daniboy92

And... When we will see the new tool for avoid hsts?

My question should be so noob that's because anyone anwser me.

Hi all, i'll be quick: can i use Pineapple Juice 6800 for charging my mobile directly in the usb hub? It's a Xperia Z1, 5V DC 1500mA.

Yes, success of dnsspoof it's very limited, hope Mitm proxy get release soon.

Even the harvester?

There is a bug with the new version 2.2.0, when i open the GUI i can't scroll down for activate Auto-refresh 1 sec Off/On I have Win 8.1 and Google Chrome recently installed both.

Ok, so all i need to do is activate into my router port forward 22 and 2222... I do this and now i can activate my ssh perfectly and connect to my pineapple anywhere! Thank you two, my problem was to understand your explanation in english. Thank you guys.

I was trying to make that but i can't make it work... Anyone knows why?

Hello guys, First of all sorry for bad english. This is another noob question, i'm trying to make a ssh connection but not in a local net rather internet. I'm trying to ssh to my pineapple using this configuration: Host: root@MyPublicIp Port: 2222 Listen Port: 22 Then i generate my public key.... Public Key - Generate At the end i go to my android and set: root@MyPublicIP:22 and click in Quick Connection but then y get: CONNECTION REFUSED... This is the app i use: [Juice SSH] https://play.google.com/store/apps/details?id=com.sonelli.juicessh&hl=es Hope you can help me!

Nope, now is working fine and before too. I say this for help a make a best infusion, i like so much your infusion so that is my report... Sorry for give any proof of that but now is working fine after a factory reset :D Edit: and i don't change anything in my html and php code, i thought was that. Regards.

Yeah, i know but yesterday making that tests running evilportal and portalauth together my EvilPortal was working bad, even after a reboot so i thougth there is conflict between these two because when i make a login into the portal my captive portal doesn't redirect to the internet, reloads itself again and it's neccesary to make a second login and it is very annoying. Now i don't know if can get both infusions together... Maybe was only my problem...

I thought Portal Auth can be tested with my own captive portal running via evilportal. After run portalauth my captive portal doesn't work properly. I will make a factory reset onto my pineapple and summit here...

When i make a test with my own captive portal this is what i get: Chrome, Win 8, Pineapple 2.2.0.

I think for this you need to use dnspoof.

Relax guys... Be patience. The point of a captive portal is to make a web that requires credentials to submit there and save into pineapple (credentials like 'enter your name' or 'email and password' it depends on you). When someone grab their credentials into your web you let that person surf normally on internet. I think i'm not forgetting nothing. Sorry for my bad english.

Lol, what a retard i am... Thanks a lot Seb. About new firmware... Is there any good news about sslstrip, better dnsspoof or better stuff for pentest? Edit: congratulations for this update! It's amazing how works PineAP Suite. More speed and stability, thanks guys!!!

Did this test minute ago.

Over the Air upgrade - Check for upgrade Error connecting. Please check your WiFi Pineapple's internet connection. Please fix this!!!! Pineapple cloud it's down!

I'm trying to make an OTA update but the server doesn't anwser. Is it down? Confirmed, server it's down for Europe, i don't know if it's for others.

And... What about new methods like a good sslstrip, better rules for dnspoof and stuff like that?

Sslstrip sólo funciona con navegadores viejos y desactualizados, también con algunos dispositivos móviles con el navegador por defecto que trae el móvil. Contra HSTS se puede usar la nueva versión de sslstrip+ o sslstrip2 más un dnsproxy pero en la piña no hay nada efectivo aún. Seb hace muchas semanas dijo que estaba trabajando en una nueva versión de sslstrip pero aún no hay nada nuevo.

Than you very much Whistle Master. I know you don't have many time but maybe you can see why with the new firmware ettercap (command and infusion) doesn't work properly... I think new firmware it's the cause. Or maybe you can make a guide for get a good function for infusion.

I am having many bugs with this infusion: Bug 1) I can't scroll down and can't see the log file. a) Before turn on the infusion b) After run it, when i get my victim's credentials. I can see it partially on home. c) At this point when i go to inside the infusion, I can't scroll down and see the log with details and even I can't activate the refresh button. Bug 2) After start and stop the infusion i need to type this: echo 1 > /proc/sys/net/ipv4/ip_forward, if not i lose my internet connection. Bug(?) 3) Need to change and uncomment the ip_tables rules in /etc/etter.conf. Also change the owner from 65 534 to 0 and i think this will be automatically, not manual. All this changes are to prevent the error: SSL dissection needs a valid ‘redir_command_on’ script in the file etter.conf Bug 4) When i run sslstrip i can navigate without problems, a little bit slower but fine. Can get credentials on facebook, gmail, twitter, ebay... But when i run ettercap at same time with sslstrip this infusions make the connection very very slow. My browser it's completely clean (cookies, cache...) and my pineapple it's recently restored. I think you can help me.

Thanks for fix it.

Well... So all my day will go to...