Jump to content

skimpniff

Active Members
  • Posts

    76
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by skimpniff

  1. So I got openvpn successfully installed. Here is what I ended up doing for anyone else working this issue. The problem stems form th source repository. Sinc the OG cloud.wifipineapple.com repository is now defunct you need to edit the opkg.conf file to replace the old src/gz line with this: src/gz packages http://downloads.openwrt.org/attitude_adjustment/12.09/ar71xx/generic/packages For me to get this working I did a full reset to purge any other source lists and associated info. Im sure there is a more manual way to do this, but I didn't feel like futzing with it. After the reset, I modified the file, performed the opkg install, and voila. For further understanding for those who care, the issue stems from having the wrong package source in previous attempts. The Alpha121U (aka PA MkV) can only use openwrt version 12.09 and any other versions packages will not work, causing the errors to throw due to incorrect installer details specific to the OS version. Many hours of Google and config file putzing around, but I have a working openvpn access point now. I hope this helps ohers in the same sitch. Cheers.
  2. I have not found an answer for this in all of the Internets. Does anyone have some help? Install returns the following: root@Pineapple:~# opkg install openvpn-openssl Package openvpn-openssl (2.3.11-1) installed in root is up to date. Configuring liblzo. //usr/lib/opkg/info/liblzo.postinst: line 4: default_postinst: not found Configuring openvpn-openssl. //usr/lib/opkg/info/openvpn-openssl.postinst: line 4: default_postinst: not found Collected errors: * pkg_run_script: package "liblzo" postinst script returned status 127. * opkg_configure: liblzo.postinst returned 127. * pkg_run_script: package "openvpn-openssl" postinst script returned status 127. * opkg_configure: openvpn-openssl.postinst returned 127. It appears there is an issue installing the dependencies. root@Pineapple:~# opkg info openvpn-openssl Package: openvpn-openssl Version: 2.3.11-1 Depends: libc, kmod-tun, liblzo, libopenssl Provides: Status: install user unpacked Architecture: ar71xx Conffiles: /etc/config/openvpn 5d0a69b4290e1896d683289069351dcd Installed-Time: 1511825392 root@Pineapple:~# opkg install libc Package libc (0.9.33.2-1) installed in root is up to date. Configuring liblzo. //usr/lib/opkg/info/liblzo.postinst: line 4: default_postinst: not found Configuring openvpn-openssl. //usr/lib/opkg/info/openvpn-openssl.postinst: line 4: default_postinst: not found Collected errors: * pkg_run_script: package "liblzo" postinst script returned status 127. * opkg_configure: liblzo.postinst returned 127. * pkg_run_script: package "openvpn-openssl" postinst script returned status 127. * opkg_configure: openvpn-openssl.postinst returned 127. Any ideas?
  3. Hey guys, I am running into an issue with getting openvpn-openssl installed on my old mk iv. I just got the nano and want to repurpose my mk iv to be an openvpn client (episode 2018). The old package path in the opkg.conf file is 404. So I rummaged around the internets for a while and found the openwrt path with openvpn in it (http://downloads.openwrt.org/snapshots/trunk/ar71xx/generic/packages/base/) but when I install I get a 127 error: Configuring openssl-util. //usr/lib/opkg/info/openssl-util.postinst: line 4: default_postinst: not found Configuring liblzo. //usr/lib/opkg/info/liblzo.postinst: line 4: default_postinst: not found Configuring openvpn-openssl. //usr/lib/opkg/info/openvpn-openssl.postinst: line 4: default_postinst: not found Configuring openvpn-easy-rsa. //usr/lib/opkg/info/openvpn-easy-rsa.postinst: line 4: default_postinst: not found Collected errors: * pkg_run_script: package "openssl-util" postinst script returned status 127. * opkg_configure: openssl-util.postinst returned 127. * pkg_run_script: package "liblzo" postinst script returned status 127. * opkg_configure: liblzo.postinst returned 127. * pkg_run_script: package "openvpn-openssl" postinst script returned status 127. * opkg_configure: openvpn-openssl.postinst returned 127. * pkg_run_script: package "openvpn-easy-rsa" postinst script returned status 127. * opkg_configure: openvpn-easy-rsa.postinst returned 127. Do you have any advice or an old mirror or something so I can get this bad boy up and running? The old threads form 2012 have 404 pages as well. Thanks in advance.
  4. Just to add a little fun to this conversation, I recently discovered that if you have more than one instance of the option ssid "fun name here" in the /etc/config/wireless file the pineapple with broadcast multiple ssids and will allow connections from any selected. What better way to increase your chance of a bite than to have more than one lure on the line.
  5. So, deciding to take another approach, I want to bounce the idea off the forums to see what you guys have to say. Supposing the IP of the Pineapple was a non-issue because it is either associated to the customer/target (WAN/LAN for example) or the 3G dongle is non-attributable, and also supposing the server setup for SSH relay was also non-attributable, wouldn't simply using torsocks (http://code.google.com/p/torsocks/) be an acceptable solution for anonymous remote access to the Pineapple? ie. torsocks ssh login@host This seems easier than running Tor hidden services on the relay SSH server and everything that would go along with that setup. That being said, it has been my experience that if it seems easy there is probably a catch. Other than a potential username leak, this seems like a good answer. So I leave it here to QC the idea. EDIT: This is another option that seems to meet the same purpose. http://www.howtoforge.com/anonymous-ssh-sessions-with-tor
  6. So it has been almost a year since this post went up originally. I have played with this off and on since but still have not come up with a solution. Has anyone else found a way? This problem is not limited to when the Pineapple is connected via ethernet to the box running SET. I have had the Pineapple connected via WAN/LAN on my home network with my laptop connected wirelessly and gotten the same result. To recap the problem: DNSspoof on the pineapple config = 192.168.1.4 *.example.com SET running on 192.168.1.4 Client associates to pineapple, navigates to example.com (123.45.678.9) Pineapple redirects request to 192.168.1.4 SET runs exploit SET redirects client to example.com (123.45.678.9) Pineapple redirects to 192.168.1.4 Desired effect: Client associates to pineapple, navigates to example.com (123.45.678.9) Pineapple redirects request to 192.168.1.4 SET runs exploit SET redirects client to example.com (123.45.678.9) Client connects to example.com (123.45.678.9) Any ideas for a solution would be greatly appreciated.
  7. The cloned site is here : /pentest/exploits/set/src/program_junk/web_clone/index.html
  8. On another discussion thread somewhere in the forums (about setting up a SSH relay) I was given this link for VPS providers.http://www.lowendbox.com/
  9. This set up seems like it would take care of the DNS spoof loop as well, since the pineapple is not sharing the internet connection.
  10. I have had some success having the pineapple redirect to my BT5R3 box connected via ethernet w/ ICS. The problem I have faced is the persistent DNS loop when SET redirects the victim to the real site after the exploit or credential harvest has completed. I have tried until I was blue in the face to figure out away around this and haven't had any success. I decided an error message after the redirect is acceptable if I am only trying to redirect a specific site. Obviously if you were to try to redirect *, you are going to run into problems.
  11. I have verified that I am receiving power from the USB Hub alone. I have tried it with both the red and the black (each on their own) plugged into the battery. Do I need to clip a couple of wires on the black male to keep the power from back feeding? I'm guessing the iwres clipped from the red male are the data wires, to make it a power only connection.
  12. I have a semi-related question. I recently received my powered USB hub from the Hak Shop and understand that the red is for power and the black is for data. I was under the impression that the hub itself would not power the pineapple, but that seems not to be the case. I opened the hub and it appears two of the wires from the red have been cut, presumably to avoid the back feed issues I have read about in the forums. My questions are, should the hub be providing power to the pineapple like this, is there any risk to my MkIV, and if the answeres are yes/no respectively, should I still be running power to the pineapple in the traditional sense to ensure proper functioanlity? The equipment being used is the MkIV, the Hak Shop powered hub, and the Anker Astro 3 10000 with a USB to barrel adapter.
  13. Has anyone successfully gotten this to work in a dual/multiboot situation? I can not get a working Grub(legacy) entry to save my life.
  14. Thank you, I will make sure to post bugs in the bug section in the future.
  15. Crap, I just realized how I tarded up the topic name. Obviously this is supposed to be an SSLstrip issue.
  16. That seems more in the ball park, and small enough to finagle into my rig too. If more space is needed, I was thinking something like this to attach and make more room while still giving the appearance. http://www.homedepot.com/Electrical-Electrical-Boxes-Conduit-Fittings-Conduit-Fittings/h_d1/N-5yc1vZbohkZ1z10wqp/R-100404084/h_d2/ProductDisplay?catalogId=10053&langId=-1&storeId=10051
  17. I just upgraded to the latest and it seems that whatever magic WM had done to keep the port forwarding from disabling the GUI has been undone. Is there a fix I can do to re-enable the GUI, or should I just roll back to 2.6.1 until it is resolved?
  18. Awesome, I'll monitor that as well. EDIT: Those are some expensive boosters, I think I'll live for now. If something more cost effective comes up then I may investigate. For the purpose of my rig, I don't think I need too much boosting, I designed it for pretty localized targets. I was thinking more along the lines of a coffee shop, campus lounge area, or any other spot with a high concentration of internet seeking people.
  19. If you find something that works well, let me know. I have an idea that will allow for expansions on this but won't compromise the integrity of the weather proofing and will only slightly increase the footprint.
  20. So here is the rig I have devised for an outdoor dropbox. It is 100% weather-proof and does not seem to impair the broadcast capability of the pineapple. In the screenshot, I am on the main level of my house connected to the router upstairs; the dropbox is outside sealed up and mounted to my gas meter. I'd be interested to see what other people have come up with. Total cost for parts at Home Depot, was around $30. Cheers.
  21. Just wondering if there are any compatible 4G dongles working out if we are still stuck with 3G.
  22. i'll monkey around with it. if it is able to be done, how hard would it be to implement a module (Whistle Master)? UPDATE 1 I looked at Irongeeks walkthrough as recommended, but I was more than a little boggled by some of it and decided to investigate an avenue I was able to wrap my head around a little easier. I am not a programmer and my script skills are minimal, so please excuse any elementary aspects of my mental process. Of course, in the spirit of hacking, I am open to suggestions, information, and instruction. Per My first step is getting Tor on the Pineapple. I found this site: https://trac.torproj...iki/doc/OpenWRT : Install Tor: opkg install tor These packages should be installed but if they're not - install wireless driver and AP support packages: (Personal Edit: I do not know if this is applicable to the Mk4). opkg update opkg install kmod-ath9k opkg install wpad-mini After getting TOR installed, http://devilslab.wor...-pwnie-express/ calls for getting connect.c installed to get SSH to make use of TOR. I am not sure about that part. Another thought process: Is it possible to modify the guidelines at https://trac.torproj...iki/doc/OpenWRT to be limited to SSH instead of all traffic?
  23. Not to advocate any wrong-doing, but in theory, one could purchase a contract free 3G dongle in cash, sign up under a psuedonym, and top off minutes with prepaid cards. In theory.
×
×
  • Create New...