Isolot

Dude i feel your pain, getting packages to run on the pineapple is like trying to score a date with megan fox. Even sslstrip with iptables is rocket science to get running on the pineapple. i too will just send everything to BT to do the sslstrip/nodogsplash/dump/beef injection. It would be fantastic to get a nodogsplash screen with a beef hook pointing to beef on 172.16.42.42 running on the pineapple, but the more i play with the pineapple the more i see it as a bridge only. Are you trying to redirect all traffic to a specific port on 172.16.42.42 because i think the dnsspoof window redirects to the pineapple not 172.16.42.42.

keylogger? how will you apply the keylogger? dns spoof to a page with the hook? but then you are spoofing to the page and the user wont be able to get to the internet? turn spoof on then off quickly? that's a bit clunky. what we really need is nodogsplash working, that way we can put a beef hook (or your keylogger) into the splash page and the user will only see it once then continue browsing. The beef hook can point to beef on 172.16.42.42 then you can run the keylogging module and many others. I have seen one guy on here pushing nodogsplash but his posts for help have fallen on deaf ears. Nodogsplash will also control the bandwidth usage for us! its the answer to the pineapple dreams! i get the following error when trying to start up nodogsplash: root@Pineapple:/usb/etc/nodogsplash# ln -s /usb/etc/nodogsplash/ /etc/nodogsplas h root@Pineapple:/# nodogsplash root@Pineapple:/# iptables v1.4.10: Couldn't load match `mark':File not found Try `iptables -h' or 'iptables --help' for more information. [3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t nat -A ndsOUT -m mark --mark 0x200 -j ACCEPT iptables v1.4.10: Couldn't load match `mark':File not found Try `iptables -h' or 'iptables --help' for more information. [3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t nat -A ndsOUT -m mark --mark 0x400 -j ACCEPT iptables v1.4.10: Couldn't load match `mark':File not found Try `iptables -h' or 'iptables --help' for more information. [3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsRTR -m mark --mark 0x100 -j DROP Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`). iptables v1.4.10: Couldn't load match `mark':File not found Try `iptables -h' or 'iptables --help' for more information. [3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsRTR -m mark --mark 0x200 -j ACCEPT iptables v1.4.10: Couldn't load match `mark':File not found Try `iptables -h' or 'iptables --help' for more information. [3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsNET -m mark --mark 0x100 -j DROP iptables v1.4.10: Couldn't load match `mark':File not found Try `iptables -h' or 'iptables --help' for more information. [3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsNET -m mark --mark 0x200 -j ACCEPT iptables v1.4.10: Couldn't load match `mark':File not found Try `iptables -h' or 'iptables --help' for more information. [3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsNET -m mark --mark 0x400 -j ndsAUT [3][Thu Jan 1 01:32:15 1970][2504](gateway.c:280) Error initializing firewall rules! Cleaning up [3][Thu Jan 1 01:32:15 1970][2504](gateway.c:282) Exiting because of error initializing firewall rules root@Pineapple:/# opkg install iptables-mod-imq Unknown package 'iptables-mod-imq'. Collected errors: * opkg_install_cmd: Cannot install package iptables-mod-imq. root@Pineapple:/# opkg install iptables Package iptables (1.4.10-4) installed in root is up to date. root@Pineapple:/# iptables iptables v1.4.10: no command specified Try `iptables -h' or 'iptables --help' for more information. Perhaps i should get another thread going on this. It would be great if we could get some collective minds working on this! thanks, Isolot.

Site survey module: i get the following error when clicking on the run deauth for a client: Invalid deauthentication count or missing value. [>=0] "aireplay-ng --help" for help. The default is set to 5 but changing this makes no difference.

Hey guys, i have configured the the Mark iv for phishing and it works great. When i go to the advanced tab on my laptops browser then execute the "cat phish.log" or "cat urlsnarf.log" command, i am able to view all the entries stored in the log files. However when i try this same process from my ipad i get the red "executing command" text but it is unable to display the file. As far as i can tell every other function of the web interface works fine on the ipad. Any idea's how to solve this? I know i can use ssh but administering the web interface on Mark iv from the ipad is leet.The other option would be to display urlsnarf.log and phish.log on the status page but i haven't looked into this yet. Ps. does anyone use a browser for social media web pages any more? i think majority of target rich environments will now be using Apps from mobile devices making the current dns spoofing obsolete. I might record the traffic from the facebook ios app and have a look how hard it would be to play with. I understand its still web traffic but the current dns spoofing does not account for the way apps communicate. cheers, IsoloT.

Yo Thetra, I have yet to try your configuration but can offer you a tested alternative. The apple usb Ethernet adapter works straight out of the box with backtrack 5. I use parallels to pass the usb connected Ethernet adapter+pineapple through to my backtrack Linux vm. I then forward the traffic through the bridged internal wifi adapter in my macbook air. This setup allows you to run meterpreter listeners on the backtrack vm for pwned clients to directly connect to rather than forwarding or installing metasploit on osx. The usb adapter made for the Air is cheap,small, sexy and is going to save you from nutting out the network flows. Cheers, IsoloT

Afternoon fellow hax5zors and Hax5zorets, I recently acquired a boat load of tools from the hak5 store and wanted to share my experiences for those who are looking to buy. First of all, Shannon did an awesome job of mixing two separate orders to save me some shipping cash. Second, it got to me in Australia within a week B) . Macbook Air + 16 dbi Yagi + Alfa USB Wifi AWUS036H: Like a true king of the jungle osx lion does not play well with others, for this reason i didn’t try the AWUS036H natively. Passing the AWUS036H through to my backtrack 5r1 virtual box worked like a charm until i started receiving string descriptor errors on start-up of the vm. Others have had this issue with virtualbox and installed an extension pack to fix the problem. The extension pack worked for the AWUS036H running on windows 7 in virtual box but the backtrack vm still got the string descriptor error. Bottom line is Virtual box is flaky at handling the usb device interchange between osx lion and Linux virtual machine’s. So i shelled out the cash for Parallels, converted my virtual box images to parallels and all my problems disappeared straight away. The Yagi is awesome! I changed my home router to wep and went 80 to 100 meters away in a local park. I got about 60% signal strength and was able to crack the network key in about 15-20 mins using the backtrack vm....this is where it get’s strange . Using the alfa+yagi, WCID sees the network at the same strength as kismet and is able to connect super slowly. Upon connection i get an ip but nmap doesn’t work because of the slow responses and any browser requests were timing out. 1 out of 10 tries will give me the target networks router config login page within 120 seconds. So i shutdown the backtrack vm and opened a windows 7 vm, installed the alfa and connected using the cracked password and yagi at 60% signal strength. It worked fast! Nmap and internet browsing all worked fine under the exact same scenario as backtrack which was slow. So in short the alfa+yagi+backtrack5r1 works flawlessly at cracking passwords at 100 meters away but is unstable at holding an authenticated connection. After switching the alfa to the windows 7 vm i am able to browse the network perfectly at 100m away. This is really annoying as i would like to continue my exploration within backtrack and not have to drop to windows for a stable connection. I have tried setting the alfa to 30db with iw reg set BO and txpower 30 but this made no difference to the stability of the connection....any idea’s? Macbook Air + Apple Usb Ethernet Adapter + Mark IV. First of all, the hak5 team have done a great job at keeping the setup simple. I set the static ip on the usb Ethernet to 172.16.42.42 and lion was perfectly happy talking to the device. Then boom!!! lion strikes again, as soon as ICS is on lion applies a second ip to the adapter ignoring the 172.16.42.42 address. The range ICS assigns to the adapter is stupidly not changeable in lion as it was in previous versions of osx .Instead of making the pineapple look for the different range i decided to go back to the vm world! The backtrack parallels VM handled the apple usb Ethernet adapter pass through perfectly fine and the auto setup script was able to apply the correct IP’s to the correct apple usb Ethernet interface. Champaign fell from the heavens and noobs got pwned internet access through the vm’s bridged connection to the apple internal wifi card. This thing was DNS spoofing all over selected requests, Im stoked! All is working bar one thing... whenever i turn ipforwarding on i can no longer connect to local ports such as the kismet server or a meterpreter listener . For example, anything from the backtrack vm trying to connect to a listener on 127.0.0.1 i think gets forwarded off into the night. Is there Anyway to exclude requests coming from my backtrack vm to the ip forwarding rule? Unless i am doing something wrong in the pineapple setup script....any idea’s? I am keen for Apples, Pineapples and Penguins to coexist without the use of Windows! Thanks in advance, IsoloT.