leg3nd

Glad it helped others as well.

Should consider it a compliment! ;) I (like most people) am using many of your infusions and enjoy them greatly. Honestly it would be cool if the starting point included some of your GUI code as a library. I would guess that most people that are here are pentesters, not PHP/JQuery dev's - so from the daily life of a pentester point of view we just want to get things out and stable as quickly as possible which generally means not reinventing the wheel. Feel free to add the code for your WiFi Manager (although its very minimal PHP, I just did most of the parsing in BASH). There's probably much more elegant ways to implement it, but it works for my purposes and only took a few minutes to do. From my point of view the purpose of this was to make something lightweight, minimalist, yet still informative - integrating into a more complex infusion kinda defeats that purpose. So I personally would not use it, however that doesn't mean that others wouldn't enjoy it, so feel free to do what you'd like. :)

Sorry about that - was just throwing it up here because it was easy. I'll add it to the bar this week.

Description: This a a very simple and minimalistic infusion that allows for a script-managed wireless connection for connection sharing. Although I did like the feature set of WifiManager, I personally prefer a more minimalist and script-based approach. This infusion provides network status information as well as an interface to manage the script. Note: When adjusting the variables in the wireless script, maintain the quotation formatting! This is required for the script to function correctly. Feature Set: Script Editor: A basic text editor that allows for editing of the script on the fly. Status Monitor: Outputs important information on your network connection to the small and large tiles. Including: iwconfig, ifconfig, and ping. Example Output: 802.11bg ESSID:"MyGuest" wlan1 2.437 GHz Access Point: AE:22:0A:32:34:F9 Quality=70/70 Signal level=-4 dBm Link 192.168.2.64 192.168.2.255 255.255.255.0 PING google.com (74.125.239.41): 56 data bytes 64 bytes from 74.125.239.41: 17.938 Auto Refresh Enable/Disable and Logging in Small Tile AutoStart Enjoy!

Note: Other issues such as excessive power draw can still cause problems, this is not officially supported by the Hak5 team - this is simply a fix to resolve the interface detection. I was recently looking for a fix to the Alfa AWUS036H USB wifi adapter being detected as wlan0 upon a fresh reboot of the pineapple (causing the internal card to be detected as wlan1). The solution is quite simple, change the drivers (RTL8187) boot sequence to something after the internal cards driver (ath9k). The following command does this: mv /etc/modules.d/27-rtl8187 /etc/modules.d/29-rtl8187 reboot That's it. Now it works as intended. That's all for now folks. ;)

Post any issues that you started to have here and I am sure I can fix them pretty easily. I have been very busy working and traveling, which in tandem with the release of Mark 3, has caused me to not spend much development time on it. I will request a Mark 4 and get it setup for that when it becomes available assuming people still use the script. As of right now, it still works fine for me on my Mark 2.

This can work with the mark 3, You can download it from my website but it is better to use the svn checkout command on the googlecode page instead. svn checkout http://jasagerpwn.googlecode.com/svn/trunk/ jasagerpwn I uploaded the .tar.gz file again for you if you do not want to use SVN to download it. I will still support the project but not as much since people do not appear to use it as much anymore.

The script will work fine on a MK3 assuming you can get it setup correctly, I have posted some basic instructions on this but do not have a MK3 to test or configure this with. The instructions are purely from output people have sent me and helping a couple people with troubleshooting. It is likely that you will need to do additional steps, but it should point you in the correct direction. The post is here.. http://forums.hak5.org/index.php?showtopic=24966

JasagerPwn is not designed for the MK3 currently. Although I have had a couple discussions with people who have gotten it to work, it is a bit more complicated. Although I have not been able to test any of this or verify it, it should put you on the right track. The following is assuming the default subnet that jasagerPwn is configured with.. 192.168.10.0/24 with the attacker at 192.168.10.2. Note that you said you tried to take out DHCP, that is not going to work. This is because by running the DHCP server locally on the attacking machine you are able to create the DHCP scope file with the attacker machine as the gateway and DNS server. # Disable DNSmasq, So we can use the DHCP server on the attacking machine. /etc/init.d/dnsmasq stop /etc/init.d/dnsmasq disable <-- This is one issue, I don't think DNSmasq can be disabled this way. # Remove the public google DNS from the network file and manage that from the attacking machine sed -i 's/8.8.8.8/192.168.10.2/g' /etc/config/network # Flush any IPtables rules (Not sure if there are any) iptables -F ; iptables -X If anyone can add in something I missed it would be appreciated and will be added to the main post. Have a good Christmas all!

I have released version 1.4 - The main changes are streamlined code and additional AV prevention. I took the time to go through and remove a lot of the bloated and unneeded code, and changed a few things in order to speed things up. Overall it was reduced by about 200 lines. Now payloads will only be created once, rather then every time you run an attack. They will be generated the first time you run any attack which requires them, and the same payloads will be reused if you decide to switch attacks, this speeds things up exponentially on slower computers such as netbooks. I also added in a script I made a couple weeks back to dynamically compile meterpreter payloads for windows rather then using the default metasploit payload. This basiclly outputs C code from msfpayload, adds in random data into different datatypes within that C code, then compiles it. This will cause the signature of the EXE to change, and although some AVs may still detect it, it will drop the detection rate over 60% (Yes this bypasses norton, mcafee, avast, and avg). Here are the VirusTotal results for one of the payloads, results may vary and may worsen over time as vendors catch on. Normal Meterpreter: Normal Metasploit Generated Meterpreter Obfuscated Meterpreter: Custom Compiled Meterpreter Lastly, I added in a basic script to monitor the interface for potential SSN's and CCN's. This can be disabled with the "Extras" variable as well. I did change quite a bit and tested it, but if you do find any bugs or have feedback please feel free to post.

Never had this issue, but that is not the way I generally disable dnsmasq. I'm not sure how it will work that way. I generally use the following, as stated on the installation and howto page. If that doesn't help then I'm not sure on the top of my head, appears to me that either that service is still running or another service is on that port causing a conflict. /etc/init.d/dnsmasq stop /etc/init.d/dnsmasq disable