Fira

Just a quick question.... as the script progresses and new mk5 infusions get written for it, will they be back ported for the mk4? and if not, is there going to be a point where the script doesn't play nice with the mk4 anymore? just curious :) thanks again!

Bump! This looks good. Will check it out soon!

I don't know if it's helpful, but i just wrote a little something on how i get set up here : https://forums.hak5.org/index.php?/topic/30654-my-mkiv-30-experience-so-far/ you may have a different experience to me, but that's a guide to what i do to get set up.

you should change the file from : 172.16.42.1 example.com to : (your ip) * eg 172.16.42.42 * the * is a wildcard. on it's own it means "everything". you could also do *.com for all .com sites

Well, i've had a few weeks to play with my pineapple now, and whilst i like the idea of it very much, it hasn't been a smooth ride at all. So after borking my pineapple for the umpteenth time, I'm gonna go through my re-install procedure, and comment on a few of the infusions. To be honest, I'm thinking the best ideas on this box are not as functional as they seem to have been a few years back (like Karma for example), but I don't think that is the fault of the pineapple. Vendors have tightened up on security a bit since the pinepple has come out. I definitely see this is a useful pivot box, but i find it lacking somewhat in some areas too. I'll keep playing with it, and reporting what I find. I know I have a lot to learn, and tricks to master but it's fun when it isn't infuriating! Question is, do I want to shell out for a MKV knowing that the MKIV looks good on paper mostly.... A note on the Ethernet Sockets... Eth0 (This is the one marked "PoE LAN") This port by default expects the gateway to be "172.16.42.42" unless you edit "etc/pineapple/spoofhost". More on that later... This port also has a DHCP running on it, so if you connect your attacker machine to the pineapple via this port, you may want to set a static IP somewhere on 172.16.42.0/24. If you are providing internet to the pineapple FROM your attacker machine, you will want to make sure your attacker machine has the IP 172.16.42.42 (default setting of gateway). Eth1 (This is the one marked "WAN LAN") This port has no DHCP running on it, and is expecting to be given a DHCP from another machine / router. If you use Windows to give your pineapple internet via ICS, it will most likely have a default DHCP pool of 192.168.137.0/24 (windows 7), or 192.168.0.0/24 (windows XP) so your pineapple will accept an DHCP lease from one of those ranges. Use an IP scanner on your windows machine to figure out what IP your pineapple has. Since you can't easily edit the DHCP pool of ICS on windows, you will have to use this ethernet port for the internet connection of your pineapple. You also won't be able to connect to your pineapple with the 172.* address from this adapter. Pineapple MK IV Fresh install on 3.0 Remove USB Factory Reset Pineapple Format USB in Gparted on linux login to pineapple change root password change pineapple SSID add "reboot" to the WPS button script in Configuration > Button configuration edit USB Fstab settings in Rescources > USB Plug in the USB drive and wait a minute for everything to settle. SSH into the WiFi Pineapple (typically "ssh root@172.16.42.1" and sometimes you need to clear the known hosts : "rm ~/.ssh/known_hosts") Issue "mkswap /dev/sda2" reboot issue "free" to check swap is enabled create folder /usb/www/ issue command "ln -s /usb/www/* /www/" to symlink the www folder to the usb drive. update ---------------------this is my custom network config (not mandatory) ssh in to change ssh ports nano /etc/config/dropbear issue nano /etc/config/network change gateway from 172.16.42.42 to 172.16.42.2 (for ics sharing from kali from eth0 on Kali to the PoE port on the pineapple) run ./wp4.sh on kali to set up ICS gateway 172.16.42.2 (I have edited the script to make this my default gateway) I do this because JasagerPwn 2.0 expects the attacker to be at this address... ------------------------------------------ this is with internet Update The Wifi Pineapple Bar Infusion my ICS seemed to work out of the box, but if not - install WiFI Manager infusion and Change ICS settings to Enable on boot yes, share from eth0 to wlan0 save change dnsspoof host to 172.16.42.2 * (one caveat I noticed from trying to figure out why it didn't redirect was sometimes an extra character gets appended to the end of a spoofhost. this was only noticable from sshing in and checking out "etc/pineapple/spoofhost") -------------------------------------------Other infusions.... Evil Portal This was a great infusion! First time I installed it, I didn't have enough space to edit it's settings, so I had to factory reset to test it unfortunately. However, once configured, it is awesome! Installing this and configuring it really needs to be one of the first things you install otherwise you'll find you can't edit the configuration files! One problem I ran into was not being able to stop it from starting at boot in the gui. The button just seemed to crash the tile to main screen. Get I like this infusion, but for me it has a couple of issues : Clicking "Connected Clients" causes the tile to close. comments aren't saved (seems to be ok this time) Sslstrip Going to test this next cos I never had any success with it.... infact, pretty much always said "sslstrip is not running" Failing this, I can hopefully use it on kali instead... Tile doesn't update to tell you it's installed. you have to refresh the browser it seems before it indicates it's installed... :/ Clicking start.... (seems to work) Seems to output a log file this time... rather than "sslstrip is not running" when i click the refresh link. i wonder how long before it breaks.... Ok so i connected my nexus 7 to the pineapple, and logged into facebook with the browser. shows HTTPS all the way. Let's do it again with the next infusion : (Edit : some things have turned up in the logs, although nothing useful so far - plus iceweasel doesn't really display any popups correcly) TrapCookies Installed, and just running trapcookies and sslstrip logged into facebook, gmail and myspace... no idea if it works.... iceweasel ain't much good to be honest...lets go find the logs... Empty. Completely empty. I must need to run it for longer I guess.... (edit - there are somethings in there, but not what I was looking for) Codeinject whenever this is switched on, all the HTTP internet stops working on the victim machine (although HTTPS seems to be fine). :/ Not sure why! wonder if it's cos I changed my gateway? --------------------------------------------------To be continued!

Don't you mean 172 rather than 17?

it works fine with the nexus 7 :) tested and happy!

i'll give it a go tomorrow for sure! :) bit tipsy tonight :) (hic!) Thanks so much!

I have been using YUMI http://www.pendrivelinux.com/yumi-multiboot-usb-creator/

OOOSSSH!!!! where is the firmware download? :D (bet there isn't one)

you, sir, ROCK! :D

I don't know if this has been thought of already, but I found this on teh forums : https://forums.hak5.org/index.php?/topic/30398-payload-the-fastest-meterpreter-shell-youll-ever-get/ and then this : http://www.pentestgeek.com/2013/09/18/invoke-shellcode/ could something like this be included that generates powersploit shells? EDIT.... ahhh key board / ducky access required...

I can confirm that the errors I had have now been fixed :) thanks mate! and FYI using a MKIV :)

msfconsole shows no errors, and services all started (via lazykali script) current setup internet via wlan0 connection to pineapple on eth0, into PoE Lan IP 172.16.42.2 (no internet on this connection, or on pineapple) failed to start exploit module multi/browser/*PAYLOADS* on all of them.

Some issues on my kali machine (i think i'm on 1.0.5 - hard to tell) selecting BrowserAutoPwn seems to not be able to load any modules. not sure why...

whenever i run it, it says "trapcookies is running..." and if i hit the refresh link it says "trapcookies is not running..." is this normal?

this is very good news :)

this post is the top result lol!