Jump to content

audibleblink

Active Members
  • Posts

    93
  • Joined

  • Last visited

  • Days Won

    6

Everything posted by audibleblink

  1. C'mon man, hijacking this thread is exactly what you meant to do with your sarcastic "oh you mean like how..." post. Own up to it. Nexus 5's are ~$120 on wharehousedeals.com. That's what I got when my S4 wouldn't tether. See, I had your same problem with tethering but instead of acting like a child, I made a bug report. Got confirmation it was getting worked on. Moved on. Not sure what your issue with Sana is. I'm running it in a VM and bare metal on a Chromebook (not crouton) and wp6 works just fine on both.
  2. For all future visitors looking for ICS on a Mac, regardless of version, here's a long-winded thing - https://forums.hak5.org/index.php?/topic/37483-ics-on-a-mac-a-future-resilient-howto/
  3. Is there an upgrade path? I thought all 'upgrades' were full reflashes.
  4. Asus Flip Chromebook w/ Sana MacBookPro. iPhone Nexus 5 w/ NH on 6.0.1 Side-loaded Connector App Dev enabled No MTP Great experience so far. Both as a user and module developer I'm in the middle of making an autossh module. Seb did a great job decoupling interface from system code and creating this modular architecture. I'm almost done and I've never coded in PHP before, because the API is that good. From a user perspective, also good. I do most management over SSH and when I'm walking around, ServerAuditor for iOS has tunnels so I can manage the Nano over localhost in Safari. Currently still learning how meterpreter is useful on this thing aside from the persistent reverse tcp connection.
  5. I think the entries in /etc/config/network have something to do with that. Local settings supercede router settings.
  6. Frontend for autossh. In development Released - View/edit autossh configs - start/stop/enable/disable - create ssh key pairs - adds remote server to known_hosts https://github.com/audibleblink/autossh
  7. I was just reading the front-end code. It looks like the page is re-written with html from an API call on every tab/module change. While it's possible to preserve state between view changes, it can get messy with the front-end framework Hak5 chose (AngularJS) without using non-core Angular libraries. (or rewriting a substantial part of AngularJS) In any case, doing so (keeping state) ends up being a tiny bit more memory intensive for the browser since it's keeping state between page views; perhaps it was a conscious decision.
  8. Went out and got a Nexus 5 so I could use the app. Needed an excuse anyway, but the "Tethering Disabled" bug was present on the S4. App works now. Nexus 5 -- 6.0.1 -- Nethunter flashed over factory HammerHead image
  9. The client will have to see the pineapple. It's their gateway. What you could do is drop packets coming from the client network to the gateway's dport of 1471
  10. Something just popped into my head: It's been mentioned before that once someone is connected to a fake AP, that client can access the IPs on the network providing the internet connection. For example: If my home network is 10.0.1.0/24 and I share my internet connection to the pineapple, the client that was captured at 172.16.42.XXX can ping something at 10.0.1.10. Bad Luck Brian if you happen to trap someone that knows what a pineapple is and knows how to use it better than you. This can be remedied with an IPTables rule saying that anything originating from the 172 network and destined for the 10 network be dropped. (or by not sharing your home internet when trying to pwn your neighbors =P) I'm wondering if this is something that Apple disables by default. @confunded - can you ping a device on your network from a trapped client with ICS enabled on the 192.168.2.0/24 network?
  11. So what were the resulting configs? Nano: IP: Gateway: OS X : IP: Gateway:
  12. Derp. Right on man. Glad it worked and that you were able to see my mistake in that you needed the Nano to be on the 192.168.2.0/24 network. I even said that on an earlier post *smh*. Maybe this should be the solution to ICS on OS X going forward. It's like 3 commands and let's face it, we should be changing the default networks anyway.
  13. don't need network access to reflash, just hold the reset button for 6+ seconds while it's powered on. if that doesn't work, then 1. Download the latest WiFi Pineapple NANO firmware from https://www.wifipineapple.com/nano/ 2. Hold down the reset button while plugging the WiFi Pineapple NANO into your computer 3. After a moment, release the reset button 4. Set a static IP address on the WiFi Pineapple NANO Ethernet interface to 192.168.1.2 (netmask 255.255.255.0) 4a. Linux: sudo ifconfig eth1 192.168.1.2 netmask 255.255.255.0 up 5. Open a web browser and navigate to 192.168.1.1 6. From the recovery web interface, click browse and select the file downloaded in step 1 7. Click update and wait 5-10 minutes as the WiFi Pineapple flashes the firmware. Do not interrupt power during this time.
  14. No idea, for sure, but don't be afraid of having to reflash =P If I were in your position, I'd look at /etc/config/network, modify and reboot. Breaking things is how I learn =P edit: shot in the dark --- change the following 2 in /etc/config/network on the Nano option ipaddr 192.168.2.10 options gateway 192.168.2.20 Then on your computer: ifconfig ethX 192.168.2.20 netmask 255.255.255.0 Turn on ICS. Browse to 192.168.2.10:1471 Don't hate me if it bricks edit 2: If you're worried about locking yourself out, make a backup of /etc/config/network and write a scrpit that restores the backup and cron it for 10 minutes. If you're locked out when you reboot, just wait 10 minutes, reboot again and you should be fine. Used this technique when trying to learn iptables after the 3rd time I had to rebuild debian because I'd locked myself out with some stupid rule.
  15. To elaborate on the wisdom already provided, Apple sets the subnet for devices with which internet will be shared.(192.168.2.0/24) You can either change the pinapple's default IP to be within that subnet, or change the subnet to surround the Nano's IP. I leave my work Mac at work so I can't play with it now, but perhaps this might help get you started - http://hints.macworld.com/article.php?story=20090510120814850 It's old but Apple still keeps shit in plists. The nat plist should still be in or near the same directory. Also of interest: http://apple.stackexchange.com/questions/134984/which-ip-ranges-and-subnet-does-osx-internet-connection-sharing-use-by-default
  16. That would be cool. It would let the Nano double as a LAN Turtle, limited by the fact that you must find a PoE jack wherever you're dropping this thing.
  17. That's awesome. I desperately wanted something like this when I first picked up Wireshark. "This is all well and good, but tell me how to do it in tshark"
  18. In an effort to encourage users to become more comfortable with the command line verion of the tools they use on the Nano, I'm thinking of making a simple module to cut my teeth on the new API. What do yinz think of a module that shows the commands that other modules run? Like, a 'learning mode' for the Nano. For example, I can start a Recon scan on the GUI and come over to the module, select Recon, and it will show the airmon command that's actually running to get the SSIDs in the area. The command would also be a hyperlink to that exact command on http://explainshell.comso one could see what all the flags mean. I'll get started once I get my actual computer back, but I made repo at https://github.com/audibleblink/learn-you-shell. Thoughts? Is it even feasible? Haven't looked at the API yet but just browsing through some already-made modules makes it seem simple enough.
  19. I had a similar experience when I firt got the nano. I ended up writing my own script to make it work. Unsatisfied with getting autossh working by itself, I kept looking and discovered the path for the `-i` flag in the autossh config was off by 1 character. Your problem has all the same symptoms as mine did. Is your id_rsa actually in /etc/dropbear and do they have the right permissions? Strange that it fails to connect when left to its own devices but you can manually connect once ssh'd in. Unless you're forwarding your agent somehow. Perhaps you could find a way to stick a -vv flag in the autossh config and pipe the output to a log file? That way you have a log of what is happeneing when it fails. Edit: I'm not using the script anymore because I found the issue, but here is my post about it incase you justt need something that will work in a pinch. https://forums.hak5.org/index.php?/topic/37246-autossh-to-relay-server/#entry270330
  20. If you have remote ssh access, I like to pipe the output of tcpdump on the pineapple to a local wireshark instance. Looks something like this ssh nano tcpdump -U -s0 -i br-lan -w - | wireshark -k -i -
  21. You shouldn't have to add it to rc.local. By running `/etc/init.d/autossh enable`, you've registered the script with the sysvinit service manager which means it will run on boot automatically. Try rebooting and then sshing in and running `ps | grep ssh`. You should see at least two things, the autossh process and the ssh process that it spawned
  22. Try configuring autossh from /etc/config/autossh and then running: /etc/init.d/autossh enable /etc/init.d/autossh start I was having a similar problem before using the built in autossh. Also, autossh polls for connection every 10 minutes. That's too long if you're testing things out. You can set it to a shorter time by creating an environment variable in /etc/profile export AUTOSSH_POLL=30
  23. Ah, so array_shift is destructive and returns the deleted value instead of the resulting array?
  24. I don't know PHP but could line 160 be the suspect code? "If the first ssid in the list is the ssid we're trying to delete, reassign the ssidsArray to be the shifted value of the array. It should now be an array without the first value. If ssidsArray is an array, set $ssids equal to a newline-sepeaated string of ssids, if it's not an array set $ssids to be an empty string. Jump to 164, write $ssids to file." I read that right? # /pineapple/modules/PineAP/api/PineAPHelper.php 153 public function delSSID($ssid) 154 { 155 $this->communicate("del_ssid:{$ssid}"); 156 $ssids = file_get_contents('/etc/pineapple/ssid_file'); 157 $ssidsArray = explode("\n", $ssids); 158 if ($ssidsArray[0] === $ssid) { 159 $ssidsArray = array_shift($ssidsArray); 160 $ssids = is_array($ssidsArray) ? implode("\n", $ssidsArray) : ''; 161 } else { 162 $ssids = str_replace("\n{$ssid}", '', $ssids); 163 } 164 file_put_contents('/etc/pineapple/ssid_file', $ssids); 165 return true; 166 }
×
×
  • Create New...