RebelCork

I'll fire up my plug tonight and have a look

Have you tried this ? http://cloud.wifipineapple.com/wiki/doku.php?id=guidewan

Hope this gets to you no matter where you are. Which guide did you follow ? (By default the Mac gives out ip's on the 192.168.2.0/24 range) The best guide is here: http://forums.hak5.o...-mac-ics-works/ I myself use several different methods to get the pineapple up and sharing, but my last post explains it better. Unfortunately, you have two choices: (1) Hard reset or (2)try to ping the device. If you really don't want to reset the pineapple, start by pinging 192.168.2.1 and work your way up from there (quick and dirty fix) You should see replies on whatever ip the mac is connected to. You can ssh into this or use chrome/firefox to go into the UI and repair the settings. [edit] you can always try the following to perform a ping sweep, couldn't remember it off hand: just open a terminal and run this(assuming 192.168.2.0/24 is the range you set) $ for i in {1..254}; do ping -c 1 -W 1 192.168.2.$i | grep 'from'; done [/CODE] I personally don't like messing with the defaults on the pineapple, it causes issues further down the road. If you need any of the original config files, send me a PM and i'll email them to you/post them here, if you don't have backups.

For anyone that is having problems, I can only post what is the easiest way to set up ICS on the mac: (before you begin, please install the networkmanager module) Connect the pineapple WLAN/LAN port to your ethernet port on the MAC Under Settings > Sharing >Internet Sharing - Tick the box for Ethernet. Connect to the pineapple using a mobile device/wifi device, and get the ip address of the WLAN/LAN in the upper right corner. It will probably say something along the lines of 192.168.2.x (for instance mine is 192.168.2.14) (please dont try to ping my ip ^_^ ). The ip address listed under the WLAN/LAN is the alternate ip address you can log into the pineapple with. open network manager and click on the ics tab under "Share internet from:" - select eth1 under "To:" - select wlan0 Save (optionally you can enable this to work on boot by ticking the box) Voila !! Pwned internets Hope this helps everyone Dunes88, can you try this out and see it works?? [edit] should mention that I use this if I am not using backtrack or another vm. I use my other method stated above if I want to do anything else [edit] just realised this is identical to OP. Sorry !! But it DOES WORK EVERYONE !! :)

It's almost definately a power issue, there's not enough juice coming from your PC/laptop (if using). I originally tried using a usb charging plug with the usb power connector for the pineapple (to reduce the amount of cables I needed to carry), and there simply wasn't enough power to cater for usb memory stick as well as pineapple. So i used a proper power adapter or a battery pack and it's fine. (Actually its the charger for my 11000mah battery pack, so win-win, I get to carry only 1 charger for 2 devices!)

I'm going to be the first not to beg 'When it's coming out????' <_< WM, once again, you are legenDARY !

Hope this isn't a double post, but I recently ordered one of these from dealextreme.com. Arrived yesterday and for a couple of euros, it isnt that bad, and is half the price of alfa cards (sorry darren & snubs, but by the time you factor in P&P to Ireland, things get expensive quite quickly). http://dx.com/p/9800000g-3000mw-802-11b-g-54mbps-usb-2-0-wifi-wireless-network-adapter-115930 http://dx.com/p/802-11g-54mbps-high-power-1000mw-usb-2-0-wifi-wireless-network-dongle-35688 They have same chipset as the asus and are able to be put into monitor mode

What is happening is quite simple: If you want ALL of the captured traffic to go through dnsspoof, you use 172.16.42.1 * (remember * is the wildcard) 172.16.42.1 *.facebook.com as above wont work as you are saying redirect the following: whatever.facebook.com to the pineapple. for facebook, you should use 172.16.42.1 www.facebook.com in your redirect.php: it is looking for facebook.html - I presume you have a phish page called facebook.html in the same folder as redirect??

many thanks for the update. This should keep the impatient happy. <_<

Device A is MacBook - connected to internet in some way (wifi or ethernet - through built in ethernet) I have used usb iphone tethering and this works. Device B is the Pineapple - connected to the VM (BT5) in some way, although it has to be via a usb method - USN Network Card/USB Wifi (I have a micro wifi card inserted into the usb port so it doesnt look too obvious) Device C is the VM of choice running on the Mac. We will call this VM for clarity. What is happening is that my Mac is connected to the internet as you would normally have it. In settings, set up internet sharing on the connection you want ( wifi/ethernet/tethered device). Parrallels creates a virtual connection between Mac and VM to share internet, add this to your share. When running the VM, what will happen is the VM shows eth0 as being a physical interface connected directly to your VM. You connect the pineapple by whatever method you like - wifi again is much better, as you dont have any wires poking about, but if you have to use an ethernet cable, you must use a usb adapter (I got a cheap €10 adapter and it works perfectly). This shows up in Parrallels, just attribute this to the VM and you have a connection to the pineapple. If you are using a linux image, you can run wp4.sh, just remembering to connect the right interfaces when asked (PC to Internet becomes ethX, connection to pineapple becomes wlanX or ethX, and the router becomes the Parralls 'router'. This works for me every time and I don't have to mess about with pineapple settings

Can confirm this works. I use BT5 on Mac though as your device 'c' I use a cat 5 cable with a USB network card (VMs don't play nice with the Ethernet card) and just manage it from there. There's also no need to mess around. With pineapple settings ( for the noobs)

Will it be a silent module ( work in bg) or one which relies on a redirect (provides a custom phishing style page a la SET) The idea for the module has changed from its early days to now. Hats off to you both for all the work you have done here for all of us.

--nick-- This is largely a community driven website, and many of the contributors to it, WhistleMaster being chief amongst them, dedicate a lot of their free time to provide excellent add-ons and utilities to these forums. Just 12 months ago, there were no pineapple modules, so developing for the spikey fruit is still in its infancy. Development is done on a voluntary basis. WM does a fantastic job, and without him, I very much doubt the pineapple would be the multi-tool it is today. As stated just a few weeks ago, the KeyLogger module is one of the most requested modules, it is also the hardest to get right. WM will release it, if and when it is ready. Give back to the community, go out there and do some research, learn some basic bash skills, a programming language(java, ruby, python), read more on network exploitation etc. Contribute towards a project in some way, rather than posting requests for updates every couple of weeks.

Thanks for the quick response, I know you are not going to use it for nefarious purposes, I didn't mean to imply otherwise :-) It was late when I was writing my post, and my brain wasn't working correctly!! Anyway, my point was more of the likes of if you can hide a custom pwn device in something so simple, and there are multiple threads in these very forums talking about hiding, disguising the pineapple. (I myself have it 'velcroed' into a binder with batter pack and wifi card) There are massive security holes in mobile devices that allows us to pwn people so easily doesnt look like its going to be fixed anytime soon. It will only be a matter of time before someone puts a pwn plug/mini pc together to scrape mobile data directly from the phone itself. How sure are we, when we use a charger in a public place (communal office/cafe/restaurant/bar etc) that it is what is implies it is. We do let our guard down in these areas . I know this forum is in relation to jasager and wifi, but a device like this could bring the mountain to mohammed so to speak. Emails, SMS, contact books, you name it, it is the holy grail of the pentester for testing.

Thought I'd share this with the rest of you guys. Its from hackaday.com, and the guy builds a pretty respectable pwnie-plug device and puts it into the guts of a wall mounted gadget charger. The article mentions the price of the official pwnie plug hardware and also mentions that the builder doesnt use his device for nefarious means. Yeah right ;) ;) ;) . he even managed to solder a 3.5mm jack for a serial connection so it doesnt stand out - kind of makes it look like a knock off apple airport express.. What I like about this, is that internet sharing can be done from the mobile that is 'charging' on the device. Then I was thinking, what if this was set up in a cafe to allow users to charge their mobile phones, and when connected, access is given to phone's memory card, etc. Makes me wonder, as being a bartender in a previous life, people were always asking me to charge their phones behind the counter for them. The link is here: http://hackaday.com/2012/11/20/outlet-charging-station-retrofitted-with-the-guts-of-a-wifi-router/ Original: http://www.jedge.com/wordpress/2012/11/tp-link-wr703n-custom-pwn-plug/ Appreciate any comments on my musing...

Just saw this too - disappointed that I'm not first :(

Apparently, this is what they are using to find people 'breaking the law': [pic courtesy of engadget] Looks like a yagi ?? It'd be nice to talk to these guys and see what setup they are using.

Just linking to a blog post from engadget that I saw earlier today. I kept thinking pineapple pwnage. http://www.engadget.com/2012/07/25/london-bans-mobile-hotspots/ Two things come into mind when I saw this: 1. London will be a prime *ahem* pentesting target for the Olympics. They expect something like 20,000 journalists to attend various events over the month. 2. Whenever someone tells you 'not' to do something, people will always find a way to do it. Thoughts ??

Never thought of it that way. Keep thinking I should be having a smaller version of laptop for pen-testing. :) Should really be playing about with it more than I have.

Every time I think urban assault with the Pineapple, this is what pops into my mind: http://gizmodo.com/5928600/wi+fi-extending-robot-makes-it-easy-to-set-up-a-wireless-network-in-a-warzone Youtube link here:

Most hotels offer so much free usage before you have to purchase time. Why not use macchanger or similar to change you mac address every few minutes?

Has anyone else tried the pogoplug version. Im running it at the moment, but it feels a bit underpwered for what i want