newbi3
-
Posts
1,022 -
Joined
-
Last visited
-
Days Won
62
Posts posted by newbi3
-
-
On 11/17/2020 at 6:23 PM, Just_a_User said:
Would it be possible to have some form of timer, to watch associated pineapple clients not on the Allowed client list and kick them automatically after xx time without registration?
Or maybe throttle limit clients and lift restrictions on joining Allowed client list?
What is the use case for this?
-
On 10/1/2020 at 10:04 PM, Void-Byte said:
Hey @newbi3,
I already reflashed a few times since your post. It worked after another 2 reflashes (from 1.0 to 1.0.1 back to 1.0 worked). If it breaks again I'll dump the logs for you.
This should be fixed in the 1.0.1 Beta 4 firmware. Sorry about that.
-
On 10/2/2020 at 5:00 PM, astinomia said:
Its an old portal that I imported, idk if that would be the problem but the code looks fine to me.
Would you mind sharing the portal with me? You can DM it to me.
I never actually tested portals from the previous pineapple so something might be broken. I'll try to help you migrate it so I can write some documentation on what to do going forward.
-
On 9/28/2020 at 12:28 AM, astinomia said:
Yeah, I'm talking about a custom portal.
public function handleAuthorization() { if (isset($_POST['email'])) { $email = isset($_POST['email']) ? $_POST['email'] : 'email'; $pwd = isset($_POST['password']) ? $_POST['password'] : 'password'; $hostname = isset($_POST['hostname']) ? $_POST['hostname'] : 'hostname'; $mac = isset($_POST['mac']) ? $_POST['mac'] : 'mac'; $ip = isset($_POST['ip']) ? $_POST['ip'] : 'ip'; $reflector = new \ReflectionClass(get_class($this)); $logPath = dirname($reflector->getFileName()); file_put_contents("{$logPath}/.logs", "[" . date('Y-m-d H:i:s') . "Z]\n" . "email: {$email}\npassword: {$pwd}\nhostname: {$hostname}\nmac: {$mac}\nip: {$ip}\n\n", FILE_APPEND); $this->execBackground("notify $email' - '$pwd"); } // handle form input or other extra things there // Call parent to handle basic authorization first parent::handleAuthorization(); }
Does anything in this handleAuthorization() look like it would cause that error message?
Did you create this portal new on the mk7 or is it from an older version created on the nano/tetra?
I'll take a deeper look into this weekend.
27 minutes ago, Void-Byte said:Hey @newbi3,
Was installing your module on a reflashed WiFi Pineapple MKVII when I ran into these two errors when attempting to "Install Dependencies".
Which version of the firmware are you on?
Also can you please include the output of the module log file? You can find it at /tmp/modules/evilportal.log
-
5 hours ago, Mordub said:
any kind of tutorial on how to create custom portals with custom inputs and outputs and such? do I need to learn PHP? I know html but have never created a portal that asks for password or username and then do something with it.
-
3
-
-
22 hours ago, astinomia said:
@newbi3 Do you know what can be causing me to get a "You have no been authorized" message when I enter the credentials in the portal? The credentials do appear in the log, and I can use the internet (device added to Allowed Client) but I get no notification on the webpage.
I'm assuming this is a custom made portal since you are submitting credentials. My guess is the portal's backend code isn't handling the authorization flow correctly.
-
On 9/22/2020 at 6:17 PM, trumoo said:
Long time hak5 customer, but just got my first Pineapple and it is the Mark VII! Hooray!
Wondering if there are any plans to make a portal of a router firmware upgrade page that asks for wi-fi creds, similar to what wifiphisher does. There was talk of someone porting one over here - it looks like this was abandoned or the final project was never uploaded.
The goal of the Evil Portal module is to provide a captive portal platform with a few bells and whistles, not necessarily to create pre-made templates for every use case. If this is something you need I highly encourage you to build it. If there are any specific questions you have about how to do something with Evil Portal I'm happy to help.
-
This module isn't really meant to be left running while you're not looking at it. If you need to do a packet capture that records the data it collects I recommend using tcpdump.
-
7 hours ago, astinomia said:
Can you give some explanation as to what exactly it means to be a Permanent Client and a Allowed Client?
Sure can.
Permanent clients are clients that will always be allowed to connect to the pineapple without ever having to go through the captive portal. Its good to make 172.16.42.42 a permanent client because this is often used as the host address of a compumter when doing wired client mode.
Allowed Clients are clients that are currently allowed to have internet access. Clients can get on this list by either being a permanent client or by signing on through a captive portal. This list is reset every time Evil Portal is started/stopped.
-
1
-
-
Description
This module is a web front end for mdk4. It allows you to easily preform wireless attacks and manage history.
Features
- Manage dependencies
- Preform attacks with mdk4
- Easily apply options to your attacks
- View and download attack history
-
Description
HTTPeek displays all images, urls, cookies, and post data sent in plaintext by clients connected to the Wifi Pineapple.
Features
- Display images, urls, cookies, and post data on a web page.
- Start/Stop capturing
- Start/Stop live updating
-
1
-
Description
This module is a web front end for tcpdump. It allows you to easily start packet captures and keep track of historical pcaps.
Features
- Manage dependencies
- Preform pcaps with tcpdump
- Easily apply options to your captures
- View and download capture history
-
Description
This module is a web front end for nmap. It allows you to easily perform port scans and manage scan history.
Features
- Manage dependencies
- Preform nmap scans
- Easily apply options to your nmap scans
- View and download scan history
-
Description
Cabinet is a File Manager module for the WiFi Pineapple Mark VII
Features
- List files and directories
- Navigate directory trees
- View and edit contents of files
- Create new files
- Delete files and directories
-
Description
EvilPortal is a captive portal tool for the Wifi Pineapple. It allows users to easily setup landing pages that are automatically displayed to clients who connect.
Having an issue?
Please include this information when reporting an issue:
- A detailed description of the issue including error messages you are receiving and steps to reproduce the problem.
- The version of Evil Portal you are using
- The firmware version your pineapple is running
- Are you connected to the internet?
- The output of the module log file located at: /tmp/modules/evilportal.log on your pineapple.
Features
- Targeted Portals
- Static Portals
- Creating/Editing/Activating/Deleting Portals
- White listings clients by ip address
- Dynamically adding and revoking authorized clients
- Live Preview of your portal through the module interface
Targeted Portals
Targeted Portals allow you to direct clients to different portals conditionally based on SSID, MAC, Hostname, or Useragent allowing for a much wider range of attacks.
Creating a Targeted Portal
- Go to the Portal Workbench in the EvilPortal module
- Click the drop down menu to the left of the "Portal Name" input box and select "Targeted"
- Give it a name
- Click the create new portal button
Edit Targeting Rules
- Click on the name of the portal you just created in list of portals
- Click the "Target Rule Editor" button in the top right corner of the Work Bench
-
You should see a modal open up titled "Editing Rules for $portalname" with MAC, SSID, HOSTNAME, and USERAGENT sections
- These sections represent the value that you can create routing conditions for.
- Under each section you will see a sub-section titled "Exact" and "Regex". These let you create exact rules or rules that will match a pattern.
- It should also be noted that these conditions are evaluated as an 'or' not an 'and'. The order that they are evaluated in can be change but more on that later.
- Once you figure out the rule you want to create click the "Add Rule" button
-
You'll see a row appear that says "Key Value", "Destination", and "Remove". Fill out the values for Key Value and Destination.
- The "Key Value" represents the value that you are checking. For example if the rule is for a SSID the value might be "office-wifi".
- The "Destination" is the file that is the landing page you are routing clients that match your rule to. If this is an office portal you might want to call it OfficePortal.php. Just remember what you called it because we will need it later. (More on creating these later)
- The "Remove" button removes the rule
- Click "Save" at the bottom
Creating The Destinations
- Click the "New File" button in the top right of the work bench.
-
You should see modal open up titled "Creating New FIle". For the "File Name" field type the name of the destination
- This must be the name you typed in for the destination field when setting up the rules. In this example it was "OfficePortal.php"
-
In the "File Contents" field you will write the code to create your portal.
- It should be noted that you need to make a post request to /captiveportal/index.php with a redirect destination called "target" in it.
- In my opinion it is easiest to copy the contents of "default.php" and paste it here as a starting point.
- Click "Save" at the bottom
Important Notes
- If a client connects and doesn't match any of the conditions you created, they will be routed to "default.php".
-
Currently there is not an easy way to change the order the rules are evaluated in, if you want to change them you have to do it manually via ssh.
- ssh into your pineapple
- cd into where your portal is (either /root/portals/$portalname or /sd/portals/$portalname)
- nano $portalname.ep (replace $portalname with whatever you called your portal)
- Change the order of the strings in the targeted_rules->rule_order array. The items that come first are evaluated first.
Basic Portals
Basic Portals are the same oldschool portals that you have come to know in Evil Portal. These are the portals that are created by default and they work in exactly the same way as they used to.
Having an issue?
Please include this information when reporting an issue:
- A detailed description of the issue including error messages you are receiving and steps to reproduce the problem.
- The version of Evil Portal you are using
- The firmware version your pineapple is running
- Are you connected to the internet?
- The output of the module log file located at: /tmp/modules/evilportal.log on your pineapple.
-
1
-
Hello,
I'm adding a second LAN to my pfSense box (192.168.2.0/24) for guests/IoT devices. Clients on this network are unable to reach 192.168.2.1 (which is the pfSense gateway) at layer 3. Layer 2 traffic seems to work just fine (DHCP and arp requests). Clients from the 192.168.1.0/24 network are able ping all clients on the 192.168.2.0/24 network but not vice-versa.
If I swap the access point on the 2.0/24 network with the 1.0/24 network the problem remains the same showing that it is a issue with the pfSense box.
I've created a PCAP showing whats going on on the wire for the 192.168.2.0/24 network.
All help is appreciated!
-
On 12/11/2017 at 2:13 PM, b0N3z said:
Mac Info wont download or install idk what it is and HTTP proxy was added like 2 weeks ago. Also @newbi3 has an OpenVPN module on his github, you have to change a couple things for dependancies but other than that I havent uploaded any config files or tried it out.
I don't even remember if I ever got that module working. Maybe I'll finish it up after this next release of Evil Portal.
-
About a year ago I broke the screen on my one plus one and its unresponsive. I found it in my drawer today and decided to get the data off of it and luckily I had debugging mode enabled so I was able to pull my photos and everything with adb. Now, I'm trying to pull a sqlite database from an app but I don't know what the name of the file is and my phone isn't rooted so I don't have permission to ls in the apps directory.
Is there a way to exploit CVE-2016-2503, CVE-2016-2504, CVE-2016-2059 and gain root access via the shell on my android phone?
-
private function abortScan() { // this will write to a file in /tmp called does_it_work.txt // if the abortScan method is getting called then this file will exist file_put_contents("/tmp/does_it_work.txt", "this function got called!"); exec("killall -9 airodump-ng && cp -f /pineapple/api/wardrive-* /pineapple/modules/Wardriver/log/"); // give some sort of response back $this->response = array("aborted" => true); }
you can also test by starting airodump and then checking if its still running from the command line after the abortScan method is called
ps | grep airodump -
18 minutes ago, nrohsakul said:
Just tried it out. But still nothing. Not even the logs get moved..
Thanks for your help though. Argh I guess it's something really easy so nobody gets it.
Test if your abortScan method is getting called by writing something to a file
-
It might be working, one thing you arent doing is giving a response back.
private function abortScan() { exec("killall -9 airodump-ng && cp -f /pineapple/api/wardrive-* /pineapple/modules/Wardriver/log/"); // give some sort of response back $this->response = array("aborted" => true); }and then handle the response in your JS
$scope.abortScan = (function() { $api.request({ module: 'Wardriver', action: 'abortScan' }, function(response){ console.log(response); if (response.aborted) { $scope.scanning = false; } }); });
-
You module.php file needs to implement the route() method
http://wiki.wifipineapple.com/#!./creating_modules.md#module.php
this method is what maps an action in the request to a function that gets called
public function route() { // create a case for each possible action passed in the request switch($this->request->action) { // what happens when an "abortScan" action is requested case "abortScan": // call the abortScan method $this->abortScan(); // break the case - don't forget to do this otherwise what ever case comes next will also get called break; } }
-
Hey nrohsakul,
You can see JS errors in your browsers developer console
https://developer.chrome.com/devtools
https://developer.mozilla.org/en-US/docs/Tools/Browser_Console
And I recommend showing PHP errors
nano /etc/php.ini
press crtl + w and search for "display_errors" and set it to "On"
display_errors = On
then restart nginx
/etc/init.d/nginx restart
Now your developer environment should be all good to go!
-
Nifty, I don't re-install arch frequently enough for me to justify using it but I dig it.
[Module] EvilPortal
in Mark VII Mods & Modules
Posted
For your usecase it sounds like you want a Basic Portal which will show the same captive portal page to everyone always.
Targeted Portals allow you to change the page that is returned to the user based on different conditions that you set in the rules editor. For example, you may have a target that you know might connect to 2 different SSIDs based (lets say `Corporate Wifi` and `Coffee Shop`) and based on this you want to show a page that relates to the SSID. You would create two rules in the targeted rule editor for SSIDs and route them to two different destinations (we'll call them corporate.php and coffee.php). Now when a client connects to the Pineapple thinking its `Corporate Wifi` they will be shown the `corporate.php` page. If the connect thinking its `Coffee Shop` they will be shown the `coffee.php` page.