[PineAP limitations?]

Understood. Figured I'd ask. Was wondering if I should, perhaps, set my PineAP to have the same MAC as a target AP. And/or if there was a way to stetup PineAP with a blank WPS or WPA key that a user might just click through. ...? For instance, "Please enter WPA," <DERP>, <clicks OK with blank key>, Associated to PineAP.

[PineAP limitations?]

Do clients have to be associated with open/non-encrypted APs in order for PineAP to grab the association? And is there a way to circumvent this limitation?

[MK4 Karma is keep on knocking me off my own internet, Its Still Doing It:(]

Ya, rc.local is what I've done. But didnt it use to stick across reboots?! I don't recall having this issue prior to upgrading to the latest firmware.

I'm not sure if the UI is working. Someone should verify it is. Also, is there a way to query karma for the mac's its been given for black or white listing?!?

[MK4 Karma is keep on knocking me off my own internet, Its Still Doing It:(]

I'm having this issue as well. Specifically across reboots. I do a hostapd_cli add_black_mac <mac> and things are fine. But after reboot I have to run the command again.

[Karma issue with blacklist]

I seem to be having an issue with the Karma blacklist. I've added my mac but karma just keeps on accepting probe requests from my machine. I've also tried manually adding it with hostapd_cli. Just keeps on associating me. Very frustrating of course :P

Any ideas?

[Email Checker]

just setup sendmail in rc.local to email you an output if ifconfig

[Occupineapple Module]

"Occupineapple :) (Sounds familiar, isn't it :P) This is indeed based on Darren’s idea"

You should probably state what that idea is right up front ;P

[USB HUB]

I've been trying out Tenergy's batteries. Dunno if anyone here has seen these, but they are pretty good and charge quickly.

http://www.tenergy.com/Site/LiFe-Prismatic

[Keylogger]

Figured it out: If URLsnarf is running Keylogger does not work. Any thoughts on why this is and what we can do about it? (also my URLsnarf is configured for wlan0 since if its on br-lan, which it is by default, it conflicts with SSLstrip)

Two other things:

1) the logs should go into /usb/data/

2) needs the autostart feature

[Keylogger]

Do you enable the refresh option?

Yup. And I hit the manual refresh button. Nada.

[Keylogger]

What is your network setup ? From which interface are you sharing the internet ?

Typical setup using a laptop to route traffic through. Laptop wlan0 is furthest upstream, to eth0 then to br-lan on the pineapple and it's wlan0.

Everything else is working ok, e.g., sslstrip and urlsnarf. Do I need to have those off for the keylogger to work?

[Keylogger]

Me and Seb both tested it against http://cloud.wifipineapple.com/index.php?portal

Ok, well, I've associated my client with the Pineapple, opened that URL and the keylogger module is reporting "no data captured." Any ideas what is going wrong?

[Keylogger]

I seem to be having issue as well. And I'm probably doing something stupid. Is there a site, say doing a search on Slashdot, that we can use as a testing reference so that we're all on the same page (no pun intended)?

[WPS button not working]

Any update on this?

[WPS button not working]

I'm on 2.7.5 And the button infusion doesnt work either. I guess I'll try 2.7.7

[WPS button not working]

I've setup the script and enabled it. But it just wont launch the script for some reason. How is wpsScript.sh launched?

My resetButton.sh :

oot@Pineapple:/pineapple/config# cat resetButton.sh
#!/bin/sh
#Script to add / remove reset button
#Reset is marked as WPS (incorrect)

if [ $1 == "enable" ]
then

uci add system button
uci set system.@button[3].button=wps
uci set system.@button[3].action=released
uci set system.@button[3].handler='cp /etc/config/backup/* /etc/config/ && reboot'
uci set system.@button[3].min=5
uci set system.@button[3].max=10
uci commit system

fi

if [ $1 == "disable" ]
then
uci delete system.@button[3]
uci commit system
fi
root@Pineapple:/pineapple/config#

[Alpha awus036h grabbing wlan0]

Well, I remember once I had the same issue: the pineapple booting with the alpha card plugged-in which ended to be attached to wlan0 and the internal card to wlan1.

Whistle Master, what did you do to force the internal nic to wlan0? I'm still having this issue with my Alpha grabbing wlan0 :(

[urlsnarf module simultaneously with sslstrip module?]

0.9 runs on the pineapple actually :) May be a good idea to include it in the next version of sslstrip module :P In the meatime, you can download v0.9 here and copy it on your pineapple, then:

tar zxvf sslstrip-0.9.tar.gz
cd sslstrip-0.9
python ./setup.py install

Version 0.9 is giving me issue. If I dont run the typical port 80 POSTROUTING iptables command I dont snag any SSL traffic. And if I DO then I get:

sslstrip 0.9 by Moxie Marlinspike running...

Traceback (most recent call last):

File "/usb/usr/lib/python2.7/site-packages/twisted/python/log.py", line 48, in callWithLogger

return callWithContext({"system": lp}, func, *args, **kw)

File "/usb/usr/lib/python2.7/site-packages/twisted/python/log.py", line 33, in callWithContext

return context.call({ILogContext: newCtx}, func, *args, **kw)

File "/usb/usr/lib/python2.7/site-packages/twisted/python/context.py", line 59, in callWithContext

return self.currentContext().callWithContext(ctx, func, *args, **kw)

File "/usb/usr/lib/python2.7/site-packages/twisted/python/context.py", line 37, in callWithContext

return func(*args,**kw)

--- <exception caught here> ---

File "/usb/usr/lib/python2.7/site-packages/twisted/internet/selectreactor.py", line 139, in _doReadOrWrite

why = getattr(selectable, method)()

File "/usb/usr/lib/python2.7/site-packages/twisted/internet/tcp.py", line 362, in doRead

return self.protocol.dataReceived(data)

File "/usb/usr/lib/python2.7/site-packages/twisted/protocols/basic.py", line 232, in dataReceived

why = self.lineReceived(line)

File "/usb/usr/lib/python2.7/site-packages/twisted/web/http.py", line 388, in lineReceived

self.handleHeader(key, val)

File "/usb/usr/lib/python2.7/site-packages/sslstrip/ServerConnection.py", line 98, in handleHeader

self.client.responseHeaders.addRawHeader(key, value)

exceptions.AttributeError: ClientRequest instance has no attribute 'responseHeaders'

[urlsnarf module simultaneously with sslstrip module?]

But not in all websites. I think that is because of some browser protections or https force from some sites. Am I correct?

Some sites now use something called HSTS so that SSLstrip cannot monitor that traffic.

[urlsnarf module simultaneously with sslstrip module?]

Great! ... I'm not sure why Telot wanted port 443, he doesnt seem to say in that thread...no? If I have it in the PREROUTING table, as it is by default in the module, all https just grinds to a halt for clients. So something should be done.

Also, SSLstrip logs should state the source/client IP address. It's super confusing as to what POST is coming from what client.

Another issue I noticed is that not all SSL POSTs (say to Facebook) get logged. The intial logon attempt works, but for some reason it's not picking up retries. Any thoughts?

[urlsnarf module simultaneously with sslstrip module?]

I think I got this working. Running URLsnort against wlan0 instead of br-lan is keeping both SSLstrip and URLsnort happy so far.

[HSTS exploit?]

Is the Facebook iphone app using HSTS? I never see any data from it in SSLstrip.

[HSTS exploit?]

I suppose a workaround is to just DNS spoof and phish HSTS domains...no? Would be nice if there was a modue to 1) detect HSTS, 2) auto DNS spoof it, 3) and on the fly mirror the portal html locally for phishing.

Or, do site such as Gmail have non-HSTS versions of the portals traffic could be redirected to with DNS spoof?

[HSTS exploit?]

Anything out there to deal with HSTS traffic? E.g., some sort of way to force clients to opt-out of it?

[Facebook app not working]

Sslstrip messes with apps. I posted about this a few weeks ago, and sadly got no replies (very disappointing Jasegar Community!!). You can find my observations here: http://forums.hak5.org/index.php?/topic/28385-apps-and-the-pineapplekarma/?hl=%2Bsslstrip+%2Bapp

I read up about it a little bit since then, mostly on Moxie's website. It turns out that apps allow developers to tweak how ssl works within their app - their not constrained by a browsers implementation of ssl, and the requisite standards that forces them to work with. Moxies sslstrip program addresses vulnerabilities in the standard implementation of ssl found in http(s).

This is of course hugely disappointing, as more and more people use phones/tablets as their primary computing devices while mobile - which is when their most likely to become pineapple victims. If anyone has any additional knowledge on apps and ssl, I'd love to hear it, as my understanding is just a scratch of the surface I'm sure. Thanks

telot

Well, I got it working. Just comment out the stuff for port 443 in autostart.sh and sslstrip_actions.php

Now there's the issue of it playing nice with URLsnort. And is there an exploit for HSTS?