tabbek

It wasn't too tough, just some fingernail prying. Careful of the case corner alignment pins. They bend easily.

A couple pictures of bunny guts for anyone interested.

came upon this thread while also having issues getting p0f to run and stay running. Found out I went a bit hammy on infusion installs and after a bit of run time, filled root on the pineapple. p0f was getting quite unhappy when met with no space on device preventing /etc/p0f/ from being created. I suspect this is why Mit0s1s also had success after factory resetting and reinstalling. Fresh clean root. tl;dr If p0f appears to constantly die, make sure root isnt full.

I like to keep one of my dip switch combos set to bring down both wireless interfaces. Started doing this while I was traveling a while back. Didn't want anything coming up unexpectedly while in a place that may frown on some of the things a pineapple can do, like an airport.

This post sums it up well. https://forums.hak5.org/index.php?/topic/28254-tutorial-re-flashingupgrading-the-ducky-winxp-32bit/

Yah, they got some for the carrier that provides the company issued cell phones, but even those multiple cells in the building have issues with the interior walls being shielded as well... And then there are the poor saps like me who use a different carrier. Non business? lol dont care!

I like to think of the pineapple as less of a 'catch-all' drag net (give me all the wifi thingz!) and more of a well baited fish hook, best tasked for specific projects, like a situationally tailored company MITM. While yes catch-all can be amusing (metro-bus city wide tour with karma!) it doesn't frequently get you much of actual interest. A specific situation, case in point exploiting the connection behavior noted by Cooper, can be VERY powerful. .. and yes, faraday cages do get built into some office buildings these days... /noCellServiceRant

For what it's worth, I just recently traveled with both my pineapple and battery. There are a couple reasons you should not drain the battery before flying with it. deep discharge is bad for the battery itself (as is over-volt-charging and over-current-charging). Any of the above can cause ballooning of Li-Po or Li-Ion packs. Now, think about the pressure changes that occur in an airplane. puffed battery + additional decrease in airpressure around it, potential badness. The second reason is less safety related and more 'not getting bad attention from uniform people'. Simply, if an agent happens to ask "what is that?" referring to the battery, they may also ask to see it power the pineapple. (happened to me) Dead battery - not able to power the device - agent wondering why it doesnt do as you say - ... more uniformed people asking more questions. Line of questions I got: "what is that?" - "a portable wireless access point" "and that?" - "the battery for it to be portable" "can you show me it powering the device?" - "sure" plugged in, powered on. lights came on per boot process "ok, move along"

A possibility, if the pineapple can run the dependencies: https://github.com/ussjoin/portalsmash First line of readme: Utility to connect to open WiFi and click through "captive portal"-type agreements. Dependencies: Ruby Mechanize and Ruby Trollop. Mechanize is kind of a heavy library, but PortalSmash needs it to parse and interact with (often really badly coded) captive portal pages. Potential infusion port?

sorry, haven't gotten to this yet, though still plan to investigate further. Had some offline things for the past few days.

The power adapter that came with it.

While recently testing with a couple Alfa NICs, I was using a AWUS036NHA (AR9271) and the pineapple sees the nic at boot, but I have an odd behavior with client mode. if I go to the network tile and try and use the 036nha (wlan2) interface in client mode, I scan successfully but attempting to connect to a network causes the 036NHA to appear to power down and not connect. The large tile says connection initiated, but the connection information section continues to say not connected when refreshing. The really odd behavior is that when I try and scan and the 036nha appears to power down, it also appears to take wlan1 with it. Behavior was the same regardless of if wlan1 was connected to an AP or not. As a test, I swapped the 036nha for a 036nh (same usb cable and everything). This one did not have any issues connecting to an AP, and did not reproduce the behavior of bringing wlan1 down. To confirm the 036nha is not bad, I connected it to my kali netbook and was able to connect to the same AP I was attempting previously without issue. Wi-Pi is running 1.4.1 Using wall-wart that came with it. Two things I have not yet tested: Downgrading to 1.4.0 or 1.3.0 Powered USB hub (could be a current issue?) Has anyone else encountered a similar experience?

For what it's worth, jammer v1.6 does actually call out what the white and blacklists are doing. Note: APs on the blacklist are DeAuth'ed. and Note: APs on the whitelist are not DeAuth'ed. It would be nice to see a similar call-out on the Karma config page for the two appropriate sections.

On that note, I was able to test a bit more. It does appear to be able to function in client mode, connecting to another AP. Running aireplay-ng -9 wlan2 does also report that injection is working. Alfa networks - AWUS036NH (shown as unknown chipset using rt2800usb driver in airmon-ng) [ 6324.600000] wlan2: authenticate with 06:27:22:xx:xx:xx [ 6324.690000] wlan2: send auth to 06:27:22:xx:xx:xx (try 1/3) [ 6324.700000] wlan2: authenticated [ 6324.710000] wlan2: AP has invalid WMM params (AIFSN=1 for ACI 2), disabling WMM [ 6324.720000] wlan2: associate with 06:27:22:xx:xx:xx (try 1/3) [ 6324.730000] wlan2: RX AssocResp from 06:27:22:xx:xx:xx (capab=0x431 status=0 aid=4) [ 6324.740000] wlan2: associated # ifconfig wlan2 wlan2 Link encap:Ethernet HWaddr 00:C0:CA:xx:xx:xx inet addr:192.168.247.198 Bcast:192.168.247.255 Mask:255.255.248.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:6622 errors:0 dropped:488 overruns:0 frame:0 TX packets:126 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:611654 (597.3 KiB) TX bytes:14068 (13.7 KiB) # iwconfig wlan2 wlan2 IEEE 802.11bgn ESSID:"xxxxxxxxxx" Mode:Managed Frequency:2.437 GHz Access Point: 06:27:22:xx:xx:xx Bit Rate=1 Mb/s Tx-Power=27 dBm RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality=43/70 Signal level=-67 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:2 Invalid misc:10 Missed beacon:0 # ping -c2 www.hak5.org PING www.hak5.org (50.116.7.229): 56 data bytes 64 bytes from 50.116.7.229: seq=0 ttl=51 time=49.499 ms 64 bytes from 50.116.7.229: seq=1 ttl=51 time=48.858 ms My pineapple is starting to look like an antenna porcupine! more radios!

Interesting. My RT3070 appears to be seen... not much actual testing of function yet though. ALFA AWUS036NH Ralink RT3070 though, airmon-ng on the pineapple itself lists it as an unknown chipset using rt2800usb