sud0nick

I'm glad you were able to get it working but this is still too messy to work for installing dependencies for an infusion. I will have to pass on it for now. Are you able to install packages from pip like PhantomJS? Or are they just too large for the Pineapple?

Here is the quick tutorial video I promised. https://www.youtube.com/watch?v=XiCh0gQamYo&feature=youtu.be

Check this out. https://forums.hak5.org/index.php?/topic/34374-osx-ics-script/

That's what I've been trying to do, not so much for pip, but python dependencies. It is rather difficult and opkg doesn't have some of the tools I need. Most of them aren't supported on the Pineapple anyway as they are developed for larger OSes. If you can get pip installed I would like to know how you did it so I can try to install ghost or phantomJS. Even with the sd card some python libraries are just too large and probably won't do so well, performance wise, on the Pineapple.

Nice. Good job, man. I love it when management works with you on things like this.

I just submitted v2.1 to the Pineapple Bar! There are a lot of updates with it and here is the modified change log! [->] Removed Check Portal button. Refreshes can now be performed by clicking the refresh button in the top right corner of the small tile. [->] Made the auto-authenticator more robust. It now searches for more content and accounts for redirects, relative URLs, and meta refreshes. *still in beta though* [->] Made the portal cloner more robust. It now searches for files based on relative URLs, accounts for redirects and meta refreshes, and now accepts multiple options for how a portal is cloned. [->] Update the UI to include portal cloning options. [->] Updated the configuration script. [->] Modified the default InjectJS and InjectHTML files. [->] Added an InjectCSS file. [->] Added the ability to restore InjectJS, InjectCSS, InjectHTML, and auth.php files. [->] Fixed a bug where the small tile displayed 'Captive Portal Detected' when the Pineapple is offline. The new message displays 'Pineapple must be online to use PortalAuth'. [->] Fixed a bug in the Portal Cloner that would add multiple login forms to the document. A BIG thanks to Cheeto for helping me test the infusion and telling me where things could improve. A majority of the improvements are from the time you spent finding captive portals and testing the features multiple times. I'm incredibly grateful. I still have plans for another feature for the cloner to fall back on in case a page's HTML is just so far out there that it can't be cloned properly. I want to be able to take a screenshot of the page and just overlay the current inject files on top of the image, however, currently all the methods to achieve this are not supported on the Pineapple. I will keep searching, though. I will also be working on a video or a guide sometime in the near future to show all of the features and how to use them properly. I will display some of the methods to get a portal cloned as you may have to play with the settings depending on how the portal was built. Please stay tuned for that and as always let me know if there are any problems with this release.

If you are doing this over the internet you need to forward the port on your router. I'm not sure which port this is on yours because I don't know the difference between Port and Listen Port in your example. I assume port refers to remote port and listen port refers to a local port? If so then you are connecting to the wrong port when you send your initial connection request. To sum up: Find the port that SSH is using on your Pineapple (most likely 22) Forward port 22 on your internet facing router to your Pineapple's IP address Make sure your settings on the client follow this setup. I'm not sure if there is any extra work with the keys as I am not a pro in that area but hopefully someone else can either verify or correct what I have stated.

Here is a quick update. The testing phase is still going strong. Unfortunately I have come across a couple of pages that PortalAuth will most likely never work with such as flash based portals. Cheeto came across one that uses a meta refresh to send the user to their login.php script. I am working now to make the script account for meta refreshes so the portal can be copied. A lot has been accomplished in the last week but there is still much ground to cover. If anyone has any ideas of what else should be covered by the script please post them here so I can implement them.

So, would you be able to use anything from the link I provided? Or maybe your current IDE already supports this feature?

I'm not sure what your requirements are for the VPS but I found these results on Google. It seems you can do some remote debugging with Eclipse, PyDev, and GDB. I'm not sure if GDB can be used with Python code though, I've never tried it myself. https://www.google.com/search?q=Remote+debugging+software&ie=utf-8&oe=utf-8

I don't know the exact reason, possibly a cache on the client side, but it should go away after a couple of seconds. My computers will generally continue to show the AP until I tell them to search again, then they disappear from the list.

The issue was most likely not the fault of Evil Portal or PortalAuth. If your portal wasn't displaying properly that is either a code issue or possibly a network issue on your Pineapple. Once the portal is copied PortalAuth doesn't interact with it anymore. The two infusions don't rely on each other to operate as PortalAuth simply creates a copy of a portal to the standard that EP requires then places it in the appropriate directory.

This issue has nothing to do with Evil Portal or Portal Auth. If you can't get the portal to redirect it is a problem with your HTML or JavaScript code.

Whoa! There is no need to factory reset. PortalAuth will allow you to clone a captive portal on an access point before authenticating with it. The cloned portal will be stored in your Evil Portal library to be used as your own. You can also attempt auto authentication with PortalAuth but the version currently released is unreliable. The next version will be better.

You need a third network interface. Wlan0 is AP, Wlan1 is for PineAP (can't be changed), and Wlan2 is client. Or you can use the ethernet port but I recommend using the USB port for a third wireless interface.

I need some more details. Where is your captive portal? Is it on the Pineapple? If so, you shouldn't see it there. The point of the portal tab is to show you a captive portal on the AP that your client radio is connected to so you can authenticate if the auto authentication feature fails. EDIT: I'm thinking that maybe you thought the Portal tab was supposed to show you your own portal as it would appear to a victim?

Oh, duh. I thought the applet was running on the server and it somehow used magical trickery to find your real IP.

It's the same way you would log in using ethernet. Have you not looked at the info card you received with your Pineapple? You have a few options to connect wirelessly. You can connect to the normal AP or the secure AP. Both of which should be running from the moment your Pineapple boots up. Navigate to http://172.16.42.1:1471 in your browser and log in. If you set up the client radio on your home network you can access it through your regular network.

This may be a little out of scope here but could you explain this statement? How would someone's actual IP address be revealed by this Java applet even if they are using a VPN service? (The other stuff about pinpointing a physical location based on nearby APs I understand as I have done it before).

That sounds like a solution to me.

No. The best thing to do is make sure you are using the proper power supply. Also make sure you aren't doing too much at once on the Pineapple. Any system under too much load will get wonky. Power recommendations from the Answers to common questions thread:

What's in a name? (WiFi Pineapple)

I'm glad you brought that up. That's what I've done on my Pineapple. The only thing that sucks about a firmware update is having to recreate all of my symlinks, lol. I should just write a script for it and keep it on the sd card.

Here is the change log for version 2.1! I am going to send the new version to Cheeto first for some extra testing before I submit it to the Pineapple Bar. If anyone else would like to test the infusion before I submit it please PM me and I will send you a script to download and install it. [->] Removed Check Portal button. Refreshes can now be performed by clicking the refresh button in the top right corner of the small tile. [->] Made the auto-authenticator more robust. It now searches for more content and accounts for redirects and relative URLs. *still in beta though* [->] Made the portal cloner more robust. It now searches for files based on relative URLs and accounts for possible redirects by captive portals. [->] Updated the configuration script. [->] Modified the default InjectJS and InjectHTML files. [->] Added an InjectCSS file. [->] Added the ability to restore InjectJS, InjectCSS, InjectHTML, and auth.php files. [->] Fixed a bug where the small tile displayed 'Captive Portal Detected' when the Pineapple is offline. The new message displays 'Pineapple must be online to use PortalAuth'. [->] Fixed a bug in the Portal Cloner that would add multiple login forms to the document.

Well it's clear that your rootfs now has a lot more free space.