Jump to content

Mk3: Atheros Based Files To Flash


Recommended Posts

Dear All,

First off, let me apologize for earlier this year, I promised to release my work on the OM1P work on things and just didn't ever really get the chance to.

Now that MK3 has been released, I thought I would build the MK3 interface into my previous work.

The files in the link below are your complete set up. No need to install extra packages or awkwardly copy files over!

So, without further ado, here are the .lzma and .squashfs files:

1.9 Release

I do not accept any responsibility if you brick your device. I doubt you will but flashing is always risky!

The files should work for the MK2, MK3, OM1P and most Atheros based routers. If you have a different router and want to get this firmware, let me know and I will see what I can do.

After flashing these two files, the pineapple is available under 172.16.42.1.

The first boot after flashing will take around five minutes, depending on your device, maybe longer. It is executing boot scripts configuring itself.

Don't worry though! After about five minutes, ssh into the router. If you can't ssh, wait a bit longer. It will work.

When you ssh, use "root" as the username and "pineapplesareyummy" as the password.

To change the password please execute "passwd" and change it there.

There you go, you should be all set up now!

I hope you enjoy this and accept my apology ;)

Credits go to Darren and Robin for Karma and MK3.

Thank you guys for your amazing work!

If there are any questions, do not hesitate to ask.

Best Regards,

Sebkinne

Changelog:

1.0: Initial Release

1.1: Fixed Mac address in /etc/conf/wireless

1.2: Added boot scripts

1.3: Enabled SSH by default. Set root password.

1.4: Sped up boot process.

1.5: Eliminated reboot + added macchanger (Not added to the startkarma script though, I will be adding a toggle / I am sure Darren has thought of that)

1.6-Beta: Fixed startup WIFI. (Not tested yet)

1.7: Protected pineapple interface, fixed wifi, added tweaks.

1.8: Added wifi LED. Note: Wifi LED will only activate when karma is activated. Normal wifi will not turn LED on.

1.9: Fixed the "restore factory defaults" in pineapple interface.

Upcoming / todo:

*Look into ngrep not working

*Fix de-auth webinterface

*fix wifi mode to g

Edited by Sebkinne
Link to comment
Share on other sites

  • Replies 164
  • Created
  • Last Reply

Top Posters In This Topic

Flashing Instructions:

Method 1:

Download an app called Freifunk EasyFlash and use this to flash. It automates the process for you and gives clear instructions.

Method 2 - Redboot:

Credits to Digininja for the script:

Just follow the instructions here http://www.digininja.org/jasager/installation.php

Method 3 - Manual way:

If you decide to do this, you know what you are doing. There is no need for me to explain.

Method 4 - If you have microRedboot:

1. Boot your router into redboot (OM1P: Disconnect from power, hold reset button, reconnect, keep holding for 2 seconds, release).

2. Set your interface's IP to 192.168.0.100 (ethernet interface)

3. Telnet into 192.168.0.1 port 9999

4. Set up a TFTP server (plenty of guides out there)

5. Follow these instructions:

#Redboot reflash guide

ip_address -h 192.168.0.100
fis init


#Load and flash the kernel

load -r -b %{FREEMEMLO} openwrt-atheros-vmlinux.lzma
fis create -e 0x80041000 -r 0x80041000 linux

If you have the normal redboot please use the following line:
fis create -e 0x80041000 -r 0x80041000 vmlinux.bin.l7

#Load and flash the filesystem
#This can take 5 minutes or more

load -r -b %{FREEMEMLO} openwrt-atheros-root.squashfs
fis create -l 0x6E0000 rootfs


reset

I will be neatening this up and adding more detail later. This is just to get you guys started!

Regards,

Sebkinne

Edited by sebkinne
Link to comment
Share on other sites

Nice build. Even includes the 1.0.2 patch. One error though, the /etc/config/wireless file contains the mac address of my dev unit. The SSID Pineapple3c which is again my third dev unit (a and b got borked). Upon boot the device adds radio1 to the config. I removed the radio0 entries and renamed radio1 to radio0, commenting out the mac address option. Will know if that does the trick here in a minute.

Link to comment
Share on other sites

With the commented out macaddr it keeps adding another interface (radio1). Bummer it seems to want it and is willing to add it if not found as it prevents automatically enabling the wireless interface in the firmware. Still just not touching that file it'll create its own and there isn't anything custom in it aside from SSID. Running sed -i 's/option disabled 1/#option disabled 1/' /etc/config/wireless after telnetting in will do the trick.

Edit: That did the trick :) Working on my Fon 2100, albeit a bit slow.

Link to comment
Share on other sites

Great to hear that!

I have released a new and updated version of the system, now there is no need to configure anything after flashing! Just be patient and wait for it to fully boot.

Edit: I have a new version I am working on eliminating the reboot. Just takes too long overall.

Best

Seb

Edited by sebkinne
Link to comment
Share on other sites

@Darren

Yeah, it fixes the symlinks, fixes the wifi and sets the password to "pineapplesareawesome".

I was originally going to do "pineapplesareyummy" but it slipped my mind and it was too early to recompile. I will do later ;)

@Vile,

It reboots the 2200? That sounds odd. While the OM1P does have more resources, it should run just fine. Could you let the router run for a while and see if it reboots on its own?

If it does not, can you see if all features make the 2200 reboot? If so, could you start the services manually and see if you get any errors or if it crashes immediately?

Edited by sebkinne
Link to comment
Share on other sites

@Vile,

It reboots the 2200? That sounds odd. While the OM1P does have more resources, it should run just fine. Could you let the router run for a while and see if it reboots on its own?

If it does not, can you see if all features make the 2200 reboot? If so, could you start the services manually and see if you get any errors or if it crashes immediately?

Yeah it did it before then I updated to the more recent version of your firmware and it does the same. It pretty much reboots it immediately after i run run urlsnarf -i br-lan.

It does stay up for a long time without running urlsnarf. I'll see if any other features cause it to reboot now

edit:

ran ./dnsspoof.sh & (OK) added ./ngrep.sh & and it rebooted..

tried again and it worked with dnsspoof / ngrep / karma on and "free" showed 876kb free (I assume that's kb, right?)

Still as soon as i run urlsnarf it resets immediately.

Edited by Vile
Link to comment
Share on other sites

Just for the hell of it I tried reinstall dsniff ipk package and it's still the same problem.

@Darren does urlsnarf work on your 2100 ?

... This doesn't really make sense to me though because I can run plain ngrep and can see packets. There's no way urlsnarf uses more resources than ngrep, right?

Edited by Vile
Link to comment
Share on other sites

Yeah it did it before then I updated to the more recent version of your firmware and it does the same. It pretty much reboots it immediately after i run run urlsnarf -i br-lan.

It does stay up for a long time without running urlsnarf. I'll see if any other features cause it to reboot now

edit:

ran ./dnsspoof.sh & (OK) added ./ngrep.sh & and it rebooted..

tried again and it worked with dnsspoof / ngrep / karma on and "free" showed 876kb free (I assume that's kb, right?)

Still as soon as i run urlsnarf it resets immediately.

This sounds strange. Instead of "free" run df -h, that makes it more readable.

Try out my newest firmware, I trimmed it a bit, hope it fixes some issues!

Link to comment
Share on other sites

Sebkinne, I flashed my pineapple mark II that i got from the shop and there are a couple problems?

after the flash and boot scripts the wifi led does not light up what so ever and I only see a wireless network called open wrt.

when I tried to connect my laptop and a itouch I get an error cannot connect?

as well I used the factory default button thinking it might fix and after I reboot the interface is not up?

in my second flash I tried to remove the openwrt network setting and it did the same thing, after the reboot the interface was no longer enabled?

in the wireless config there is a network called pineapple3c and I don't see it in my scans?

thank you for your time and I want to help you figure out these errors:-)

Link to comment
Share on other sites

Sebkinne, I flashed my pineapple mark II that i got from the shop and there are a couple problems?

after the flash and boot scripts the wifi led does not light up what so ever and I only see a wireless network called open wrt.

when I tried to connect my laptop and a itouch I get an error cannot connect?

as well I used the factory default button thinking it might fix and after I reboot the interface is not up?

in my second flash I tried to remove the openwrt network setting and it did the same thing, after the reboot the interface was no longer enabled?

in the wireless config there is a network called pineapple3c and I don't see it in my scans?

thank you for your time and I want to help you figure out these errors:-)

I had the same problem; no WiFi light after flash.

EDIT: I changed my NIC's ip address back to automatic after flashing, then I was able to SSH into 172.16.42.1:22

EDIT: I was able to change the password, but can't connect to the wireless network (OpenWrt), and when connecting in wired mode, I can't get the config page to open on by browser. I did get this when browsing to 172.16.42.1:

Warning: main(default.html) [function.main]: failed to open stream: No such file or directory in /www/redirect.php on line 8

Fatal error: main() [function.require]: Failed opening required 'default.html' (include_path='.:') in /www/redirect.php on line 8

EDIT: I found out the problem. The files from the MK2 phishing attack were still on there, in /www/. I just deleted them, then on browsing to 172.16.42.1, I saw a directory called "pineapple", and after clicking it, I got to the main config page, where I could fix the WiFi problem.

The files in /www/ don't need to be deleted, but there was no reason for them to be there.

Edited by stuffses
Link to comment
Share on other sites

I had the same problem; no WiFi light after flash.

EDIT: I changed my NIC's ip address back to automatic after flashing, then I was able to SSH into 172.16.42.1:22

EDIT: I was able to change the password, but can't connect to the wireless network (OpenWrt), and when connecting in wired mode, I can't get the config page to open on by browser. I did get this when browsing to 172.16.42.1:

Warning: main(default.html) [function.main]: failed to open stream: No such file or directory in /www/redirect.php on line 8

Fatal error: main() [function.require]: Failed opening required 'default.html' (include_path='.:') in /www/redirect.php on line 8

EDIT: I found out the problem. The files from the MK2 phishing attack were still on there, in /www/. I just deleted them, then on browsing to 172.16.42.1, I saw a directory called "pineapple", and after clicking it, I got to the main config page, where I could fix the WiFi problem.

The files in /www/ don't need to be deleted, but there was no reason for them to be there.

EDIT: (I hope this is the last one) There may have been a reason for index.php, but I don't know about the others.

Link to comment
Share on other sites

after the flash and boot scripts the wifi led does not light up what so ever and I only see a wireless network called open wrt.

when I tried to connect my laptop and a itouch I get an error cannot connect?

in the wireless config there is a network called pineapple3c and I don't see it in my scans?

FON2100

i have the exact same errors with a MK1 flashed with this firmware, everything seems to work, ecept for showing the right SSID, and letting me connect... havent had the time to play with the wireless config yet...

AP51

on my MK3 i get no SSID at all, and no SSH, even though i can ping the router on 172.16.42.1 (so i know that its running with Seb's firmware)

Seb>> if you need a newer version tested, just say so, i dont mind re-flashing my routers.. i'll just wait with my pentesting :D

Link to comment
Share on other sites

@All,

I will be fixing the issue with the "OpenWRT" SSID showing and not allowing you to connect. I am already working on a new version.

@Stuffses

In regards to why the index.php files are there, well, they are part of the MK3 firmware. Not only that, but turning DNSspoof on, that index.php takes care of everything for you.

Just add files into the folder (such as facebook.html) and it will redirect people there.

I suggest people leave those files intact and simply navigate to http://72.16.42.1/pineapple

@httpCrash

Interesting, can you pull up the pineapple web interface? In regards to testing firmware, write me a PM on here, that could be useful! Thanks.

Regards,

Sebkinne

Edited by sebkinne
Link to comment
Share on other sites

@All,

@httpCrash

Interesting, can you pull up the pineapple web interface? In regards to testing firmware, write me a PM on here, that could be useful! Thanks.

Regards,

Sebkinne

on the FON2100 i get both SSH and pineapple web interface...

on the AP51 i get none of the above, but as said, i can ping the IP you gave it...

Link to comment
Share on other sites

I'm so poor that I can't spend $99 on a MK III. I bought Fonera 2.0g (2202) 2 months ago because I wanted to use openwrt and this was the cheapest option I found. http://wiki.openwrt.org/toh/fon/start

I stumbled upon jasager and wifipineapple recently and I wonder if it would be possible to flash wifipineapple MK III firmware to this device. I'm one click away of flashing the files here with fonflash utility, but I prefer to ask before bricking it. Is it really possible to have that nice mkIII web interface by making a wifipineapple DIY with a fon 2202 router? any advice is welcome

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...