diggler

Updating the WIKI page with an FAQ of common questions and logic behind how the pineapple works would help a lot.

What about after??? How would you refresh the IPTABLES back to "normal" after running SSLStrip and editing the IPTABLES? Just run the wp3.sh script again? Or is there a one liner that will reset BTR1 back to it's default state (which would be preferred).

1. http://wifipineapple.com/doku.php <-- read changelog here 2. yes 3. yes

Can this sucker be powered by USB? Adapter is 12v, batter pack is 6v, and usb is 5v? Can this thing be powered off of USB somehow or is there just not enough power? How much power does the AP51 actually draw?

check 6 posts above yours. sebkinne mentioned that nothing else is required if you flash the AP51 with his firmware. You'll have all the latest and greatest with no extra work. BTW thanks a million sebkinne -- awesome work! And Ghostshell for the directions: https://docs.google.com/viewer?a=v&pid=explorer&chrome=true&srcid=0BwPcnMovxGWJMmNkNTJhN2YtZWE1Ni00YmQzLTljMTItZWM3ZGY1NWViYThl&hl=en_US Cheers, Diggs

I'm not coder, but maybe you have to uncomment both lines? -Wbyline (perhaps that stands for webinterface byline?) ngrep conf my pineapple control center

hfam: You have been chatting about using a deauth tool to target specific AP's, but I came across this segment earlier this afternoon. http://www.youtube.com/watch?v=N_tnHHEFGKs :: check it around the 9 minute mark. Basically there is a tool / script you can run called airdrop-ng that will deauth everyone except you if you use the correct script. Someone correct me if I'm wrong here -- Darren was using his 3g phone service for internet, so I'm not sure that if you send mass deauth's to AP's (one's your connected to for deploying Karma) if you'll lose your connection to the internet. This seems like it would work very well and save you the time of entering and finding all the BSSID's from airodump-ng.

If you're running BT5R1 should be as easy as: airodump-ng wlan0 or airodump-ng mon0

Brilliant! I knew there was a benefit to being the clients AP that i just wasn't "getting". This makes so much more sense. Thanks! Where's the rest of the script ;) ha!

haha! freakin' awesome -- you guys rock! Mr-Protocol: how would that be possible? Can you explain the logic at all? What doesn't make sense to me is that I was trying to get ettercap to work earlier for the same reason. I wanted to automate and make the setup easier but ultimately I couldn't automate SSLSTRIP as much as I wanted because you have to select a client and host IP for ARPSPOOF. The "BIG" technical question in my head is can SSLSTRIP be ran against the AP and all traffic instead of individual clients? So it will literally create a net and capture all U/P for clients that connect to MK3. Thoughts?

Definitely would be interesting to see the script you use. wp3.sh seems to create the necessary allow IP forward rule (from 0 to 1). I found I was able to get ssl strip to work (which I'm completely knew to) by doing the following: - enable wifi pineapple (flashed to v1.9) & activate karma- enable iptables (iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080)- enable arpspoof (arpspoof -i eth1 172.16.42.178 172.16.42.1)- enable sslstrip (chmod +x sslstrip.py --> ./sslstrip.py -l 8080)

Cool. Thanks. What's your experience with URLSNARF been? If I run it through the webinterface it provides the proper results, however, when I run URLSNARF or DSNIFF from Terminal I get an update every second from pineapple's web GUI. Any ideas for how to prevent that from happening? Darren must have some script written on the pineapple already to prevent this from showing up. Also, I tried getting ettercap going on BT5R1 with a lot of problems but found an article to help get it up and running properly, but it borked when I tried sniffing traffic. I'm thinking it was because of my previous IPTABLE edit for sslstrip. See below: "- enable wifi pineapple (flashed to v1.9) & activate karma- enable iptables (iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080)- enable arpspoof (arpspoof -i eth1 172.16.42.178 172.16.42.1)- enable sslstrip (chmod +x sslstrip.py --> ./sslstrip.py -l 8080)" Any idea how to remove that line out of IPTABLES, or set it back to default? Thanks....

G'day Gents (& Gals?), Now that most of us have figured out how to flash and setup our MK3's, I'd like to start a discussion thread about what can be achieved next. Can one of the experts here provide some insight for how to route tools like SSLSTRIP + DSNIFF on the host OS (ex. BT5R1); a few have pointed out that there are storage limitations for logging data with tools that are built into the MK3 interface, such as, ngrep. Also, because we are already the MITM with the MK3 do we need to change iptables & use arpspoof? I don't want to bork the ./wp3.sh config for the MK3 by messing with routing, etc, when trying to configure SSLTRIP. This tool is awesome guys, really fun stuff... Thanks :) Diggs

Anyone else experiencing this? Setup: OS LION HOST OS BT5R1 in VMWARE (ALFA USB + AP51) ISSUE: When running DSNIFF from Terminal on eth0 or eth1, DSNIFF gets repetitive listings of the Pineapple's webinterface username/password associations. ASSUMPTIONS: Am I correct in assuming that I should be running DSNIFF on the eth0 adapter and not wlan0? MORE: Does anyone else have any tutorials / posts / suggestions for how to run tools like SSLSTRIP / ETHERCAP / DSNIFF etc? Many thanks... Diggs UPDATE 9/12/2011: - enable wifi pineapple (flashed to v1.9) & activate karma- enable iptables (iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080)- enable arpspoof (arpspoof -i eth1 172.16.42.178 172.16.42.1)- enable sslstrip (chmod +x sslstrip.py --> ./sslstrip.py -l 8080)

AP51 flashed successfully. Thanks everyone. Next issue... Karma is enabled URL Snarf is enabled ngrep is enabled I can see my devices associating from the DHCP log, however, with URLSNARF enabled I don't see any traffic flowing through and the same issue with ngrep. Ideas?

I had the same issue. My mistake was using the 192.168.0.100 IP in the guide Correction was to use the Default Gateway (172.16.42.42) of the Pineapple AP51 when redirecting the wired ethernet device for flash. Cheers, Diggs

same question here guys. Flash process is stalled, likely, because of an incorrect IP listed in the guide. A few posts up it was mentioned to use 172.16.42.100 and below asking if 172.16.42.1 is correct. Can you guys please shed some light on which IP should be used (for the AP51 from the hakshop). Cheers, Diggs