Jump to content

3g / Laptop-less Jasager


whitehat
 Share

Recommended Posts

I have a similar problem, although I do not have that modem atm.

You will need a micro-sd card to add into the MC760. Then I would also wait until the next firmware to really have this functionality working as Sebkinne has alluded to some features that will really make use of the extra space on the micro-sd card.

If you want to get this working right now, then I would read through the information others have posted regarding the MC760 and getting the sd card mounted and adding swap to the sd card (by Darren).

One issue I and others are running into with the MC760 is the power consumption, you may need an external usb hub that is powered, the key word is powered so that the device does not randomly lose connection and need to be replugged to get the 3g working again.

There are many great modules being developed and I would recommend exploring them to see if they meet your needs. You should also state what your objective is. Are you phishing, "rick rolling", cracking WEP/WPA networks? The scripts that you will need will depend greatly on your goals. I have personally found this device to be an amazing little piece of hardware and for anyone who knows the basics of BackTrack or Linux in general this device can be custom tailored for your needs.

Based on your 3G/Karma/URL Snarf/Save Packets you can accomplish this fairly easy without any modifications, just need that sd card.

Link to comment
Share on other sites

Correction:

Out-of-the-Box will need to have the following changes made to get the MC760 working:

1) Update to the latest firmware (1.1.1 at time of writing)

2) Log in to the http://172.16.42.1/pineapple/ interface and go to USB and change to (You will want to follow the swap tutorial by Darren first):

config global automount

option from_fstab 1

option anon_mount 1

config global autoswap

option from_fstab 1

option anon_swap 1

config mount

option target /usb

option device /dev/sda

option fstype ext4

option options rw,sync

option enabled 1

option enabled_fsck 0

config mount

option target /usb

option device /dev/sda1

option fstype ext4

option options rw,sync

option enabled 1

option enabled_fsck 0

config swap

option device /dev/sda2

option enabled 1

3) Goto the 3G menu and replace your "Mobile Broadband Connection" with:

#!/bin/sh

# ---------------------------------------------------------

# 3G Connection Script for WiFi Pineapple. "Does the thing"

#

# Version: 2012-02-17

# Supports:

#

# ZTE MF591 (T-Mobile) -dkitchen

# Novatel MC760 (Virgin) -dkitchen

# Novatel MC760 (Ting) -dkitchen

#

# Updated: wifipineapple.com

# ---------------------------------------------------------

# -----------------------------------------------------------

# Configure /etc/ppp/options with hard-coded working settings

# -----------------------------------------------------------

echo "

logfile /dev/null

noaccomp

nopcomp

nocrtscts

lock

maxfail 0" > /etc/ppp/options

*1410:6002* | *1410:5031*) echo "Novatel MC760 (Virgin Mobile) detected. Attempting mode switch"

uci delete network.wan2

uci set network.wan2=interface

uci set network.wan2.ifname=ppp0

uci set network.wan2.proto=3g

uci set network.wan2.service=cdma

uci set network.wan2.device=/dev/ttyUSB0

uci set network.wan2.username=internet

uci set network.wan2.password=internet

uci set network.wan2.defaultroute=1

uci set network.wan2.ppp_redial=persist

uci set network.wan2.peerdns=0

uci set network.wan2.dns=8.8.8.8

uci set network.wan2.keepalive=1

uci set network.wan2.pppd_options=debug

uci set network.wan2.pppd_options=noauth

uci commit network

usb_modeswitch -v 1410 -p 5031 -V 1410 -P 6002 -M 5553424312345678000000000000061b000000020000000000000000000000 -n 1 -s 20

sleep 10; rmmod usbserial

sleep 3; insmod usbserial vendor=0x1410 product=0x6002

sleep 5; /etc/init.d/firewall disable; /etc/init.d/firewall stop

logger "3G: firewall stopped"

iptables -t nat -A POSTROUTING -s 172.16.42.0/24 -o 3g-wan2 -j MASQUERADE

iptables -A FORWARD -s 172.16.42.0/24 -o 3g-wan2 -j ACCEPT

iptables -A FORWARD -d 172.16.42.0/24 -m state --state ESTABLISHED,RELATED -i 3g-wan2 -j ACCEPT

;;

esac

4) Then go to the Jobs menu and remove "/www/pineapple/3g/3g.sh" from the "Execute on Boot:" section.

5) Reboot the device under the Advanced menu and wait 5 minutes.

All this is corrected on the most recent code.

Link to comment
Share on other sites

Will these same setting work for the Novatel MC760 (Ting)? I have the swap set up but haven't been able to get the modem working.

All but step #3 you can skip that step. Also I want to reiterate the use of a powered USB hub I believe it is now a necessity for the mc760 modems while using the micro sd slot.

Link to comment
Share on other sites

Thank you very much, Vulture. I don't have an academic background in computing so you may find me to be a little slow.... which is my excuse for not knowing what you mean by modules? Bits of code? Where are these modules, on the github?

My objective is, I guess, to capture packets. To be honest, when I bought this thing I thought it would let me watch clients' web activity in real time, or at least give me all their keystrokes. What I really want to do is gather 2 kinds of passwords: 1. the username & pw combos that are being used to access WPA2 Enterprise and 2. all other passwords being used online such as gmail passwords.

Is that possible? I will look for the other 3G info. There's basically nothing on the Wiki -- it just says supported out of the box. I tried searched some keywords, but in this forums but that didn't go too well. No worries tho, if there's juicy info in here on this then I will find it; thanks for letting me know!

Whitehat, what you are looking for doesn't really exist in that sort of ease for the most part.

There is a modules menu once you upgrade the firmware. Click to show the modules and you can reference their threads on the forum under their names like "key logger". This project is still evolving so not all features are available yet. You can think of the pineapple as a light weight install of backtrack installation. So study up on man in the middle attacks with backtrack. With the pineapple you are the gateway aka the man. So everything you do in those attacks can be done with the pineapple.

Not to sound preachy but if you are working to show clients how you did it you should know how the background functions, so you can defeat these types of attacks or at least detect them. For example when you are done using it for attacks you can turn it around to hunt for pineapple style devices and notify you.

Link to comment
Share on other sites

I made the changes but it still isn't working. The last lines in log read:

Jan 1 00:06:11 Pineapple user.notice root: 3G: Connection Script here, searching for modems

Jan 1 00:09:17 Pineapple kern.notice kernel: [ 557.920000] EXT4-fs (sdb1): error count: 2

Jan 1 00:09:17 Pineapple kern.notice kernel: [ 557.920000] EXT4-fs (sdb1): initial error at 3146: ext4_put_super:754

Jan 1 00:09:17 Pineapple kern.notice kernel: [ 557.920000] EXT4-fs (sdb1): last error at 3146: ext4_put_super:754

It reads it is searching for a modem yet when I go to the 3G page it shows the modem there.

Can you tell me something else to try? I would really like to get this work as I bought the modem specifically for the pineapple.

I do run the modem on a powered usb hub.

I also see this error in the log:

Jan 1 00:00:43 Pineapple user.notice usb-modeswitch: switching seemingly failed

Thanks for the help.

Edited by JimJensen
Link to comment
Share on other sites

Posted · Hidden by whitehat, May 16, 2012 - sec
Hidden by whitehat, May 16, 2012 - sec

Correction:

Out-of-the-Box will need to have the following changes made to get the MC760 working:

1) Update to the latest firmware (1.1.1 at time of writing)

2) Log in to the http://172.16.42.1/pineapple/ interface and go to USB and change to (You will want to follow the swap tutorial by Darren first):

config global automount

option from_fstab 1

option anon_mount 1

config global autoswap

option from_fstab 1

option anon_swap 1

config mount

option target /usb

option device /dev/sda

option fstype ext4

option options rw,sync

option enabled 1

option enabled_fsck 0

config mount

option target /usb

option device /dev/sda1

option fstype ext4

option options rw,sync

option enabled 1

option enabled_fsck 0

config swap

option device /dev/sda2

option enabled 1

3) Goto the 3G menu and replace your "Mobile Broadband Connection" with:

#!/bin/sh

# ---------------------------------------------------------

# 3G Connection Script for WiFi Pineapple. "Does the thing"

#

# Version: 2012-02-17

# Supports:

#

# ZTE MF591 (T-Mobile) -dkitchen

# Novatel MC760 (Virgin) -dkitchen

# Novatel MC760 (Ting) -dkitchen

#

# Updated: wifipineapple.com

# ---------------------------------------------------------

# -----------------------------------------------------------

# Configure /etc/ppp/options with hard-coded working settings

# -----------------------------------------------------------

echo "

logfile /dev/null

noaccomp

nopcomp

nocrtscts

lock

maxfail 0" > /etc/ppp/options

*1410:6002* | *1410:5031*) echo "Novatel MC760 (Virgin Mobile) detected. Attempting mode switch"

uci delete network.wan2

uci set network.wan2=interface

uci set network.wan2.ifname=ppp0

uci set network.wan2.proto=3g

uci set network.wan2.service=cdma

uci set network.wan2.device=/dev/ttyUSB0

uci set network.wan2.username=internet

uci set network.wan2.password=internet

uci set network.wan2.defaultroute=1

uci set network.wan2.ppp_redial=persist

uci set network.wan2.peerdns=0

uci set network.wan2.dns=8.8.8.8

uci set network.wan2.keepalive=1

uci set network.wan2.pppd_options=debug

uci set network.wan2.pppd_options=noauth

uci commit network

usb_modeswitch -v 1410 -p 5031 -V 1410 -P 6002 -M 5553424312345678000000000000061b000000020000000000000000000000 -n 1 -s 20

sleep 10; rmmod usbserial

sleep 3; insmod usbserial vendor=0x1410 product=0x6002

sleep 5; /etc/init.d/firewall disable; /etc/init.d/firewall stop

logger "3G: firewall stopped"

iptables -t nat -A POSTROUTING -s 172.16.42.0/24 -o 3g-wan2 -j MASQUERADE

iptables -A FORWARD -s 172.16.42.0/24 -o 3g-wan2 -j ACCEPT

iptables -A FORWARD -d 172.16.42.0/24 -m state --state ESTABLISHED,RELATED -i 3g-wan2 -j ACCEPT

;;

esac

4) Then go to the Jobs menu and remove "/www/pineapple/3g/3g.sh" from the "Execute on Boot:" section.

5) Reboot the device under the Advanced menu and wait 5 minutes.

All this is corrected on the most recent code.

We must have posted at the same time because I didn't see this before. I'm reveiwing it now (thanks in advance for the help). Btw I picked up a Micro SD card like 1 hour ago.

Link to comment

If the 3G dongle is plaguing you - do what I did and just avoid it.

http://www.digi.com/products/wireless-routers-gateways/routing-gateways/digiconnectwanfamily#overview

I use one of these with my pineapple when I want to drop it off somewhere on a pentest. It works like a charm acting as the computer in the most important aspects (serves up solid internet to the pineapple) and it allows me to ssh/http in to perform any administrative functions. The digi can even power the pineapple with its usb port. This setup also allows for easy use of a huge usb stick, as opposed to being limited to a slow 32gb ($max$) microsd that fits in your 3g dongle. The biggest drawback is that digis are expensive. If works paying, great - if not, you can try and find a used one on ebay. Good luck!

As for your other requests, particularly the WPA enterprise - thats not currently possible with the pineapple. The pineapples all are limited to serving up and accepting open auth only. Theres another thread where digininja eludes to some other possibilities, but they appear to be very limited. Best thing about the pineapple (and all open source everything), if it doesn't exist, then make it!

telot

Link to comment
Share on other sites

I made the changes but it still isn't working. The last lines in log read:

Jan 1 00:06:11 Pineapple user.notice root: 3G: Connection Script here, searching for modems

Jan 1 00:09:17 Pineapple kern.notice kernel: [ 557.920000] EXT4-fs (sdb1): error count: 2

Jan 1 00:09:17 Pineapple kern.notice kernel: [ 557.920000] EXT4-fs (sdb1): initial error at 3146: ext4_put_super:754

Jan 1 00:09:17 Pineapple kern.notice kernel: [ 557.920000] EXT4-fs (sdb1): last error at 3146: ext4_put_super:754

It reads it is searching for a modem yet when I go to the 3G page it shows the modem there.

Can you tell me something else to try? I would really like to get this work as I bought the modem specifically for the pineapple.

I do run the modem on a powered usb hub.

I also see this error in the log:

Jan 1 00:00:43 Pineapple user.notice usb-modeswitch: switching seemingly failed

Thanks for the help.

SSH into the device and go to /www/pineapples/3g/ and ./3g.sh and let me know the output. Also provide the output of the "lsusb" command.

Link to comment
Share on other sites

SSH into the device and go to /www/pineapples/3g/ and ./3g.sh and let me know the output. Also provide the output of the "lsusb" command.

root@Pineapple:~# lsusb

Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

Bus 001 Device 002: ID 050d:0234 Belkin Components F5U234 USB 2.0 4-Port Hub

Bus 001 Device 003: ID 1410:6000 Novatel Wireless

root@Pineapple:/www/pineapple/3g# ./3g.sh

Searching for attached 3G Modems

1d6b:0002 050d:0234 1410:6000

Link to comment
Share on other sites

root@Pineapple:~# lsusb

Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

Bus 001 Device 002: ID 050d:0234 Belkin Components F5U234 USB 2.0 4-Port Hub

Bus 001 Device 003: ID 1410:6000 Novatel Wireless

root@Pineapple:/www/pineapple/3g# ./3g.sh

Searching for attached 3G Modems

1d6b:0002 050d:0234 1410:6000

On step 3 change the line *1410:5031* to *1410:6000* and the modem should work.

Link to comment
Share on other sites

On step 3 change the line *1410:5031* to *1410:6000* and the modem should work.

I made the change but it isn't working. Here is the result of ./3g.sh

root@Pineapple:/www/pineapple/3g# ./3g.sh

Searching for attached 3G Modems

1d6b:0002 1410:6000

Novatel MC760 (Ting) detected. Attempting mode switch

Looking for target devices ...

Found devices in target mode or class (1)

Looking for default devices ...

No devices in default mode found. Nothing to do. Bye.

rmmod: can't unload 'usbserial': Resource temporarily unavailable

insmod: can't insert 'usbserial': File exists

./3g.sh: line 113: /etc/init.d/firewall: not found

./3g.sh: line 113: /etc/init.d/firewall: not found

root@Pineapple:/www/pineapple/3g#

Link to comment
Share on other sites

JimJensen,

That is normal, what are you seeing under the Log when that is run? Specifically anything about chat/ppp or USB. If you see anything about a device serial number, just remove it before posting for your own security.

Also, please make sure that you guys have activated and confirmed these modems on windows computers prior to working with them on the pineapple. The pineapple does not support activation of the device.

Link to comment
Share on other sites

telot: that is a VERY interesting link and perhaps i have an addiction for pen test tools but i just might buy one today. i do want to get this 3G MC760 working tho, since it's supposed to be supported, I need it, have one on hand, and sunk some money into it. you're right about the fact that i can/should just create the functionality i need, but i've never had a single class on programming of this kind. i'm a mathematical statistician. i've written some programs in VB, some macros, and billions of statistical "programs" (we call them that but they are not executable files and are totally different than computer programs) so for now i'm just a user.

i was thinking of taking some classes online tho; let me know if you recommend anything. ideally i would take classes from SANS but i don't have the time/$ right now for an entire degree program.

anyway, so how exactly would it work? you are using the cat 5 cable to connect the pineapple to the Digi Connect (or somehow doing it wirelessly?) and somehow you're able to connect the digi connect to the client's wireless, and your digi is assigned an IP which you are then able to SSH to? .

I do have one other ace up my sleeve that this reminds me of, which is a DreamPlug (http://www.amazon.com/Globalscale-DreamPlug-036000291452-Class-Server/dp/B0053GBB5Y ), which sounds like it would do basically the same thing but perhaps a bit cheaper. However the plug computer is like $200 and your Digi Connect was like $600-ish from the manufacturer, so I probably want to stick with the 3G as I've already sunk a couple hundred into the pineapple with no results yet ($90 cost + $65 battery + $20 Micro SD card + $50 data for 3G + $80 for the 3G device, except that I did already own the MC760).

I hear ya on the cost already sunk into the pineapple vs the cost of the Digi - they ARE pricey. Did you find any on ebay? I use a verizon 3g and a Wimax 4g depending on the area I want to do the pen test in. The digi connects to a cellular network via its internal cell modem. I connect the digi to the pineapple via ethernet and send power through the ethernet cable via the USB port on the digi. That way I only have to power the digi, and it daisy chains to the pineapple. I set my Digi up with a static ip or a dyndns so I just ssh root@xxx.xxx.xxx.xxx (x=ip of the digi).

As for online classes, I can't really say. python is powerful and ubiquitous and I've heard it recommended as a place to start from a bunch of people. For pineapple specific stuff, I'd start with php as that is what is run all over the pineapple.

Hope that helps

telot

Link to comment
Share on other sites

JimJensen,

That is normal, what are you seeing under the Log when that is run? Specifically anything about chat/ppp or USB. If you see anything about a device serial number, just remove it before posting for your own security.

Also, please make sure that you guys have activated and confirmed these modems on windows computers prior to working with them on the pineapple. The pineapple does not support activation of the device.

I don't know why it wasn't working yesterday but today it is.

Jan 1 00:20:02 Pineapple user.notice root: 3G: Interface 3g-wan2 up and Internet Connection seems to be up. woot

Thanks again for the help.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...