[setting up a hack lab]

The nuc I ordered is this one:Intel NUC NUC5CPYH, 4K Support via HDMI, Intel HD Graphics, SATA3 for 2.5-Inch HDD/SSD BOXNUC5CPYH. Now I'm nervous, hope it does the trick

No need to be nervous it should do everything you need. You're going to be a little more limited than I am in the number of VM's you can run at once but for a small lab you should be fine, you can expand later. For a while I used my desktop but as my lab environment became more complex I hated that I had to shut everything down every time I put my computer to sleep. Using the NUC means I can keep my systems online as long as I want. I just like having them detached from my desktop.

[setting up a hack lab]

Where'd you get all that for $250? I think mine cost me about $600 but I also got 16GB of RAM and a 250GB 850 Evo SSD. I'm assuming you got the i3 NUC?

[Introducing the WiFi Pineapple NANO]

Yes, the 5 GHz counterpart to the 6th gen line came in a little before expected. You can learn more at https://forums.hak5.org/index.php?/topic/37173-introducing-the-wifi-pineapple-tetra/

lol already ordered one last night.

[setting up a hack lab]

SudOnick,

I noticed you mentioned a Kali vm? Assuming Kali is your attacker machine, why would you need a virtual one? I hope I'm being clear, my idea is to have a real Kali laptop connected to the same network as the vms on the xenserver via WiFi and conduct my attacks from there on vms....

I have a Kali VM because I haven't found the perfect hardware on which I want to permanently run Kali. As I stated before, VMs function as normal systems on your network. It doesn't matter if you use a virtual one or physical hardware. I can use my Kali VM to attack physical systems on my network and vice versa.

Of course.. I'm just trying to insure I can use a real machine to attack vms on xen, as the language for the different network types makes it sound like they can only talk to other vms on the xenserver

I think you need to learn how networks work. VMs and physical machines can talk to each other as long as they are on the same network. There is nothing special about a network between VMs on a Xenserver or ESXi host that states only the VMs to talk to each other and not physical systems. This functionality can be set up but it's through proper networking techniques. I hope I'm being clear that a network is a network regardless of the nodes connected on it.

[Wanted MARKV in Istanbul]

Considering the MKV is EOL it might be difficult to find one for such a low price. One could argue the price should be lower because the Tetra and Nano are now available but since the supply quickly became extremely limited I don't think $68 to $85 is going to happen.

[EC-Council to begin charging annual membership fee]

I received an email from EC-Council this morning as a CEH certification holder and they informed me that they will begin charging an annual fee for membership. This fee is $80 for "certification maintenance" which makes no sense and seems like just another certification organization seeking money for nothing. CompTIA has already produced this model of generating somewhat useless certifications and charging people money upfront and annually. It disgusts me that the industry has become so greedy. Here are some excerpts from the email I received.

Please be advised, effective January 1, 2016, EC-Council will be initiating the requirement for Membership fees for all certified members holding EC-Council certifications. In the year 2012, EC-Council had announced that it would be initiating this membership fee structure in 2016. We are proud to say our certification membership base continues to grow at a steady rate and the cyber security field is growing as a whole.

Holding a certification from EC-Council comes with many benefits and advantages but comes at an immense cost of maintenance to EC-Council. To continue to provide these benefits and elevate the value of EC-Council Certifications in the market, EC-Council has no choice but to implement a certification maintenance fee of $80.00 per annum.

The "maintenance" should be covered by the initial cost of the certification and one would think once they've earned it they don't need to provide more money. I emailed EC-Council and told them how greedy I think they are and that I won't renew my certification with them but I doubt they'll care.

[Brand new to pineapple]

I was kind of excited to get the pineapple this week but I don't see the utility of it yet. I've read the forum and help section but don't understand what is the Pine AP module other than renaming a wifi connection and giving access? Though I see people connect to it what else can I do? If would be kind to inform when modules will be released.

You should direct PineAP questions the PineAP thread. There is already a ton of information there and all of your questions have already been answered. As for modules, they are not released by Hak5. Modules are developed by the community and will become available after the developers build them. I for one have been waiting for the new Pineapple Tetra to start porting my infusions over to modules and I'm sure I'm not the only one.

[setting up a hack lab]

When you put VMs on your network it is exactly the same as if you had a physical machine on that network. You can even add WiFi adapters to the host and logically attach them to a particular VM. I currently use a NUC with ESXi for my lab environment and it works perfectly. I have a Kali VM and a few server VMs on my host and everything works perfectly. If you want to go the NUC route here is some information and here is a guide for building the ESXi image for ESXi 5 and ESXi 6.

[Introducing the WiFi Pineapple TETRA]

I'm just going to assume you saw my post in the Nano thread, Darren, and your post above is a really long way of saying "things went well". I've already ordered my Tetra!

[Introducing the WiFi Pineapple NANO]

In regard to the 5GHz version:

If all goes well we may have a very limited number of developer units (whatever fits in a suitcase) here before the new year.

So Darren, did all go well? I would love to get my hands on one.

[Feedback from using Nano]

Next problem is the yagi, but you know what they say everything can be when you're brave enough.

[5ghz WiFi bands?]

You can do 802.11n in 2.4ghz too.

That's what I said. I was making the point that even though it states b/g/n it also states it only supports 2.4 GHz instead of both 2.4 GHz and 5 GHz.

[5ghz WiFi bands?]

I would expect at least a change in drivers. The hakshop page that I posted above states this particular device only operates within the 2.4 GHz range even though it supports N.

Includes

• Adapter with RP-SMA antenna connector
• High gain 5dBi 2.4 GHz Antenna

[5ghz WiFi bands?]

On the hakshop page it states the device only supports b/g/n networks. So 2.4 only.

[Feedback from using Nano]

https://forums.hak5.org/index.php?/topic/37114-using-the-pineapple-without-modules-or-infusions-part-three-crack-wifi-passwords/#entry269452

[PineAP and a fake AP problem]

Keep in mind you may not be able to tether unless you pay for that service from your provider.

[PineAP and a fake AP problem]

If you are on Windows I suggest you use PuTTY. If you are on a *nix system you can just open your terminal and use:

ssh root@172.16.42.1

[PineAP and a fake AP problem]

Are you able to SSH into the Pineapple and get out to the internet? If not then your connection is not being shared from your phone like you thought.

[Merry Christmas and a Hacky New Year!]

Merry Christmas!

[Introducing the WiFi Pineapple NANO]

Bring me the 5GHz WiFi Pineapple! I needz my precious!

[Quadcopter that flies and swims]

Students and researchers from Rutgers University built a quadcopter that flies and swims! This technology is pretty cool and would probably make people feel more calm when flying over water.

[FAA "drone" registry info will be available to the public]

Surely the same thing could be said about ham radio licensing? The thing is the model aircraft hobby has self policed itself for years but now that any idiot can and will buy a "drone" its became a necessity, back when they were hard to fly and expensive there was no need as numbers were small, much like amateur radio.

It might be easier to track down the source of a signal than to trace a downed multirotor to who actually flew it. I was just giving an example of why this registration process is bad but in reality the FAA has no authority to make laws (or rules) about hobby aircraft. They have overstepped their boundaries and so far they are getting away with it. On top of that they have produced a poor website that has major security flaws. People on reddit /r/multicopter are reporting that they have tried to register and other people's profiles are popping up when they try to log in.

Overall this seems like a money grab because the FAA realized that millions of people are likely to buy multirotors during the Christmas season. They charge $5 per registration and it has to be renewed every 3 years. They may be waiving it until the 20th of January this time around but they won't do that in the future. Seems like an easy way to make a ton of money every 3 years.

[Introducing the WiFi Pineapple NANO]

Darren, thanks for the info and transparency about Hak5's plans for future fruit. I truly appreciate the whole team's hard work to produce great products. You guys give me the tools that inspire me to better my skills as a developer. I will keep my eye out for the 5G capable Pineapple and plan on buying one the instant it is released.

@cheeto, thanks for the kind words. Once I get one I will start working on porting my infusions and hopefully I'll be inspired to write some new tools.

[Introducing the WiFi Pineapple NANO]

5G is an important factor in our 6th generation WiFi Pineapple strategy.

Thus far the WiFi Pineapple has been solely a 2.4G device. While this is sufficient for the vast majority of applications, there are cases where 5G is desired. Unfortunately 5G chipsets are complicated, large, power hungry, hot, lacking support, expensive, and take a fortune in time and money to certify.

That being said, we are sufficiently down the production pipeline to confidently say that if all goes according to plan, we'll have a dual band solution available in the near future. I can't guarantee that it will be similar in cost or as small in formfactor as the NANO - but I believe the opportunities that a 5G WiFi Pineapple afford outweigh either of those hurdles.

For now, the WiFi Pineapple NANO aims to deliver on our core mission of providing simple, affordable, expandable wireless auditing platforms. With the next generation web interface and new API we're confident that when the time comes to deliver a 5G solution, we'll have a robust firmware and module ecosystem to take full advantage of its hardware features.

Any idea how near in the future a 5G solution will be available? I'd rather save my money and buy a 5G capable Pineapple over the Nano but if it won't be available for a year or more I may reconsider.

[What events are you going to in 2016?]

I hate that tickets are so hard to get for these events. I was thinking about trying to get tickets to Shmoocon but decided against it. I just looked up Derbycon, which isn't even going until September, and the tickets are already sold out, unless if they just haven't updated the page from this year's con. This is kind of ridiculous.