TheHackerNextDoor
-
Posts
73 -
Joined
-
Last visited
-
Days Won
2
Posts posted by TheHackerNextDoor
-
-
Hello,
maybe a stupid idea but why not add an option to automaticly copy the SSIDof the open/cracked SSID to the pineapple so it looks like that AP. It would make a great tool for a MITM attack. Walk into any place and you don't have to configure your pineapple just turn it on, it connects / crack and connects and pretends to be the local SSID. Block the local AP for everyone else and just allow the pineapple to connect to it.
Sorry if this is already possible...
Karma and the jammer would work for that. It would kill all networks, and emulate them all, too.
-
You'll find that we do have a warning on the upgrade page that upgrading will wipe all user data (except anything on the SD card).
Best regards,
Sebkinne
Yes, I found that after. I thought I should post it here for ignorant people like me... :P
-
Update: It seems to have something to do with the jammer.
-
Hi,
My WiFi pineapple is constantly crashing. I don't know why. I am powering it off of the supplied adapter. All I am running is the jammer, dnsspoof, and karma. Right before it crashes, the red light goes on for about a second. Then the blue light starts flashing until it boots.
-
It reformists everything apart from what's on the SD card. Any infusions found on the ds card are automatically added to the web interface after an update though.
Yes, but it removed what I spent hours configuring...
-
I just updated my Pineapple. I had no idea it would reformat everything...
Just a warning to anyone else.
-
Take a look at the pineapple suprise posts in the mk5 section. The code has the sites ios and android devices hit for internet connectivity tests.
Here it is. Had the link saved on my phone.
https://github.com/troyhunt/PineappleSurprise/blob/master/index.php
Just in time for April fool's day!
-
Here are some suggestions I have dreamed up over the past couple of days.
More RAM
I think the mark V is very limited when it comes to RAM. Come on, only 64MB? I'm sorry, but I can't run very much at a time, and it is constantly crashing! How difficult would it be to add 128MB of RAM, or better yet, 256MB?
Dual-booting
I think dual booting would be a good feature. How I see it, is there would be a second DIP switch module to choose which version you want to boot. It's annoying to have to change the settings each time, like the wireless settings, for example. If I want to prank my friends, I have to change the /etc/wireless/config file from encrypted WPA2 'Nothing to see here!' to something like 'Free Wifi!'
Antenna Repositioning
A physical problem with the Mark V that the Mark IV does not have is the width. I can fit the Mark IV in my pocket(other than the antenna, which is hidden by my shirt), however I can't fit the Mark V in, because of the antennas. If I put it in my pocket with the antenna sticking out, it is visible, because of the angle of the antennas. What about having a 90 degree SMA connector where the SMA ports are, so the antennas would be right next to it?
-
if the network does not have internet access, try and DNS spoof all domain and IP to destination 80 on local apacheserver...
I've already tried that.
-
Thanks! I'll try that when I get the chance.
-
I'm wondering how different devices check for internet, an d hopefully I will be able to use the DNSSpoof on my pineapple to make it look like they have internet, even when they don't.
How does iOS know when there is internet? I set up a sample network on the pineapple, turned on randomroll, and connected to it on my iPod. Immediately, it opened a webpage with a dancing banana.(Lol) It said I had to log in, so therefore it new I was messing with the internet. How does it check?
Same for Android/PC. Again, the purpose of this is to make it look like there is internet, even when there isn't.
-
For arguments sake, could you place GatewayPorts just above that "Match User storage" line and if that doesn't change anything also specify the (sanitized) ssh client command you're using.
Wow. That was the problem... I'm so stupid! xD
-
Here is /etc/ssh/sshd_config:# Package generated configuration file# See the sshd_config(5) manpage for details# What ports, IPs and protocols we listen forPort 22# Use these options to restrict which interfaces/protocols sshd will bind to#ListenAddress ::#ListenAddress 0.0.0.0Protocol 2# HostKeys for protocol version 2HostKey /etc/ssh/ssh_host_rsa_keyHostKey /etc/ssh/ssh_host_dsa_keyHostKey /etc/ssh/ssh_host_ecdsa_key#Privilege Separation is turned on for securityUsePrivilegeSeparation yes# Lifetime and size of ephemeral version 1 server keyKeyRegenerationInterval 3600ServerKeyBits 768# LoggingSyslogFacility AUTHLogLevel INFO# Authentication:LoginGraceTime 120PermitRootLogin yesStrictModes yesRSAAuthentication yesPubkeyAuthentication yes#AuthorizedKeysFile %h/.ssh/authorized_keys# Don't read the user's ~/.rhosts and ~/.shosts filesIgnoreRhosts yes# For this to work you will also need host keys in /etc/ssh_known_hostsRhostsRSAAuthentication no# similar for protocol version 2HostbasedAuthentication no# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication#IgnoreUserKnownHosts yes# To enable empty passwords, change to yes (NOT RECOMMENDED)PermitEmptyPasswords no# Change to yes to enable challenge-response passwords (beware issues with# some PAM modules and threads)ChallengeResponseAuthentication no# Change to no to disable tunnelled clear text passwords#PasswordAuthentication yes# Kerberos options#KerberosAuthentication no#KerberosGetAFSToken no#KerberosOrLocalPasswd yes#KerberosTicketCleanup yes# GSSAPI options#GSSAPIAuthentication no#GSSAPICleanupCredentials yesX11Forwarding yesX11DisplayOffset 10PrintMotd noPrintLastLog yesTCPKeepAlive yes#UseLogin no#MaxStartups 10:30:60#Banner /etc/issue.net# Allow client to pass locale environment variablesAcceptEnv LANG LC_*Subsystem sftp /usr/lib/openssh/sftp-server# Set this to 'yes' to enable PAM authentication, account processing,# and session processing. If this is enabled, PAM authentication will# be allowed through the ChallengeResponseAuthentication and# PasswordAuthentication. Depending on your PAM configuration,# PAM authentication via ChallengeResponseAuthentication may bypass# the setting of "PermitRootLogin without-password".# If you just want the PAM account and session checks to run without# PAM authentication, then enable this but set PasswordAuthentication# and ChallengeResponseAuthentication to 'no'.UsePAM yes# SparkleShare# Please do not edit the above comment as it's used as a check by DazzleMatch User storagePasswordAuthentication noPubkeyAuthentication yes# End of SparkleShare configurationGatewayPorts clientspecified
-
But then you probably already looked into them and didn't see anything particular there.
So, let's end the suspense. Are you or are you not specifying a bind_address to ssh in your -R parameter?
Yes, I am specifying a bind_address.
-
No can do. The server is headless and the only way I can access it is via ssh. I do have access to the logs, however.
-
In your -R parameter you're probably providing as values "5000:localhost:22". If so, try as -R value "*:5000:localhost:22" in which the asterisk is the bind address, defaults to localhost and with an asterisk in place it'll now be all interfaces (but you can specify it aswell if you wish - just use the Server's name of the interface).
And PS, this only works if on the Server your SSHD configuration has the GatewayPorts option set to enabled.
Hold on, so GatewayPorts = enabled? I had tried GatewayPorts = clientspecified and GatewayPorts = yes, but neither worked. Should I try that?
-
Run the SSH client that creates the tunnel with '-g'.
I forgot to mention I tried that.
-
Then doing only what's described for the second ssh client session will suffice. Just instead of connection that session to (pineapple) local port XYZ you connect to Server where I'd still recommend you port-forward external port 443 to whatever the sshd port on your Server is to disguise your traffic and in setting up that session include the parameters to create tunnels A and B as described.
I'm going to restate my question.
Pineapple is on network A, firewalled.
SSH server is on network B, not firewalled (Example IP 192.168.1.123).
PC is on network B.
I can connect the pineapple to the ssh server, forwarding port 80 on the pineapple to port 5000 on the server. I can make a connection on 127.0.0.1:5000 (Tested with wget)
When I go on my PC, and I enter 192.168.1.123:5000 in google chrome, I get connection refused.
If I go back to the server and run netstat -a, and I see that it is only listening on 5000 on localhost.
In my /etc/ssh/sshd_config file, I have GatewayPorts = clientspecified .
Does this help?
-
Make a backup first next time :P
SSH then run the following:
wifi detect > /etc/config/wireless && reboot
Thanks!
-
Okay, so the goal then is to have a 2-way tunnel between the Pineapple and your Server (which actually means 2 tunnels, one for each direction). I'm assuming 'your server' is a machine on your home network, but not one directly connected to the internet. The machine that IS directly connected to the internet we'll call the Staging server in what comes next.
I think you need 2 client sessions for this.
The first is from the Pineapple to your Staging server. I'd go about doing that by having your Staging server provide a listening socket to ssh on port 443. Encrypted traffic is expected there so the network your Pineapple is on won't see very weird traffic, just maybe more of it. When you start your ssh client on the pineapple, tell it to tunnel connections on (pineapple) local port XYZ to remote Server port 22 (or wherever you have sshd listening on Server). This is tunnel 1. Using firewall rules on the Pineapple restrict local port XYZ to localhost only. Start something like "vmstat 20" to generate a small amount of traffic every 20 seconds to prevent the connection (and, thus, tunnel) from being closed due to inactivity.
Next, on the Pineapple, run an ssh client that connects to (pineapple) local port XYZ which first creates tunnel A which is from (pineapple) local port ABC to (Server)localhost port 22 (or wherever you have sshd listening on Server) and tunnel B which maps (Server) remote port DEF to (pineapple) localhost XYZ. Again, start something like "vmstat 20" to generate traffic on the line to prevent the closing of the tunnel due to inactivity.
With this setup in place, you can now connect to port ABC on the Pineapple to get to your home Server and on your home Server you connect to DEF to connect to your Pineapple.
You could do this without a Staging server when Server is connected directly to the internet, but then you'd have to seriously firewall the listening port on your Server to prevent unauthorized access across the full internet to the Pineapple at your undisclosed location.
My home servers are directly connected to the internet. They are port forwarded.
-
If I understand correctly you want to use the pineapple as a bridge to connect wirelessly to a wired server, is that correct?
You said "The server accepts connections from 127.0.0.1" you know this mean that only connection originating from that very same server will work, if you want to be able to connect remotly, from an other machine, then it need to listen to an interface other than localhost.
The pineapple in on a firewalled network. The server is on my home network. I want to tunnel the pineapple to my home server, and I want to access it from my home computer.
-
Hi! I messed up my /etc/config/wireless file on my pineapple. Is there any way to revert it? If not, does anybody have a copy of it?
-
I want to go Pineapple > Server > Server local network. The server accepts connections from 127.0.0.1, but not from its internal IP. If I use netstat, I can see that it is only listening on localhost.
-
Maybe manually try putting the key on the box.
Thank you. That helped, but I have a new problem. The remote server always listens on localhost, and I want it to listen on 0.0.0.0.
[Infusion idea] WiFi crack
in Mark V Infusions
Posted
Yes.