sud0nick
-
Posts
1,056 -
Joined
-
Last visited
-
Days Won
66
Posts posted by sud0nick
-
-
-
-
I haven't had time to work on the infusion. I'll let you know once I get a new test version up.
-
What processors are in it?
-
I don't have any certs or degree in software development but I have a lot of experience which is how I got my job as a software developer and a programming instructor at a local college.
You can do anything as long as you can prove to other people that you are as good as you say
That's certainly true. However, having certs and a degree definitely get you more money for doing what you love.
-
-
Awesome, I been doing it manually for alot of the pure cisco portals, it would be a great time saver :-)
And also, a lot of the cisco ones I been working with, have bigger nested directory structures. had one with 8 folders recursively nested in its /image/. Yikes
Have you been using PortalAuth to clone them? Is it working out well for you? I'm currently looking into speeding up the saving of images as I think that is where a lot of the delay is coming from.
-
I used to have squid installed on a server at home and it works really well. I'm not sure if it's available for the MKV.
-
does the new version parse css to get css linked images?
oooh I didn't think of that. Good idea, DataHead. I'll work on it.
-
I don't know why that's happening to you. Is anyone else running into this problem? I will work on adding a stop button so you can kill the process. Are you sure it's actually running into a loop? Remember it may take some time to copy everything from a portal. If you close the window while it's copying and try to run some other operation the Pineapple may lock up because it doesn't have much processing power.
-
Like I've said many times now, auto authentication will not always work. Every portal is different with different elements that need to be passed to the AP for authentication. This is why I have included the Element Tags field in the Config tab. Search the source, determine which elements are being sent with the form data, place them in the Element Tags field and try again. If it works then share the configuration with everyone here so we know what to add to ours. If it doesn't work then we can look at where the script failed.
-
Most successful attacks come from the user's laziness. People don't keep their systems up to date like they should nor do they harden their systems. People will install anything and everything that they want, opening ports without even knowing, and not pay attention to the risks. You know there are still many organizations running Windows XP right? There are a lot of people that just don't want to change their system because it is familiar. You won't get everyone but you will get some. When performing a pentest on an organization you will most likely trick a few people.
-
I'm wondering if this has something to do with the redirect page inhibiting the Javascript and JQery source files from loading, but I just don't know.
Most likely this is the problem. Are you referencing jQuery from the web or directly from the Pineapple? If it's from the web then the problem is obvious. If it's on the Pineapple it needs to be in the /www directory and you should probably try to give it a full path in the web page:
http://172.16.42.1/jquery.min.js
Since you are using *.* I'm not sure if it will attempt to redirect the reference back to 172.16.42.1 (the main page) but it might. The easiest way to figure it out is to view source in your browser and click the link that leads to the jQuery script. If it loads the source then there is no access issue. If not then you know what the problem is.
-
lol don't blame yourself. It sounds like it is the Pineapple. Contacting the hakshop was the right move.
-
hmm...interesting. It could very well be the Pineapple that's the problem but just to save yourself the headache of shipping it back and waiting for another one I would just quadruple check everything. Start from ground zero and work slowly through everything from the router you are trying to connect to, to the Pineapple itself. Don't assume that you've checked something already in a previous test. I would do this myself because I'm somewhat impatient and wouldn't want to wait for another Pineapple.
-
Did your computer literate friend try this on your Pineapple as well? If not then we still can't rule you out as the problem, lol.
-
I know there's other people on the forums interested in quads. Someone has to know the answers to my questions...
-
You don't have to buy the TV. Also, it's not really spying since Samsung came out and said "Hey this is what our TV does, just so you guys know". They gave everyone a heads up and even told everyone how to disable the feature. If anyone is still worried they can simply buy something else.
-
v2.2 is out!
-
Those are some weird problems. I always use a USB antenna. I've got wlan0 as the AP, wlan1 is off unless I'm using PineAP, and wlan2 is my client. I use this configuration every day and haven't had any problems.
-
Yes. Either one of those options is fine. My recommendation is to use the USB device (wlan2) so your Pineapple isn't relying on your Macbook.
-
Sorry, I thought I mentioned this earlier (and I did just in a different thread). PineAP uses Wlan1 for monitoring. You will need to use another network card as a client (wlan2, wlan3...)
-
I tried on my S4, seems to be mobile view problem
tired to request desktop page..
still gives me the one tile view..
cannot scroll, cannot enlarge..
it really is a pile of poop.
is there a way to get to the desktop view?
useragent? the url coded differently?
It appears to be handled by CSS so what you are seeing is the desktop view. If you minimize the dimensions of your browser you will see the exact same view you see on a mobile device. I have no problems on my GS4. What infusions don't allow you to scroll?
-
DNSSpoof won't help you in stripping SSL data.
You can look into this project: sslstrip-hsts. I haven't tried it nor have I seen an implementation of it on the Pineapple but it may work for you.
DNSSpoof can definitely help you in your pentest just don't expect to strip SSL data with it. If the company uses a captive portal you can look into my infusion Portal Auth for cloning and authenticating the Pineapple with it and Evil Portal II to display the captive portal yourself. It's one extra step to trick the users into thinking they are on the actual access point.
EDC Bags
in Questions
Posted
I assume it takes a 2.5" drive?