Whistle Master

Coming soon v1.0 is out !

Are you talking about the infusion ? If you are talking about the sslsplit infusion, yes, the infusion will generate a self-signed certificate at the installation of the infusion. And in the configuration, I put a rule to redirect WhatsApp traffic to sslsplit Now that's said, if you want to avoid the browser warning due to the self-signed certificate, you will have to buy a real ssl certificate and put it in the infusion's folder where are stored the certificate.

Don't worry, listening on br-lan interface is the way to go and does not mess stuff up I did some testing, it works well: root@Pineapple:/sd# p0f -i br-lan --- p0f 3.07b by Michal Zalewski <lcamtuf@coredump.cx> --- [+] Closed 1 file descriptor. [+] Loaded 320 signatures from '/etc/p0f/p0f.fp'. [+] Intercepting traffic on interface 'br-lan'. [+] Default packet filtering configured [+VLAN]. [+] Entered main event loop. .-[ 172.16.42.159/52876 -> 23.51.247.91/80 (syn) ]- | | client = 172.16.42.159/52876 | os = MacOS X 10.9 or newer (sometimes iPhone or iPad) | dist = 0 | params = none | raw_sig = 4:64+0:0:1460:65535,4:mss,nop,ws,nop,nop,ts,sok,eol+1:df,id+:0 | `---- .-[ 172.16.42.159/52876 -> 23.51.247.91/80 (mtu) ]- | | client = 172.16.42.159/52876 | link = Ethernet or modem | raw_mtu = 1500 | `---- .-[ 172.16.42.159/52876 -> 23.51.247.91/80 (syn+ack) ]- | | server = 23.51.247.91/80 | os = Linux 3.x | dist = 10 | params = none | raw_sig = 4:54+10:0:1460:mss*10,1:mss,sok,ts,nop,ws:df:0 | `---- .-[ 172.16.42.159/52876 -> 23.51.247.91/80 (mtu) ]- | | server = 23.51.247.91/80 | link = Ethernet or modem | raw_mtu = 1500 | `---- .-[ 172.16.42.159/52876 -> 23.51.247.91/80 (http request) ]- | | client = 172.16.42.159/52876 | app = ??? | lang = none | params = none | raw_sig = 0:Host,Connection=[close],User-Agent:Accept,Accept-Encoding,Accept-Language,Accept-Charset,Keep-Alive:CaptiveNetworkSupport-277.10.5 wispr | `----

Sorry guys, indeed, the infusion is no longer supported on MKIV.

I have built a p0f_3.07b-1_ar71xx.ipk package and a working binary, just need to make an infusion for it

I'm looking at compiling shellinabox for OpenWRT, which could also be another option.

No the infusion is using wlan0 to "sniff" around, but you can use wlan1 to connect to an other AP, and then access the pineapple UI. This is how I'm using it. I will make some test with the ethernet and keep you posted.

Make sure you have all the latest version of infusions. They have all been updated for 2.0.X.

Yes, that's right, the pineapple do not show anymore the SSID as I have to put the interface in monitor mode to "sniff" around, which disable the SSID broadcast. Log is in the main text area. I made a quick tuto in the first post of the thread.

Could you please send me the log from the infusion ? There is also the AutoReboot feature, which installs a cron with the defined frequency in the configuration. If you don't want AutoReboot, do not install the cron. Just try to install the watchdog and start the daemon only. Then send me the log.

Well...bad code... I've put a lot of effort to make sure security requirements for the dashboard were met: protection against bruteforce, sha512 password hashed in db, password hash transmission only in form, httponly cookie, sql injection protection, user input sanitised, and so on ! Up to you to put a strong password then for the authentication. You can also add http auth in top of that. Now, that said, if you don't want to use it, up to you Don't forget that we are all doing that during our free time for free...

Let me have a look at it

all dependencies should be installed by the infusion at the beginning, but for some reasons (internet connectivity issue?) it was not installed. Just connect to SSH and try: opkg update opkg install openssl-util opkg install libevent2 opkg install libevent2-core opkg install libevent2-extra opkg install libevent2-openssl opkg install libevent2-pthreads

In the configuration section, disable "Check internet connectivity". If the pineapple does not have internet connection, it will reboot. This is an option to be activated when used with 3G connection: very useful if you plan to leave the pineapple somewhere remotely and can't access it anymore due to internet connectivity issues. It will reboot automatically.

Next release will have only one log file v1.1 has one log file per session.

You have to save first the configuration and then test it.

I will think about it ;)

Well, right-click on the link and "Save as" will do the trick but I will issue a 1.2 version in a few minutes with a fix (leveraging HTML5 force download attribute). v1.2 is out with fix !

Infusions on 2.0.X

v1.0 is out

All infusions with tabs have the same issue with firmware 2.0. Fixes are on their way.

I know. All infusions with tabs have the same issues. Fixes are on their way.

Anyone for a beta test ? Send me a PM and a donation ! v1.0 is out.

This is not related to the new firmware. This is an new infusion for sslsplit. sslsplit is a transparent SSL/TLS proxy whereas ssltrip transparently converts a secure https connection into a plain HTTP connection, this is why web sites are now using hsts. sslsplit is really helpful during mobile application pentesting. Then, for sslsplit to work correctly and avoid warning on user-side, you need to install the certificate generated.

According to my latest tests.... it's working pretty good