newbi3

NoDogSplash is now using UCI for the configuration no longer using the file which is why the auto config thing fails - this is working in the Nano and Tetra version of Evil Portal and I'll get the fix out to the mkv soon. Yeah all of your portals will still work fine, the new version of NoDogSplash uses UCI for configuration. Evil Portal on the nano will automatically configure everything you need to get it going for you when you install dependencies but if you want to do additional configuration you can do it from the command line. Maybe in the future I'll have a section on the interface but not currently.

Login history is all done and will be included in the next version. It doesn't take a picture with the front facing camera because I don't want to add the permissions but it does warn you when there are new failed login attempts and you can view all, successful, or failed attempts individually.

Good question - I'm not sure. I am not going to allow for the log to be cleared. If someone gets the password right on the 100th time they won't be able to clear the login and the owner would see it next time they logged in. Now that doesn't stop someone from modifying the log with a 3rd party application or ADB or something. Without sending the log to a server somewhere and then pulling it down when needed I'm not sure how I could keep it from being tampered with. Maybe the alternative option is to have a kill switch built in where if your password is entered incorrectly x times in x timespan then all of the passwords are dropped.

I like that idea. I would do the camera snap but I am trying to not use any permissions and that would break that model. Ill add a log of failed login attempts though.

One if the benefits to the Nano is that it doesn't have the realtek chip with the 11mbps throughput issue -- other benefits are that the web interface is SO much better. Its way cleaner and more responsive and feels amazing. Also with the new API design developers are able to create new modules so much faster than before so you can expect to see some cool new modules on the nano.

The Nano is still being developed so the ability to download modules onto your pineapple is still in progress. Even if that weren't the case there are only a few modules that are even "ready to go" at this point.

I'm almost ready to release the next version which has a ton of improvements. 1. All data (not just passwords) is encrypted and salted 2. Data is only shown in plain text when it needs to be 3. Access key is now salted in addition to being hashed 4. New "Access History" feature lets you see the dates and times that a specific password has been viewed 5. New random password generator using SecureRandom Its not released yet and probably won't be for about a week or two as I am on vacation and still have some features to add - however if you want to view the code look at the "development" branch.

Nifty! Excited for this!

The password can't be an empty string. Line 44 of AccessActivity checks the length of the key. I am going to have a password policy in the next version but I just didn't get around to it yet. I'm not sure the proper way to do the salting. I shouldn't store the salt in the DB correct? If not then I can't use a random salt and if it can't be random then I should use something unique like the phones identity but I don't want to have to have special permissions on the app. 89 - Thats the query I was running but it would crash the app if certain characters were in the hash I just changed the query last night actually 113 - The password is encrypted before being put into PasswordModel (line 78 of NewPasswordActivity) 114 - Yes I agree next release 136 - I also agree with this - next release Thanks for the review I'll update it soon

I know that there are a lot of password managers out there but it never hurts to have options. Also I don't trust any application with my passwords if I can't review the code. So I took it upon myself to write my own password manager for Android and you can find it in the Play Store now. Its completely free and requires 0 permissions. All passwords are encrypted with 128bit AES encryption and the app requires you to enter your encryption key before you can view the "vault". Your encryption key is never stored in the app - just a SHA256 hash of it so the App can verify that you entered the correct key. The code is open source and up on my Github. If you want to contribute to it that would be really cool :D Also you can find it on the Play Store. I'm completely open to suggestions and criticisms for it. Git Hub https://github.com/frozenjava/VaultAndroid Google Play https://play.google.com/store/apps/details?id=codeit.space.vault

I was thinking about doing that but I just wanted to follow a standard that already existed instead of doing my own thing. Just broadcasting it its services would be a lot easier for sure considering I have no idea what I'm doing with SSDP.

I am creating a little rover that is powered by the raspberry pi and controlled over the network. I'd like to make this more plug and play but I'm pretty confused trying to implement SSDP. Basically I just want the Raspberry pi to broadcast it self on the network and say "hey my restful API lives at x.x.x.x:8080" this way my android app can just find that broadcast and then connect to the robot without the user having to type in any ip address or port. Is there a service for linux that already does this? I've tried miniupnpd and minissdpd and they don't seem to be broadcasting anything... I think I may just have a miss understanding of SSDP which is what is making this so hard to implement. Any knowledge on how it works and/or how to implement it would be amazing!

I teach computer programming at a college level and I start my students off with Python. I recommend against learning Java as a first language because of a couple reasons. Essentially it will just confuse you and turn you off to programming. Here is what I mean // WTF is a package?? package learning.programming; // WTF is a class what why public?? public class FirstProgram { // what is a void? Why is it public? what does it mean by static? Wtf is a String[]? public static void main(String[] args) { // All of this code for it to just say hello world?? System.out.println("Hello world"); } } There was this amazing article called "The pitfalls of java as a first language" but I can't seem to find it for you. Anyways learn Python first just to get your beak wet. Also shameless time for me to plug a Python module I am working on called jBot which is a "robot simulator" for the purpose of learning to program with instant visual gratification. I have noticed that a lot of my students weren't retaining the concepts that I was teaching them so I figured maybe if they see these code be executed by something visual then they will understand it better. Turns out that that is completely true. So If you want to learn python and you are more of a visual learner then jBot if definitely something you should check out: https://github.com/frozenjava/RobotSimulator

Good suggestions, foxtrot made a irc one a while ago (I'm not sure what happened to it). Definitely open to the ftp and http control. I will bake that in.

Pretty much, I had an old version that did it over MMS but it was insanely difficult to parse and get the actual message out of. New version will be doing it over actual SMS with a modem plugged into the pineapple.

How are you powering your pineapple?

Sure, its kind on on a hold at the moment until I can get some of my professional obligations done but I'll let you know when I'm starting back up with this project

This is something I am putting together in my head as well with some additional features. It's a big project but it's a fun one.

It doesn't matter if its obvious you can't track me. Also there is no human sitting here monitoring these systems. Since there is no way to stop them from collecting the data you might as well pollute the data so its next to impossible to draw an accurate picture. I understand what you're saying but I don't think its something worth writing a hundred lines of code when I just accomplished the same thing with 4 lines of python. However, with that said feel free to make your vision happen the way you want it to :D

import os, time while True: os.system("macchanger -r wlan1") time.sleep(5)

That seems kind of slow... There was a hardware implementation issue with the second radio that limits its speed to 11mbps max. Since its a hardware there isn't anyway to fix it with software

That doesn't sound good, I got to say I'm not experiencing the same results can you give me some more info to help me replicate the issue? What firmware version are you running? What other infusions do you have installed? Is the infusion installed on internal storage or sd storage? Is your pineapple connected to the internet when you try to install dependencies?

I'll probably just end up buying APs from manufacturers outside of the US and then flash open-wrt or dd-wrt like I want to. Have they not learned that no one wants devices with regulations or (especially) NSA backdoors? They just keep hurting US companies by doing these things.

Lets all send smashed routers to the FCC.

Why this a thing? Do we not own the fucking hardware we buy?? I mean goddamn. If I want my <insert_device_here> to run better software than what the manufacturer put out then its going to.