Search the Community

Hello all! This 2.0.0 Beta release offers new features, bug fixes and general improvements to all aspects of the WiFi Pineapple experience. As always, the feedback provided by members of the community has been invaluable, and continues to be used internally to build out new additions and improvements. We hope that you enjoy the new changes, and invite you to join us on Discord and here on the forums. To get the Beta update, simply switch to the Beta Update Channel and check for new updates. You will then be prompted with a choice to upgrade. To see some sneak peeks of the firmware before upgrading, check the second reply to this thread. Release Notes: This update changes the LED trigger to be more active on wlan0 activity. We're currently trialing this change. It may appear that your WiFi Pineapple is still booting, but is actually already booted fully and is now showing wlan0 activity. Since Beta 2, wireless interfaces are not destroyed by PineAP starting, instead, they are disabled and mirrored in monitor mode with the new monitor_vif tool. This prevents interface name confusion when a new wireless card is inserted into the WiFi Pineapple, while wlan1 is already in monitor mode. Beta 2 Change Log: In addition to Beta 1; General Include OpenWRT 21.02 community feeds and Hak5 2.0.0 feeds Setup Correctly load EULA and Terms of Service even when network state changes UI Display interface base names (wlanX) instead of multiple instances of the same interface (wlanX, wlanXmon) for recon PineAPd Log zero-length IE tags properly Use new monitor_vif script to bring up interfaces in monitor mode while retaining original VIFs for system consistency Fix several possible deadlock situations in logging Recon Show relative times for detected networks even when the Pineapple system time is not set correctly, by comparing time offsets with the browser. Increase overall performance and stability of Recon backend Use consistent interface naming for MK7AC module adapters (wlan3) Beta 1 Change Log: Welcome to the 2.0.0 Beta! This firmware contains significant bug fixes and feature releases for the WiFi Pineapple Mark VII. General Updated to OpenWRT 21.02.1 Updated from kernel 4.14.180 to 5.4.154 Updated the Python Pineapple API Updated HostAPd Updated the OUI database General UI stability improvements Dashboard Fix an issue where the MK7AC wizard would not close when clicking the 'Configure' button Setup Improved the dynamic layout of the Setup wizard Campaigns Fixed a silent error when no reports are available PineAP Fixed numerous crashes Improved handling for Handshakes Changed the default location for Log and Recon databases to /root/ Added a README to the default handshakes location (/root/handshakes) Improved the bring-up time for the Management, Open, and Evil WPA Access Points Management Access Point no longer requires the password to change the SSID and Hidden/Disabled toggles Evil WPA Access Point now has the "Confirm Password" field auto populated Recon Add detection for WPA3 Access Points Add detection for newer 802.11 authentication suites Add a new tagged parameter view for Access Points View the tagged parameters and their hexadecimal values for a given Access Point. Add a column for MFP (Management Frame Protection) state Simplified the Security column Add a security summary dialog for Access Points Fixed a rare error where the Recon database couldn't be opened Performance improvements when fetching Recon data Implement an Auto Handshake Capture mode When enabled, WPA Handshakes will be captured whenever they are seen, regardless of whether a handshake capture is running Overhauled the Handshakes View Handshake listings now show the Client MAC, and also show the messages that were captured Improved handling of deauthentication attacks Improved the dynamic layout of the Recon page Fixed an issue where some channels in the Channel Distribution chart would have a grey colour Improved the Channel Distribution chart axis ticks Add an icon to table rows to further distinguish Clients from their associated Access Point A spinner is now shown when a deauthentication attack has been started Show an informative message for Access Points or Clients with MFP enabled when trying to perform deauthentication attacks against them Show the associated SSID for a selected Client in it's sidebar Show the OUI vendor name for the selected Client in it's sidebar Logging Fixed an issue where the wrong database would be accessed if the Logging location was changed Settings Network keys are now redacted from a generated debug log We will be paying close attention to the thread and the Discord channel (#wifi-pineapple) for the duration of the Beta, so please share any feedback or reports in those places, thanks!

EvilPortal 3.0 is here bring bug fixes and new features! The main focus of this release was to create what I am calling "Targeted Portals" which allow you to direct clients to different portals conditionally based on SSID, MAC, Hostname, or Useragent allowing for a much wider range of attacks. This version will break the portals you have created in the past so keep that in mind when updating. Also, THIS IS NOT A THREAD TO ASK FOR HELP ON WRITING HTML, PHP, OR JAVASCRIPT. THERE ARE OTHER PLACES TO LEARN TO PROGRAM OTHER THAN THIS THREAD. Features Targeted Portals Static Portals Creating/Editing/Activating/Deleting Portals White listings clients by ip address Dynamically adding and revoking authorized clients Live Preview of your portal through the module interface Targeted Portals Targeted Portals allow you to direct clients to different portals conditionally based on SSID, MAC, Hostname, or Useragent allowing for a much wider range of attacks. Creating a Targeted Portal Go to the Portal Workbench in the EvilPortal module Click the drop down menu to the left of the "Portal Name" input box and select "Targeted" Give it a name Click the create new portal button Edit Targeting Rules Click on the name of the portal you just created in list of portals Click the "Target Rule Editor" button in the top right corner of the Work Bench You should see a modal open up titled "Editing Rules for $portalname" with MAC, SSID, HOSTNAME, and USERAGENT sections These sections represent the value that you can create routing conditions for. Under each section you will see a sub-section titled "Exact" and "Regex". These let you create exact rules or rules that will match a pattern. It should also be noted that these conditions are evaluated as an 'or' not an 'and'. The order that they are evaluated in can be change but more on that later. Once you figure out the rule you want to create click the "Add Rule" button You'll see a row appear that says "Key Value", "Destination", and "Remove". Fill out the values for Key Value and Destination. The "Key Value" represents the value that you are checking. For example if the rule is for a SSID the value might be "office-wifi". The "Destination" is the file that is the landing page you are routing clients that match your rule to. If this is an office portal you might want to call it OfficePortal.php. Just remember what you called it because we will need it later. (More on creating these later) The "Remove" button removes the rule Click "Save" at the bottom Creating The Destinations Click the "New File" button in the top right of the work bench. You should see modal open up titled "Creating New FIle". For the "File Name" field type the name of the destination This must be the name you typed in for the destination field when setting up the rules. In this example it was "OfficePortal.php" In the "File Contents" field you will write the code to create your portal. It should be noted that you need to make a post request to /captiveportal/index.php with a redirect destination called "target" in it. In my opinion it is easiest to copy the contents of "default.php" and paste it here as a starting point. Click "Save" at the bottom Important Notes If a client connects and doesn't match any of the conditions you created, they will be routed to "default.php". Currently there is not an easy way to change the order the rules are evaluated in, if you want to change them you have to do it manually via ssh. ssh into your pineapple cd into where your portal is (either /root/portals/$portalname or /sd/portals/$portalname) nano $portalname.ep (replace $portalname with whatever you called your portal) Change the order of the strings in the targeted_rules->rule_order array. The items that come first are evaluated first. Basic Portals Basic Portals are the same oldschool portals that you have come to know in Evil Portal. These are the portals that are created by default and they work in exactly the same way as they used to. Known Bugs HTTPS traffic is not blocked for un-authorized clients (my iptables suck) If you find a bug please create an issue for it the projects Github Repo Change Log Version 3.1 Added ability to write and view logs on a per-portal basis Created method writeLog($message) that writes to the portal log file Created method notify($message) that sends a notification to the web ui Added ability to download files Tab button in file editor will now insert four spaces Revamped the file editor modal Showing file sizes in the portal workbench Various quality of life improvements Version 3.0 Created targeted portals which allow routing clients to different portals based on SSID, MAC, Hostname, or Useragent. Created easy to use interface for setting up targeting rules Added doc strings to all methods in module.php and functions in module.js Made it easy to get the SSID of a client in your portal Added ability to create and move portals on and to the SD card Made IP address in the Authorized and White Listed clients lists clickable Fixed redirection issues Other QOL improvements. Version 2.1 Removed un-needed verbosity Made tab key indent in the editor instead of change elements Added confirmation dialogue box when deleting a portal Created auto-start feature Various other quality of life updates Version 2.0 Captive Portal is now purely iptables (because F*** NoDogSplash) Version 1.0 Install/Remove NoDogSplash Start/Stop NoDogSplash Enable/Disable NoDogSplash Create/Edit/Delete/Active Portals Live Preview portals All panels collapse for a better mobile experience Just one more time for the people in the back; THIS IS NOT A THREAD TO ASK FOR HELP ON WRITING HTML, PHP, OR JAVASCRIPT. THERE ARE OTHER PLACES TO LEARN TO PROGRAM OTHER THAN THIS THREAD.

Hi! We've just pushed Beta 1 for 1.0.2 to the WiFi Pineapple BETA Channel. This update features some small bug fixes and UX improvements since 1.0.1. If you'd like to try the upcoming release, updating is easily done by following the above guide. Change Log: Recon Fixed an issue where the dBi column would not sort. Show a message if all table columns are disabled. Fixed an issue where results would not update when navigating back to a running scan. Campaigns Added the functionality to delete campaign reports. Misc Fix an issue with ICS routing introduced in 1.0.1. Cloud C2 Improvements to Cloud C2 functionality. Add the ability to manage Client Mode whilst in C2 Mode. Upcoming Changes: Improved support for WPA3 and WPA2/3 Mixed Client Mode Have a suggestion? Let us know! We're constantly looking for feedback, especially during the public beta programs. If you're interested in joining the discussion, be sure to check out the community page and say hello! Thanks, Foxtrot

Hi, I'm selling my WiFi pineapple Tetra New not used at all only opened the box with its full field guide! Going for 149£. shipping fee may apply for worldwide shipping. Selling it because I do not need it and have never used it. Can send full pictures

Hello all! I was wondering can a wifi pineapple nano hack into private wifi networks? It can intercept and act as public wifi networks but can it hack and know the passwords of a legitimate WPA2 or other secured networks? or it can only clone them with a fake access rogue?

Hi I new in Hacking. I nees ti Know how install other tools un PineApple from GitHub like Fluxion V2 etc...

I have a question. Is there any way to join a actual WiFi with a captive portal with my wifi pineapple nano. Also is it possible to join that captive portal and copy it so I could spoof it later? (I'm doing this for a Wifi demonstration)

Just wondering if its even possible specifically on Pineapples, i saw bluez packages etc and have briefly followed an openwrt guide to add bluetooth but I didn't pull it off yet. Did someone already try and succeed?

WiFi Pineapple - Themes Github: https://github.com/kbeflo/pineapple-themes Dark Theme Install: wget -qO- https://raw.githubusercontent.com/kbeflo/pineapple-themes/master/dark/install-dark.sh | bash Screenshots:

WifiPine No Clients Guys, I'm not so fond of being a noob again but with No Clients I am definitely not going to go far with my adorable little nano tactical. Read the booklet as it was a good into to the underlying tech involved. Following the basic outline on intro video (https://www.youtube.com/watch?v=eHnQwTCKe2o). Reinstalled and rebooted using the Net interface so 2.02 seems to be working fine. Getting loads of SSID's in the pool but just not a single client to date. I must be doing something really basic wrong. tHowever, most of the MAC's that I've added to the filter never give me the option to Deauthorize. The few that do only do so on open, no security, networks. I deauth 5-10 times and nothing happens. Nothing shows up on Clients from the main dashboard. If you guys need some screenshots just let me know. Any ideas would be appreciated.

Wifi Pineapple Wifite Discontinued please head over to Wifite2 setup. An automated wireless attack tool. Compatible on both the Wifi Pineapple Nano and the Wifi Pineapple Tetra. Github: https://github.com/kbeflo/wifite-openwrt

Hello Forum users, I got some issues with my wifi pineapple Tetra I have bought this product a few weeks ago. 1. When plugging in the two cables it says in Windows 10/8.1 and 7 "USB device not recognized" And also not working with the adapter for extra power. However, the first time using the WiFi PineApple it works fine but it doesn't install any driver or recognize the USB cable driver Regards Me.

Ok so I have made my self a live usb to boot kali off of, it boots correctly first time great! but then I notice my built in mac book pro 2017 keyboard does'nt work. Along with the touch pad. any ideas Thx, cam

Hi All, I am new to the Tetra, however after reading numerous posts and watching the videos, I cannot get internet access on my tetra when connected to my windows 10 laptop. I have attached screenshots of the set up as per other posts and the IP from the cmd prompt, but I still do not have access. I don't know if this is a windows 10 issue, but after following the instructions to set static ip, it made it an unidentified network. This is where I believe the issue is and once this is able to be resolved my issues will be fixed. My question is, if I connect a LAN cable into the port on the tetra, should it connect via the router or would additional settings be required as the tetra is on 172.x.x.x network whereas my router is giving out 192.x.x.x IPs? I am really stumped as to what to do and I feel its something small that I have missed. I am going to try another laptop tomorrow, however, any gurus out there who could shed some light on this would be greatly appreciated.

Hi guys, Anyone know how I can get shell access in using any modern browsers (Chrome, IE, Firefox, etc. so that the browser doesn't bitch at me and say I need to upgrade to latest browser version) by browsing to a URL? I tried putting a malicious iframe on my evil portal and using these exploits: auxiliary/server/browser_autopwn, auxiliary/server/browser_autopwn2. I even tried downgrading to IE 8 then using the exploit: exploit/windows/browser/ms10_002_aurora. But so far I got nothing. :( No meterpreter sessions. This is for a presentation, by the way. Any of you guys suggest a different way? I am desperate. Wait not really. Just really frustrated. Hope someone can help. Thanks in advance!

So i bought the wifipineapple TETRA, and ive been experimenting with modules and such. Now i have 2 questions which i couldent really figure out my self, thus im asking here. (Im also not sure into which subforum to post this but hey...) - i thought about creating a "fake ap" which, when you connect to it, asks you to login w/ your gmail or facebook account. If someone could suggest me a module that enables me to do this (with a reasonable tutorial), i would be very greatfull. - 2cnd question is probably simple but yet indid not find this option... How do i protect my fake ap with a password encryption (wpa/wpa2) ? It should really work with modules enabled..... is this possible? huge thanks in advance ;)

Hi There, My WiFi Pineapple Nano shows couple of SSID's in pool but no clients connected. In the Filters i have only allowed clients attached to my home network and under SSID filter allow my home wifi SSIS. I know there are devices which are connected to my home SSID, but after running WiFi Pineapple for almost 30 mins, I have no connected clients. Can some one kindly explain me, what am I doing wrong. Thanks for you help. Thanks-

Hi there, I'm not sure if I should post that here or in the Pineapple section. But as it is more a general question, I decided to give it a try here... Set-Up: I connect with the WifiPineapple to an Wifi. To get MITM I decided to arpspoof one of the clients in the wifi network. Everything worked fine, but I'm thinking now about detection methods of that attack... Can my arp packages been seen behind the ap (meaining on the LAN side)? I suppose they shouldn't be as the packages are directly addressed with the MAC of the victim and therefore there isn't a need for the AP to bring them into the LAN. Can anybody answer this question for me? I'm probably not able to setup an testing environment for the end of next week... Thanks in advance! GermanNoob

So I have the wifi pineapple tetra and the tutorials that I try to follow are just a bit too confusing for me. Can someone help? I'm completely lost

Hi i think it is a waste investing in pineapple wifi for hacks considering that sslstrip don't work anymore because of hsts on all new browsers. Is there any new updates on this? Thanks.

I have received my first WiFi Pineapple Is there a tutorial how to customize the login page? Also - What is the default password when ssh' WiFi Pineapple via kali linux? Thanks Ozzie

I recently purchased a nano, and I'm expecting it in the mail today, but in the meantime I've been working on designing a 3D travel case for anything extra I may want to bring. I was wondering if there is an SVG version of the logo that I can use to imprint on the cover I'm making. Is there something out there that I can use?

Hello peoples. I recently purchased the Mark V and am trying to get it set up and download some infusions but pretty much any time I start to do almost anything* (slight exaggeration) with the web interface my computer BSOD's. This has been occuring when I attempt to load the pineapple bar list of infusions to download mostly. The error I receive is DRIVER_IRQL_NOT_LESS_OR_EQUAL (bwcW8x64.sys). What research I have done points towards my network card drivers being the issue (my research could be wrong lol) but I have uninstalled and reinstalled the newest drivers to no avail. Thanks in advance for any and all help, Pineapple Noob / Sad Guy With BSOD

Hey guys, I've been playing around with the idea of making a small pwn platform with functionality of metasploit with the wifipineapple. What I have come up with is this: It is android 4.4 with kali installed through linux deploy with a apple USB-eth adapter into the pineapple with an iframe on nodogsplash (or through ettercap-dns spoof ;D) linking to browser_autopwn. It is in the early stages but i want to either make the phone give me a notification (perhaps notify my android) to let me know when i have a shell or connect back through 3G/4G (yes I am from Australia) so i can leave it somewhere and have a not have to send everything through the network. The phone is a samsung galaxy s4, originally I cracked the screen so I used it as my play phone and then once I started building it I had the screen replaced. I have not field tested it yet as I do not have a spare SIM card. Any thoughts ideas or critisisms are welcomed. Also I would be interested If anyone else has attempted this. Disclaimer: I use this setup to test computers which I own and I use it as a proof of concept Zalgo p.s. First post so if I broke any rules I appologise

Hi everyone, new to this community, and i have kind of a stupid question : i have bought used markV from ebay. the seller said it was unused , but once i opened and tryed to first boot, it claimed that it was already configured and password was set. the seller hasn't answered to me yet and i kind of really want start testing markV, but i can't find any tutorial how to reset password that was set on firstboot. does anyone know how to do that ? is there any tutorial? does markIV process applies on markV? thanks in advance