sud0nick

This is really cool. Could you explain any possible security issues with using this? It seems to me without authentication anyone could connect to your IRC channel, if it's open to the internet for remote control, and issue commands on your Pineapple. Is this correct or should we take additional measures to guard the Pineapple?

It's literally the main topic within the Evil Portal support thread for the NANO so there really isn't much searching to be done. The issue is not a firmware issue but a nodogsplash issue. It seems it won't allow the splash.html page to access anything via $imagesdir anymore and I haven't been successful in getting it to access /www. Everything worked fine on the MKV because that was a different version of nodogsplash. Evil Portal is currently being rewritten without nodogsplash so these problems go away. If you find a way to access /www from your splash.html page on the NANO you might want to share it with everyone in the Evil Portal thread.

New version of nodogsplash has problems. There is a whole thread dedicated to this and what's being done to fix it. Please search the forums in the future. https://forums.hak5.org/index.php?/topic/37081-evilportal/

Just found this which seems relevant: https://www.deepdotweb.com/2016/02/03/into-ricochet/

Yep. Anything that denies service is a DoS attack. It could be as simple as turning off a service in Windows Services and changing the name of the executable so it doesn't start back up.

You forgot to mention DOS is not illegal. Or is it...?

Yes it's illegal unless if you have their written consent and you ensure you only touch their network. DoS stands for Denial of Service and DDoS stands for Distributed Denial of Service. A DoS attack simply floods a network/system with so many requests that it can't provide services to legitimate users. It is quite difficult for a single system to perform this kind of attack these days and if using a single system the attacker can be caught pretty easily. A DDoS attack uses many systems to flood the target and makes it more difficult to find the attacker. These types of attacks are generally performed by a botnet where an attacker has taken over many different machines. It is much easier to bring down a target system/network with hundreds, or thousands, of machines.

Well, much like the new Pineapple interface it looks like it's using bootstrap, which would make sense because Twitter made bootstrap. They may also be using AngularJS to display it which wouldn't require you to write any JavaScript yourself but would require the Angular framework. If you just want an overlay that can be hidden and shown in a similar fashion you need to what dustbyter said and create a div like so: <div id="myModal" style="display: none"> My HTML stuffs </div> Then you would create a button to toggle the div. <button type="button" id="toggleDiv">Toggle</button> Then, if you use jQuery, you can easily connect the button to a function that fades the modal when clicked. $('#toggleDiv').on('click',function(){ if (divIsShown) { $('#myModal').fadeOut('slow'); divIsShown = false; } else { $('#myModal').fadeIn('slow'); divIsShown = true; } }); You would need to include the divIsShown variable in your JS code to keep track of which position the toggle state is currently in but this should be straightforward enough to get you started. The way that modal in your link works (by fading and sliding down) is based on code in Bootstrap but you may be able to get a similar effect by using the jQuery slideDown() and slideUp() functions.

How would you set up SSH (or a reverse SSH tunnel) on a Teensy?

I know I already responded to you on Twitter but I'll reiterate here. Your issue with nodogsplash being removed has nothing to do with PA but you should try to refresh the small tile for Evil Portal to see if the dependencies are actually missing. I've run into this problem many times where EP throws a message that says depends are missing but if I refresh the tile all is well. You can clone websites that are not captive portals by entering the URL of the site in the Test Site field in the Config tab. Everything should work well but I have run into network timeout errors on larger sites. Check out my video on Portal Auth that describes every aspect of the infusion. It's a little long but teaches every part of it.

Yes, it would unless if you can figure out some way to provide a secondary route. You could probably do that on some higher grade switch but I don't think most home routers support that functionality.

You would probably need to forward the port from your router to the attacker machine and then from there to the server. You could probably even write your own proxy server in C or Python to capture all of the traffic.

That's really dependent on the module developer. Otherwise, you could just reinstall the depends. It shouldn't take long at all (like a few seconds).

Look at Jsteve's answer. You should be able to if you follow his instructions which I completely misunderstood at first.

This is where the confusion was. It sounded like he said you set the IP of the Pineapple to 192.168.1.2 on your home network and navigate to 192.168.1.1 which would make no sense.

Yes. No. You would not set the IP of the Pineapple to 192.168.1.2 and THEN push the firmware upgrade to your home router at 192.168.1.1. Unless if I'm completely misunderstanding what you are saying. Your first point does solve the problem about downgrading the firmware, though. If you access wifipineapple.com/nano/upgrades/$ver where $ver == 1.0.3 or some other version it will start the download.

My point remains, you would not push the Pineapple firmware to your router. Only to the Pineapple at 192.168.1.2.

I understand English isn't your first language but this was nowhere near a correct answer. While one could manually upgrade by downloading the bin file the only one available is the latest at wifipineapple.com. In this case j4rv1s wants to downgrade. Also, if you set the IP as 192.168.1.2 why would you upload the .bin to 192.168.1.1?

He's looking for something that takes him back to a different version of the firmware.

I honestly don't know. I've read some other threads where people state they reset their NANO and it went back to the 1.0 firmware but mine has not done that when I reset it using both methods I stated before.

You can reset the NANO by holding the reset button on the back for a few seconds. I've done this a couple times and it seems to flash it but it doesn't take me back to an earlier firmware version. If the reset button doesn't work then SSH into it and enter the following command: jffs2reset -y && reboot

Yes, press to disable or hold for 3 or more seconds to continue without disabling wireless.

Sweet, I'll have to try this out.

Well I don't think Seb put that in there for his amusement. It's not like every time he pushes a new firmware update he then sits back in an evil pose laughing at everyone who now has to push their reset button. I would say it's necessary.