Light Posted March 2, 2012 Share Posted March 2, 2012 I Just tested it out over my lunch break and i was able to get my targets to access the internet. Thanks Darren for all of your help with this and everything that you guys do over there at Hak5. Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted March 2, 2012 Share Posted March 2, 2012 Yeah, really sorry about that. It should have worked right out of the box. Well, it does if you try 3G first. *Grumble* We'll have a 1.0.1 out soon with macchanger, sniffer page, this fix and a few other odds and ends probably over the weekend or Monday. Stay tuned. Quote Link to comment Share on other sites More sharing options...
telot Posted March 2, 2012 Share Posted March 2, 2012 (edited) Yeah, really sorry about that. It should have worked right out of the box. Well, it does if you try 3G first. *Grumble* We'll have a 1.0.1 out soon with macchanger, sniffer page, this fix and a few other odds and ends probably over the weekend or Monday. Stay tuned. When I try and issue /etc/init.d/firewall off it comes back with: Synatx: /etc/init.d/ firewall [command] start start the service stop stop the service restart reload enable disable You sure you didn't mean "stop" instead of "off" in the second part of the command Darren? Thanks man! EDIT: Even though it comes back with that syntax response as if it were a bad option, it still made it work! :::Walks away slowly::: Either way - thanks for the hot fix ! telot Edited March 2, 2012 by telot Quote Link to comment Share on other sites More sharing options...
hfam Posted March 2, 2012 Author Share Posted March 2, 2012 (edited) Yeah, really sorry about that. It should have worked right out of the box. Well, it does if you try 3G first. *Grumble* We'll have a 1.0.1 out soon with macchanger, sniffer page, this fix and a few other odds and ends probably over the weekend or Monday. Stay tuned. Excellent job Darren, it's workin'...LIKE A BOSS!! :) :) :) No apologies necessary, I end up learning something I otherwise wouldn't have dealing with an occasional "gotcha". I do note however, like Telot's post above, I too got the syntax error, and it did not appear to work for me as it did for Telot. I changed the "off" command to "stop", reissued the command line "/etc/init.d/firewall disable; /etc/init.d/firewall stop", refreshed my client, and VOILA!! Thanks eternal for everything you do Darren!! I took the rest of the day off to celebrate and get to know my new MK4 (and ALL it's new "clients" ;) ) intimately!! You're the best, man, thanks again for the quick fix!! ETA1: Added the line /etc/init.d/firewall disable; /etc/init.d/firewall stop to rc.local via the Jobs page as you indicated (after the Karma line, and before the "exit 0" line), saved it with the button, rebooted the MK4, and it's all fixed up, works straight away after enabling Karma! Thanks again everyone!! Edited March 2, 2012 by hfam Quote Link to comment Share on other sites More sharing options...
iamk3 Posted March 2, 2012 Share Posted March 2, 2012 (edited) Nice! I'll be trying this soon. Thanks Darren! Edit: As expected, I added this to the Jobs page in the pineapple and it worked like a charm! Clients can get to the web with no problems. I used the lines that hfam posted above. Edited March 2, 2012 by iamk3 Quote Link to comment Share on other sites More sharing options...
xtronic Posted March 2, 2012 Share Posted March 2, 2012 Excellent job Darren, it's workin'...LIKE A BOSS!! :) :) :) No apologies necessary, I end up learning something I otherwise wouldn't have dealing with an occasional "gotcha". I do note however, like Telot's post above, I too got the syntax error, and it did not appear to work for me as it did for Telot. I changed the "off" command to "stop", reissued the command line "/etc/init.d/firewall disable; /etc/init.d/firewall stop", refreshed my client, and VOILA!! Thanks eternal for everything you do Darren!! I took the rest of the day off to celebrate and get to know my new MK4 (and ALL it's new "clients" ;) ) intimately!! You're the best, man, thanks again for the quick fix!! ETA1: Added the line /etc/init.d/firewall disable; /etc/init.d/firewall stop to rc.local via the Jobs page as you indicated (after the Karma line, and before the "exit 0" line), saved it with the button, rebooted the MK4, and it's all fixed up, works straight away after enabling Karma! Thanks again everyone!! I got the 1.0 firmware. Target cant get to the internet but can get a DNS resolve of a url. Tried the above line, rebooted device, activated karma but still no bits to client. Not even trying MitM yet, just testing target experience. Wonder what could be different. Quote Link to comment Share on other sites More sharing options...
PineDominator Posted March 2, 2012 Share Posted March 2, 2012 I got the 1.0 firmware. Target cant get to the internet but can get a DNS resolve of a url. Tried the above line, rebooted device, activated karma but still no bits to client. Not even trying MitM yet, just testing target experience. Wonder what could be different. If it's not in your startup script then it will reset back when you reboot. Quote Link to comment Share on other sites More sharing options...
xtronic Posted March 2, 2012 Share Posted March 2, 2012 (edited) If it's not in your startup script then it will reset back when you reboot. In the startup script or in the advanced commands area; the script doesnt work for me. Connecting clients will get DNS data but no internets. I am sure it is the firewall issue and will be fixed but it makes me feel dumb that I can't hotfix it like the cool kids are doing. I had a friend help error check me and tried a few different processes. Same blocked internet. Don't mind waiting but just wish I knew what I was doing wrong. unit is vanilla 1.0 with only Karma turned on. non-smooocon. Edited March 2, 2012 by xtronic Quote Link to comment Share on other sites More sharing options...
Light Posted March 2, 2012 Share Posted March 2, 2012 I just went to the Adv page and typed in the command "/etc/init.d/firewall stop" then click execute command. And it worked fine from there. I will have to edit the rc.local file so i dont have to enter the command every time I fire up the MK4 or i can wait for the update. Quote Link to comment Share on other sites More sharing options...
iamk3 Posted March 2, 2012 Share Posted March 2, 2012 xtronic: Make sure that on the Jobs "tab" it looks like this (second box) Execute on Boot: wifi hostapd_cli -p /var/run/hostapd-phy0 karma_disable /etc/init.d/firewall disable; /etc/init.d/firewall stop exit 0 Then press the "Update rc.local" button The page should refresh and it should say "Updated /etc/rc.local" at the top Then reboot (I rebooted it from the Advanced tab) Quote Link to comment Share on other sites More sharing options...
telot Posted March 2, 2012 Share Posted March 2, 2012 Heres an oddity for the pile: I only ran my commands once, like this: /etc/init.d/firewall disable /etc/init.d/firewall off Seeing the syntax error, and thinking Darren mistyped it I did: /etc/init.d/firewall stop Then re-reading some more posts I did the follow for a second time: /etc/init.d/firewall off And it works great. WEIRD THING IS - when I reboot it works out the bag. I never added it to the cron whatsoever. Very strange indeed and perhaps something for people to try if they're still having probs. telot Quote Link to comment Share on other sites More sharing options...
xtronic Posted March 3, 2012 Share Posted March 3, 2012 xtronic: Make sure that on the Jobs "tab" it looks like this (second box) Execute on Boot: wifi hostapd_cli -p /var/run/hostapd-phy0 karma_disable /etc/init.d/firewall disable; /etc/init.d/firewall stop exit 0 Then press the "Update rc.local" button The page should refresh and it should say "Updated /etc/rc.local" at the top Then reboot (I rebooted it from the Advanced tab) Triple checked, quadrupled tested. Used the power plug and advanced menu to reboot, tried the hotfix with clients and karma running and without. I can see the public IP, I can see my DNS settings (opendns) passing through the Mark4. On about hour 4 looking for the mistake I am making. Didnt make any changes from out of the box except for running the hotfix and the cron in question. Any other ideas would be helpful. Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted March 3, 2012 Share Posted March 3, 2012 I don't understand why yours would be different. Disabling the firewall should do the trick. Have you SSH'd in and tried turning it off manually? We'll have a firmware update by Monday including a fix for this as well as a few new features (OTA updates, macchanger, sniffer page). What does the output of "cat /etc/config/dhcp" and "route" look like? Quote Link to comment Share on other sites More sharing options...
anode Posted March 3, 2012 Share Posted March 3, 2012 FWIW, my stock IV shared the internet tethered to a Mac. No disabling firewall or the like. Quote Link to comment Share on other sites More sharing options...
xtronic Posted March 3, 2012 Share Posted March 3, 2012 I don't understand why yours would be different. Disabling the firewall should do the trick. Have you SSH'd in and tried turning it off manually? We'll have a firmware update by Monday including a fix for this as well as a few new features (OTA updates, macchanger, sniffer page). What does the output of "cat /etc/config/dhcp" and "route" look like? My ip table is; default, 192.168.0.1, 0.0.0.0, ug, 0, 0, 0, eth1 172.16.42.0, *, 255.255.255.0, u, 0, 0, 0, br-lan 192.168.0.0, *, 255.255.255.0, u, 0, 0, 0, eth1 Have not SSH'd in as I was afraid of changing anything until I made sure it worked. Like to start with known variables. tried running "cat /etc/config/dhcp" but received nothing but an echo. Will wait for the FW. Thanks D Quote Link to comment Share on other sites More sharing options...
rmg Posted March 4, 2012 Share Posted March 4, 2012 i got a new Mk4 on friday, i have the same issue. Mk3 works perfect. Quote Link to comment Share on other sites More sharing options...
iamk3 Posted March 4, 2012 Share Posted March 4, 2012 rmg: Did you read through the whole thread? Darren posted a fix. Otherwise, wait for the firmware that should be released by Monday... Quote Link to comment Share on other sites More sharing options...
TylerCPU Posted March 6, 2012 Share Posted March 6, 2012 Wow, I spent all afternoon trying to get this to work. I kinda know what I am doing because I use a Wi-Fi Pineapple Mark II and it works fine but not the Pineapple Mark 4. All to find out its the firewall thats the problem.'Ugh' NOW it works. By the way where's the new firmware? I can't find it on the wifipineapple.com page? Is it this Monday? March 5? Quote Link to comment Share on other sites More sharing options...
barry99705 Posted March 6, 2012 Share Posted March 6, 2012 Wow, I spent all afternoon trying to get this to work. I kinda know what I am doing because I use a Wi-Fi Pineapple Mark II and it works fine but not the Pineapple Mark 4. All to find out its the firewall thats the problem.'Ugh' NOW it works. By the way where's the new firmware? I can't find it on the wifipineapple.com page? Is it this Monday? March 5? Hasn't been released yet. Quote Link to comment Share on other sites More sharing options...
iamk3 Posted March 6, 2012 Share Posted March 6, 2012 We were told that the new firmware should be released today, but as far as I know, it hasn't been yet. Just be patient (I know it's hard, I've been waiting in anticipation and been checking all day!), but I'm sure Seb or Darren will have it for us as soon as possible! Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted March 6, 2012 Share Posted March 6, 2012 Not to preempt Seb but it's at http://www.wifipineapple.com/upgrade.bin (Note to future people: link not likely to work after 3/7/2012) and we'll have a proper changelog post here shortly. ICS Firewall fix, macchanger, update checker & reset button network config restore. Quote Link to comment Share on other sites More sharing options...
xtronic Posted March 6, 2012 Share Posted March 6, 2012 ok. I do not know much about Linux but do networking for work. Been learning BT for a few weeks, having fun with Reaver. I have never SSH'd to my ignorant shame. Just so you know what you are dealing with; When I got my M4, I powered it up. Plugged in internet (192.) to the WAN port of the Pineapple, went to 172.16.42.1/pineapple/, logged in, activated karma and allowed a (Win7 and then Ipad2) to connect to a phantom ssid. Once I saw that the device(s) received a 172 IP, I tried from the target machines to surf. No joy. Read the forums and tried Darren's simple instructions (/etc/init.d/firewall disable; /etc/init.d/firewall stop), reboot, try again; no joy. Then tried putting the firewall command in the job tab below the karma disable but before the exit(/etc/init.d/firewall disable; /etc/init.d/firewall stop to rc.local via the Jobs), no joy. Because I am overly methodical, I did not try ICS, change any other settings or service. Will wait for firmware; upgrade to 1.01 was exactly as expected (reboot, 2 minutes, no error, happy pineapple. With internet (192) in the WAN port of pineapple, i can ping 8.8.8.8, I can tracert www.google.com from the pineapple. Activate karma, connect target machine to phantom ssid, receive a 172.16.42.184 ip, but am not able to ping 8.8.8.8 from target cpu. A tracert to www.cnn.com goes; pinapple.lan, (172.16.42.1), destination host unreachable. I confirm the target machines are receiving an IP via the status in pineapple. the IP routing table has 4 entries; default - 172.16.42.42 - 0.0.0.0 default - 192.168.1.1 - 0.0.0.0 172.16.42.0 - * - 255.255.255.0 192.168.1.0 - * - 255.255.255.0 wirless in enabled karma is enabled autostart disabled cron job enabled all the rest disabled (did not mess with anything other than karma) I also tried a Ipad as the target, received a 172.16.42.157 IP but am unable to surf the internet. No cellphone dongle to try. Use OpenDNS on my netgear router. I know this is a firewall issue but I dont see where I am messing up or what I could have done to receive such a non-standard experience. I had another network guy look at my process but he is unable to see the error I am making. In all, I have tried the above steps dozens of times but distilled it for clarity. Some users don't know what they are clicking but I did the above steps methodically and deliberately (not that I didn't mess-up somewhere, just I paid attention out of fear of a repeat experience of my M2.) Quote Link to comment Share on other sites More sharing options...
hfam Posted March 6, 2012 Author Share Posted March 6, 2012 ok. I do not know much about Linux but do networking for work. Been learning BT for a few weeks, having fun with Reaver. I have never SSH'd to my ignorant shame. Just so you know what you are dealing with; When I got my M4, I powered it up. Plugged in internet (192.) to the WAN port of the Pineapple, went to 172.16.42.1/pineapple/, logged in, activated karma and allowed a (Win7 and then Ipad2) to connect to a phantom ssid. Once I saw that the device(s) received a 172 IP, I tried from the target machines to surf. No joy. Read the forums and tried Darren's simple instructions (/etc/init.d/firewall disable; /etc/init.d/firewall stop), reboot, try again; no joy. Then tried putting the firewall command in the job tab below the karma disable but before the exit(/etc/init.d/firewall disable; /etc/init.d/firewall stop to rc.local via the Jobs), no joy. Because I am overly methodical, I did not try ICS, change any other settings or service. Will wait for firmware; upgrade to 1.01 was exactly as expected (reboot, 2 minutes, no error, happy pineapple. With internet (192) in the WAN port of pineapple, i can ping 8.8.8.8, I can tracert www.google.com from the pineapple. Activate karma, connect target machine to phantom ssid, receive a 172.16.42.184 ip, but am not able to ping 8.8.8.8 from target cpu. A tracert to www.cnn.com goes; pinapple.lan, (172.16.42.1), destination host unreachable. I confirm the target machines are receiving an IP via the status in pineapple. the IP routing table has 4 entries; default - 172.16.42.42 - 0.0.0.0 default - 192.168.1.1 - 0.0.0.0 172.16.42.0 - * - 255.255.255.0 192.168.1.0 - * - 255.255.255.0 wirless in enabled karma is enabled autostart disabled cron job enabled all the rest disabled (did not mess with anything other than karma) I also tried a Ipad as the target, received a 172.16.42.157 IP but am unable to surf the internet. No cellphone dongle to try. Use OpenDNS on my netgear router. I know this is a firewall issue but I dont see where I am messing up or what I could have done to receive such a non-standard experience. I had another network guy look at my process but he is unable to see the error I am making. In all, I have tried the above steps dozens of times but distilled it for clarity. Some users don't know what they are clicking but I did the above steps methodically and deliberately (not that I didn't mess-up somewhere, just I paid attention out of fear of a repeat experience of my M2.) Maybe I'm reading your post wrong, but you need to provide Internet via 42.42 (your laptop should have this IP assigned to eth0) Your Laptop should be plugged into the PoE port on the MK4, NOT the "LAN/WAN" port of the MK4. There should be no 192.x.x.x in the equation. Hope that helps! Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted March 6, 2012 Share Posted March 6, 2012 Hfam is correct: To set up ICS, set your laptop's ethX interface to 172.16.42.42 and enable ICS. Plug the cable into the POE port and it should just work. Best, Sebkinne Quote Link to comment Share on other sites More sharing options...
xtronic Posted March 6, 2012 Share Posted March 6, 2012 (edited) So, you are saying that for any target to get internet, it must flow through a ICS enabled laptop or run off of a usb cell dongle? Why then does the pineapple have a lan/wan port? I thought it could be self contained for remote deployment. (maybe that is using a cell dongle, like Darren does?) Edited March 6, 2012 by xtronic Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.