pr0l3

Just saw the big announcement. Can't wait. Details on twitter? Who should we follow?! http://hak5.org/blog/wifi-pineapple-event-october-12-2013

Let me explain... I originally heard about the FREE WIFI towers during the Occupy movement. There was a guy from the Free Network Foundation broadcasting a signal that people could connect to that was pumping free internet connectivity via a 3G modem. Then, I heard about the piratebox. The idea around a WIFI access point that people can connect to OFFLINE to chat, host and share files and more, all under the internet - not actually online and therefore not being constantly monitored by the big companies and governmental entities. So, I've got an idea, and I'm looking for input. I've got a network rig being built. Top down, a high gain 2.4ghz omni antenna, on a mast held in place by a mobile tripod. The antenna is plugged into a Mikrotik router running RouterOS. ALL outgoing traffic on port 80 is routed to a webserver. The webserver at a base station can be a rig as big as you want, for mobile uses a nettop could be used. Now, on this webserver, in my lab, I'm currently running turnkeylinux for Wordpress. Why Wordpress? Because I know it - that's the only reason. Inside Wordpress I've only done a few things, but as most of you know the plugin repo is massive - for instance, I'm running bbpress as a forum within the site. Eventually, I could see multiple uses - a file repo for anonymized users, a streaming "free radio", a chat/messaging/emailserver and more. The whole point is to keep it off the web. Massive capabilities here for community networks or activist infrastructure supports. Was thinking of running OwnCloud for file storage, or maybe some FTP front end for wordpress. I think WP will work very well for communication... file hosting and streaming I havn't attempted anything past buddypress with group documents. So, what are some of the best way to accomplish these things? Anyone here with experience in Mesh Networking?

Believe it or not, we're in the middle of a top-down restructuring of our security protocols. You've pointed out some glaring flaws.

I've been designing a workshop to provide to my clients that will be based on a paper I'm going to write. The paper will be based on a social experiment I'm running. It's basically about trusted relationships and how social engineers manipulate them. Specifically in social media. I put together this website. I'm trying to collect hits. Basically hits = clicks. Clicks = simulated pwn. www.theinternetistrue.com The premise is basically that I've found we're more likely to trust unknown content coming from social media than we are from email. We're trained to not open suspicious documents and such in email because we know they might be viruses. We're quick, however to just click randomly on links we've never heard of if they show up in our facebook feed. If this link was tied to a status update like: "IRON MAN 4 PREVIEW LEAKED!" - I'm sure someone would click on it - in this case it's safe but a bad guy could redirect you to something bad. Get it? We're more likely to just randomly click stuff based on the trust we have for social media because we apparently know the people posting. What if my account got hacked and the bad guy was posting AS me... there's no way for you to tell. I'm trying to find a few companies / users who would spread this link on their Facebook pages as part of the experiment - you'd be mentioned in the talk and put on some kind of 'supporters' page if your company can contact me after posting - I'd love to get a screen grab of the post itself...

Well said - it's pretty much the way I feel know. My dad has built an IT company that employs 8 people based on _only_ experience. He started small and now manages 100 or so offices. I think I'm going to approach infosec much in the same way... as I have been.

So here's the dilemma, I wanted to go get my C|EH, but there's this nagging in my head saying it's just not worth it. A little background. I work for a family owned business - we provide IT solutions to small businesses. We're pretty buttoned up; cloud backups, email, web dev, TV and media installs, infrastructure, networking, server and workstation installs and support - your basic all-in IT provider. I've been a basement hacker for a few years, I've got a decent little VM-based hack lab set up. We've hired on guys that have NO net+ sec+ or a+ as most of the candidates we spoke to had no front line customer service skills to back up the theoretical. I've been wanting to 'add' security to our list of services to provide. I know that in the enterprise world, we wouldn't even be considered for a placement because none of us are certified. We all have years of real experience - our response to crisis situations is documented and positive. Is it possible through self study to attain the knowledge to really call yourself a security guy, without the certs? Not look for flames here, just some honest advice.

It just started working randomly. I'm now trying to set it up again and am stuck int he same loop. Working a trade show in two days - want to open up a WIFI hotspot and any traffic goes to our website... stuck in the loop. Ideas?

Agreed. I'll keep it in the lab. I've become pretty proficient - but it seems that when I ask these types of questions (albeit without the 'I'm gonna use it' added on) I just get told that if I don't know what it does I shouldn't be using it. It's become one of those things where I'm kind of caught in a loop. The practical side I can teach myself - that's what a lab is for. The theoretical side of things is different. Can you guys - especially the ones who DO know the 'back end' stuff, point me towards some reading material?

I don't plan on using an aggressive exploit - basically ONLY social engineering. And yeah, I'm basically just looking to grab and dash. Print out the documents as an 'example' and show them what's possible. Nothing persistent.

Here's the scenario. I work for a small business - an IT firm. We're considering implementing a red team test against one of our larger clients as an educational experience for the staff. My quesiton is - in using meterpreter, what lasting effect does it have on a system?

Good question - I don't know how to find ANY 3rd party modules.

Same here. USB doesn't mount correctly - unless I'm on DC.

You can most certainly count me in, if you're still in need for beta testers.

Used a different key AND plugged in directly to the wall - not sure which one fixed the problem but it's running now.

So, I got it recognized and had the 'install to usb' button when trying to install randomroll.. Click it, loads, and goes back to 'Pineapple Bar' with: Sorry, there was an MD5 missmatch. Please try again Ideas?

lsusb output on the Pineapple reads the key as device 003 - should something be changed in fstab to reflect that? What about power - I'm powered through USB.

Just playing around with it - and it randomly started working... going to do a full restart - I think it's good now.

And I'm falling into a trap I've read about - the page constantly refreshing... Under the 'configuration' tab, I've added: dnsspoof: 172.16.42.1 www.google.com landing page: <html> <head> <meta http-equiv="REFRESH" content="0;url=http://www.espn.com"> </head> <body> </body> </html> So, when a user types in google.com - they should bounce to espn.com - what I get instead is constant refreshing - with www.espn.com in the address bar. Thoughts?

Yeah, that's what I'm thinking.

Yep - reformatted in gparted, both partitions as ext4 and primary - still dosn't show. Am I missing something on the pineapple end?

Was thinking more along the lines of a specific youtube vid or something... but I can come up with something.

Quick question: Is it possible to bounce people to an online website using dnsspoof? For instance, if user goes to www.*.com - they're redirected to www.whatever.com... Or must it be via IP, for use with SET or whatever...

As far as I can tell, I've completed all the steps correctly - and after much Google-fu, I'm at a loss. Ive formatted a kingston USB stick (2gb) to 2 separate etx4 partitions. After that, I edited 'option enabled 0' to '1' under 'config swap' in the fstab box in USB. Then I issued the mkswap /dev/sda2 command in advanced, and rebooted. There is no indication, past the USB light being on, that this drive is picked up - nothing in resources under disk usage... I'm trying to (eventually) install modules to USB. Thanks.

It worked! Thanks man!!!!

Hey folks Got a Wifi Pineapple this christmas - hoping it will automate a lot of tasks for me. Whatever I do, I just CAN NOT get this thing to connect to the net - so I can start getting infusions... Pineapple Hardware Version (ex: Mark III, Mark IV, etc.): Mark IV Pineapple Software Version (ex: 2.5.0, 2.6.4): 2.7.0 OS used to connect to the pineapple: BT5r2 Network layout of how your setup is connected (including IP information): Pineapple (IP 172.16.42.1, netmask 255.255.255.0) connected via PoE port cable to laptop (eth0, 172.16.42.3, 255.255.255.0). Laptop wan0 (192.168.0.129, 255.255.255.0, gw - 192.168.0.1) All the tools/options that are running on the pineapple when the issue happened: Bare bones, stock. Ping results from computer to pineapple: No problem Is the problem repeatable (Yes/No): Yes Steps taken which created the problem: Used wcid to connect wlan0 to my home network, then closed wcid ifconfig eth0 172.16.42.2 netmask 255.255.255.0 up Then ran wp4.sh Pineapple Netmask [255.255.255.0]: 255.255.255.0 Pineapple Network [172.16.42.0/24]: 172.16.42.0/24 Interface between PC and Pineapple [eth0]: eth0 Interface between PC and Internet [wlan0]: wlan0 Internet Gateway [192.168.0.1]: 192.168.0.1 IP Address of Host PC [172.16.42.42]: 172.16.42.3 IP Address of Pineapple [172.16.42.1]: 172.16.42.1 _ . ___ \||/ Internet: 192.168.0.1 - wlan0 ( _ )_ <--> [___] <--> ,<><>, Computer: 172.16.42.3 (_ _(_ ,) \___\ '<><>' Pineapple: 172.16.42.0/24 - eth0 Browse to http://172.16.42.1:1...1471 -- Happy Hacking! I can connect to the Pineapple via ssh OR browser - wifi or ethernet. No problem. I just don't get internet on the pineapple. Halp! Error Messages: Log file information: Pastebin with ifconfig data: http://pastebin.com/53b2zaSx