mda1125

I thought I would test out the 2 VPN services I'm subscribed to at this time. I wanted to see raw tests, tests with VPN enabled and more importantly, the possibility of a DNS leak. I'll admit while I understand the concept of a DNS leak, I used 3 different web sites to test which are listed at the bottom. No links included as this isn't a pitch for either service except raw links to the speed test I used and the 3 DNS leak websites. Happy to know if those don't work and if there are better actual methods to test for a DNS leak. Speed Test: http://speedtest.xfinity.com/ Comcast Speed Test: No VPN Location: San Jose, CA Download: 240.6 Upload: 12.6 Latency: 14ms Let Software Pick the Server: Comcast Speed Test: NordVPN Location: New Castle, DE Download: 44.6 Upload: 11.8 Latency: 93ms Comcast Speed Test: IPVanish Location: San Jose, CA Download: 67.9 Upload: 11.5 Latency: 19ms Let's Pick a Country: Costa Rica Comcast Speed Test: IPVanish Location: Augusta, GA Download: 62.3 Upload: 9.3 Latency: 198ms Comcast Speed Test: NordVPN Location: Foxboro, MA Download: 46.0 Upload: 10.0 Latency: 233ms DNS Leak Tests: https://www.dnsleaktest.com/ https://ipleak.net/ http://dnsleak.com/ NordVPN never showed DNS leaks on the 3 sites listed above. IPVanish frequently shows a Comcast DNS server(s) in the mix.

Seems like you connected Wlan2 to a phony SSID your Pineapple is broadcasting. That IP looks super similar to what the Pineapple gives out. Look in the client list and see if your device is connected to itself.

Question: Could you use the Certbot ACME client to install and automate the addition of an SSL Certificate for the Wifi Pineapple? I know there is a Paper module but that seems to be more for the creation of local certificates for other uses. I didn't see the ability to import some signed cert. Given there is root access to this device, it seems in theory it might work to do so assuming the Private key wasn't encrypted so as not to disrupt the boot-up sequence. I did a quick search, found nothing. Maybe the real question is why would you want to do this?

Google Fi .. I think that would work except it would eat up my data given I'm not passing thru the Open Wifi of the public place. I can only guess it had something to do with Google Wifi Assistant at this point. I did connect to another secure network via the phone, used the tethering option and that appeared to work quite well. Something about walking into this place and my phone using the Google assistant to auto-establish some connection was different. When left, it did as well. It's not in my saved list. I'll have to test out your idea. Pretty sure that would work but I didn't want to serve my my own data plan. Appreciate the additional insight. Worth testing.

Duh! You are totally right.. I connected the phone to said network, then tethered it to my phone. I was able to connect to the Management Portal and verify Internet connectivity. Interesting enough, when I went to another place today my Google Wifi Assistant automatically connected to a network (this after I removed all previously saved networks). I was able to connect, surf and tether. Connected to the Management Portal BUT... this time checking connectivity thru the Portal did not work. However, opening a tab and surfing did. So my phone had connectivity but the method to check didn't work. But going directly to Wifipineapple.com did. When I left this place, that network is not in my Saved Network list. Maybe if I disconnected and then did it manually and not thru the Google Wifi Assistant, it might have been a different experience.

At home, I plug in a USB dongle and use that to easily connect to my home AP. I can route any connected clients thru my Pineapple. Works great. However, out and about, if I find Free WiFi that at least makes me input a password, it's golden! But many places like SBUX are "free" but ask the user to initially accept and connect. That option doesn't seem to work via the WiFi Client Mode as there is no "password" to enter. I could tether the device and have but that option negates the use of the USB for a 3rd radio. I could use PortalAuth in combination with Evil Portal to at least attempt to capture I suspect.

If you are at home.. on your network.. that signal is probably stronger. I've seen my Pineapple Deauth my laptop but it just connects back to the home SSID. You might have to continually send Deauths (DoS) against your router so that your laptop is somehow forced to try the "Open" network with the same name. It's darn near impossible in neighborhoods where people have WPA/WPA2 secure networks or at home when your router has the strongest signal. What you can do is take your device FAR away from your main AP. Have the Pineapple closer. When you do a series of Deauths you stand a better chance of it going for the Pineapple at that point.

The USB-Y cable that comes with the Nano wasn't long enough for my Dell computers. None of the USBs on this Dell are near each other! Needless to say, I bought a $10 StyEAST SC321 USB Y cable 2.62ft USB3.0 A female to dual A male extension power enhancer splitter cable Works perfect! The 1.2 ft extra USB power easily reached to the other USB on the back and now I can power this from my laptop without having to use the battery as a substitute like I did before.

I bought the Samsung - EVO+ 32GB microSDHC Class 10 UHS-1 ... working flawless in my Nano 1.1.3

I took my Pineapple to an open location. My point being, the only person who asked said "Oh is that one of those mobile wifi hot-spot things?" Indeed... would you like to join? Gotta say... Apple phones are the chattiest and most easily susceptible to joining an Open network. My Google Nexus 5X is rock solid. It might broadcast occasionally but it refuses to join even open networks I know the Pineapple is broadcasting. Connected my 802.11N dongle and used that to join the actual Open (but password protected) legitimate network at the location so I passed anybody who connected to me onto the Internet.

No.. you can connect to the Management interface from any browser that can get to that IP. It's just the "internet connection sharing" you might have to re-setup in Linux but not the entire thing.

Scenario 1: You can hook it up to your belt or put it on a table tethered. Who's to say it's not a Mobile Hotspot? You can also just connect to the Management AP, have it hidden in a pack or under a jacket, in a pocket, whatever.. and view your Recon from the phone. See the SSIDs.. Get Site Survey and capture the WPA handshake. You can easily download and crack that offline.. there's a lot you can do in Recon mode. If you scan for Open Wifi. you might be able to get that 3rd radio you can plug into the extra USB on the Pineapple so people who connect, would go thru that Open Wifi. If not, stay in Recon mode. If nothing else, it's a real eye-opener to see just how many phones are searching all the time for anything open. Crazy. Scenario 2: If you have an Internet connection (open or your own hotspot) you can grab clients. Use that for a TCP dump to an SD card or use Evil Portal with a very customized portal for that location. Maybe a business cafeteria.. create a portal that makes sense if a person is in that place of business and sees that portal. I mean if I am at Joe's Tax Help and I see a Free Wifi for SouthWest or Facebook.. that's suspicious. But if you target a specific location, you could use Evil Portal to grab unsuspecting clients that would use Wifi that immediately makes sense to them in that location. Your custom portal could always use some type of BEEF framework to hook that browser. You'd need a laptop at that point with some actual IP I would think. But again, not unusual to see a person with a laptop, cell phone and some funky mobile hotspot. People are more curious about a box and what's in it than seeing something with small antennas that they assuming is some tech gadget for your cell phone. I've been asked "what's in the box" more times than anybody cares about a Wifi Pineapple. Unhide the Access Point and if they ask, tell them it's a mobile hotspot and let them connect! If they do, you got a client! If you have internet, you have a hooked client for a while. If you don't, tell them yeah.. I am getting the same. I can connect but this thing says "No Internet." Freaking ATT.

I switched from RoboForm to this and so far so good. http://keepass.info/

It actually works! It's just not obvious because when you click "Activate" it never looks like it works but when you do a Live Preview.. it's there. I'm back to the Official 2.1 version. I am thinking it would have worked with 2.9.. it just didn't look like it was going to work as I clicked "Activate" so I though it didn't. In fact, the Live Preview shows the page I want. Update: While it works.. shows the mobile version of the page and does capture username/password.. no matter how many attempts you try, you never get past that page. So it doesn't redirect you anywhere?

Being new to Linux, I followed the directions to get Evil Portal 2.9 installed and then copied over the SBUX login. Really nice work! Directions were clear. Seems to work on my Nano (no SD card) just fine in the Live Preview. Very slick! Now how do I get a Comcast one ported over? hehe Tried using this one I found... https://github.com/MikeDawg/xfinity-pineapple And while it does show up in the Portals area of Evil Portal (very cool) it doesn't active and it wasn't designed to use with this. But it's cool.

The 3rd radio (wlan2) is connecting to my router. The TP link is just from my laptop to the Management AP. Rebooted.. seemed to go back to working order. Pineapple has Internet to my router (or whatever) and my laptop is back to the Pineapple AP.

I've setup my Nano to be indepent (not attached to my laptop). I've got a TP-LINK TL-WN722N connected to the Pineapple Management AP... No problem! I put in the 802.11n dongle sold by Hak5. My Pineapple sees it. I can connect my Wifi Client Mode to my home router. Load the Pineapple bulletins.. works! So I have internet connectivity. Then --- a "client" connects. Suddenly my Wlan2 has switched to the SSID of the client and has an IP of the Pineapple? So now internet access doesn't work. Maybe this is a fluke?

Thanks for you help @b0N3z

I'm finding this experience to be interesting... 1. The Nano does a lot in a GUI what the Aircrack-ng suite does 2. If you are a neighborhood where most people connect to some secured and preferred router, you aren't going to get any clients. I even went so far as to set the filter to Deny All and they are blank. In theory that should allow anything to connect correct? But nothing ever does. 3. This might be a different experience at a hotspot location where people use phones/laptops away from their #1 network Case in point.. my phone/devices are going to connect to my Home Network vs some open wifi you throw up in my neighborhood. And as @b0N3z points out, if you are in your home area, that secured home network is going to take precedence over anything else. I'm not seeing many probes either.. I have every box checked in PineAP and when I look at the logs, it's just a few routers broadcasting but all the Unassociated clients, are silent. Maybe that worked in 2014 but in 2017, my phone doesn't seem to be beaconing 1000 an hour looking for anything preferred as it's already connected I suspect.

"Your clients have to have an open AP saved in there list of connected wifi on there device. If they don't then its a good chance they wont connect. Meaning if you have only connected to your home network on your laptop, chances are you wont get it to connect to the pineapple by deauthing your network unless its an open AP. " - @b0N3z I think you previously answered my question.. My "test" Windows 10 only has 1 network in it's list and it's my home router which is NOT an OpenAP. I think you just told me why it wasn't going to work.

I waited and didn't touch anything and it eventually does come back.. to the original Network and not captured.

@b0N3z Thank you.. you cleared some things up for me in regards to the USB-Y cable. I have it booting and powered up now. 1. Booted the VM ... then 2. Attached the short (thin) cord to the Pineapple Juice 4000 3. Attached the longer (thick data) cord to the USB 4. This actually worked the best! Probably because the VM has filters setup for the device and it grabbed it before Windows 5. Still ifconfig showed NO IP for the Nano. Sees ETH1 but no IP. So I found this ... in another thread that had a similar issue Try this on your Kali VM ifconfig eth1 172.16.42.42 netmask 255.255.255.0 up ping 172.16.42.1 ^^ where eth1 == the interface of your NANO That won't setup Internet connection sharing, but it will show that your Kali box can get on the same network as the NANO. That worked! I can connect to the Nano without running the wp6.sh.. however, I still had to do that in order to get the Pineapple bulletins and actual Internet connectivity. Recon is working.. I did it for 10 minutes and got a lot more SSIDs and clients Did the filter of a client... did a Deauth and saw the Windows 10 machine drop the connection but it never comes back. Says to connect to that SSID automatically but unless I manually click it, it doesn't. And when it does, it seems to be on the actual router not captured by PineAP. Question... I see the SSID I see the client I setup a filter to Allow for that MAC I Deauth and see it drop... Windows 10 doesn't auto-connect even though it's the only network it knows (I forgot all the rest under Network Settings) and the check box "Connect Automatically" was checked. It just doesn't capture that client?

1. I downloaded and ran the wp6.sh script and after rebooting the VM, I was able to get the VM to see the Pineapple! It gave me the URL and clicking it actually worked! Got into the Dashboard and setup, upgraded to 1.1.3 and was able to do some light recon. I always have to run the script first. The VM sees the Pineapple on ETH1 every time but it never gets an IP until that script is run. Probably because it's a VM and my laptop is wireless? 2. Once in the Dashboard, the Recon worked for 90% of the time. Now it just doesn't. No errors, just an empty list of Scan Results. That is a new one for me. At this point, I unplugged the Pineapple and am letting it sit for a few. Update: That seemed to work. Powered it down completely and now I get scan results again. 3. The cables are confusing. In one video it shows the Mobile setup and the male USB being used to plug into the Juicepack with the provided J-connector (Nano Tactical Elite). That leaves the USB at the bottom of the case. No matter which ends of the USB-Y cable I plug in, Windows, Linux.. never sees it. I have to plug the Male/Female from that USB-Y cable to the place where the juice pack wants to go in the videos using that cable. Makes mobile impossible at this point. The bottom USB seems to useless in my current setup. I always have to connect the Female to Male. Plugging into the bottom USB does nothing. 4. The tertiary radio (Wifi USB). I think I need to plug this in and configure it so I have this for clients to connect thru. While the Nano has 2 radios.. (I assume one for monitoring and one for attacks), the clients need to go thru something else. A WLAN1 or something. Appreciate the help b0N3z!

Just got my new Nano! I watched the setup.. looked easy enough. However, after the light goes solid blue, my eth1 never gets any IP assigned so I'm not able to proceed. Using a Dell Lattitude E7240. Running my Kali install on VirtualBox. While the USB-Y cable is too short to reach these USB ports, I can plug in the shorter one into the charging USB and the longer (power) into my juice pack. I've been able to get the device to boot up and Kali sees it within VirtualBox to the point of giving it the ETH1 assignment. Light blinks initially then stays solid blue. However, it just doesn't ever get any IP assigned so I can't proceed. ETH0 has a bridged IP to my router and I am able to connect to the Internet via my Kali install no problem. What am I missing here? Any help is most appreciated. I'd like to get this working inside my VM vs having to run it on Windows.