spisakni

Anyone having issues with the Java applet attack in SET (svn update today) where semantic anti-virus is blocking the applet. Even when I disable AV I still can't get a meterpreter. It will just keep looping the java applet each time forcing you to hit run. After hitting run it will pause the scheduled 2 seconds and offer the java applet again. Any ideas?

Glad to hear you got it up and running. Have fun!

Here's how I got mine to work. In backtrack 5 I ran the pineapple script that is pinned in the forum http://forums.hak5.org/index.php?showtopic=15200 after following the tutorial exactly as instructed but was unable to render the pages on a client connected to the pineapple (10.110.0.0/24) network. I used a cross over cable ( my understanding is that ethernet should work since its going through the pineapple router). So here is how I was able to get it to work. 1. Follow the tutorial EXACTLY. 2. Connect to wlan0 on backtrack (internet facing connection) 3. Run the script on the backtrack box. 4. In terminal copy and paste (wlan0 is internet facing and eth0 is the ethernet connection from your NIC on your backtrack box to the LAN on the pineapple): iptables --flush iptables --flush INPUT iptables --flush OUTPUT iptables --flush -t nat iptables --flush -t mangle iptables --policy INPUT ACCEPT iptables --policy OUTPUT ACCEPT iptables --policy FORWARD ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p ICMP --icmp-type echo-request -j ACCEPT iptables -A INPUT -p ICMP --icmp-type echo-reply -j ACCEPT iptables -A OUTPUT -p ICMP --icmp-type echo-request -j ACCEPT iptables -A OUTPUT -p ICMP --icmp-type echo-reply -j ACCEPT iptables -A FORWARD -p icmp -j ACCEPT iptables -A FORWARD -i lo -j ACCEPT iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT iptables -A FORWARD -o wlan0 -i eth0 -j ACCEPT iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE After the copy and paste I was successfully able to forward packets to the 10.110.0.0/24 network and successful render pages and view traffic in wireshark. As a side note I'm still learning about iptables and the coding and some of the copy and paste may be unnecessary so if anyone has a more efficient way of coding it I would love to learn more. My configurations: wlan0 (internet facing): 192.168.1.0/24 pineapple default gateway: 10.110.0.1 pineapple: 10.110.0.2 dhcp range 10.110.0.3-254 subnet: 255.255.255.0 eth0: 10.110.0.1 (set by the script)

Update: Figured out pings were only ICMP packets and not TCP. Found a forum on MASQUERADE and added the following troubleshooting code. Websites render now on the 10.110.0.0/24 network. If anyone gets a chance to read my posts and can provide some additional insight or references on why the code works below while I read up on iptables I would appreciate it all the insight. iptables --flush iptables --flush INPUT iptables --flush OUTPUT iptables --flush -t nat iptables --flush -t mangle iptables --policy INPUT ACCEPT iptables --policy OUTPUT ACCEPT iptables --policy FORWARD ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p ICMP --icmp-type echo-request -j ACCEPT iptables -A INPUT -p ICMP --icmp-type echo-reply -j ACCEPT iptables -A OUTPUT -p ICMP --icmp-type echo-request -j ACCEPT iptables -A OUTPUT -p ICMP --icmp-type echo-reply -j ACCEPT iptables -A FORWARD -p icmp -j ACCEPT iptables -A FORWARD -i lo -j ACCEPT iptables -A FORWARD -i wlan0 -o eth00 -J ACCEPT iptables -A FORWARD -o wlan0 -i eth0 -J ACCEPT iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Followed the tutorial exactly as instructed. Downloaded and untarred the pineapple 0.9 script. My topology is exactly the same as the tutorial. I am able to successfully ping my way out but the problem is on the client machine I am unable to resolve any of the addresses even though the pings are returning. Any ideas on why web pages are not rendering for the clients connected. Any assistance is greatly appreciated. First time I have posted and only posting because I'm stuck. Any guidance or additional education would be fantastic. Running pinapple 0.9 script while successfully connected to wlan0 (internet facing interface). Turn pineapple on as instructed and nothing happens. I then re-run the script and WHILE the fon+ is on and WICD connects to eth0. Provides me with 10.110.0.1 as the IP on eth0 and I stay connected to wlan0 with an IP in the 192.168.1.1/24 as expected. Main question is if I can ping www.facebook.com and www.google.com what am I doing wrong that the webpages are not rendering? Successfully can ping ------------------------------------------ 10.110.0.1 10.110.0.2 192.168.1.1 8.8.8.8 www.google.com www.facebook.com ----------------------------------------------- Environment: -------------------------- Fon 2201 (FON+) connected with crossover cable (tried standard ethernet first with no success) eth0: 10.110.0.1 wlan0: internet facing on the 192.168.1.1/24 network FON ip: 10.110.0.2 Connected client: 10.110.0.152 FON default gateway: 10.110.0.1 Internet facing default gateway: 192.168.1.1 ------------------------------- /etc/config/dhcp config 'dnsmasq' option 'domainneeded' '1' option 'boguspriv' '1' option 'filterwin2k' '0' option 'localise_queries' '1' option 'local' '/lan/' option 'domain' 'lan' option 'expandhosts' '1' option 'nonegcache' '0' option 'authoritative' '1' option 'readethers' '1' option 'leasefile' '/tmp/dhcp.leases' option 'resolvfile' '/tmp/resolv.conf.auto' config 'dhcp' 'lan' option 'interface' 'lan' option 'start' '100' option 'limit' '150' option 'leasetime' '720m' option 'ignore' '0' list 'dhcp_option' '3,10.110.0.1' # This is the IP address of . . #. . The Host Laptop's Net-Interface acting as GW list 'dhcp_option' '6,10.110.0.2,8.8.8.8' # This is Option 6 define the DNS server, . . # . . Then IP of Pineapple, Then Googles DNS IP config 'dhcp' 'wan' option 'interface' 'wan' option 'ignore' '1' option 'start' '100' option 'limit' '150' option 'leasetime' '720m'

So i've heavily researched all the forums to flash the fon + and still have no sucess... I have bricked the fon and will need to reflash back to fonera 2201 firmware version 1.1.2 for the third time. The fonflash says its been successful. I have tried flashing in the LAN port and the WAN port. When I finish i can not telnet into the router and DHCP doesn't start and recognize the default gateway. I'm stuck anyone else have any hints are links I continue to try.

I know you guys are going to destroy me about giving references and descriptions about what I have tried already to here is quick overview. I have a fon + 2201 with firmware 1.1.1 r2. I have attempted to downgrade the firmware with the fon flash executable. I did not purchase a serial cable yet as I wanted to try to enable SSH and connect via ethernet. Has anyone found a link I can reference that details the most efficient way to downgrade or unlock the fon+ so I can get openwrt. After a few hours of unsuccessful attempts I ask for the community's help for a good resource. Thanks guys!