Jump to content

MK2: Best HowTo - Setup Internet Connection Forwarding on "Linux" & Jasager


Recommended Posts

NEW Pineapple-0.9

I moved the route setting after the iptables setting like how it was before. I never did really test 0.8 but I think I broke it by putting the route setting before the iptables setting.

I'd suggest everyone use the new Pineappe-0.9.... Link posted in the first post.

----------

I plan on making Pinapple-1.0 soon. I want to reformat ALL the output to the user so it is readable. However, don't hold your breath, because I have Finals these next few weeks and I am taking the CompTIA Security+ on Monday, as well as, CompTIA A+ & Network+ by the end of May..... I need a job.

Edited by echoblack
Link to comment
Share on other sites

  • 2 weeks later...
  • Replies 98
  • Created
  • Last Reply

Top Posters In This Topic

Why is it that when I try to close the script it does not work?

iptables -X
iptables -F
/etc/init.d/iptables stop

here is what I do and what it looks like exactly on my screen

# iptables -X
# iptables -F
# /etc//init.d/iptables stop
bash: /etc/init.d/iptables: no such file or directory
#

is iptables in a different place or what because the script says it configures it just fine? I am beyond confused now.

Link to comment
Share on other sites

So after running pinapple0.9 and getting everything setup, I am having the following issue:

Client - Machine connected to Fon via wireless

Host- Machine hosting the internet connection, connected to fon via eth0

The Host is fine, it can access the internet, and resolve DNS names. The Client can ping the router, the host, and google.com. However, i cannot load a web page on the client. I can get ping responses but no 'web data'. If the Client connects to the local wifi (not the Fon) it pulls up a website just fine.

Got any ideas?

EDIT:

After reading Encrypted_Soldiers post at the top of the page, I want to clearly state, that if the client pings www.google.com it will resolve it to an IP and get a response. But loading www.google.com does not appear to work.

Edited by Woogi
Link to comment
Share on other sites

So after running pinapple0.9 and getting everything setup, I am having the following issue:

Client - Machine connected to Fon via wireless

Host- Machine hosting the internet connection, connected to fon via eth0

The Host is fine, it can access the internet, and resolve DNS names. The Client can ping the router, the host, and google.com. However, i cannot load a web page on the client. I can get ping responses but no 'web data'. If the Client connects to the local wifi (not the Fon) it pulls up a website just fine.

Got any ideas?

I am having the same EXACT problem!

Link to comment
Share on other sites

Hello everyone!

I just got a pineapple v2 from the hak shop as a gift from a friend. Horay!

However, I don't really know what I am doing...yet. :-D I am going back over the old episodes and reading lots of documentation. That is how I discovered this thread. Anyway, I just tried running this 0.9 script on Ubuntu 10.04 and I got a few interesting errors I thought I would share.

The install generated no errors at all. When I ran 'sudo /usr/bin/pineapple.sh' I got this:

$ sudo /usr/bin/pineapple.sh
/usr/bin/python2.6
Python-2.6 is installed
/us/bin/pineapple.sh: line 151: [: ==: unary operator expected
Python Module Twisted is installed
sslstrip option is enabled

Two things here:

1) line 146: typo scrip -> script

2) line 151

if [ $Py26 == "N" ]; then

->

if [ "$Py26" == "N" ]; then

Next I tried running the script again. When it asked for a location of sslstrip output I gave it one (/tmp/ssl.out). It then asked if I was sure I said yes and got

/usr/bin/pineapple.sh: line 466: [: too many arguments
y path user verified

Where would you like the sslstrip log file to be located?

And it just repeats over and over again...

Again there are a few issues I see:

1) line 462 is just a formatting issue to make the question look uniform (eg: to look like the other questions asked where the : is on the outside)

read -p "So you sure?: Y/N" Verify

->

read -p "So you sure? Y/N:" Verify

1B) Same appears on line 391 as well.

2) The actual error. First the multiple variables Verify and Varify. Varify /only/ appears on lines 395 and 466. It should be Verify. Second the if statement. I don't know python very well but testing each parameter by itself worked. Testing them together with the -o would never break the loop for me. So here is my fix.

if [ $Verify != "Y" -o  $Varify != "y" -o $Verify != "yes" ]; then

->

if [ $Verify != "Y" ]; then

2B) Same appears on line 395 as well.

3) Typo on line 397 "Asking agin" -> "Asking again"

3B) Same appears on line 468 as well.

4) The while loop on 434 needs $X to _not_ equal N. The if statement has X="Y" as it should, but the else has no such statement. So down on line 474 where there is Y="Y" I added to the line below X="Y"

4B) Same appears in the while loop on line 363 as well.

5) Lastly, (I promise! For now...) a suggestion. I noticed that the script has hard path set for various versions (lines: 96, 617) even though it should be version 0.9. You may want to either remove all the version numbers in the script or set a variable at the top so that there is only one place that needs updating when you release new versions.

And now the script works for me! Thanks for building out this script. I know you have put in a lot of your time and effort and I appreciate it.

Now to go play with my new toy and figure out how to talk to the pineapple...

[Edit] Got another set of problems and I am not having any luck solving them. First: I fired up my other laptop and was surprised that Ubuntu 8.04 with wicd auto connected to my home network in the other room when the pineapple was <2 feet away (karma was on). However, I did see pineapple in the wifi list so I connected to it. The laptop appeared on the connected clients list on 10.110.0.2:1471. I was able to connect to Google and surf. No idea why it didn't auto connect like it should have though...

Second, I fired up my aim client on the laptop and fired up wireshark on the pineapple host. I was able to see the conversations between my two aim users. Horay! :lol: Then I tried the SSL stripping. I went to https://gmail.com and logged in to my spam account. I noticed that the https stayed there the whole time. :huh: I didn't think it was supposed to do that. I rushed over to the host and started digging through the wireshark logs. No sign of my password in the capture and wireshark recorded https sessions. Interesting. So I tabbed over to the python terminal the pineapple.sh script started and I found this error: http://pastebin.com/buYnuSwZ That link has a 1 month expiration, btw.

After messing with it for about an hour I am tired and need a break. If anyone has any ideas please let me know. I will tackle this again later this week.

Edited by i.am.stack
Link to comment
Share on other sites

Why is it that when I try to close the script it does not work?

iptables -X
iptables -F
/etc/init.d/iptables stop

here is what I do and what it looks like exactly on my screen

# iptables -X
# iptables -F
# /etc//init.d/iptables stop
bash: /etc/init.d/iptables: no such file or directory
#

is iptables in a different place or what because the script says it configures it just fine? I am beyond confused now.

It never starts the iptables daemon. It doesn't have to for the rules to take effect. The iptables daemon is for loading/unloading the iptables configurations but iptables is in the kernel and running all the time. So it is just setting the rules for the already running iptables in the kernel.

Edited by echoblack
Link to comment
Share on other sites

OKAY. . . . Sorry about all that crap.

If anyone has DNS problems it is not a problem with pineapple.sh It is ether a problem with the /etc/config/dhcp Configuration file and/or go to the routers Web admin page, under networking make sure there are no DNS IP addresses in there or put 8.8.8.8 ONLY.

I put out Pineapple-0.9.1

Ya, you were mostly correct about most of the stuff, what you did would work. There was a typo that made only Y work. I also didn't change the X variable to Y to get out of the loop. However, I did change the X to = Y if for the default path. Also, I change it to.... bla just read it. I made this change in both places. There were a few typos :P

                            read -p "So you sure ?: Y/N" Verify
                            echo ""
    
    
                            if [ $Verify == "Y" -o $Verify == "y" -o $Verify == "yes" ]; then
                                
                                echo "$Sslstrip_Log path User verified"
                                echo ""
                                
                                Y="Y"
                                X="Y"
                                
                                
                            else
                                echo "Asking agin. . ."
                                
                                
                            fi

Also, I had forgotten to set Py26="Y" if python2.6 is installed. However, the script still worked fine with this typo, but I fixed it anyway.

Pleas let me know if anyone finds anything ells wrong.

I am calling this 0.9.1 because I am going to reformat all the output to the screen so it is readable for 1.0. I will get to work soon on it. I just got my CompTIA A+ & Security+ certifications (I'm glad I waited for the 2009 A+ test. They dropped off everything before the year 2000 i.e. Win 3.1 95 98 Me... non of that is on the test anymore). I am taking Network+ on Wednesday and then I'll have some time free to work on this.... Until I get some Tier-1 Tech Support or Help Desk job, fingers crossed.

EDIT: woops I found something ells that is stupid but it is not a problem.

Edited by echoblack
Link to comment
Share on other sites

Alright, I am now CompTIA A+, Network+, and Security+ Certified. :) It's a start right...

Help Desk job here I come :P

I'll work on this script this weekend and hopefully upload Pineapple-1.0 by Monday. Please test out this Pineapple-0.9.1 and let me know of any bugs.

EDIT: Meh, now some more targeted certs. I'm on the track for MCITP Enterprise Administrator and I'll get the 2008 AD cert first. It seem a lot of jobs ask for AD so I guess I need to learn that stuff. I'd go for the RHCE right now but I don't have $800. I really dislike windows but hell it is everywhere. I'll be getting the Cisco certs in school.

Edited by echoblack
Link to comment
Share on other sites

  • 8 months later...

Owe, okay, now that this thread has been Pinned. I'll make sure to check back more often to see if anyone has any questions. Also, I have figured out much nicer ways to program this so I may re-do it all so it is clean, BUT, it should be working.

P.S. Okay I am now all done with the Cisco CCNA NetAdacamy courses, and plan to git my CCNA at the end of this semester. I am taking CCNA Security now too :) I think I will also go for my Red Hat Linux Certs too. I think I can get the RHCE with a cupple weeks of cramming.

Link to comment
Share on other sites

  • 6 months later...

Followed the tutorial exactly as instructed. Downloaded and untarred the pineapple 0.9 script. My topology is exactly the same as the tutorial. I am able to successfully ping my way out but the problem is on the client machine I am unable to resolve any of the addresses even though the pings are returning. Any ideas on why web pages are not rendering for the clients connected. Any assistance is greatly appreciated. First time I have posted and only posting because I'm stuck. Any guidance or additional education would be fantastic.

Running pinapple 0.9 script while successfully connected to wlan0 (internet facing interface). Turn pineapple on as instructed and nothing happens. I then re-run the script and WHILE the fon+ is on and WICD connects to eth0. Provides me with 10.110.0.1 as the IP on eth0 and I stay connected to wlan0 with an IP in the 192.168.1.1/24 as expected. Main question is if I can ping www.facebook.com and www.google.com what am I doing wrong that the webpages are not rendering?

Successfully can ping

------------------------------------------

10.110.0.1

10.110.0.2

192.168.1.1

8.8.8.8

www.google.com

www.facebook.com

-----------------------------------------------

Environment:

--------------------------

Fon 2201 (FON+) connected with crossover cable (tried standard ethernet first with no success)

eth0: 10.110.0.1

wlan0: internet facing on the 192.168.1.1/24 network

FON ip: 10.110.0.2

Connected client: 10.110.0.152

FON default gateway: 10.110.0.1

Internet facing default gateway: 192.168.1.1

-------------------------------

/etc/config/dhcp

config 'dnsmasq'

option 'domainneeded' '1'

option 'boguspriv' '1'

option 'filterwin2k' '0'

option 'localise_queries' '1'

option 'local' '/lan/'

option 'domain' 'lan'

option 'expandhosts' '1'

option 'nonegcache' '0'

option 'authoritative' '1'

option 'readethers' '1'

option 'leasefile' '/tmp/dhcp.leases'

option 'resolvfile' '/tmp/resolv.conf.auto'

config 'dhcp' 'lan'

option 'interface' 'lan'

option 'start' '100'

option 'limit' '150'

option 'leasetime' '720m'

option 'ignore' '0'

list 'dhcp_option' '3,10.110.0.1' # This is the IP address of . .

#. . The Host Laptop's Net-Interface acting as GW

list 'dhcp_option' '6,10.110.0.2,8.8.8.8' # This is Option 6 define the DNS server, . .

# . . Then IP of Pineapple, Then Googles DNS IP

config 'dhcp' 'wan'

option 'interface' 'wan'

option 'ignore' '1'

option 'start' '100'

option 'limit' '150'

option 'leasetime' '720m'

Link to comment
Share on other sites

Update: Figured out pings were only ICMP packets and not TCP. Found a forum on MASQUERADE and added the following troubleshooting code. Websites render now on the 10.110.0.0/24 network. If anyone gets a chance to read my posts and can provide some additional insight or references on why the code works below while I read up on iptables I would appreciate it all the insight.

iptables --flush

iptables --flush INPUT

iptables --flush OUTPUT

iptables --flush -t nat

iptables --flush -t mangle

iptables --policy INPUT ACCEPT

iptables --policy OUTPUT ACCEPT

iptables --policy FORWARD ACCEPT

iptables -A INPUT -i lo -j ACCEPT

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

iptables -A INPUT -p ICMP --icmp-type echo-request -j ACCEPT

iptables -A INPUT -p ICMP --icmp-type echo-reply -j ACCEPT

iptables -A OUTPUT -p ICMP --icmp-type echo-request -j ACCEPT

iptables -A OUTPUT -p ICMP --icmp-type echo-reply -j ACCEPT

iptables -A FORWARD -p icmp -j ACCEPT

iptables -A FORWARD -i lo -j ACCEPT

iptables -A FORWARD -i wlan0 -o eth00 -J ACCEPT

iptables -A FORWARD -o wlan0 -i eth0 -J ACCEPT

iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Link to comment
Share on other sites

  • 1 month later...

Update: Figured out pings were only ICMP packets and not TCP. Found a forum on MASQUERADE and added the following troubleshooting code. Websites render now on the 10.110.0.0/24 network. If anyone gets a chance to read my posts and can provide some additional insight or references on why the code works below while I read up on iptables I would appreciate it all the insight.

iptables --flush

iptables --flush INPUT

iptables --flush OUTPUT

iptables --flush -t nat

iptables --flush -t mangle

iptables --policy INPUT ACCEPT

iptables --policy OUTPUT ACCEPT

iptables --policy FORWARD ACCEPT

iptables -A INPUT -i lo -j ACCEPT

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

iptables -A INPUT -p ICMP --icmp-type echo-request -j ACCEPT

iptables -A INPUT -p ICMP --icmp-type echo-reply -j ACCEPT

iptables -A OUTPUT -p ICMP --icmp-type echo-request -j ACCEPT

iptables -A OUTPUT -p ICMP --icmp-type echo-reply -j ACCEPT

iptables -A FORWARD -p icmp -j ACCEPT

iptables -A FORWARD -i lo -j ACCEPT

iptables -A FORWARD -i wlan0 -o eth00 -J ACCEPT

iptables -A FORWARD -o wlan0 -i eth0 -J ACCEPT

iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Sorry for the late reply. Hum, it should work. I am super busy right now but I'll try to help out tomorrow.

Edited by echoblack
Link to comment
Share on other sites

  • 3 weeks later...

Hi,

i have tried for a week now to get this up and running, and my pride hold me from asking before now :D

first of all i have re-flashed my fon with the jasager image, re-installed BT5 on my laptop

(both to be shure that there was not any old settings i made that would fuck this up)

i then setup the fon with the script for that, and followed the instructions on the webif interface.

run the other script on BT5.

connected to the router with a windows 7 laptop, it got an ip in the right range, the right gateway, and the right DNS servers.

i can then ping 8.8.8.8, so the forwarding rules in BT5 works.

but now comes the FAIL, i cant do any DNS lookups, so i can go to http://209.85.148.147 but not http://google.com

what really makes me ponder is the fact that my windows 7 gets 8.8.8.8 as its secundary DNS server, and i can ping 8.8.8.8, so even if the primary DNS fails, it should be asking google instead. :unsure:

(again, i still have thins problem after a clean install) :(

i have tried ALOT to fix this, so now i turn to you guys, anyone got a good idea what could be wrong?

Link to comment
Share on other sites

The age old DNS problem :P As I'm sure you've seen there are several topics on this. I didn't quite understand how your setup is working, but I'm assuming you're using jasagerPwn? There was actually someone with this exact same problem in the jasagerPwn thread a week or so back.

Have you tried to manually configure things from the attacking machine (iptables)?

Have you checked to see if dhclient is enabled/disabled (depends on your setup)?

Are you able to ping google from the router? Some setups allow this, others no. Personally I manually configure everything and I can ping google.com from the victim machine but not from the router as the router isn't getting any DNS. To my understanding your victim machine should be getting DNS from the attacking machine eth0 interface IP or the real router.

Have you tried to put the address of your gateway (the real one) in the DNS section for the DHCP client info in the webif interface?

You can also try to manually input DNS information to the router. I forget the exact command but it is one of the "uci set" ones.

Hope that helps.

Link to comment
Share on other sites

i was actually just trying to make networksharing work with the scripts from this treath first..

but your post gave me the rigth idea..

after i set the primary dns static up on the victim to 8.8.8.8 it worked..

so even though the victim gets 10.110.0.1 (atacker laptop) as primary DNS, and 8.8.8.8 as secondary it dos'nt work, so it never makes use of its secondary DNS entry...

but now you got me hooked on the jasagerPWN script, had the same problem, so set the nameserver in the script to 8.8.8.8 and it now works..

i know this is not the optimal solution, because now i cant redirect some websites to localhost to phising websites, but sslstrip works fine, and that was my primary goal..

but i would ofcourse also be glad to get the DNS proxy to work.. :D

my setup is basic rigth now:

ISP gateway (192.168.3.1) --->

(192.168.3.120) BT5 laptop (10.110.0.1) --->

(10.110.0.2) Pinapple/jasager -->

(10.110.0.5) Victim

Link to comment
Share on other sites

Fire up metasploit, there are several modules that exploit DNS, fake_dns is one of my favorites. Start that up and get it listening on your attacking machine (or another machine would work as this is resource intensive). The victim should already have 172.20.0.1 (attacking machine) as the DNS, now all requests can be rerouted to a SET java clickjack page, = instant meterpreter shell on all connected clients : ) I made a topic on it somewhere in this forum if you're interested.

Link to comment
Share on other sites

Fire up metasploit, there are several modules that exploit DNS, fake_dns is one of my favorites. Start that up and get it listening on your attacking machine (or another machine would work as this is resource intensive). The victim should already have 172.20.0.1 (attacking machine) as the DNS, now all requests can be rerouted to a SET java clickjack page, = instant meterpreter shell on all connected clients : ) I made a topic on it somewhere in this forum if you're interested.

ofcourse im interested.. ;)

we dont have much to do in our IT department, so this is my new hobby :D

Im about to take the "cisco ccna security" certification, so its also relevant for my job ;)

Link to comment
Share on other sites

  • 3 weeks later...

Sounds like you do not have forwarding setup properly.

Here are my build notes.

https://docs.google.com/document/d/1Gus31kNT-Bn9BFt7rRUdQbEVcaWQb4TBu1JghHKKOZs/edit?authkey=CJ6w2ZIJ

It's ok got it working now

I set my ubuntu machine to a static IP of 10.110.0.1

For the DNS Servers I put 8.8.8.8

I was then able to ping from my FON to google.com

But the webpages were not rendering for my clients

So I ran the script that spisakni posted and tried again and VOILA! It worked !!!

Link to comment
Share on other sites

  • 2 weeks later...

I have modified this script to work with BT5 R1, if anyone is interested.

what needed to be corrected? im running BT5 R1, and after setting a static gateway it pretty much worked with the script already posted here.. :blink:

so im really interested in case i missed something :D

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...