Jump to content

ravenium

Active Members
  • Posts

    19
  • Joined

  • Last visited

  • Days Won

    1

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

ravenium's Achievements

Newbie

Newbie (1/14)

  1. I'm getting the "Invalid request path ''" bit even on a simple page load. I'll have to dig back into it when I have more time this week. As for not being able to access the pineapple interface, that's a bit easier to explain - you need to review the firewall controls in your nodogsplash.conf. It's got separate classes of controls for unauthenticated users, authenticated users, and access to the pineapple itself. Make sure you have a listing for access to the administrative interface port (tcp/1471 or whatever you've set it to). If you want to be a bit more granular, you can also whitelist the MAC of a single device.
  2. After some retooling, I think I have it working...sort of. I'm working with a minimally modified configuration in order to troubleshoot, so largely everything should be "stock" in the nodogsplash.conf. When connected to an upstream link (e.g. internet), the setup works perfectly - it redirects to my splash, it (in theory) acknowledges and continues. However, without any sort of uplink (let's say if you just wanted to fake a portal that would never work for a wireless test of credentials), the router gets stuck resolving DNS names and errors out before it redirects to the portal. I'm trying to fix this thusly: -spoof DNS with *.* set to any IP. This doesn't appear to be working, but I might need to reload and try as there might be a caching problem. I may have also forgotten to realize that setting the IP to 172.16.42.1 will result in the device erroring out for the simple fact that it is supposed to rather than redirect for unauthenticated clients. I'll try some other IP next and see what happens. I could also just go back to a simple DNS spoofing with the stock landing phishing page, but this feels far less comprehensive (and wouldn't work for cached DNS entries anyhow). Thoughts?
  3. Blast my searching abilities (I'll save face and note that the forum software doesn't find partial matches in words ). Thanks!
  4. Hi All, Making this post over here because I didn't find a thread that was Mark IV appropriate. I'm looking for feedback on anyone who's used the nodogsplash opkg (the one Darren featured in the Feb 2013 episode he did in Ireland - www.youtube.com/watch?v=_CfWaCtqtGA). I've tried to install the appropriate packages but I'm getting a kernel mismatch error in some of the iptables modules (mark IV 2.8.1 here). Nodogsplash claims to be able to launch properly and has no conflicts with uhttpd (being that that's run on 1471 now). However, it does not appear to be trapping new client requests properly, so I'm guessing it's a problem related to the iptables modules installation issue. Has anyone walked through this successfully? Not sure if there's much to be done about the iptables module kernel mismatch until an update is made to it. I'd love to eventually turn this into an easily installable infusion for the masses - fake captive portals come in handy for client-side/wireless pen testing, and near as I can tell there isn't standardized solution in the modules list yet.
  5. Whoops - forgot this thread was mark iii before I replied. I'll make a new thread in the mark IV section, since it's a relatively recent episode and discussion (Feb 2013).
  6. Just picked this up after seeing the episode with it as a demo. Looks like it's not quite kosher with 2.8.1 yet (these are the other packages that Darren suggests installing with nodogsplash): Collected errors: * opkg_install_cmd: Cannot install package iptables-mod-imq. * opkg_install_cmd: Cannot install package kmod-ipt-imq. * satisfy_dependencies_for: Cannot satisfy the following dependencies for kmod-sched: * kernel (= 3.3.8-1-d6597ebf6203328d3519ea3c3371a493) * kernel (= 3.3.8-1-d6597ebf6203328d3519ea3c3371a493) * I might be missing a few other options, but it does manage to start up successfully. However, it's not intercepting any HTTP requests. Again, I've only had a few minutes to play with it today, but I figured I'd get the ball rolling again since it looks like there's a way to make it work out there.
  7. Answering my own question, tip NB13 from xpal is for the Alfa 51 (previous gen) but it is the same output spec as the Alfa 121U (mkIV hardware) and the same shape (type M). I purchased an xp18000a (overkill, but I wanted to power my laptop at times too) and this did the trick. Note: the type M on the pineapple is 12 volts, 1 amp (12 watts). USB is 5V, and you can only expect .5A from most computer usb2 ports (2.5W). This may not be enough to power a pineapple and an attached device (such as a larger flash drive or a secondary wireless). As such, you'll be better off powering it through the 9-12v on your battery supply if you have accessories.
  8. Just in case you're still around these parts, did you end up having to order another tip from xpal for it? I've found the stock included tips to not be the right ones for it, and the website suggests NB13 (for the last generation but same spec power at 12v/1A).
  9. Thanks to both of you - definitely useful information all around. A bit of a bummer on the PoE stuff as that'd make interceptor work fabulously. Oh well.
  10. Hey all, I've been looking into different ways to power the mkIV, and so far I've noticed a few issues/theories that are either buried in other posts or not quite covered. 1. AC adapter, 1 amp @ 12v (12w). No questions here, actually - just the "standard". 2. USB with barrel jack adapter (home brew or hakshop) - provides 5v, 500 mA for 2.5w (PC usb port). This one is odd because while it provides power for the device, those I've seen with it have extensive trouble running larger capacity flash drives (16-32 gigs), not to mention other wifi gear. It's not quite consistent enough to narrow down, but I'm guessing it's more the amperage than the voltage? Has anyone tried powering the device off of a wall plug @ 1A (or more) to see if this fixes the problem? 3. Power over Ethernet (PoE). The AP-121U appears to support it per the specs, but I have yet to hear of anyone able to get this working. Has anyone heard anything? (I'd asked this a few months back but nobody seemed to have confirmation) 4. Battery packs. I figure if the issue with #2 is Amps, then any battery pack should work just fine. However, does anyone have opinions on regular packs vs packs like the Anker that will do 12v barrel jack power? Ideally you could power the pineapple via the 12v jack, then accessories via the usb ports.
  11. I haven't had problems with my 16 - might just be a build consistency thing. However, I might need to resurrect the "powering the pineapple" thread due to its inability to power over usb when a larger flash drive is plugged in.
  12. I'm always definitely in awe of the sheer number of cool things that are contributed and the time you spend giving to the community. Props have been given before, but I'll gladly give them again :) USB storage would be nice, but I could see it filling quickly for a hardwired pcap. I think the advantage of the interceptor would be the wifi rebroadcast - I can slip the device behind an existing connection (let's say a register during a physical engagement as an arbitrary example) and sit back in the comfort of a nearby location to observe. Granted that's the harder part from the looks of things - well, that and the ability to not bulldoze the existing functionality.
  13. I was suspecting that the more I compared them (was installing one via opkg, then the infusion to see) and managed not to explode anything by doing so. On to figuring out my captive portal/BeEF idea (muahaha and such). Thanks again!
  14. In all fairness, the biggest problem I had with the interceptor was that the hardware used to initially build it was no longer available, and at the time using it with any other iteration of hardware was extremely involved. As in, "you'd better have a FON or you're going to have to figure out how to recompile/configure/build everything". I'm not sure if that's changed, but given that the mk4 is meant to make the concepts of MITM (and other stuff) more accessible to the masses (and give us a standardized platform for our toys as well), this seems somewhat against the spirit of the project to just say "it's already been done, go here". Most of the tools on the pineapple have already "been done", too, but the mk4 makes it standardized and easier (as above). Apologies if I misinterpreted your reply, but I think an interceptor mod for the mk4 would be an excellent use of its capabilities and perhaps a revival of the concept on better (and actual available) hardware.
  15. Love this script - if you're anything like me (and it looks like you are!) you hate having to re-run the 50 different things when you need to reset. Plus, given that the MK4 is an evolving work, I'm always somewhat paranoid that older versions of modules will leave cruft behind. As such, I usually format my usb drive between upgrades. Anyhow, that being said, while this installs a nice number of modules, they don't seem to appear in the pineapple bar (infusions). Not sure if this is by design or because I have firmware 2.7 and this is for 2.6.4. Has anyone else seen this?
×
×
  • Create New...