Jump to content

crepsidro

Active Members
  • Posts

    76
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by crepsidro

  1. Mitm infusion is currently broken, as new mitmproxy requires dependencies, that yet to be compiled for pineapple.
  2. mine's working fine, but i had no luck with sslstrip+dnsspoof combo =( sslstrip breaks dnsspoof and vice versa. i think question was asked here but no answer received. any tips? thanks i want to sslstrip all traffic BUT 3 addresses i want to spoof to pineapple.
  3. nobody gives a toss? guess i gotta buy Pi for all the work... had high hopes for pineapple but it turned out to be outdated meh....
  4. i guess nobody gives a crap... that's sad. this infusion is broken, as updated mitmproxy requires many new deps, which is not compiled for pineapple/ar71xx yes. i thought hak5 are almost gods...
  5. Can anyone tell me, how to invoke ettercap to be ssl sniffing proxy? I edited the .conf, then i just run 'ettercap -Tq -i br-lan' on the pineapple. My https traffic gets mitmed ok (certs being generated etc), but no http traffic passes thru. Little help please. Thanks
  6. Ok, nobody? What? More futility from me then... :( I managed to install mitmproxy 0.8.1 by using pip install "mitmproxy<=0.8.1". But it lacks -T (transarent http/https mode), it lack --host option, and it's basically useless. I also tried to build some binaries 'on-device'. I tried root_fs_mips and root_fs_mipsel uClibs' packs, both fail to chroot on device (architecture mismatch most probably). We need pyOpenSSL compiled for pineapple ASAP! That will lead to mitmproxy 0.9.2 (which works GREAT on linux machine, sniffs/mitms ALL ssl traffic!) and NEW version of SSLstrip many folks love. Please, please devs. Compile the opkg .ipk or just 3 binaries needed for pyOpenSSL 0.13 (crypto and 2 more). THANKS!
  7. Can somebody please compile the binaries for pyopenssl 0.13? it needs it to proceed. not familliar with pineapple build enviroment etc. thanks!
  8. Edited contentview.py and ran mitmdump (and mitmproxy). Now, it needs pyopenssl 0.13 and opkg have 0.10-1. I cannot resolve a conflict there. It either runs with 0.10 but drops all SSL traffic OR it doesnt run with 0.13 pip'ed over 0.10 HELP PLEASE, i guess i need some pyopenssl 0.13 bins (((
  9. Yup, urwid fails due to absence of compiler. I edited setup.py for urwid to comment out ext.module requirement, it went thru setup. I also had to do the same for PIL and lxml... Thing is, lxml fails to compile and i get error Traceback (most recent call last): File "/usb/usr/bin/mitmdump", line 4, in <module> from libmproxy import proxy, dump, cmdline, version, console File "/usb/usr/lib/python2.7/site-packages/libmproxy/console/__init__.py", line 5, in <module> import flowlist, flowview, help, common, grideditor, palettes, contentview, flowdetailview File "/usb/usr/lib/python2.7/site-packages/libmproxy/console/flowview.py", line 3, in <module> import common, grideditor, contentview File "/usb/usr/lib/python2.7/site-packages/libmproxy/console/contentview.py", line 10, in <module> import lxml.html, lxml.etree File "/usb/usr/lib/python2.7/site-packages/lxml-3.2.3-py2.7.egg/lxml/html/__init__.py", line 42, in <module> from lxml import etree ImportError: cannot import name etree Also tried manually do a static build of lxml (python setup.py --static-deps to no avail. I guess lxml does needs some binaries compiled... Please, do something! I want mitmproxy on my pineapple again. It WAS working couple of months ago, but i guess PIP distro changed.. Thanks Maybe just tell me what to comment out and where to force mitm to run.
  10. Ok, i did some research and disappointed with results... I tried flashing to 3.0 and installing sslsniff (openwrt version, which is waaay obsolete). Still get seg.fault upon running. Got back to 2.8.1 and still wondering about possibility of having autonomous ssl sniffing proxy (NOT sslstrip, which is useless for most modern sites). Still cannot properly invoke mitmdump (from mitm infusion) to catch and reroute both HTTP and HTTPS traffic TO it. It takes HTTPS traffic and mitms it, but still cannot get plain HTTP proxied to the mitmdump. If i hard-set proxy address in 'victim browser' i DO get somewhat reliable ssl pass-thru decoding proxy (yes, i get wrong cert dialogs, but that's acceptable for pentesting). Can anyone help me with proper iptables commands to route, say, all 80 and 443 traffic to port say 9999 on the pineapple? Say, i use 3g-wan2 interface OR/AND eth1 interface to get internet to the pineapple. Thanks. Guys, i mean, why still no working ssl proxy on the device? Just imagine how cool and almost 100% transparent it can be. PS. any progress on getting last (not ancient) sslstrip working? Thanks
  11. Ok, thanks for info. Any tips on getting sslsniff to work?
  12. As i said, sslsniff package loads, but produces segmentation fault upon launch in 'work' mode. I have 2gb swap, all processes stopped, but still get seg.fault. Hoping for pros to investigate. Just imagine smoothly running sslsniff?! Why focus on completely obsolete sslstrip?
  13. Actually did some research. I'm on 2.8.1. With mitm infusion installed, i get mitmproxy (fails to start) and mitmdump 0.8.1. mitmdump seems to work, BUT it fails to proxy plain http requests - it treats all requests as https, thus breaking functionality. I tryed updating mitmdump to current version, but that broke it, 0.9 fails to start. Please, some help here on how to install the new version? And i tryed opkg install sslsniff. Sslsniff --help produces help, BUT when i try to use it = segmentation fault. I just want a decent http/https logging proxy running on pineapple. Thanks
  14. Hello peeps. I am wondering, how hard it would be to make infusion out of amazing http://mitmproxy.org/ ? Also, pointers on how to install it manually will be greatly appreciated. There's so many ssl-capable mitm proxy software out now (mitmproxy, sslsniff, burp proxy) and none is available for pineapple, otherwise fine pentesting device?! Sure there's schemes, where pineapple is used to karma clients to it, and route the traffic to the notebook. But just imagine ssl logging proxy on the pineapple connected to 3g/phone/ethernet/wlan1?! Thanks!
  15. Yes, sorry, i figured it out - been stupid. I thought at some point you were talking about standalone metasploit implementation. If i have my laptop i dont need a pineapple - wifi adapter works as fine.
  16. You're just lucky then. Many posts here, that pineapple jiuce battery pack is unable to power 4gb fit on it's own... I tried with laptop as well. Ditched Fit for usb microsd reader - that works from juice pack no problem.
  17. pineapple bundles are cocked up... too weak usb pack, too uncompatible cruzer fit - to name main things....
  18. Hi all. My .02c. MK4, elite bundle, 4gb fit, linux ext4 way -> dmesg: /dev/sda unknown partition table. Powered from 12v etc. SOLUTION! Using gnome-disk-util again, i erased/reformated BUT with GUID partition table instead of MBR. It works now. And yes, other USB sticks work fine with MBR, but for some reason 4gb Fit i got in bundle is NOT.
  19. Hello all. Just got my Mark4 pineapple. Looks nice. Ok, i've gone for elite bundle, and now trying to hook it all up in a ext. usb wifi (alfa from elite bundle) as a source of internet. Tried manually and ran into problem with wpa_supplicant immidiately. Here's my log: root@Pineapple:~# wpa_supplicant -D nl80211 -i wlan1 -dd -c /etc/wpa_supplicant. conf Successfully initialized wpa_supplicant wlan1: Failed to initiate AP scan wlan1: SME: Trying to authenticate with xxxx (SSID='xxx' freq=2462 MHz) wlan1: SME: Authentication request to the driver failed wlan1: Failed to initiate AP scan wlan1: SME: Trying to authenticate with xxxx (SSID='xxx' freq=2462 MHz) wlan1: SME: Authentication request to the driver failed wlan1: SME: Trying to authenticate with xxxx (SSID='xxx' freq=2462 MHz) wlan1: SME: Authentication request to the driver failed What am i doing wrong???? Disappointed...
×
×
  • Create New...