[General modules Discussion]

Considering one module is made for both devices (meaning the same code is used on both devices) it would not make sense to separate the threads. A change in code for the NANO would also appear on the TETRA and vice versa. If there is a problem with a specific device then I would do what Foxtrot stated and simply include the device you are using in your post.

[HSTS bypass and SSL stripping]

I've been working on this all day and I think I got my hopes up too high for Bettercap. It seems like a great tool and definitely has a lot of modularity but it still doesn't conquer HSTS. I'll lay out the testing environment I used today and what I experienced. If anyone else has better results please let me know how you accomplished them.

Method 1:
• Setup Backbox Linux with Bettercap on my home network containing multiple end user devices.

• Access websites with MBP and Windows 10 desktop which are connected to the same network.

Method 2:
• Using Backbox Linux, hostapd, dnsmasq, iptables, and the Alfa AWUS036NEH, I set up an AP on my laptop to become an actual MITM.
• Connected MBP to evil AP.

The following commands were used during both methods:

bettercap -X -I wlan0

bettercap -X -L wlan0

bettercap -X --proxy-https -I wlan0

The first command tells Bettercap to sniff all traffic in the subnet associated with wlan0 (in this case 192.168.1.0/24). Bettercap immediately found a bunch of targets (including my NAS, Domain Controller, Printer, laptops, phones, etc) and began displaying a bunch of traffic. I hopped on my MBP to see what would be captured when I browsed the internet but the network was brought to a halt. So I switched to my desktop and found the same issue. I pressed Ctrl+C in Bettercap and after a few seconds it stopped and my network came back up.

I tested this out a few more times throughout the day and at various points the network was either down completely or dragging very slowly, while at other times it seemed to work just fine. I did notice if I killed the connection to my VPN on Windows that I could get back out to the internet (didn't try on my MBP) but this only worked once or twice. Most of the time I couldn't browse to any sites at all.

Then I attempted to use Method 2 and the second command (with -L to sniff local traffic on my laptop) and it seemed when I connected my MBP to the evil AP it was able to get out to the internet just fine. All of the traffic was logged with the protocol being used but since everything was HTTPS I couldn't view any of the data.

The final command I used (this time using Method 1 again) enabled the HTTPS proxy server in Bettercap. This is a really cool builtin feature but it didn't work out as I had hoped. I hopped back on my MBP, and my desktop, and noticed the network was super slow again. I browsed to www[.]facebook[.]com, https://www[.]facebook[.]com,and https://wwww[.]facebook[.]com. The one with four w's seemed to work until I noticed on my MBP that Chrome had the "Your Connection is Not Secure" message. I clicked the "Advanced" link hoping it would let me bypass the invalid certificate but it said due to HSTS I wasn't allowed to continue. I tried to browse to a couple different sites, including these forums, on my desktop but nothing loaded as if I wasn't even connected to the internet.

Like I mentioned before I was able to see src, dst, proto, and url so I was able to tell that my wife was spending all day on Facebook on her phone but I got nothing beyond that. I probably missed a couple steps in this post but it's difficult for me to condense all of the setup, troubleshooting, and testing to a few lines. If I wasn't clear enough about my testing I'll be glad to answer any questions you may have. Overall it seems like a great tool but it certainly doesn't defeat HSTS and I'm kinda bummed it slows down the network so much.

[Important: issue with OpenWrt repository]

Which modules in particular? Are you installing them to the SD card if it gives you the option?

[a few questions regarding the Tetra before I buy]

It depends on what you want to learn about. I have some tutorials up for the NANO and TETRA but they are only for my modules. You'll probably see more appear as time goes on since these are new devices. Not even all of the modules that were available on the MKV are fully functional on the NANO/TETRA yet.

[a few questions regarding the Tetra before I buy]

That's because you are following MKV tutorials. They should still be valid but the interface will be different.

[a few questions regarding the Tetra before I buy]

You can find everything you need here.

If you are still having trouble then give us as much information as you possibly can.

What flavor of Linux are you running?

How are you powering the TETRA?

Do you see the default AP when the TETRA is on?

etc...

[a few questions regarding the Tetra before I buy]

The search function doesn't work as well as I once thought. Here is the thread shadowmmm referenced: https://forums.hak5.org/index.php?/topic/37142-questions-about-wp6sh/

[Getting the Pineapple Tetra to work with Windows]

I'm glad you did a lot to troubleshoot and documented that here but I think you did too much. Simply plug the USB Y cable into your computer (assuming your USB ports aren't dead), wait a few minutes, and you should see a new network adapter appear on your system that says "Realtek USB FE Family Controller". You may need to disable your main internet connection at first to get to the Pineapple. What I mean is sometimes I can leave both my WiFi interface and the Pineapple interface on and still get to 172.16.42.1. At other times I have to disable my WiFi interface for Windows to understand I want to go to the 172.16 network and not my 192.168 network. From there you should be able to get into the web interface and set everything up normally.

[Modules Requests Discussion]

No, that's not a real module. Only some code that might work in a module. I would like to have it as a real working module to my NANO and TETRA. Anyone up for fixing this? I'm sure more than me would find it very useful.

You could do it yourself.

[[Support] Portal Auth]

Thanks,

From knowledge ive gathered, all passwords for the portal I plan to clone are all 6 chars long, and are a mix of random numbers and letters. (users are a mix of the persons first and last name so brute forcing isnt an option)

Im sure its possible to put some extra java in there that keeps them on the page if the password entered isnt exactly 6 chars long.

That will hopefully prevent any wrong passwords being entered, or ITs attempting to inspect the portal by entering random info.

It should go without saying but I hope what you are doing is all legal and with the permission of the owners of the AP / portal. If not then I recommend you don't do it.

[General NANO Discussion]

Can you SSH into your pineapple when it is doing this? If you can, dmesg and syslog output would be cool.

Nope. I haven't been able to SSH in on mine when this happens. It hasn't happened in the last couple days so hopefully it stays that way.

[Modules Requests Discussion]

I thought I read somewhere on the forums that someone was working on this already. If I find it I'll edit my post with the link.

Edit:

According to this post it looks like you found it.

[[Support] Portal Auth]

This is a very interesting infusion and im looking forward to its first stable version.

The current release is a stable release.

Just wanted to confirm something;

Is it possible or at least planed to use this infusion to clone and harvest unique password/username based portals?

I saw your demonstration from the pineapple 5 where you cloned a Starbucks portal that would require a user to get a password from a downloaded exe.

My question is, could you clone something along the line of an offices's internet filter or a collage university portal. A portal that everyone has their own username and password to. And gather their username/password then push them to the web.

You can absolutely do this, however, you will not be able to clone the database that contains the expected usernames and passwords. If that were the case we wouldn't need to trick the user (except to maybe get a plaintext version of a hashed password). The demonstration you are talking about shows a special injection set I created to grant users an access key to further portray a valid captive portal. The .exe they download to get that key executes a root shell on their system so you can access it. This functionality is not dependent upon any particular captive portal and can even be used on a cloned website.

You can definitely clone the portal pictured in your post and use that to get the user's credentials. However, Portal Auth will not automatically send those credentials to the original portal so you will have to first authenticate your Pineapple on that AP or by some other means (i.e. 3G/4G modem) to give your target users internet access after they give you their credentials.

[ps2exe]

Neat! I've used py2exe in the past but didn't know about ps2exe. I'll have to check it out.

[Modules Requests Discussion]

It's only similar to Kismet in the sense that it looks for wireless networks around you. The difference here would be that coordinates would be associated with the AP so the data could be displayed over a map.

[General TETRA Discussion]

You flashed 1.0.1? I'm actually using it right now connected to my home network via USB radio.

You must have missed my edit. Everything works.

[General TETRA Discussion]

hmmm...for some reason I still don't see the updated Networking module even though bored369 said he was able to update and the problem was fixed.

Nevermind. I just saw the firmware upgrade. Everything works now, thanks!

[General NANO Discussion]

My Nano will only successfully boot every second boot.

As in, the blue LED will not end on solid and I can't log into it.

It's like clockwork, whether I shutdown through the GUI or not, battery or usb power, even after a reflash.

Its not a huge deal because I'm aware of it, so I just run through two boots each time, but I wonder if anyone else has noticed that?

I've had to do that quite a bit. It doesn't happen every time but it happens a lot.

[General TETRA Discussion]

What's the chipset in the Panda?

Edit: Looks like a Ralink RT5372 which uses the rt2800usb driver. That should be baked in. I don't have a Panda handy but I'll check with a similar card that uses the same driver and report back.

I don't know if it's a driver issue because the NIC works just fine but when I associate to my AP within the Networking module it does everything but pull an IP and set routes. Looking through UCI everything is configured properly and looking through dmesg it appears to have associated just fine. I just can't get out to the internet until I manually configure the IP and routes. Thanks for looking into it.

Edit: Thanks, Darren. I don't see it in the module manager yet so I'll have to check tomorrow. I'll report back though once I update and try it out.

[General TETRA Discussion]

That sounds great! I would love to have a solid mobile power solution.

On a different note, I've run across a problem on the TETRA firmware (I may be the only one) where my third NIC doesn't pull an IP and routes are not set up automatically. This is the same NIC I've used on my MKV and NANO (so my lazy self doesn't have to add another MAC to my allow list) and when used on them it works just fine. On the TETRA I have to manually configure an IP address and all appropriate routes to get out to the internet. Has anyone else had this problem? The third NIC is a Panda Wireless PAU06.

Edit:

I just loaded modules and saw the Update button for the Networking module :). I'm sure it's been fixed.

Still having this problem.

[General TETRA Discussion]

You'll need to wait until you receive the second juice pack. I'm really sorry for the inconvenience. It's going out tomorrow. You'll receive an automated email from the HakShop with tracking info then.

It's cool. I just wasn't sure from how I interpreted the power notice. Thanks for the clarification.

[General TETRA Discussion]

I think my TETRA isn't getting enough power with the Pineapple Juice 15000. I've tried using one and both ports to power it in the EDC but it reboots before it fully boots up. I read through the power notice a few times and I don't think I'm doing anything wrong since it states the max power budget is 18W and I believe using both ports together supplies ~15.2W.

What is the best method for powering the TETRA on the go? Do I have to wait until I get my second battery that Darren mentioned to do this?

[Shipping Delay for WiFi Pineapple TETRA]

It's the antenna that make it look large. And the Nano next to it. It's not much larger than the mkV. You won't mind or even notice.

The device itself is a bit bigger than the MKV but the antennae are huge (double the size of those on the MKV and NANO)! The Tac edition is cool though because the EDC was well thought out in my opinion. Lot's of space for all your hacker tools, laptop, and multiple Pineapples.

[General TETRA Discussion]

I think you'll all be quite impressed with what we were able to pull off -- not only in range but also speed. 100 Mbps on 5G is easily achievable most places in the warehouse -- so much so that I'm thinking we'll be switching over to a TETRA as our primary AP for the Hak5 offices :)

You weren't kidding when you said the TETRA is a beast. I love it!

[Shipping Delay for WiFi Pineapple TETRA]

Wow! That's awesome you guys are sending out secondary power packs. I didn't get a second one with my tac edition but I look forward to it!