sud0nick

SSLStrip2 is not on the Pineapple yet. I'm not sure if anyone has even tried making an infusion for it. The version I linked to appears to be a simple python script that only requires dns2proxy (another python script) to function. That would be really simple to put on the Pineapple assuming this version works. I think everyone is just waiting for MiTM Proxy.

MrSinister, I could not duplicate the issue you are having. I screen captured my test that shows the spoof address worked properly and the process died after I sent the kill request. Hopefully the quality is good enough that you can see everything. https://www.youtube.com/watch?v=AICUwJTjreU EDIT: I did however find a bug I was not aware of before. With the current release you are forced to select a mode meaning if you choose to craft your own packets they will not be sent in the manner you select. So if you wanted to perform a SYN flood you would not be able to. I already fixed this problem and will release a new version after I poke around a bit more to try and find any other bugs. v1.1 has been submitted to the Pineapple Bar.

hmm. I played around with it last night and both of these things worked fine for me. I'll do some more testing and see if I can recreate the problem.

Yes. It's okay to unplug it. If you are like me, though, you could SSH into it and issue the halt or poweroff commands first.

Crafty is now available on the Pineapple Bar! Let me know what you think of it. There are a couple of features from hping3 that I left out of the interface as I felt they weren't necessary and didn't want to clutter it up. If you guys feel the need for any of these features to be added just let me know and I'll put them in.

Hey everyone, I've created a new infusion called Crafty that functions as an interface for hping3. Along with the normal hping3 features I have included the ability to save commands which can be executed quickly from the small tile. I just submitted it to the Pineapple Bar so it should be available within a few days.

There is an old version of coreutils for OpenWRT in the opkg repo. I'm currently building a new infusion that requires unbuffered output when redirecting to a file in the shell so I need to use stdbuf but keep getting this error: stdbuf: failed to find 'libstdbuf.so' Our current version is 8.16-1. Some posts online state it was fixed in 8.15 but it obviously isn't fixed in our version. There is a patch but from what I understand you have to recompile the firmware with the patch to include it (correct me if I'm wrong).

Good stuff, man. That's a pretty decent campsite for the guy. Reminds me of when I would go to the field in the Marine Corps. It's nice that he was able to acquire that stuff so he can at least have some shelter. I really hope your project works wonders for him. I'm sure he really appreciates it.

LMFAO! ...wow...I honestly don't know what to say to that. Those poor uneducated souls. This is the mentality of most SNCOs and Officers who have to deal with computer and network security in the Marine Corps. They don't quite understand the physical possibilities but they sure as hell believe everything they read in TEMPEST and other documents. They would rather spend the extra money on running an additional 100ft of cable in a different direction than accept the fact that the standard is ridiculous. Although I, too, would rather be safe than slapped with a COMSEC incident any day. It certainly isn't beyond the realm of possibility but feasibility, yes. For this particular experiment they claimed there was an air gap between the computer and phone which would mean the system can't communicate with the outside world at all through normal means. If someone were to gain access to the system to install malware that would allow for this attack to be a success why would they then lock the system, walk outside, and use their phone to grab information from the GFX card?

Still not possible from the GFX card. The card must be emanating RF with information in the first place in order to retrieve information from it. The article on TEMPEST you linked to brings up memories of dealing with SNCOs that thought by crossing CAT5 on a class network with CAT5 on an unclass network a classified email would suddenly appear where it wasn't supposed to and a spillage would occur. It's absurd to say the least. While energy may be transferred from one of the cable to the other good luck getting any valuable information from it. The GFX card doesn't emit any RF with data attached so, yes, you can read a signal from it but it will be no more than noise.

What year was the vehicle made? I'm under the impression that newer vehicles absolutely change their code every time but I could be wrong. Still a cool discovery nonetheless as not everyone drives a brand new car.

I tried using the infusion but nothing happened. It just sat there without any output on the screen. Was I supposed to see a help menu or any activity at all? Also, I looked at the github repo you linked to and it has a script you didn't include in the infusion called hsts_catcher.py. Is that script not needed for this to work?

Seb, is it really necessary to rebuild the whole firmware just to compile a single program? I assume it's building the toolchain in this process which is why it must be done. Also, I get errors randomly when following the wiki. I've successfully built the example-package but I feel it was a stroke of luck because I kept receiving errors, couldn't find anything I was doing wrong, then it magically worked. I'm trying to find a process that consistently works so I can write up a quick tutorial. I feel the wiki needs a little more information.

You probably need to install pyrit_cli as well from opkg. Try: opkg install pyrit_cli Or if that doesn't exist use: opkg find pyrit to see all packages that have the word pyrit in them and install the appropriate one. Edit: I've noticed the opkg manager infusion always stops at the last line of output without displaying any message of success. I just install packages through the command line because it ends up being easier.

I can't believe I missed that. Thanks, Seb.

I haven't been able to find a way to compile C programs on the MKV yet and am wondering if anyone else has done it. Opkg has make in the repository but it doesn't do me any good without being able to point the Makefile to a compiler. I've looked up how to compile on another system and set the target to an ARM based architecture but I'm honestly lost when it comes to toolchains. Any advice would be greatly appreciated. Edit: I may have just found something useful here called CrossTool. I'm trying it now and if I can get a C program compiled properly before anyone else brings forth a solution I will attempt to build a how-to guide on it.

I get the same error most times when I use my Mac to SSH into the Pineapple. Just set your default terminal to xterm instead of xterm-256-color or set it in the environment variable of the Pineapple: set TERM=xterm

I think you can get pyrit through opkg. Do it through the command line or install the opkg manager infusion. You should be able to find it in there.

Awesome job with daemonizing PineAP. I just started using the new version and I can tell already it operates more smoothly and I no longer have problems when using the checkboxes in the small tile.

Can you connect to the Pineapple's AP and run ifconfig? I would like to see a comparison between the Pineapple's network info and the computer you're trying to use to ping it.

And you can't ping that address?

Do you have MAC filtering set up on your router or is your network subnetted to allow a small number of IP addresses?

You may not be able to do that until you have a specific number of posts under your belt. I'm not sure how many it is but once you are able to change it you will need to go to your profile and click the button that says Edit my Profile. From there you will find the Signature section in the menu on the left.

A new test version is available on my server (v2.5.1). Included in this version is a command line executable that has multiple functions. These functions include scanning for open access points and automatically connecting as well as cloning a captive portal on that AP if it exists. Right now the automatic scan is not optional but cloning is. Here is the help output from the script that displays all of the functionality: Usage: executable [-h] [-c] [-a] [-b] [-w] [-ijs] [-ihtml] [-icss] [-sjs] [-scss] [-sl] [-sf] [-iset] interface Automatically search and connect to an open access point. Optionally, clone and authenticate with a captive portal. positional arguments: interface Wireless interface to scan and connect optional arguments: -h, --help show this help message and exit -c, --clone Attempt to clone a portal if it exists -a, --authenticate Attempt to authenticate with a portal if it exists -b , --blacklist Path to file containing SSIDs to ignore in scan -w , --whitelist Path to file containing SSIDs to accept in scan -ijs, --injectjs Cloner Option: Inject JavaScript from Injection Set -ihtml, --injecthtml Cloner Option: Inject HTML from Injection Set -icss, --injectcss Cloner Option: Inject CSS from Injection Set -sjs, --stripjs Cloner Option: Strip JavaScript from cloned portal -scss, --stripcss Cloner Option: Strip inline CSS from cloned portal -sl, --striplinks Cloner Option: Strip links from cloned portal -sf, --stripforms Cloner Option: Strip forms from cloned portal -iset , --injectionset Cloner Option: Name of Injection Set to use when cloning You'll notice that there is an option to include a blacklist or whitelist. The blacklist allows for you to skip over access points you don't want to connect to and the whitelist will attempt to connect only to the SSIDs listed within it. Here are a couple of examples to run the script with these modes and attempt to clone a portal if it exists. pineapple infusion portalauth -w whitelist.txt -c wlan1 pineapple infusion portalauth -b blacklist.txt -c wlan1 Remember that if you want to inject code into the portal you will need to include the name of the injection set along with the flags for what to inject/strip. Current Bugs As of now there is an issue when using the commands above to run the script. The entire script executes properly but it will hang afterward. If you cd to /sd/infusions/portalauth/executable/ and run ./executable wlan1 it will not hang. I don't know why it is doing this so if anyone has a solution please let me know. One last note, the authentication portion has not been built in to the command line executable. If you attempt to use it nothing will happen.

If you can ping 8.8.8.8 then you are on the internet. You may just have a DNS problem if you can't open web sites. Have you configured your DNS serttings properly?