Jump to content

Secure Admin Interface


Recommended Posts

there is no password on the webinterface for the MK3 MR-Protocol..

my best bet would also be to try .htaccess ... but then again, do you really need it, you only know to go to the /pineapple folder if you know its a router with MK3 webinterface on it... and most people would not know that, or look for it

Link to comment
Share on other sites

My understanding was that the Pineapple (by default) expects it's internet connection to be 172.16.42.42 and that it's WebUI and SSH services are only available to this IP address.

(however I can't actually find where I read that :( )

I've not actually tried to connect to WebUI interface, or SSH server with any other IP address other than the #.#.#.42

For example with an IP provided by the pineapple on the victim side.

Link to comment
Share on other sites

My understanding was that the Pineapple (by default) expects it's internet connection to be 172.16.42.42 and that it's WebUI and SSH services are only available to this IP address.

(however I can't actually find where I read that :( )

I've not actually tried to connect to WebUI interface, or SSH server with any other IP address other than the #.#.#.42

For example with an IP provided by the pineapple on the victim side.

You can in fact connect to the pineapple interface from any victim.

Link to comment
Share on other sites

In my new firmware I have included a fix. I will release it in a couple of hours.

Basically, when going to /pineapple/ it asks for a username (root) and a password. The password is the password used for SSH. It updates with any changes as it uses the /etc/shadow file.

I will also explain how to do it in my thread, I just don't have enough time to post it right now.

Best,

Sebkinne

Edited by sebkinne
Link to comment
Share on other sites

In my new firmware I have included a fix. I will release it in a couple of hours.

Basically, when going to /pineapple/ it asks for a username (root) and a password. The password is the password used for SSH. It updates with any changes as it uses the /etc/shadow file.

I will also explain how to do it in my thread, I just don't have enough time to post it right now.

Best,

Sebkinne

Thank You! Tell me where to send beer....

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...