crashie

I will arrange a "manual" that I put on the github later today. With the instructions. Not that complicated though. The first index.html file goes to the /pineapple folder. The image files goes to the /pineapple/img folder. The .css files goes to the /pineapple/css folder. The module.html file in the module/Dashboard folder in the zip goes to the /pineapple/modules/dashboard folder. You have to replace the old files with the new. And make sure you are on firmware 1.0.5. /crashie

For anyone who want's my "NSA-style" themes you'll find them here now: https://github.com/crashieSWE/nanothemes Will upload any future themes there. Until we have a "theme module" in the NANO :P

Here's my new "light" NSA style theme :P

Lets hope Sebkinne can fix the issue.

That's not an issue with the module but with the Nano itself. Sebkinne is working on a solution. Since if you try to download a file let's say 40MB through SFTP or SSH the same error occurs. But seb will solve it soon enough.

I already have them :P Just not in this picture :P

Green on black :P

I've actually played around with it and yeah.. I might actually go for it :P My current changes :P

You could always mod the CSS on your own :)

Yeah, interesting at least :) Looking forward to have it fixed so I can download those big pcaps without a hassle :) I have faith in you.

The issue is taken care of by sebkinne. He's looking into it since he could also reproduce the same issue. Probably solved soon enough.

1. Samsung S4 2. 5.0.1 3. Stock 4. No, not working on the S4 for some reason.. 5. Yes 6. Yes Other than that I'm running it with my Macbook Air and I also have a Alfa AWUS036NEH attached to it from time to time :P See my pic :)

To add to the issue, I've now tried four different microSD-cards. And the same issue with all of them. Are all SD-cards faulty or is it the NANO who's acting up? Can write to the SD on the NANO but the problem starts when reading a large file (downloading) from it through either the webinterface or sftp etc.

Nice ideas but why not use PineAP and allow association? That will show them what really can be done and that they don't actively have to "choose" the right network SSID :P And that it can happen to them anywhere.. At the office premises, at the restaurant, at the pub, at the train etc. They should always pay attention to networks they are connecting to and don't allow their devices to automatically connect to known wireless networks etc.. Just my 2 cents. /crashie

Some more data: Wed Feb 17 21:15:42 2016 kern.info kernel: [ 118.760000] br-lan: port 3(wlan0-1) entered disabled state Wed Feb 17 21:15:42 2016 kern.info kernel: [ 118.760000] device wlan0-1 left promiscuous mode Wed Feb 17 21:15:42 2016 kern.info kernel: [ 118.770000] br-lan: port 3(wlan0-1) entered disabled state Wed Feb 17 21:15:42 2016 daemon.notice netifd: Network device 'wlan0-1' link is down Wed Feb 17 21:15:42 2016 kern.info kernel: [ 118.910000] device wlan0 left promiscuous mode Wed Feb 17 21:15:42 2016 kern.info kernel: [ 118.910000] br-lan: port 2(wlan0) entered disabled state Wed Feb 17 21:15:42 2016 daemon.notice netifd: Network device 'wlan0' link is down Wed Feb 17 21:15:42 2016 kern.err kernel: [ 119.570000] Buffer I/O error on dev sda1, logical block 2655233, lost sync page write Wed Feb 17 21:15:42 2016 kern.err kernel: [ 119.570000] JBD2: Error -5 detected when updating journal superblock for sda1-8. Wed Feb 17 21:15:42 2016 kern.err kernel: [ 119.580000] Aborting journal on device sda1-8. Wed Feb 17 21:15:42 2016 kern.err kernel: [ 119.580000] Buffer I/O error on dev sda1, logical block 2655233, lost sync page write Wed Feb 17 21:15:42 2016 kern.err kernel: [ 119.590000] JBD2: Error -5 detected when updating journal superblock for sda1-8. Wed Feb 17 21:15:42 2016 kern.err kernel: [ 119.620000] EXT4-fs (sdb1): couldn't mount as ext3 due to feature incompatibilities Wed Feb 17 21:15:43 2016 kern.err kernel: [ 119.650000] EXT4-fs (sdb1): couldn't mount as ext2 due to feature incompatibilities Wed Feb 17 21:15:43 2016 daemon.notice netifd: radio1 (2255): Interface 0 setup failed: BRIDGE_NOT_ALLOWED Wed Feb 17 21:15:43 2016 daemon.notice netifd: Network device 'eth0' link is down Wed Feb 17 21:15:43 2016 kern.info kernel: [ 119.970000] eth0: link down Wed Feb 17 21:15:43 2016 kern.info kernel: [ 119.970000] br-lan: port 1(eth0) entered disabled state Wed Feb 17 21:15:43 2016 kern.info kernel: [ 120.180000] EXT4-fs (sdb1): recovery complete Wed Feb 17 21:15:43 2016 kern.info kernel: [ 120.180000] EXT4-fs (sdb1): mounted filesystem with ordered data mode. Opts: (null) Wed Feb 17 21:15:43 2016 kern.info kernel: [ 120.360000] usb 1-1.2: USB disconnect, device number 5 Wed Feb 17 21:15:43 2016 kern.err kernel: [ 120.370000] scsi 1:0:0:0: rejecting I/O to offline device Wed Feb 17 21:15:43 2016 kern.info kernel: [ 120.370000] scsi 1:0:0:0: [sdb] killing request Wed Feb 17 21:15:43 2016 kern.info kernel: [ 120.370000] scsi 1:0:0:0: [sdb] Wed Feb 17 21:15:43 2016 kern.warn kernel: [ 120.380000] Result: hostbyte=0x01 driverbyte=0x00 Wed Feb 17 21:15:43 2016 kern.info kernel: [ 120.380000] scsi 1:0:0:0: [sdb] CDB: Wed Feb 17 21:15:43 2016 kern.warn kernel: [ 120.390000] cdb[0]=0x28: 28 00 00 00 00 b7 00 00 08 00 Wed Feb 17 21:15:43 2016 kern.err kernel: [ 120.390000] blk_update_request: I/O error, dev sdb, sector 183 Wed Feb 17 21:15:43 2016 kern.err kernel: [ 120.400000] Buffer I/O error on dev sdb2, logical block 60, async page read Wed Feb 17 21:15:43 2016 kern.err kernel: [ 120.400000] Buffer I/O error on dev sdb2, logical block 61, async page read Wed Feb 17 21:15:43 2016 kern.err kernel: [ 120.410000] Buffer I/O error on dev sdb2, logical block 62, async page read Wed Feb 17 21:15:43 2016 kern.err kernel: [ 120.420000] Buffer I/O error on dev sdb2, logical block 63, async page read Wed Feb 17 21:15:44 2016 kern.info kernel: [ 120.970000] eth0: link up (100Mbps/Full duplex) Wed Feb 17 21:15:44 2016 kern.info kernel: [ 120.970000] br-lan: port 1(eth0) entered forwarding state

Ok, next update on the issue.. It seems to relate to the USB (or microSD) interface.. maybe I've got a defect NANO or SD (tried another SD-card but that doesn't mount)?.. Been trying everything but as soon as I initiate a transfer of a file that is large enough the interface goes down and then back up in 3-5 seconds and using sftp I can resume the download but after 10-40 seconds (differs from time to time) then it disconnects again and reconnects which interrupts the transfer.. So to be able to transfer a pcap of 166Mb I have to resume the download 30-50 times before I've got the whole pcap.. I've recorded a video of the screen of what's going on when it happens.. but below is some data from dmesg: [ 459.450000] usb 1-1.2: USB disconnect, device number 6 [ 459.460000] scsi 2:0:0:0: rejecting I/O to offline device [ 459.460000] scsi 2:0:0:0: [sdc] killing request [ 459.470000] scsi 2:0:0:0: [sdc] [ 459.470000] Result: hostbyte=0x01 driverbyte=0x00 [ 459.470000] scsi 2:0:0:0: [sdc] CDB: [ 459.480000] cdb[0]=0x28: 28 00 00 00 00 5f 00 00 40 00 [ 459.480000] blk_update_request: I/O error, dev sdc, sector 95 [ 459.490000] Buffer I/O error on dev sdc2, logical block 28, async page read [ 459.490000] Buffer I/O error on dev sdc2, logical block 29, async page read [ 459.500000] Buffer I/O error on dev sdc2, logical block 30, async page read [ 459.510000] Buffer I/O error on dev sdc2, logical block 31, async page read [ 460.370000] eth0: link down [ 460.370000] br-lan: port 1(eth0) entered disabled state [ 461.480000] device wlan0 entered promiscuous mode [ 461.480000] br-lan: port 2(wlan0) entered forwarding state [ 461.490000] br-lan: port 2(wlan0) entered forwarding state [ 461.610000] device wlan0-1 entered promiscuous mode [ 461.620000] br-lan: port 3(wlan0-1) entered forwarding state [ 461.620000] br-lan: port 3(wlan0-1) entered forwarding state [ 462.600000] usb 1-1.2: new high-speed USB device number 7 using ehci-platform [ 462.610000] br-lan: port 3(wlan0-1) entered disabled state [ 462.740000] usb-storage 1-1.2:1.0: USB Mass Storage device detected [ 462.780000] scsi host3: usb-storage 1-1.2:1.0 [ 463.340000] br-lan: port 3(wlan0-1) entered forwarding state [ 463.340000] br-lan: port 3(wlan0-1) entered forwarding state [ 463.490000] br-lan: port 2(wlan0) entered forwarding state [ 463.610000] eth0: link up (100Mbps/Full duplex) [ 463.610000] br-lan: port 1(eth0) entered forwarding state [ 463.620000] br-lan: port 1(eth0) entered forwarding state [ 463.780000] scsi 3:0:0:0: Direct-Access Generic STORAGE DEVICE 0933 PQ: 0 ANSI: 6 [ 463.790000] sd 3:0:0:0: Attached scsi generic sg0 type 0 [ 464.060000] sd 3:0:0:0: [sdc] 62521344 512-byte logical blocks: (32.0 GB/29.8 GiB) [ 464.070000] sd 3:0:0:0: [sdc] Write Protect is off [ 464.070000] sd 3:0:0:0: [sdc] Mode Sense: 21 00 00 00 [ 464.070000] sd 3:0:0:0: [sdc] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA [ 464.120000] sdc: sdc1 sdc2 [ 464.130000] sd 3:0:0:0: [sdc] Attached SCSI removable disk [ 465.340000] br-lan: port 3(wlan0-1) entered forwarding state [ 465.620000] br-lan: port 1(eth0) entered forwarding state [ 466.340000] Buffer I/O error on dev sdb1, logical block 3702784, lost sync page write [ 466.350000] JBD2: Error -5 detected when updating journal superblock for sdb1-8. [ 466.350000] Aborting journal on device sdb1-8. [ 466.360000] Buffer I/O error on dev sdb1, logical block 3702784, lost sync page write [ 466.370000] JBD2: Error -5 detected when updating journal superblock for sdb1-8. [ 466.420000] EXT4-fs (sdc1): couldn't mount as ext3 due to feature incompatibilities [ 466.460000] EXT4-fs (sdc1): couldn't mount as ext2 due to feature incompatibilities [ 466.600000] EXT4-fs (sdc1): recovery complete [ 466.610000] EXT4-fs (sdc1): mounted filesystem with ordered data mode. Opts: (null) [ 466.980000] Adding 1004024k swap on /dev/sdcard/sd2. Priority:-3 extents:1 across:1004024k I've also now tried with another SD-card (2GB) but still have the same issue. I can upload a 160MB pcap to the SD storage through SFTP with no errors. But as soon as I try to download the same file it disconnects and reconnects. With my other SD-card I got this error also if it can help: [ 471.720000] usb 1-1.2: USB disconnect, device number 11 [ 471.720000] scsi 7:0:0:0: rejecting I/O to offline device [ 471.720000] scsi 7:0:0:0: [sdb] killing request [ 471.730000] scsi 7:0:0:0: [sdb] [ 471.740000] Result: hostbyte=0x01 driverbyte=0x00 [ 471.740000] scsi 7:0:0:0: [sdb] CDB: [ 471.740000] cdb[0]=0x28: 28 00 00 00 00 00 00 00 20 00 [ 471.750000] blk_update_request: I/O error, dev sdb, sector 0 [ 471.760000] Buffer I/O error on dev sdb, logical block 0, async page read /crashie

Ok, another update :P The issue is back again and I've only installed the urlsnarf and tcpdump modules on the SD-card. As soon as I initiate a download from the NANO it starts to disconnect and reconnect the interface and behaving crazy. Wondering if it's about heating issues or something else. It doesn't matter if I try to do it connected directly to the NANO with through the USB-port or over the Wi-Fi. The same result in the end. Always disconnects after some seconds, reconnects and disconnects and so on for a while and in the end interrupting the transfer. Doesn't matter which computer I try from, it's the same result. Maybe it's my bad luck and the device is faulty? Or there is something I can do to solve it.. Another thing I've noticed today is that when I've "checked" the PineAP "Allow Associations" box and starts it disables itself after a while. Sometimes not at all but sometimes on it's own after just minutes. I recheck it and it stays enabled for a while after that. But somethings really weird, that I can say at least. Hopefully someone here have some ideas to try :) /crashie

When running the NANO with tcpdump enabled it gives me below error message from time to time. Doesn't matter what settings i use with tcpdump. "tcpdump: pcap_loop: corrupted frame on kernel ring mac offset 18512 + caplen 873269827 > frame len 131072" Anyone who knows why this happens? /crashie

Update.. Did a full reflash of the firmware pushing in the reset button while connecting the nano to my USB. Then flashed the latest firmware again and configured and installed only urlsnarf and tcpdump modules. Now it seems fine and I could download a 138Mb pcap from it without issues. Going to install one module after another and see why it did what it did before.. But that's for tomorrow. Now it's sleeping time :P

Correction, I've now seen that the Nano actually disconnects and reconnects when looking at it in the network settings page on my mac. And therefore the transmission gets interrupted. Don't really understand why though.. somethings weird. I've also done a "factory reset" of the Nano but it still gives me a hard time trying to download files from it. Whether it's connected using USB, or when over Wi-Fi. As soon as I start downloading it disconnects after some seconds. It's like the network interface on it dies for just 2 seconds and then it comes up, but it's enough to interrupt the transmission. I've also noticed that if a client is connected and starts a heavy download it behaves the same way, the network interface disconnects and reconnects. Think I'll have to reset again and try once more.. but something's wrong..

Hi, I've run into another issue with the NANO. When trying to download the pcap captures from the NANO either from the webinterface or using sftp it terminates the transfer after 5-10 seconds. I have a pcap of around 130Mb that I want to download to my laptop but I'll probably have to take out the SD-card and put it into another device and extract the pcap's. Anyone else that have had this issue? /Crashie

Hi, I've got the Pineapple NANO and enabled USB tethering in my Samsung S4. (Had to use my old Nokia cable since the one which came with the NANO didn't work). The next issue I have is that when running Android Wi-Fi Pinneapple app it just tells me that Tethering is disabled and that I must configure it. Even though tethering is actually working since I can connect devices to the NANO and the devices is able to access the Internet. So I don't get why the app still tells me it's disabled when it's clearly not :P Not really an issue for me but just wanted to inform you guys and check if you've heard about it before. Other than this small issue it's running great! Just waiting to get the sslstrip infusion when ready.. /crashie

Yeah, you're right :P Most of the users run as local admin. The wmic should work great.. works fine here at least :) Also have in mind your keyboard layout so it have the right symbols.. this one won't work with danish, norwegian, swedish layouts because a missing ^ in the properties file..

Hehe, I'm working on my new stealer payload, for almost all browsers.. at least the ones used by the 99%.. ;) I will post it when it's finished and tested. But I'm also thinking of adding some other stealers to it, like messenger stealer and such stuff.. One payload to steal all the goodies ;) together with the SAM and so on... But since I do this on my spare time (have to work also) it won't be finished this week.. but maybe in 1-2 weeks I'll have a first version finished.. But keep up the work with your payloads and post them here :) /crashie

Yeah, sadly enough it does.. the CMD have to run as admin so the local user have to be in that group yes. But I am working on a solution to bypass that.. so you can run it on a regular user account with elevated privileges. To steal the browser passwords (opera, safari, firefox, chrome) though it's not needed :P I will add that payload later this week when it's finished and tested completely. One version that saves it to the SD and one that send it out over HTTP. Bitsadmin works great for sending stuff over the Internet as HTTP but it requiers an IIS server on the other end. I am though working on an exploit to also be able to steal the Wi-Fi passwords in clear-text without being admin as I said.. but it will take some time to finish since I'm working on it alone. But I'll keep posting the results here :) /crashie