lostngone Posted December 4, 2011 Share Posted December 4, 2011 What/how is the best way to password protect the web based admin interface? Quote Link to comment Share on other sites More sharing options...
brianzimm Posted December 4, 2011 Share Posted December 4, 2011 If the web server supports it .htaccess Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted December 5, 2011 Share Posted December 5, 2011 SSH to the pineapple, and change the root pass. Quote Link to comment Share on other sites More sharing options...
lostngone Posted December 5, 2011 Author Share Posted December 5, 2011 brianzimm, I will look into that. Mr-Protocol, changing roots password seems to have no effect on web interface access. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted December 5, 2011 Share Posted December 5, 2011 (edited) That is how it worked on Mark 1. I haven't built out my Mark II or III yet, soon enough when I get some time. Did you reboot the pineapple after changing the root pass? Edited December 5, 2011 by Mr-Protocol Quote Link to comment Share on other sites More sharing options...
lostngone Posted December 5, 2011 Author Share Posted December 5, 2011 Yes. I changed roots password the first time I ssh'ed into the unit. Quote Link to comment Share on other sites More sharing options...
httpCRASH Posted December 5, 2011 Share Posted December 5, 2011 there is no password on the webinterface for the MK3 MR-Protocol.. my best bet would also be to try .htaccess ... but then again, do you really need it, you only know to go to the /pineapple folder if you know its a router with MK3 webinterface on it... and most people would not know that, or look for it Quote Link to comment Share on other sites More sharing options...
wcs Posted December 5, 2011 Share Posted December 5, 2011 My understanding was that the Pineapple (by default) expects it's internet connection to be 172.16.42.42 and that it's WebUI and SSH services are only available to this IP address. (however I can't actually find where I read that :( ) I've not actually tried to connect to WebUI interface, or SSH server with any other IP address other than the #.#.#.42 For example with an IP provided by the pineapple on the victim side. Quote Link to comment Share on other sites More sharing options...
itsm0ld Posted December 5, 2011 Share Posted December 5, 2011 My understanding was that the Pineapple (by default) expects it's internet connection to be 172.16.42.42 and that it's WebUI and SSH services are only available to this IP address. (however I can't actually find where I read that :( ) I've not actually tried to connect to WebUI interface, or SSH server with any other IP address other than the #.#.#.42 For example with an IP provided by the pineapple on the victim side. You can in fact connect to the pineapple interface from any victim. Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted December 5, 2011 Share Posted December 5, 2011 (edited) In my new firmware I have included a fix. I will release it in a couple of hours. Basically, when going to /pineapple/ it asks for a username (root) and a password. The password is the password used for SSH. It updates with any changes as it uses the /etc/shadow file. I will also explain how to do it in my thread, I just don't have enough time to post it right now. Best, Sebkinne Edited December 5, 2011 by sebkinne Quote Link to comment Share on other sites More sharing options...
lostngone Posted December 5, 2011 Author Share Posted December 5, 2011 In my new firmware I have included a fix. I will release it in a couple of hours. Basically, when going to /pineapple/ it asks for a username (root) and a password. The password is the password used for SSH. It updates with any changes as it uses the /etc/shadow file. I will also explain how to do it in my thread, I just don't have enough time to post it right now. Best, Sebkinne Thank You! Tell me where to send beer.... Quote Link to comment Share on other sites More sharing options...
itsm0ld Posted December 8, 2011 Share Posted December 8, 2011 Thank You! Tell me where to send beer.... If you don't need to flash the firmware here is my How-To: http://forums.hak5.org/index.php?showtopic=24397 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.