Galactic Empire

How about a module that can tell you which other modules are currently running? I have not dug deep on this one.. just a thought. For example, DNSMasq Spoof, wps and other modules have a button (start / stop), where you can start and stop that particular module. There is no other real indicator in the GUI showing that the module is running, so if you leave the module's page you have to just remember which ones are running. It would be cool if there was some sort of standardized api/hook that can tell if a module is currently running (maybe there is one already), and change the color of the module's text in the left navigation pane using CSS. This way I can tell at a glance which modules are up and running, without having to click through each module.

Hi Jasper, The module does do what is was designed to do, however there are a couple of issues which would explain why you are seeing the SSL errors: The target system does not trust this tool's Certificate Authority - This tool basically acts as a proxy/Certificate Authority (CA) and replaces the SSL certificate received from the original web server with another one created by itself. If you do not install the tool's own CA certificate into the target machine, you will receive an SSL warning referencing an invalid Certificate Authority. The "victim" may or may not be able to click through this warning, especially if the site implements HSTS (i.e. Google, Facebook). The version of the SSLSPLIT tool used on the Pineapple issues SSL certificates with SHA1 hashing - Internet browsers no longer accept SSL certificates with SHA1 hashing for some time now. You will still see this SSL error no matter what on the Pineapple, but in most cases it can be clicked through by the user. I have tried looking on the internet for the pre-complied version of SSLSPLIT 0.5.0 (supports SHA256 hashing) which would be compatible with the Pineapple, but could not find it. Perhaps I didn't look hard enough, and I'm definitely too busy to learn how compile/port this to OpenWRT/Pineapple myself (source code available on Github).. and also pray that there is no dependency hell. Of course I'm no expert, so please someone correct me if I'm wrong with any of this. What I ended up doing was sending the traffic from the Pineapple to my laptop (Kali Linux), and run SSLSPLIT from Kali instead. The CA cert is installed on all the target machines, and I have no SSL errors now. It still kinda blows that the decrypted traffic from SSLSPLIT gets dumped into log files which are difficult to comb through manually, and have yet to find any good parsing tools or a more welcoming GUI front end. In my opinion it is better to use Burp Suite and install the Burp Suite CA cert into the target machine(s)... It is much easier to manipulate and/or find the data that you are looking for without having to write scripts, or dig through log files yourself.

I installed the SSLsplit Pineapple module, however I am still getting an SSL warning on the "victim" laptop after installing the CA certificate on it (the one located at /pineapple/modules/SSLsplit/cert). The SSL error appears to be caused by a known issue with SSLsplit issuing SSL certificates with SHA1 hashing (instead of SHA256) according to the SSLstrip GitHub page. This was resolved in version 0.5.0, however the Pineapple NANO has version 0.4.11 installed. Has anyone been successfully been able to upgrade their version of SSLstrip on the Pineapple NANO or find some other work around for the internal CA to issue SSL certificates with SHA256 hashing instead? There was a mention of upgrading the Pineapple earlier in this thread, but that was over a year ago ad could not find any updates.

I have a copy of every infusion module that was on the Hak5 website for version 2.8.1 of the Mark IV firmware (including all the missing ones on your list). Whistle Master's GIT Repository does not seem to be accepting uploads, so they are uploaded here until its added to GIT: http://securityninja.tech/pineapple/mark4/infusions/