power

Thank you Seb! I was wondering. I'm sorry I didn't see it in the book. I remembered the "pineapplesareyummy" part and did Google searches that looked like they confirmed my memory that it was the user and pass, but now I see that you are correct. Mr. P -- I was about to ask you how to open the pineapple to unbrick it because I found a UART cable from a plug computer. I'm sure this info is somewhere else, but I didn't see it from my immediate searches. If you don't mind I'd still be curious to know, but since it's not vital if you don't feel like replying don't worry about it.

What about that part about "interupting the reboot"? My firmware is 2.1

I bought this Mk IV when they first came out, apparently changed the password, and then basically never used it again. I just got the quick connect to run, but my password isn't the default and I don't know it. So I googled how to unbrick it and found a post by W.Master or Mr.P that said: 1. Use a serial cable 2. Reflash or 3. Interupt the reboot and in Darren's book he says that the Mk IV is "unbrickable" because you can just press the reset button. I'm not sure what I'm doing wrong, but the reset button does not seem to reset it, if I am assuming correctly that the login should be: name: pineapplesareyummy pass: pineapplesareyummy I tried reflashing, but to get into the upgrade page I have to login, so that's a catch 22. I don't know if I have the appropriate hardware for #1, I might, but I'm embarassed to say that I don't even see where serial/uart cable would go? Do you have to take the device apart? Maybe #3 above is the solution? What does it mean though?

i wish i could have seen that :/ couldn't make it out there this year... you should scan the book!

Thank you Peter. My plan was to learn how to turn it on and connect first then upgrade, but you're right and maybe I should upgrade first. I had no trouble connecting with it when I first bought it, but then I got busy with life and didn't touch it for a few months until just now. It seems like when I run the quick connect script I had this problem before and someone said to just leave a space for one of the default settings, when it prompts you? I thought it was the default gateway, but I tried that and it didn't work. Let me see if I understand you correctly. I have it plugged in to POE/LAN and to eth0 on my linux box. I have a blue light indicating power, USB, LAN, and WPS. Now I execute the quick start script with the default settings. Now you're saying that this is when I should see a Pineapple SSID and everything should work fine, right? .... ok it worked this time :) Doh! Sorry I bothered you. I think last night I was confused because there was a long delay between when the script finishes running and when the link at the end of it works for me. thanks again!

i appreciate your reply...does every thread get such a long legal debate? How about Kevin Mitnick? People like Steve Wozniak, Snubs, and Darren consider him the iconic hacker and he was pure black. How about Captain Crunch, the Roscoe Gang and actual hackers, not historical figures who never heard the term? Mitnick has even been on hak5. Why don't you see what your friend Steve Wozniak has to say about that bad criminal Kevin Mitnick in the forwards to Mitnick's books? He loves him. That's what a hacker is to Wozniak, to me, and to most normal non-delusional individuals. Wozniak even painted a hilarious hacker-behind-bars picture for Mitnick... but you say Mitnick was *NOT* a hacker *because* he illegally hacked companies? LOL come off your high horse, man... Uh... not really. You are familiar with what the Pineapple is? Have you seen Darren's eBook on how to eavesdrop, dump data, penetrate, etc? You realize that Karma lies to people who are not you to pretend to be their networks? I say this with no ill-intent and I'm sure you're a great guy :) , but I think you're just being delusional and holier-than-thou [in this thread] to the point that it's ridiculous. I have no idea how I got so lucky as to inspire this legal/ethical debate, I just wanted to know how to spoof an e-mail with an attachment; it seems pretty straight-forward and no different morally, ethically, or legally than any of the other hacking techniques being discussed. Frankly, I think maybe a bug crawled up your leg and you decided to take it out on me. I won't hold it against you. Given your last statement that if someone hacks into a network/something without authorization they're not hackers (pretending that it's not obvious that such "criminals" are the inspiration for this website, forum, and hacking culture in general) let's now look at the Merriam-Webster dictionary definition of the word hacker: ": a person who illegally gains access to and sometimes tampers with information in a computer system " OK, now the Oxford English Dictionary: "Definition of hacker noun person who uses computers to gain unauthorized access to data." As I said what feels like about a dozen times in earlier posts, I myself would never hack, but if I ask a question about how to hack in a hacking forum I don't see why you come at me with tons of legal warnings, arguments, and moral attacks on hackers, who you say aren't hackers if they illegally hack. Jeeze... I also wonder why you don't bring your legal zeal to every other thread instead of just mine.

the pineapple also doesn't appear to be broadcasting anything...

I tried correcting the default gateway to 10.0.1.2 but that just made it where I had no internet connection until I disconnected from my WiFi and reconnected

Hi, This is basically a first run, pardon my ignorance. So, I have the Pineapple connected to the Internet by cat6, powered, and with a nice big fat antenna. I ran BT5r3 live and did the quick connect. The script seems to work, but my Pineapple never shows up : / Thanks root@root:~# wget wifipineapple.com/wp4.sh; chmod +x wp4.sh; ./wp4.sh; --2012-08-23 05:17:47-- http://wifipineapple.com/wp4.sh Resolving wifipineapple.com... 69.163.250.20 Connecting to wifipineapple.com|69.163.250.20|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 4166 (4.1K) [application/x-sh] Saving to: `wp4.sh.1' 100%[=============================================================>] 4,166 --.-K/s in 0.04s 2012-08-23 05:17:47 (106 KB/s) - `wp4.sh.1' saved [4166/4166] _ ___ _______ ____ _ __ | | / (_) ____(_) / __ \(_)___ ___ ____ _____ ____ / /__ | | /| / / / /_ / / / /_/ / / __ \/ _ \/ __ '/ __ \/ __ \/ / _ \ | |/ |/ / / __/ / / / ____/ / / / / __/ /_/ / /_/ / /_/ / / __/ |__/|__/_/_/ /_/ /_/ /_/_/ /_/\___/\__,_/ .___/ .___/_/\___/ OWN the Network /_/ /_/ v2.1 Pineapple Netmask [255.255.255.0]: Pineapple Network [172.16.42.0/24]: Interface between PC and Pineapple [eth0]: Interface between PC and Internet [wlan0]: Internet Gateway [10.0.1.1]: IP Address of Host PC [172.16.42.42]: IP Address of Pineapple [172.16.42.1]: _ . ___ \||/ Internet: 10.0.1.1 - wlan0 ( _ )_ [___] ,, Computer: 172.16.42.42 (_ _(_ ,) \___\ '' Pineapple: 172.16.42.0/24 - eth0 Browse to http://172.16.42.1/pineapple -- Happy Hacking!

Right, exactly (except I did think you had a Pineapple, I was confusing you with digininja). These things almost all have legitimate uses, and as far as those that don't (what's the whitehat use of Karma again?) or in terms of why we want to understand how hackers hack, it's all just pure intellectual curiosity. I agree completely, although I expected that this would be taken as a given on hacking forum.

Thanks for both replies. They are both going to be useful in the future I'm sure, although I was hoping for a simplier (under 5 minute) solution. I kind of found one. What I ended up doing was instead of spoofing the email addy that was like "HTMNPaint@hotmail.com" I registered "HTNMPaint@hotmail.com" via a patched copy of Tor and went that route. Thanks for the legal side notes, Digip. At the end of the day I agree with you that this is just talk and it's a hacking forum so hopefully most of the topics, like all your Jasager goodness, is going to be very black hat and potentially wildly illegal if any of us were actual hackers who used these tools instead of just the law abiding, government loving, celebate, big brother supporting developers who only post online and never really hack, like we all are.

There are lots of groovy free email spoofing services out there, but does anyone know of one (or some way) where you could attach something to the spoofed e-mail, like a love letter, poem, trojan, picture of your dog, etc?

I see the list of modules on www.wifipineapple.com, but where can I download them? I see in Telot's instructions for sslstrip that he says "opkg update opkg install sslstrip" Is there something comparable for each module that I can opkg within the Pineapple ssh session to get modules? Does the name here http://cloud.wifipineapple.com/index.php?currentModules match the name that I should opkg install? Thanks!

This book looks really promising, I can't wait to get started with it. I haven't played with my pineapple in a while and this will be immensley useful in getting reacquainted. But it's just so hard to choose... do we buy it for $5 and wait on the mail or download it for free right now? It's "Sophie's Choice". OMG what to do??

Anyone excited about any big new features? I am about to grab it myself.

This is really interesting! Good work and thanks for the links. I have to admit, it was not quite what I was expecting when I saw the title "attack scanner", but now I see what you mean ;) Is it open source? Now... any thoughts on how to evade/exploit this scanner? Proxies/Tor/VPN should help with the IP part, but ideally a hacker would want to avoid the being logged all together and/or actually exploit this software somehow. If you needed to pen test a site where this might be installed would it be possible to use a bunch of free proxies and to launch a flood of automated attacks that would set it off and hopefully either crash it or at least make your real attack a needle in the haystack of red herring attacks using all those free proxies?

When did hak5 get this new look? Do you like it? I kinda liked the old look. I haven't been here in a long time tho.

i can sell u one with paypal :)