telot
-
Posts
803 -
Joined
-
Last visited
-
Days Won
12
Posts posted by telot
-
-
I've tried sshfs and failed a while ago (you can search the forums for the thread) but Sebkinne has stated it will be in a soon-to-be-released firmware update. Right now you can get Samba working fine, though its far from secure. I too have wanted to do this, as I love to tcpdump all my packets - so I typically throw in a 16 or 32GB card in the usb. Freeing up that USB port for a alfa wifi card PLUS having my 6TB of my server available for tcpdumps would greatly increase the longevity of my deployments.
telot
-
Its true - the mark3 had a very short lifespan. A faster proc and 2 more powerful USBs (1 3G and 1 Wifi dongle would be awesome) with SD card slot as well for storage would pretty much make me the happiest camper around. Not that I'm complaining! The mark4 is an amazingly simple and inexpensive little router that (as this thread says...) has tons more potential for the future.
As for mark5, you'd have to ask Seb, Darren and Robin
telot
-
This is what I get our of dmesg when I plug it into ubutu 12.04LTS or BT5R2:
[ 804.206472] udevd[15628]: starting version 175
[ 807.450999] usbcore: registered new interface driver usblp
[ 892.669234] usb 3-2: new high-speed USB device number 7 using xhci_hcd
[ 892.694171] usb 3-2: ep 0x1 - rounding interval to 32768 microframes, ep desc says 0 microframes
[ 892.694185] usb 3-2: ep 0x82 - rounding interval to 32768 microframes, ep desc says 0 microframes
[ 892.694198] usb 3-2: ep 0x5 - rounding interval to 32768 microframes, ep desc says 0 microframes
[ 892.694206] usb 3-2: ep 0x6 - rounding interval to 32768 microframes, ep desc says 0 microframes
[ 892.982766] usb 3-2: ath9k_htc: Transferred FW: htc_9271.fw, size: 51272
[ 892.983060] xhci_hcd 0000:00:14.0: ERROR no room on ep ring
[ 892.985968] usb 3-2: ath9k_htc: Unable to allocate URBs
[ 892.986022] ath9k_htc: probe of 3-2:1.0 failed with error -22
I've tried it on two separate machines that work fine with my old AWUS036H...any thoughts?
telot
-
Whats your intended usage dustbyter? I'm far from expert on it, but it seems to be a non-interactive auth solution for ssh. Why not just use keypairs? ssh-keygen and such?
telot
-
Yeah I'll give that a try when I fire it up this weekend - very odd theres no driver on the alfa page and not much of anything when googling...how strange! Thanks sober!
telot
-
Anyone gotten this working on a linux box yet? I haven't yet played with it, but just googling around there is no link on the alfa site, nor any mention of third party drivers in any forums I could dig up. Is there any hope of it working in BT5R2 without alfa providing the drivers?
telot
-
Glad you enjoy the idea WM!
Seb - thanks for your input, and yes I will be putting these in the Suggestions subforum. I wanted to put it here first to spur some discussion and bounce ideas off each other. Also, this way I could save myself the trouble of suggesting something clearly impossible or something you're already working on :)
petertfm - what a great mod that'd be! I didn't even think of grouping macs/ssid's into "teams" so you can DNSspoof some, nmap others, let others just get to the internet without problems - awesome!
telot
-
Heres a guide I did on using sslstrip - if you have any changes or additions, please feel free to copy it and add in your findings. Thanks!
telot
-
Wow. My wife asked me what was so funny on reddit...but it was the...Jasager forums? Never thought in a million years...
If you didn't make defcon petertfm, try and make it out to Louisville this september for Derbycon!
telot
-
Hello and welcome to another one of telot's summarizing and planning threads! Since we seemed to have nailed down a great majority of the milestones set in the last thread like this, I thought it might be time for us to group up and brainstorm for the future.
To recap:
We've got pineapples sending emails, jamming wifi, and modules galore for the gui folks.
We've got sslstrip working wonderfully - and it is a sweet fruit.
We've got reaver installed and operational - glory be this apple of the pine.
We've got tango mode - thanks be to Darren.
We've got android tethering working like a champ - holy shit.
We've got translations for our non-english friends - Dios mio!
And out of left field here comes ettercap!
We've done a lot in the last months with this great new hardware and our amazing community of devs, coders, power users, noobs, and friends. But this hardwares going to have a while before EOL, so why be sated with our past accomplishments? The world is our pineapple flavored oyster! (gross as that sound...)
Here is my list, but please for the love of all that is juicy and alfa, post your suggestions and I will add them to the list.
sshfs
remote on the fly encrypted file access/storage for your dropbox
iPhone tethering
the apple folks among us are few, but very jealous of their android brothers
full disk encryption
No matter how well hidden, someone might find your box of doom. So why not encrypt it all and at least slow them down?
OSX module/mode
Again with the apple stuff, but judging by the OSX-related problem posts, changing between OSX and linux/windows with a module or button press would be amazing.
mdk3
Speaks for itself - awesome wifi tool.
BEEF
Its whats for your pineapple someday? There was talk about it back in April, but nothing came to be...perhaps a revisit?
mac changing abilities
Seb mentioned today its close being dev'd into the firmware - this opens so many doors to scripts and modules. Change on boot, change on schedule, change with button press and change on client ssid or mac...which leads me to.
client ssid or mac triggers
Perhaps we can create a golden list (as opposed to white/black listing) comprised of the mac address(s) the attacker knows will be in its vicinity. The pineapple is karma'ing like usual, but once this mac is seen on the pineapples connected clients list, it triggers action(s) such as sending an email to its owner, starting a tcpdump capture just for them with special filters, or even writing over its entire filesystem. You're about to get busted with your pineapple? Just turn on your phones wifi and theres no more evidence. I imagine you could also form triggers based off of ssid's being "Yes manned" by the pineapple.
tor/botnet
This gets a little crazy. I recently saw this guys talk at BSides: http://www.irongeek....elligent-f-bomb The F-bomb is a darpa funded pineapple...kind of. This guy took a pogo plug and turned it into a build your own wifi hacking, data stealing, scalable and throwable botnet with anonymized and decentralized command and control. Watch the video, if you like the pineapple, his F-BOMB project forks off in an interesting direction and its a worth while watch. Best of all, he plans to release it opensource in a few days. He does this with Archlinux - I think we could do it one better by porting some of the functionality and still have jasager on our favorite spikey green leafed hardware.
What else guys?
telot
-
Thanks for taking the time with the voltmeter RChadwick! It always good to have the hard facts. The shortcomings of embedded system's USB ports has been a hot topic around here lately - I'm especially disappointed with the raspberry pi's underpowered (and shared pipe) USB's. However, I use a SuperTalent Pico USB stick with my mark4 for days at a time in my lab. Dozens of clients, constant writes with tcpdump and sslstrip. All running off a POE cable from a spare laptop. I don't doubt your measurements, but I have experienced very reliable performance with this card.
Supertalent card:
http://www.supertalent.com/products/stt_usb_detail.php?type=Pico
Super Awesome POE cable:
telot.org/poe.html
telot
telot
-
I can confirm pwnpi rocking ICS to my pineapple just fine :) Unfortunately the raspi's usbs are even more underpowered than the pineapples, so deauths and such still require a USB hub (something I was hoping to avoid...) but even so, its still awesome as hell
telot
-
Thanks for the PSA Seb!
telot
-
As WM linked to, its the txpower - the little pineapple doesn't have enough power to run at full strength. I wish that the hakshop would mention that you need to either reduce the txpower or get a powered hub (with the complication that arises from that as well...cut the red wire to the pineapple lol). It would save a lot of these questions and would save from some disappointment that I know I experienced too when I first plugged in my nha. But, such is life, and theres a work around so whatevs.
telot
-
:::Rubbing hands together evilly:::
I think we're all waiting with baited breath! Now that we have sslstrip, reaver, and soon ettercap working - where else are we taking this little fruit of ours?
telot
-
petertfm beat me to it! I was going to ask the same thing after I saw your latest screenshot :)
Its looking great WM!
telot
-
Hop on the Jasager forums for more responses! Thats where the pineapple community lives and thrives. We're waist-deep in discussions about ettercap, and theres plenty of threads about sslstrip (I made a nice how-to without ARP) so I think this topic would be especially welcome. Thanks!
telot
-
Haha I saw that on Engadget this morning as well...what the hell IS that thing?! Whats with the big wing effect they've got going? Bizarre...
telot
-
Sticky that shizz! ^^^^
Thanks barry99705!
telot
-
You might want to send a PM to Whistle Master - he has been working on ettercap in the past but ran into some issues as Seb mentioned. I'm sure he'd appreciate a new set of eyes on it.
telot
-
Nice write up Isc! I particularly appreciate how you voice your assumptions to head off the otherwise inevitable clarification questions and even did up a little troubleshooting guide - saves everyone time! Thanks man
telot
-
Congratulations on your purchase and welcome to the pineapple community unixmito! I'm sure Mr. Protocol or one of the other mods will move this thread soon. If he doesn't in the next day or so, just PM him and you'll receive many more replies, as the Jasager forums are the most active on this board. I can get things started though :)
1. The newest firmware for the pineapple contains much better support for module creation. Sorry, I can't answer your question more directly, but I've never created one (I live in the cli and only use a few modules), but its apparently much easier to get started.
2. This sounds fascinating. I know for a fact Adrian of irongeek.com would be very interested in this. You might hit him up for collaboration. He's been obsessed with I2P and tor lately. Getting a reverse ssh through TOR would be a great and welcomed project on the pineapple.
3. I'm not an electrical engineer, but I work with solar powered 12V systems 5 days a week. If you share the link to whatever panels you're looking at using, I'd be happy to take a peek and offer any advice I can. I also have a several ee's that specialize in solar that are colleagues of mine that I can tap for any in-depth questions, so fire away!
Again, welcome unixmito - another active programmer joining the pineapple community is always appreciated!
telot
-
You can also accomplish this with airbase-ng. Securitytube.net's wifi megaprimer has a tutorial on how to set it up.
telot
-
We'll have a "Pineapple Juice" battery pack in the HakShop with over 9000 mAh, but that won't be for about a month. There are plenty of good solutions all over the net. I recommend one with dual USB ports for sure!
Not sure if using over 9000 meme or if seriously giving a ballpark of the stats...lol
telot
Mkiv + 8 Gb Cruzer Fit = Hot!
in WiFi Pineapple Mark IV
Posted
I don't know how many times I've plugged this, but my card works like a charm and does not get hot. Its not as small as the cruzer, but its still pretty tiny (plus it makes the pineapple look like its sticking its silver tongue out at you). Supertalent Pico USB: http://www.supertalent.com/products/stt_usb_detail.php?type=Pico
telot