Jump to content

Fira

Active Members
 View Profile  See their activity

  • Posts

    43

  • Joined

  • Last visited

 Content Type 

Posts posted by Fira

    [Script] JasagerPwn 2.0 - Reborn

    in WiFi Pineapple Mark V

    Posted · Edited by Fira

    Update: I have created an infusion for the MK5 called Strip-N-Inject which will combines the SSLStrip attack with code injection all in the same infusion. It is extremely successful and efficient and will provide the code-injection capabilities for any injection-based attack vector. It will be available in your pineapple bar soon so you can use all the features of this script.

    Note: Please just "./jasagerPwn -u" before testing anything as I have added some updates for this change.

    Thank you for your patience!

    Just a quick question....

    as the script progresses and new mk5 infusions get written for it, will they be back ported for the mk4? and if not, is there going to be a point where the script doesn't play nice with the mk4 anymore?

    just curious :)

    thanks again!

    My MKIV 3.0 experience so far...

    in WiFi Pineapple Mark IV

    Posted · Edited by Fira

    Well, i've had a few weeks to play with my pineapple now, and whilst i like the idea of it very much, it hasn't been a smooth ride at all. So after borking my pineapple for the umpteenth time, I'm gonna go through my re-install procedure, and comment on a few of the infusions.

    To be honest, I'm thinking the best ideas on this box are not as functional as they seem to have been a few years back (like Karma for example), but I don't think that is the fault of the pineapple. Vendors have tightened up on security a bit since the pinepple has come out. I definitely see this is a useful pivot box, but i find it lacking somewhat in some areas too. I'll keep playing with it, and reporting what I find. I know I have a lot to learn, and tricks to master but it's fun when it isn't infuriating! Question is, do I want to shell out for a MKV knowing that the MKIV looks good on paper mostly....

    A note on the Ethernet Sockets...

    Eth0 (This is the one marked "PoE LAN")

    This port by default expects the gateway to be "172.16.42.42" unless you edit "etc/pineapple/spoofhost". More on that later...

    This port also has a DHCP running on it, so if you connect your attacker machine to the pineapple via this port, you may want to set a static IP somewhere on 172.16.42.0/24. If you are providing internet to the pineapple FROM your attacker machine, you will want to make sure your attacker machine has the IP 172.16.42.42 (default setting of gateway).

    Eth1 (This is the one marked "WAN LAN")

    This port has no DHCP running on it, and is expecting to be given a DHCP from another machine / router. If you use Windows to give your pineapple internet via ICS, it will most likely have a default DHCP pool of 192.168.137.0/24 (windows 7), or 192.168.0.0/24 (windows XP) so your pineapple will accept an DHCP lease from one of those ranges. Use an IP scanner on your windows machine to figure out what IP your pineapple has. Since you can't easily edit the DHCP pool of ICS on windows, you will have to use this ethernet port for the internet connection of your pineapple. You also won't be able to connect to your pineapple with the 172.* address from this adapter.

    Pineapple MK IV Fresh install on 3.0

    Remove USB
    Factory Reset Pineapple
    Format USB in Gparted on linux
    login to pineapple
    change root password
    change pineapple SSID
    add "reboot" to the WPS button script in Configuration > Button configuration
    edit USB Fstab settings in Rescources > USB
    Plug in the USB drive and wait a minute for everything to settle.
    SSH into the WiFi Pineapple (typically "ssh root@172.16.42.1" and sometimes you need to clear the known hosts : "rm ~/.ssh/known_hosts")
    Issue "mkswap /dev/sda2"
    reboot
    issue "free" to check swap is enabled
    create folder /usb/www/
    issue command "ln -s /usb/www/* /www/" to symlink the www folder to the usb drive.
    update
    ---------------------this is my custom network config (not mandatory)
    ssh in
    to change ssh ports nano /etc/config/dropbear
    issue nano /etc/config/network
    change gateway from 172.16.42.42 to 172.16.42.2 (for ics sharing from kali from eth0 on Kali to the PoE port on the pineapple)
    run ./wp4.sh on kali to set up ICS gateway 172.16.42.2 (I have edited the script to make this my default gateway)

    I do this because JasagerPwn 2.0 expects the attacker to be at this address...
    ------------------------------------------ this is with internet
    Update The Wifi Pineapple Bar Infusion
    my ICS seemed to work out of the box, but if not - install WiFI Manager infusion and Change ICS settings to Enable on boot yes, share from eth0 to wlan0
    save
    change dnsspoof host to 172.16.42.2 * (one caveat I noticed from trying to figure out why it didn't redirect was sometimes an extra character gets appended to the end of a spoofhost. this was only noticable from sshing in and checking out "etc/pineapple/spoofhost")
    -------------------------------------------Other infusions....
    Evil Portal
    This was a great infusion! First time I installed it, I didn't have enough space to edit it's settings, so I had to factory reset to test it unfortunately. However, once configured, it is awesome!
    Installing this and configuring it really needs to be one of the first things you install otherwise you'll find you can't edit the configuration files!
    One problem I ran into was not being able to stop it from starting at boot in the gui. The button just seemed to crash the tile to main screen.
    Get
    I like this infusion, but for me it has a couple of issues :
    Clicking "Connected Clients" causes the tile to close.
    comments aren't saved (seems to be ok this time)
    Sslstrip
    Going to test this next cos I never had any success with it.... infact, pretty much always said "sslstrip is not running" Failing this, I can hopefully use it on kali instead...
    Tile doesn't update to tell you it's installed. you have to refresh the browser it seems before it indicates it's installed... :/
    Clicking start.... (seems to work)
    Seems to output a log file this time... rather than "sslstrip is not running" when i click the refresh link. i wonder how long before it breaks....
    Ok so i connected my nexus 7 to the pineapple, and logged into facebook with the browser. shows HTTPS all the way. Let's do it again with the next infusion :
    (Edit : some things have turned up in the logs, although nothing useful so far - plus iceweasel doesn't really display any popups correcly)

    TrapCookies
    Installed, and just running trapcookies and sslstrip
    logged into facebook, gmail and myspace...
    no idea if it works.... iceweasel ain't much good to be honest...lets go find the logs...
    Empty. Completely empty.
    I must need to run it for longer I guess....
    (edit - there are somethings in there, but not what I was looking for)
    Codeinject
    whenever this is switched on, all the HTTP internet stops working on the victim machine (although HTTPS seems to be fine). :/ Not sure why! wonder if it's cos I changed my gateway?

    --------------------------------------------------To be continued!

    [Script] JasagerPwn 2.0 - Reborn

    in WiFi Pineapple Mark V

    Posted

    EDIT: Nevermind my previous post was incorrect after further testing.

    Seems like it's an issue with "msfcli" selecting the modules. I just commited an update that will resolve the issue. Run ./jasagerPwn -u and try again. :)

    I can confirm that the errors I had have now been fixed :)

    thanks mate!

    and FYI using a MKIV

    :)

    [Script] JasagerPwn 2.0 - Reborn

    in WiFi Pineapple Mark V

    Posted · Edited by Fira

    msfconsole shows no errors, and services all started (via lazykali script)

    current setup

    internet via wlan0

    connection to pineapple on eth0, into PoE Lan IP 172.16.42.2 (no internet on this connection, or on pineapple)

    failed to start exploit module multi/browser/*PAYLOADS* on all of them.

×
×
  • Create New...