NotTheFed

so.. I was thinking that if a db was installed to the usb, then you could customize the various scripts. examples: *every new association is logged, and MAC\IP device name\type added to a row in the db. *DNS spoof gets modified to check the data in the db FIRST. IF set to 'one time' then only redirect if it is the first time. IF device type (bb, iphone, android, ect) redirect one time to a malicious page (iphone.php, ect..) with specific exploits. (copy contacts, sms,photos, ect to USB) IF browser type (info from dnsfpoof or urlsnarf?) IE, Safari, ect.. then different phish pages are shown..ect *nmap.php script to use the DB to determine OS, and open ports. That would feed an autopwn script. With a DB.. you could autopwn devices (once or periodically based on last pwnage) OR do nothing since you have them already. You could have a table in the DB that has updated exploit information per target version. granted.. this would require multiple mods to various tools.. but could really take the mark4 to a new level of offensive auto attack. just dreaming.. NTF

10.8.0 Darwin Kernel Version 10.8.0 using built in wireless. NTF

I have a similar setup. internet via en1 (wireless - with dhcp from wap\router) connected the mark4 to the ethernet (not macair, just macbook pro) via the POE on the mark4 and en0 I MANUALLY set the ip for the en0 interface to be 172.16.42.42. I then setup sharing (via network settings) to bridge the two. works great. en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ether 00:16:cb:8b:95:52 inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255 inet6 fe80::216:cbff:fe8b:9552%en0 prefixlen 64 scopeid 0x4 inet 172.16.42.42 netmask 0xffffff00 broadcast 172.16.42.255 media: autoselect (100baseTX <full-duplex,flow-control>) status: active en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ether 00:14:51:ed:cf:38 inet6 fe80::214:51ff:feed:cf38%en1 prefixlen 64 scopeid 0x5 inet 192.168.1.104 netmask 0xffffff00 broadcast 192.168.1.255 media: autoselect status: active

what would be really cool.. is a menu add to start\stop sslstrip like the other key services of the mark 4. One that would set all the IPtable settings needed, ect. NTF

yes.. I see that as well.. sometimes it effects the code, often it does not. the editor is leave a hard return from the best I can see. I routinely remove them. I get these when editing on the MAC and moving the files over to the M1V NTF

installed works ... awesome. thanks. NTF

very nice pics... what battery and cable are you using? NTF

by default if you have not moved them.. /www/pineapple/logs/urlsnarf.log NTF

You can download it from here: https://github.com/sebkinne/wifipineapple then jus scp it over to the device. NTF

Ok.. right out of the box looks great. Comes with a TON of adapters. Plus it has the correct barrel cable needed. http://www.doevil.com/pinebat2.jpg very thin compared to the incredicharge, but a bit bigger foot print. Hard to tell in the pic, but is about half the height of the pineapple. (very flat) bottom line, works. 12v 4a direct, PLUS the additional USB if needed for another device.16000mAh capacity. this one will surely run the pineapple with any modem. **update** so a test run with this.. without a modem (just the usb drive)....and it looks like the battery pack stopped after 2 hours. I wonder if it thought the device was full charged? unplug, plugged back in... pineapple started up. Might not be enough draw from just the pineapple\usb to keep it running. NTF

it is possible if the realsite you wish has child domains.. http://forums.hak5.org/index.php?showtopic=25892&st=0 look into that... I have many pages that work. SOME times the DNS spoof loops if the target refers back to the parent domain for content..ect NTF

google (video) for wifi pineapple phish you will find a few tutuorial types of videos. NTF

what client are you using? if windows...find an dl winscp that should work for you. if Mac.. I like FUGU. NTF

ssh to the device and at the prompt type: passwd (follow the prompts) NTF

I picked up this connector: http://www.amazon.com/gp/product/B006MWXZM0/ref=oh_o02_s00_i00_details fits nicely. I do not know about 3g. I do have a second battery coming in the mail as well that does the 12v output. I will post review on that once it arrives. NTF

http://www.hackersarepeopletoo.com/ this one is ok... NTF

yes it does... prompt for a pw. Are you trying to find a way to move files to the device without having to provide a password? I image in you generate the ssh keys, you can then configure rsync over ssh. NTF

is SFTP turned on? download and use FUGU to scp any files you need over to the device. thats how I get files over on it. NTF

pricey is right. but interesting none the less. NTF

ok.. so it works. right out of the box (came with 79% charge) configuration is mark4\usbfit4g. Obviously without the lan tether, there is no internet to bridge.. but it serves up the rickroll and the phish pages with no issues. swap is still on the usb, and ssh to the device works as expect. I will test how long I can have it up later, after I charge it full. here is a pic: http://www.doevil.com/pinebat.jpg NTF

here are the ones I use for netflix http://www.filefactory.com/file/7i14ry677cud/n/Archive_zip I use the net for all the .jpg with this site I use the main landing page (netflix.html) then the user clicks on (member sign in) that opens NetflixLogin.html the login.php then writes the name\pass to /usb/logs/phish.log and redirects to the real netflix site. NTF *edit* you will have to change the part for the redirect for netflix. didnt get that copied over to the login.php should be:

THIS works.. and can be built up... redirection for the known sites that work, back\refresh for others. getting closer.. now if I can do the post portion. NTF

edited.. not changed up. one phish page I have is like this: www.target.com (line in dnspoof) since this site has a follow up signon of: https://online.target.com/signon I can use: header('Location: https://online.target.com/signon"); and the user is presented with the REAL logon page. (after params are written to phish.log) not perfect, but I am still working on this. does NOT work if you are redirecting back to the same url you are spoofing. *wish I new how to write PHP..but googling my way along* NTF

NICE.. that looks like a much better one. (http://www.amazon.com/Voltaic-Systems-Universal-Laptop-Battery/dp/B006L4IP3I/ref=pd_rhf_dp_p_t_1) for those that like Amazon. I just ordered it. Now I guess I will have two batteries now. I am sure I will have other projects that can use the one I ordered last week. having the 12v output will mean I will never have to worry about it, and the footprint size is ok. NTF

grr.. I should have known, reading these forums as I do. AFTER you upgrade the firmware 'naturally' all the settings\mods you made are gone. So, remember to change your password, setup the secure ssh keys, create the swap, modify the urlsnarf\phish logs to be on the usb... ect ect. but yeah, it went smooth. at least now with the new 'module' port... might be easier to add function without wiping out mods. NTF