Pineapple Mk2 Upgrade & Sslstrip

[EdLesMann]

This is the next step of my journey for those that helped me out earlier. Thanks! I am starting a new topic since the goal of the first topic has been completed.

http://forums.hak5.org/index.php?showtopic=23571

I was able to hack in to the pineapple and adjust all the network settings. I followed echoblack's guide since that was where my friend had started.

http://forums.hak5.org/index.php?showtopic=15200

I used his scripts and I was able to get it working! There are a few issues with the script that I am going to try to hack on and correct, but it works as it should.

I have three things I would like to ask about. All of this was done on a fully updated Kubuntu 11.10 laptop.

1) SSLstrip. I enabled this function from the script, but SSLscript crashed on me everytime I started it up. I have both python 2.6 and 2.7 installed. As a test I updated SSLstrip. I pulled the latest sslstrip from here: https://github.com/moxie0/sslstrip

After I adjusted the pineapple.sh script to point to the 0.9 instead of 0.7. SSLstrip stopped crashing, but it didn't behave the way I thought it should. Browsing https://google.com, https://duckduckgo.com and even the https verison of wikipedia didn't trigger anything. I logged into https://mail.google.com and I saw it was redirected to http://mail.google.com /and/ I got a message in my logfile showing my email/password/ect! Horray, part of it works! SSLStrip also kicks out this nasty block of errors:

File "/usr/lib/python2.7/dist-packages/twisted/internet/tcp.py", line 529, in connectionLost
    protocol.connectionLost(reason)
  File "/usr/lib/python2.7/dist-packages/twisted/web/http.py", line 455, in connectionLost
    self.handleResponseEnd()
  File "/usr/src/sslstrip-0.9-2-1/sslstrip/ServerConnection.py", line 119, in handleResponseEnd
    HTTPClient.handleResponseEnd(self)
  File "/usr/lib/python2.7/dist-packages/twisted/web/http.py", line 466, in handleResponseEnd
    self.handleResponse(B)
  File "/usr/src/sslstrip-0.9-2-1/sslstrip/ServerConnection.py", line 134, in handleResponse
    self.shutdown()
  File "/usr/src/sslstrip-0.9-2-1/sslstrip/ServerConnection.py", line 154, in shutdown
    self.client.finish()
  File "/usr/lib/python2.7/dist-packages/twisted/web/http.py", line 866, in finish
    "Request.finish called on a request after its connection was lost; "
exceptions.RuntimeError: Request.finish called on a request after its connection was lost; use Request.notifyFinish to keep track of this.

Is this important? I don't know. pineapple.sh only checks for python 2.6, is it a problem that it uses 2.7? Again, I don't know. I don't see anything in the sslstrip docs saying I have to use python2.6, but maybe I am missing something obvious.

Also, why would it not strip the https from the search engines/wiki?

2) Upgrades. According to the software webpages, my pineapple is running Jasager v.2 (meaning I am WAY out of date) and X-WRT 8.09 (which has an update to 8.09.02). I looked and found several update guides, but they seem to want me to run a windows binary. I don't have windows at all. Just Debian Lenny (Desktop), and Kubuntu 11.10 (laptop). Should I attempt an upgrade? What would be the easiest way for me to do so? I have a decent amount of Linux knowledge, but this pineapple/wireshark/sslstrip is pretty much all new to me and I tend to have to look up a lot of terminology.

3) Wireshark. Lastly, I captured traffic from the eth0 port with wireshark. I have used wireshark _loads_ of times in the past for my past job...with a very specific purpose...so I only know like 3 things about wireshark...it is rather sad how little I know about a program I have used so much. Has Hak5 done a good review of wireshark that I can use to brush up? A search on youtube brings up a bunch of wireshark videos. Anyone have recommended materials I should check out?

Thanks for the help everyone!