C2, give the device a name and choose WiFi Pineapple from the device type list. Then download the provisioning file by clicking the Setup button. Copy that file, device.config, to the WiFi Pineapple in /etc/ Typically the command "scp device.config root@" does the trick. There's more info in the Cloud C2 documentation at https://docs.hak5.org
  9. Jugru - Good luck with the paper, and please share it with us when it's complete. In discussing this exact topic with others in the industry that are adopting the zero trust model, it's clear that - as always - the humans are the weakest link. It's for this reason that modules like Evil Portal, which are able to spin up a captive portal, are so valuable. By mimicking not only a preferred network, but a recognized landing page, credentials and other PII can be captured. Mobile devices are especially vulnerable to this attack because many, like Samsung for instance, do not display a URL bar when loading the captive portal. And while attacks like sslstrip/sslsplit may not be as effective as they once were, DNSMasq Spoof is great for redirecting traffic to a site to capture loot. Depending on the scope of engagement, this can be very effective. Cheers!
  10. @JohnXovox thanks for reminding me that the setup video incorrectly recommends using USB for power. That video is very old and needs to be updated. Insufficient power is the #1 cause for issues with the device (aside from general misunderstandings of how filters & ICS work). I'll update the documentation. We pride ourselves on our ability to provide a robust platform that's effective out of the box, while also allowing for third party development. Some of the most exciting features have come from the community through their module contributions. That said, it is impossible for our small team to test and maintain every module - so they are provided on an as-is basis.
  11. What output do you get from the UART port when connecting by Serial? That would be really helpful in diagnosing the issue. It's possible the device is not in the bootloader. If you connect by serial, you will have the option to enter the bootloader by key press rather than holding the button.
  12. Yes. By default the open AP is hidden. You can change this from the Networking page:
  13. I use my WiFi Pineapple TETRA with my Mac all the time. It's simple. Power on the device using the included AC adapter. Plug in a USB cable between your Mac and the WiFi Pineapple TETRA ETH1 port You may need to install the Realtek drivers from https://www.realtek.com/en/component/zoo/category/network-interface-controllers-10-100-1000m-gigabit-ethernet-usb-3-0-software Browse to Since the WiFi Pineapple TETRA has its own operating system and is managed by standards like SSH, Serial or HTTP - it's in effect OS agnostic. The method for using it on a Mac are essentially the same as Windows or Linux.
  14. I recommend contacting support: https://support.hak5.org/
  15. You shouldn't need to configure a static IP address if you use the USB Ethernet port. That port is configured with a DHCP server to offer an IP address upon request. This is the default for most modern operating systems. You won't need to open ports on your firewall or anything like that. When connecting the ETH1 port on the WiFi Pineapple TETRA to your computer by USB, it will enumerate as a Realtek USB Ethernet adapter. Driver installation should be automatic, however if it is not they can be found from https://docs.hak5.org/hc/en-us/articles/360010555833-Ethernet-on-the-WiFi-Pineapple-TETRA Verify that your interface is set for DHCP and has received an IP address in the 172.16.42.x range. This can be done on Windows with the `ipconfig` command from CMD, or `ifconfig` from powershell. If you do not see an Interface with an IP address in this range listed, check that the interface has enumerated from device manager. The WiFi Pineapple TETRA should be powered with the included AC adapter. Connecting to the WiFi Pineapple TETRA is no different than connecting to any other ordinary home network - the only difference is that the USB Ethernet adapter is built into the device itself for convenience.
  16. These may be good places to start: https://zerotier.atlassian.net/wiki/spaces/SD/pages/7438339/Layer+2+Bridging+with+LEDE+OpenWRT https://github.com/mwarning/zerotier-openwrt/wiki
  17. I was able to reproduce the issue with WiFi Pineapple TETRA firmware 2.6.2 and Cloud C2 v2.2.0 with a very large PineAP pool. Since then I upgraded the WiFi Pineapple TETRA to firmware 2.7.0 and haven't been able to reproduce the issue: Can you post the contents of /tmp/cc-client-error.log ? Also - can you post your PineAP settings? Are you collecting SSIDs to the pool? Broadcasting the pool? Doing beacon response? Are there SSIDs in the pool - and if so, how many? Is Allow Associations enabled for clients?
  18. Glad to hear you got it sorted. I knew it wasn't the pineapple that was causing the issue. I was annoyed by recent changes in Kali, which lead the ICS updates in the documentation specific to the most recent versions. I posted a video explaining the process doe Kali 2020. It's really annoying to have Network Manager override iptables configurations set by root in the terminal. I wish more operating systems would stop trying to be so "helpful" and get out of the users way. Good to know Parrot is one such OS.
  19. We were working on our infrastructure yesterday which caused a brief outage. Apologies for the inconvenience.
  20. Ensure that your fstab looks like the below. It can be edited from the Advanced page. config global option anon_swap '0' option anon_mount '0' option auto_swap '1' option auto_mount '1' option delay_root '5' option check_fs '0' config mount option target '/sd' option device '/dev/sdcard/sd1' option fstype 'auto' option options 'rw,sync' option enabled '1' Then make sure your MicroSD card has only a single, unnamed partition and is formatted EXT4.
  21. Welcome to hacking - anything is possible. That said, the Key Croc isn't going to do this out of the box and I'd be hard pressed to give you a good answer on how exactly right now. I've seen some research in the field of capturing voltage variances over a USB hub which, with a lot of math, could yield some helpful results... But let's just go with a simple 'no' for the moment.
  22. I recommend checking that the target for your cross compiler is the MT7628DAN MIPS SoC.
  23. @Don Joe the tput command used in sharkjack.sh is to be executed on the host computer – not the Shark Jack itself.
  24. @Aaron Outhier the nmap log is from QA at time of manufacture. The Shark Jack will get warm, but not HOT. As mentioned in the important safety information and warnings from the documentation: https://docs.hak5.org/hc/en-us/articles/360034129974-Important-Safety-Information-and-Warnings It should only take 5-10 minutes max to fully charge. It does get warm while charging. Disconnect when the charging has completed. During operation, it may get warm but not hot. If this behavior continues please reach out to us. https://shop.hak5.org/contact
  25. @Aaron Outhier that web server was introduced in the latest firmware and is only present in arming mode. It's a convenient way to see loot and update payloads.
  • Create New...