loozr

You might also have to edit the following line in your facebook.htm name="email" [/CODE] Into [CODE] name="name" [/CODE] This is because your error.php is looking for 'name' [CODE] $nam = stripslashes($_POST['name']); [/CODE]

Yes I totally agree with you, it might not be correct to call it a bug, but I'm not sure what to call it.. And since it's kind of similar with what Watskeburt reported here http://forums.hak5.org/index.php?/topic/27320-fixedbug-usb-wlan-boot/ I thought I might call it a bug. I'm sorry if this is not correct. I'm just thinking that it should be possible to add a codeline of some sort, to bring up the USB wlan after the internal wlan. But this is only a luxury issue, no big deal.

That's amazing work! looking forward to this be available in module list! :) Would it be possible to also add wash? to check if the network actually is using WPS?

Yes, there is no problem to just connect the Alfa after boot, however if the pineapple might reboot because of overload or something, then you would have to unplug the Alfa and reboot yet again and then reconnect your Alfa.. However I'm guessing that Sebkinne has enough in the to do list, and somehow I would not like to rush him on things. He has released a lot of dev flashes lately with fixes and new features, so the man's workin' on things! B) Just want to say that I really appreciate the work you do Sebkinne! :D

A bit late, but yes I would vote for keeping the GND cable. As far as possible I like to keep GND in the complete circuit in any hacks I have ever done.

I'm afraid this is easier said than done.. I have no knowledge about this at all, but I'll bet that Oracle protects their signed java applets as good as they can.. However the java client on users computers is breached every now and then.. <_< In my opinion I think most (normal) users have some kind of AV that the computer was originally delivered with, maybe not very god ones, but nevertheless I think that any attacks/pentests should be as stealth as possible i.e. no alert in AV. People that are not using AV would be more aware and not install an applet like the one above, and user not aware would be aware because of the AV.

Well, I might have been asking for much, but lets say I have configured DNS spoof to redirect facebook.com requests to 172.16.42.1, then I would NOT like DNS spoof to occasionally forward the DNS request to openDNS, which in turn will give the real IP to facebook. In the logfile I pasted previously you can clearly see this happen.. That said, there might be something going on that I don't understand. And I would very much like to give regular internet connection to the victims, as they would not hang for long without interwebz.

I'm not too sure if this should be reported as a bug or not, but I decided to put it in the forum, and if necessary Sebkinne or others can move it. Although this is not a serious problem for me, it would be great if this was an easy fix:) So the thing is that when the Pineapple (2.6.3, and prev) is booted with the Awus036h connected the wlan interfaces get switched. Meaning that the internal wlan interface becomes wlan1. I think this might be related to http://forums.hak5.o...-usb-wlan-boot/ which states that 2.6.3+ should be fixed(at least regarding Ralink RT2501. I'm posting some images to show my findings, and posting logs if needed. This is a fresh booted pineapple, and the awus036h is connected after boot The pineapple is booted with the awus036h inserted. Also the status page says that the internal wifi is not up, although that's what I'm connected via when reporting this. As a sidenote the Network Manager module is not able to bring up the device, Auto-detect or not. I have to ssh in to the Pineapple and issue ifconfig wlan1 up.

Good you sorted it out by yourself! Best way to learn, right? ;) I think you would have to execute a new symlink command when you are adding new files to your USB.

I have played a little bit with the Evil Java applet and found that the possibility to lure someone is quite slim.. The user would have to be quite braindead for you to achieve the attack. Just to make it clear I did not start a listener in Metasploit, nor did I test this in the "right side" of the pineapple. The reason for this is both that I'm not sure how to change the listener address in the attack, and I didn't want to create a BT VM in my laptop for this test. This test is made from the WAN/LAN side. And MSE went totally crazy when I entered this site, so the test is run without any AV. Firstly the site is.. well not too bad But the warning speaks for itself Especially when the AV is amok at this point. That said, I have also tested a couple of java attacks from SET in backtrack, but I haven't found any that actually fools MSE. If anyone have any tips to what java attacks one might use without AV going insane would be great! Otherwise I don't see any point in using time on this. In regards to what you can do with it is potentially own the users machine ;)

I finally updated the flash, blame the delay on Black Mesa Anyways, anyone else having trouble with modules with 2.6.4? I guess it's because of the port-change. I guess this is up to the module-writers to fix, but I thought I should mention it here, rather than posting in all the module thread's..

Yeah, I think most OS'es store some kind of a DNS cache, therefore I always use ipconfig /flushdns and ipconfig /renew in my Windows OS. May not need both commands, but I like to do both. And I also have as a habit to run a ping to test it. Anyways, isn't the log that dns spoof creates a kind of "copy" of dns spoof's output? Like when the log shows an opendns ip, I think that DNS Spoof is telling the victim to use the opendns ip. I would rather have DNS spoof not sending ANY ip, if it's unable to send the pineapple's ip. In my understanding DNS spoof is actually like a regular DNS service, it's broadcasted as the DNS server by DHCP, and every DNS request should go to DNS spoof, right? And the addresses that DNS spoof is configured with should be consistent. And only the requests that DNS spoof is not configured with should be sent to like opendns. If this is just how it has to be, then I'm fine with that, but I would like to fix it if there is something I'm doing wrong. I guess it's all about learning how to do things properly :)

The funny thing is that when playing with my pineapple at home, I have 2 instances of my homenetwork, one encrypted, and one open. So the pineapple seems to duplicate the network(without encryption), although Win is not automagically connecting to the open version. So I'd say that Karma responds to encrypted probes too, but Windows is not dumb enough to autoconnect to the open network..

Great! B) Will test it as soon as I've taken backup of my configs..

Could the difficulties with the google bar be related to the Safe Browsing API from google? Actually I was testing sslstrip against the google bar, and this is what the log says. 2012-09-14 12:37:37,385 POST Data (safebrowsing.clients.google.com): goog-malware-shavar;mac goog-phish-shavar;mac [/CODE] Did they save my mac or what??

Did you just get 3 probes? In that case it doesn't have to be anything wrong. The 3 probes that you got, could be encrypted networks, and the Pineapple is not (yet?) capable of autoconnecting to encrypted probes. Well, as far as I know at least :) Another thing to mention is that after I replaced the pigtail in my Pineapple, I got a lot more connections. That could be pure luck, but it could also be because of better signal. Take the pineapple to a cafe or someplace with a lot of people, and try running karma. I guess you will get a couple of connections.

Could you please give me some hints to how you get this plugin working? I've tried adding a image-replace filter from this site: http://www.irongeek.com/i.php?page=security/ettercapfilter But I cant get it working. Usually the log only states. [1mettercap NG-0.7.3[0m copyright 2001-2004 ALoR & NaGA [/CODE] Also when not using any filter whatsoever..

Well, I just tested ssl strip, and it found what I'm interested in out of the box. But I think you should run only sslstrip, and not i.e. dns spoof simultanious at the same time. Fire up sslstrip, and connect a test maschine to the Pineapple and enter a couple of sites with login and enter som text. You should find username, and password or a md5 hash of the password. If you get the md5 hash just use an online md5 decrypter, and voilla! But did you want anything else with sslstrip? Edit; However, would there be a way you could cleanup the sslstrip log a little bit? I can see that different pages uses different techniques for username/password, but if one could somehow clean it up a little bit. Like showing only lines that contain username/password? Maybe a little bit off-topic for this thread...

Haha, thats hardcore Barry!! :) Great build! B)

Barry: Yes, there is signal loss, but I don't think I will see any difference between 10cm and 15cm cables. That said, the cable that I put into my Pineapple is 15cm long, and the original in the pineapple is about 8cm. Still the longer cable is doing better. In fact, I had some problems that I did get very few connections from Karma with the old cable, however with the new cable I got a lot more connections! Darren: Well, I didn't believe that there would be any difference in signal strength either, but now I'm convinced. I'm sorry but I have no spec on the pigtail, except its black, about 15cm long, ordered from ebay some while ago, and it works great. I could have a look in my ebay history, but I don't think this cable is special in any way. Just an ordinary pigtail I guess. And regarding the bit lengthy cable of mine, I didn't twist it, but rather made a loop, if you understand me and see the difference. It felt kinda "neat and safe", and I mounted the rp-sma correctly, so there is not possible to twist the cable from the rp-sma-end-of-the-cable ;)

And all this years my mom told me that the longer the better... Anyways, I just snuggeled the wire in there, and it works better than the original, so I'm happy with it. Hopefully the pigtail is shielded, so you could have a couple of meters inside before you would notice any difference in signal? Exadurated I know, but would it be partially true?

Well, you could have a look in the thread http://forums.hak5.org/index.php?/topic/27372-anker-astro3-10000-mah/ But I have to say that I couldn't find any spec about the mA of the product in your link, it might be enough mA, but why gamble when the Anker Astro 10000 mah have 2 usb outputs of 2 Amps. It's not too expensive, and it can also output 5v, 9v and 12v. All within the operating area of the Pineapple.

If I understand you correctly, you are plugging the USB from your laptop, into the USB on your Pineapple? You should not do this, as this could harm the Pineapple!! You should either buy a cable like this http://hakshop.mysho...usb-power-cable or make one yourself, to feed the Pineapple power the right way. And laptops usually only give 500mA of juice, and the Pineapple uses up top 1000mA, so you should really not power it from the Laptop at all. The best thing to do is to use an Anker Astro 3 batterypack, or as me a batterypack from DX.com. Theese batterypacks give you an output of up to 2Amps, which is enough for the Pineapple. Edit: The reason why you can not connect to the Pineapple I would believe is because of too little power.

Well, hopefully theese steps might help ou out a little! :)