connecting up the pineapple

[dualboot]

1.do you use putty to ssh in and enter that code there or where. I have Jaseger and webif working just need to figure out ICS. 2. Also will i have to change the settings around depending on what wifi place I connect to if I am not using a Verizon air card or tethered cell?

hi troy, im stuck on that one as well have you had any luck?

[dualboot]

The line I gave is an example of how to start the dhcp server. You need to put in a range that is on the same subnet as your interface, for example if your interface is on 192.168.0.2 then the command could be something like

/usr/sbin/dnsmasq -K -d -F 192.168.0.100,192.168.0.200

hi digininja, ive seem to have got mine working, now im backtracking and trying to work out how i got so lucky, troy asked the question earlier but i havent found a response, what programme are you using to port this code?

im assuming its putty, when i try and ssh into it with 192.168.0.1, (the fon, ethernet connection),on ssh, port 22, i get, network error: connetion

ive done a port map and it says 192.168.0.1 is up and ssh is 22

if you can tell me then i go do some research, cheers.

Edited April 5, 2010 by dualboot

[digininja]

All my stuff is built using the openwrt build system for building binaries and the rest is either ruby or ash scripting.

[dualboot]

All my stuff is built using the openwrt build system for building binaries and the rest is either ruby or ash scripting.

the tutorial above was a windows based tutorial for getting ics working on the pineapple/fon,

your reply was to get the dhcp server working and you left some code,

that answer and the one posted above? what are they? do you want me to go and learn ash and ruby in their entireity? i am supposed to be happy with that seemingly begruding answer?

you guys are quite happy to sell the pineapples at 90 pounds a pop, 'your after sales service' deserves a bullet.

[digininja]

hi digininja, ive seem to have got mine working, now im backtracking and trying to work out how i got so lucky, troy asked the question earlier but i havent found a response, what programme are you using to port this code?

Porting code is taking code that runs on one system and getting it to run on another so your question doesn't actually make any sense therefore I answered it making an assumption that you knew what you were talking about and wondered how I built the system. I think the question you wanted to ask was supposed to be "where should I run this command", if so then run it on the Fon.

And I'm not selling the pineapples, I created the software and I'm now supporting it for free in my spare time, I don't make a penny out of this. Support from me is you get what you pay for, you pay me nothing and so I have the option of giving you nothing back in return.

I suggest you learn a bit about networking and linux then come back to trying to get this working. Understanding the terms you are using makes a world of difference when asking for help.

[dualboot]

Porting code is taking code that runs on one system and getting it to run on another so your question doesn't actually make any sense therefore I answered it making an assumption that you knew what you were talking about and wondered how I built the system. I think the question you wanted to ask was supposed to be "where should I run this command", if so then run it on the Fon.

And I'm not selling the pineapples, I created the software and I'm now supporting it for free in my spare time, I don't make a penny out of this. Support from me is you get what you pay for, you pay me nothing and so I have the option of giving you nothing back in return.

I suggest you learn a bit about networking and linux then come back to trying to get this working. Understanding the terms you are using makes a world of difference when asking for help.

maybe you should be getting some royalties, seems to me someone else is cashing in on you.

and yes porting may have been the wrong word but the rest of the example should have let the penny drop.

even so the question still remains unanswered properly,

futher to this have 'you' brainboxes thought of doing some 'after the fon tutorials' to save yourself some time?

maybe the questions get asked over and over becuase theres to much info, to many useless threads and questions dont get answered properly.

and when i say properly i mean deviating away from the 'supercool' one liners that say nothing and help no one.

[digininja]

maybe you should be getting some royalties, seems to me someone else is cashing in on you.

I do this as a hobby, if I wanted to make money out of it then I would close source all my tools and sell them. I'm happy doing it as I do and happy offering help for free when people ask nicely. I've a full time workload and so sometimes don't have time to reread full threads or try to work out what someone should have been asking when they asked the wrong thing.

I currently spend up to an hour some days supporting my projects and get nothing back from it except thanks from the people who appreciate it.

and yes porting may have been the wrong word but the rest of the example should have let the penny drop.

even so the question still remains unanswered properly,

futher to this have 'you' brainboxes thought of doing some 'after the fon tutorials' to save yourself some time?

Ye, I've thought about it but haven't had the time

maybe the questions get asked over and over becuase theres to much info, to many useless threads and questions dont get answered properly.

and when i say properly i mean deviating away from the 'supercool' one liners that say nothing and help no one.

Well, if they help no one and we/I'm too supercool for you then I'm sure you can find your free tech support else where.

[gaud]

The ICS instructions in this thread I used parts of, and other threads. I got it working, but there are some points to be made.

You need to be using the latest openwrt for some of the commands to work, like the list_option dns. Or so it seems... The latest is 8.09. If that is the case you can give this a try:

Setup for ICS:

1. Edit /etc/config/dhcp

1.5. From the web interface http://192.168.1.1/webif.html select System then File Editor, then navigate to: /etc/config/dhcp

config 'dnsmasq'
      option 'domainneeded' '1'
      option 'boguspriv' '1'
      option 'filterwin2k' '0'
      option 'localise_queries' '1'
      option 'local' '/lan/'
      option 'domain' 'lan'
      option 'expandhosts' '1'
      option 'nonegcache' '0'
      option 'authoritative' '1'
      option 'readethers' '1'
      option 'leasefile' '/tmp/dhcp.leases'
      option 'resolvfile' '/tmp/resolv.conf.auto'

config 'dhcp' 'lan'
      option 'interface' 'lan'
      option 'start' '100'
      option 'limit' '150'
      option 'leasetime' '720m'
      option 'ignore' '0'
      list 'dhcp_option' '3,10.110.0.1' 
      # This is the IP address of . .
      #.  . The Host Laptop's Net-Interface acting as GW
      list 'dhcp_option' '6,10.110.0.2,8.8.8.8' 
      # This is Option 6 define the DNS server, . .
      # .  . Then IP of Pineapple, Then Googles DNS IP

config 'dhcp' 'wan'
      option 'interface' 'wan'
      option 'ignore' '1'
      option 'start' '100'
      option 'limit' '150'
      option 'leasetime' '720m'

* if someone can tell me how to make that copy and paste correctly it would be appreciated.

Save Changes

2. Go to Network change IP Address.

From the connection type drop down select PPTP

Remove root from PPTP Server IP

2.5. From the connection type drop down select Static IP. Change IP info to desired IP range.

IP Address: 10.110. 0.2

Mask: 255.255.255.0

Gateway: 10.110.0.1

2.6. Add a DNS server.

Lan DNS: 4.2.2.2

Save Changes. Apply Changes.

Wait 5 minutes for changes and reboot.

3. Enable ICS

*note this will change the IP of the other interface.

4. Change system IP to gateway IP.

That is from a windows system, so as far as the laptop changes on another OS I can't help with. I'm using the 10.110.x.x network try and ensure that if I go to another location they won't be using my IP space, and I find it easier to read.

If it is not on 8.09, you may want to flash. There are several threads on here about just that.

digininja, hak5 crew, and all the helpful members of the forum - I appreciate what you do!

[digininja]

digininja, hak5 crew, and all the helpful members of the forum - I appreciate what you do!

Thanks!

[beezab]

Using Internet tethering to give access to your Yasager in Windows 7!

The easiest way :

Yasager

Network: ip: 192.168.137.254

subnet: 255.255.255.0

gateway: 192.168.137.1

dns: 192.168.137.1

DHCP: disable DHCP for WAN and for LAN

Windows 7:

take your working internet connection, click on properties, sharing, share with your "local area connection". Windows 7 will take care of the DCHP....

Voilà!

After pulling out most of my hair I finally got mine working. I found out that I didn't need tftpd to dish out dhcp addresses because it appears internet connections sharing does this automatically (gives out 192.168.0.x addresses only). Below is how I finally got my pineapple working. Others might have been able to do this differently but this is what worked for me and will hopefully help those that are still having issues.

based on the below link:

http://wiki.hak5.org/wiki/Internet_Connect...mit_Der_Jasager

So here is what I did once I unlocked the fon and got jasager on there:

Basically I am on my Laptop running windows vista (haven't had time to "upgrade" to xp). I am going to connect using my verizon air card or to another wireless access point, share that connection, plug my in my pineapple to my ethernet port and turn on jasager so that other people's laptops will associate with the pineapple. From there all their traffic goes through the pineapple, through my laptop, and out to the internet.

Configuration steps to do this:

1. Connect to the internet:

On your laptop, connect to the internet with your wireless, verizon air card, tethered cell, whatever. Do an Ipconfig /all and note the DNS servers it's using.

2. Share out your internet connection:

Whatever interface the above connection is using you will need to turn on Internet Connection Sharing (ICS). To do this, right click on the connection and choose the sharing tab. Click the box that says allow other network users to connect. Choose the "Local Area Connection" from the drop down list. Then click on the settings button and check everything and click "OK".

3. Configure the ethernet adapter on laptop: (where you will be plugging the pineapple to)

To have an address of 192.168.0.1 for the ip. 255.255.255.0 for subnetmask, leave default gateway blank. Put in the DNS server ip's that you got from step 1. You could put in any dns like 4.2.2.2 and it would work but I don't know if one way would be better than another.

***note IMPORTANT: I found that you have to use 192.168.0.1 and not another subnet like 192.168.1.1 for the fon because ICS has it's own built in DHCP that uses 192.168.0.x network (I think there is a way to change this default but I didn't look into it.) (Also don't use TFTPD like Darren uses in the video because it seems it's not needed - if you were able to get it to work with TFTPD, great, but it didn't work for me)

4: Configure the pineapple:

You need to connect to the fon and on the OpenWRT gui change the fon router to have a DHCP & Bridged connection and put in the ip address 192.168.0.250 (if you don't see a place to put in the ip then change it to static and then change it back to DHCP in the drop down and you will then see the place to put in the ip.) Again this has to have an ip on the 192.168.0.x subnet not 192.168.1.x . If you have trouble connection the to fon the best way to get to the gui interface to plug it into your wireless router where it will give it an ip, then on another computer on your home network go to the ip address it gives it and you will be able to get into it to configure it (might want to check the dhcp table on the router or do nmap to see what ip it gave it) Thankfully this is a one time setup.

5: Now take the pineapple and plug it into your ethernet connection (regular network cable, not crossover). Power on the pineapple and give it a min. or two to fully power on.

6: Test:

On another computer look at wireless networks and you should see the OpenWRT. Connect to OpenWRT. You should be able to access the internet. If you do an ipconfig /all on that computer you should see that it has an ip of 192.168.0.xx with 192.168.0.1 for the Default Gateway, DHCP server, and DNS server. If for some reason you can't access the internet, look over the above steps for

something missed or try doing this:

1.power off pineapple and disconnect from internet

2.connect to the internet again

3.power up the pineapple

4.connect again to OpenWRT with the other computer and check for internet connectivity.

7: At this point you should also be able to connect to the pineapple from your laptop.

192.168.0.250 - for the router interface

192.168.0.250:1471 - to get to the jasager interface. (use firefox because it doesn't work well with ie)

go to 192.168.0.250:1471 and turn on Karma.

Now anybody's laptop will associate with the pineapple.

once you see an ip show up in the connected clients list you can fire up wireshark and see their packets as they surf the net. Also you can do some sidejacking with ferret and hampster as shown in episode 412:

Hope this helps.

By the way if you are connecting to a wireless router for your internet connection and the router has an address of 192.168.0.1 address I think it might not work right b/c it would get confused with your ethernet adapter which also has a 192.168.0.1 address.

[Sky-Chicken]

Using Internet tethering to give access to your Yasager in Windows 7!

The easiest way :

Yasager

Network: ip: 192.168.137.254

subnet: 255.255.255.0

gateway: 192.168.137.1

dns: 192.168.137.1

DHCP: disable DHCP for WAN and for LAN

Windows 7:

take your working internet connection, click on properties, sharing, share with your "local area connection". Windows 7 will take care of the DCHP....

Voilà!

It works well for me with your setup suggestion only exception is I am not getting an DHCP address. If I leave the DHCP server on (JASAGER) than it did not work at all . The Client gets an address but I cannot go to the internet even I can ping all interfaces in the LAN butno WAN (google)

It works when I turn off the JASAGER DHCP and install tinyDHCP on my computer. The client gets the correct 192.168.137.x/24 address and everthing works.

Does anyone have a clue why I have to use the tinyDHCP ?

[digininja]

my guess would be the details that your dhcp server on the Fon is giving out, probably wrong gateway

[Sky-Chicken]

my guess would be the details that your dhcp server on the Fon is giving out, probably wrong gateway

Thanks for your fast response. I thought that Windows 7 /64 would provide the DHCP address to the connecting client and not the JASAGER?

Did I read this part wrong ? Thanks

Sky

[digininja]

You said if you left the DHCP server on Jasager on it didn't work but did with a DHCP server on windows. That says that the DHCP server on Jasager was broken.

[Sky-Chicken]

You said if you left the DHCP server on Jasager on it didn't work but did with a DHCP server on windows. That says that the DHCP server on Jasager was broken.

Thanks digininja ! It was the DHCP on the JASAGER!

For beginners like me ....

1) change the JASAGER DHCP

lan=on

start=101

limit=150

leasetime=720

Options=Router 192.168.137.1

Options=DNS 192.168.137.1

Now it works great !

Edited July 8, 2010 by Sky-Chicken

[digininja]

glad its fixed

[V3NG3NC3]

Well,. not sure what happend but I got to the end of step 4 and this seems to may have bricked my router...

I am not to pleased at this moment...

Edited October 25, 2010 by V3NG3NC3

[digininja]

Before proceeding, how much networking knowledge do you have? Do you know what a subnet is and basic routing?

[PassComm]

I think there should be a sticky some where, maybe on the $100 plus router that warns you of things like setting DHCP up on the FON without knowing what why or how. As for bricking the thing, there is most likely a nice easy way to get in to it but good luck getting any one to help. The most obvious answers will be, "its on the forum, look for it". "I could help but you wouldn't learn anything from it"

The best advice I got was to learn more about networking in general. So I set up a Linux box and moved my vps to it, took me like 4 plus days and who knows how much vodka :) but in 2 months my FON will be paid for.

I really have to thank you all that helped me. And this one thread here looks very promising so soon as my blood pressure comes down from all the SElinux pop ups and packet too large in mysql shoot I am going to try this out making sure i do not set DHCP up till I know there is an IP address that is written down on my forehead backwards.

Last but not least I am going to buy a HAK5 jacket thingy, they look so cool but I am guessing not a good IDEA if you are doing P testing.

[krew790]

i try this but now cant accese my router; i followed instruction and cant connect what should i do

[digininja]

exactly what did you try, how are you trying to connect and have you read my post about DHCP in the sticky section?

[krew790]

exactly what did you try, how are you trying to connect and have you read my post about DHCP in the sticky section?

Yes i have read that;

what i did was open wrt page went into networks then networks tab agian

then change then choose dhcp server to 192.168.0.250

and subnet to 192.168.1.250

have tryed many things from setting up static ip to various 192.168.0.1 , 192.168.0.2, 192.168.0.27 , 192.168.1.1, 192.168.1.2, and so far due to i change the ip to 192.168.0.250 my laptop ip being 192.168.0.2 should allow me to connect.

I have also try connecting to a router and yet no result didnt give the fon a ip;

Sniffed for the new traffic with chain; still nothing

trying with new router give results soon;

Is the router bricked it does broadcast the ssid still

[PassComm]

Yes i have read that;

what i did was open wrt page went into networks then networks tab agian

then change then choose dhcp server to 192.168.0.250

and subnet to 192.168.1.250

I am new at this but want to ask if you mean Netmask not subnet? I do not see a setting in wrt for subnet.

[digininja]

I don't have a machine to check on at the moment but you don't usually set dhcp server addresses, thats the point of dhcp, the machine gets an address from whatever dhcp server is around.

And I agree with PassComm, you can't set a subnet, you can set a netmask, that should be something like 255.255.255.0 for that IP address.

Sounds to me like you've set a static IP of 192.168.0.250 and a netmask of 192.168.1.250. That is completely invalid so don't know how OpenWrt would handle it. Try accessing the machine on 192.168.0.250 and see what happens.

[krew790]

I don't have a machine to check on at the moment but you don't usually set dhcp server addresses, thats the point of dhcp, the machine gets an address from whatever dhcp server is around.

And I agree with PassComm, you can't set a subnet, you can set a netmask, that should be something like 255.255.255.0 for that IP address.

Sounds to me like you've set a static IP of 192.168.0.250 and a netmask of 192.168.1.250. That is completely invalid so don't know how OpenWrt would handle it. Try accessing the machine on 192.168.0.250 and see what happens.

it might be netmask if i see a screen shot i can tell;

and i have tryed to go to 192.168.0.250 in the url times out;

When i do with putty it waits a long time then times out with that ip but i put in annother just stops quick;

Lastyly it still broadcasts the wireless singnal.