honey4free
-
Posts
3 -
Joined
-
Last visited
Posts posted by honey4free
-
-
Figured out the problem.
Looking trough the firewall logs i noticed that my wifipinapple was stoped at my firewall.
I forgot to check my strict rules and saw that my DNS exfiltration killer also killed my wifi pinapple dns requests.So short case solved :)
-
Hi i have a wierd problem where my wifi pinapple looks like it's connected to the internett but it don't get dns lookup so it don't work.
It works on my android device with cable and the pinapple app, this is wierdbut dns lookups when bridging trough my new install of ubuntu 16.04 LTS with all updates installed and dnsmasq disabled
My wifi pinapple can ping the internet eks: 8.8.8.8#WIFI pinapple
##Ping
root@pie:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=55 time=18.029 ms##NSLOOKUP
root@pie:~# nslookup vg.no
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
(No respons)##NSLOOKUP with different dns server defined
root@pie:~# nslookup vg.no 8.8.8.8
Server: 8.8.8.8
(No respons)## WGET test to adobe.com (IP 192.150.16.117)
root@pie:~# wget 192.150.16.117 --no-check-certificate
--2017-04-26 19:45:11-- http://192.150.16.117/
Connecting to 192.150.16.117:80... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: https://192.150.16.117:6081/php/urladmin.php?vsys=1&cat=16383&title=unknown&rulename=Internet Access&sip=10.3.100.3&post=0&token=913AB4C748D6DE9FFDA3664A4FB58B279D2A2B9C&url=http://192.150.16.117%2f [following]
--2017-04-26 19:45:11-- https://192.150.16.117:6081/php/urladmin.php?vsys=1&cat=16383&title=unknown&rulename=Internet Access&sip=10.3.100.3&post=0&token=913AB4C748D6DE9FFDA3664A4FB58B279D2A2B9C&url=http://192.150.16.117%2f
Connecting to 192.150.16.117:6081... connected.
WARNING: certificate common name 'sd1-pa-01.int.honeysec.com' doesn't match requested host name '192.150.16.117'.
HTTP request sent, awaiting response... 200 OK
Length: 3030 (3.0K) [text/html]
Saving to: 'index.html'index.html 100%[===================>] 2.96K --.-KB/s in 0s
2017-04-26 19:45:12 (23.0 MB/s) - 'index.html' saved [3030/3030]
## ifconfig
root@pie:~# ifconfig
br-lan Link encap:Ethernet HWaddr 00:C0:CA:8F:9A:CC
inet addr:172.16.42.1 Bcast:172.16.42.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2147 errors:0 dropped:0 overruns:0 frame:0
TX packets:2035 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:371610 (362.9 KiB) TX bytes:846393 (826.5 KiB)eth0 Link encap:Ethernet HWaddr 00:C0:CA:8F:9A:CC
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2155 errors:0 dropped:0 overruns:0 frame:0
TX packets:2044 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:402148 (392.7 KiB) TX bytes:846807 (826.9 KiB)
Interrupt:4lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:193 errors:0 dropped:0 overruns:0 frame:0
TX packets:193 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:12840 (12.5 KiB) TX bytes:12840 (12.5 KiB)wlan0 Link encap:Ethernet HWaddr 00:C0:CA:8F:69:4A
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:1566 (1.5 KiB)wlan1 Link encap:Ethernet HWaddr 00:C0:CA:8F:84:37
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)wlan2 Link encap:Ethernet HWaddr 00:19:86:51:80:16
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)## Route
root@pie:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.16.42.42 0.0.0.0 UG 0 0 0 br-lan
172.16.42.0 * 255.255.255.0 U 0 0 0 br-lan## IP-Tables
root@pie:~# sudo iptables -L
-ash: sudo: not found
root@pie:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
delegate_input all -- anywhere anywhereChain FORWARD (policy ACCEPT)
target prot opt source destination
delegate_forward all -- anywhere anywhereChain OUTPUT (policy ACCEPT)
target prot opt source destination
delegate_output all -- anywhere anywhereChain delegate_forward (1 references)
target prot opt source destination
forwarding_rule all -- anywhere anywhere /* user chain for forwarding */
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
zone_lan_forward all -- anywhere anywhere
zone_usb_forward all -- anywhere anywhereChain delegate_input (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
input_rule all -- anywhere anywhere /* user chain for input */
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
syn_flood tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
zone_lan_input all -- anywhere anywhere
zone_usb_input all -- anywhere anywhereChain delegate_output (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
output_rule all -- anywhere anywhere /* user chain for output */
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
zone_lan_output all -- anywhere anywhere
zone_usb_output all -- anywhere anywhereChain forwarding_lan_rule (1 references)
target prot opt source destinationChain forwarding_rule (1 references)
target prot opt source destinationChain forwarding_usb_rule (1 references)
target prot opt source destinationChain forwarding_wan_rule (1 references)
target prot opt source destinationChain input_lan_rule (1 references)
target prot opt source destinationChain input_rule (1 references)
target prot opt source destinationChain input_usb_rule (1 references)
target prot opt source destinationChain input_wan_rule (1 references)
target prot opt source destinationChain output_lan_rule (1 references)
target prot opt source destinationChain output_rule (1 references)
target prot opt source destinationChain output_usb_rule (1 references)
target prot opt source destinationChain output_wan_rule (1 references)
target prot opt source destinationChain reject (0 references)
target prot opt source destination
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT all -- anywhere anywhere reject-with icmp-port-unreachableChain syn_flood (1 references)
target prot opt source destination
RETURN tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50
DROP all -- anywhere anywhereChain zone_lan_dest_ACCEPT (6 references)
target prot opt source destination
ACCEPT all -- anywhere anywhereChain zone_lan_forward (1 references)
target prot opt source destination
forwarding_lan_rule all -- anywhere anywhere /* user chain for forwarding */
zone_wan_dest_ACCEPT all -- anywhere anywhere /* forwarding lan -> wan */
zone_usb_dest_ACCEPT all -- anywhere anywhere /* forwarding lan -> usb */
ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port forwards */
zone_lan_dest_ACCEPT all -- anywhere anywhereChain zone_lan_input (1 references)
target prot opt source destination
input_lan_rule all -- anywhere anywhere /* user chain for input */
ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port redirections */
zone_lan_src_ACCEPT all -- anywhere anywhereChain zone_lan_output (1 references)
target prot opt source destination
output_lan_rule all -- anywhere anywhere /* user chain for output */
zone_lan_dest_ACCEPT all -- anywhere anywhereChain zone_lan_src_ACCEPT (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhereChain zone_usb_dest_ACCEPT (3 references)
target prot opt source destination
ACCEPT all -- anywhere anywhereChain zone_usb_forward (1 references)
target prot opt source destination
forwarding_usb_rule all -- anywhere anywhere /* user chain for forwarding */
zone_lan_dest_ACCEPT all -- anywhere anywhere /* forwarding usb -> lan */
ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port forwards */
zone_usb_dest_ACCEPT all -- anywhere anywhereChain zone_usb_input (1 references)
target prot opt source destination
input_usb_rule all -- anywhere anywhere /* user chain for input */
ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port redirections */
zone_usb_src_ACCEPT all -- anywhere anywhereChain zone_usb_output (1 references)
target prot opt source destination
output_usb_rule all -- anywhere anywhere /* user chain for output */
zone_usb_dest_ACCEPT all -- anywhere anywhereChain zone_usb_src_ACCEPT (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhereChain zone_wan_dest_ACCEPT (3 references)
target prot opt source destinationChain zone_wan_forward (0 references)
target prot opt source destination
forwarding_wan_rule all -- anywhere anywhere /* user chain for forwarding */
zone_lan_dest_ACCEPT esp -- anywhere anywhere /* @rule[7] */
zone_lan_dest_ACCEPT udp -- anywhere anywhere udp dpt:isakmp /* @rule[8] */
zone_lan_dest_ACCEPT all -- anywhere anywhere /* forwarding wan -> lan */
ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port forwards */
zone_wan_dest_ACCEPT all -- anywhere anywhereChain zone_wan_input (0 references)
target prot opt source destination
input_wan_rule all -- anywhere anywhere /* user chain for input */
ACCEPT udp -- anywhere anywhere udp dpt:bootpc /* Allow-DHCP-Renew */
ACCEPT icmp -- anywhere anywhere icmp echo-request /* Allow-Ping */
ACCEPT igmp -- anywhere anywhere /* Allow-IGMP */
ACCEPT all -- anywhere anywhere ctstate DNAT /* Accept port redirections */
zone_wan_src_ACCEPT all -- anywhere anywhereChain zone_wan_output (0 references)
target prot opt source destination
output_wan_rule all -- anywhere anywhere /* user chain for output */
zone_wan_dest_ACCEPT all -- anywhere anywhere Chain zone_wan_src_ACCEPT (1 references)
target prot opt source destination# Now over to the host (ubuntu 16.04 box) computer
## Verifying that dnsmasq is disabled (tested with dnsmasq also same problem)
master@Castle:~$ more /etc/NetworkManager/NetworkManager.conf
[main]
plugins=ifupdown,keyfile,ofono
#dns=dnsmasq[ifupdown]
managed=false## DNS server used by host
master@Castle:~$ more /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 10.3.3.1
search (redacted)## verifying that DNS works
master@Castle:~$ nslookup adobe.com
Server: 10.3.3.1
Address: 10.3.3.1#53Non-authoritative answer:
Name: adobe.com
Address: 192.150.16.117## ifconfig on the ubuntu host
root@Castle:/home/master# ifconfig
eth0 Link encap:Ethernet HWaddr 00:c0:ca:8f:b3:ea
inet addr:172.16.42.42 Bcast:172.16.42.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2771 errors:0 dropped:0 overruns:0 frame:0
TX packets:2897 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:961043 (961.0 KB) TX bytes:580359 (580.3 KB)lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:700 errors:0 dropped:0 overruns:0 frame:0
TX packets:700 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:53380 (53.3 KB) TX bytes:53380 (53.3 KB)wlan0 Link encap:Ethernet HWaddr 44:1c:a8:e1:88:5b
inet addr:10.3.100.3 Bcast:10.3.100.255 Mask:255.255.255.0
inet6 addr: fe80::abec:d514:8472:1ac3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:21566 errors:0 dropped:0 overruns:0 frame:0
TX packets:16288 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:23408735 (23.4 MB) TX bytes:1627835 (1.6 MB)
## iptables on the ubuntu hostroot@Castle:/home/master# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destinationChain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 172.16.42.0/24 anywhere state NEW
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHEDChain OUTPUT (policy ACCEPT)
target prot opt source destination## Routes on the host
root@Castle:/home/master# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.3.100.1 0.0.0.0 UG 0 0 0 wlan0
10.3.100.0 * 255.255.255.0 U 600 0 0 wlan0
link-local * 255.255.0.0 U 1000 0 0 wlan0
172.16.42.0 * 255.255.255.0 U 0 0 0 eth0I have bashed my head all day at this problem and i am not a step closer to a solution.
Please someone help figure this out.
I can't be the onlyone with this problem.
wp6.sh needs ufw support
in WiFi Pineapple NANO
Posted
Hi have anyone managed to get UFW and wp6.sh to work together?.
I can't figure out how to create the UFW rules.
I have litle to non experience writing ufw rules