telot Posted August 7, 2012 Share Posted August 7, 2012 (edited) Hello and welcome to another one of telot's summarizing and planning threads! Since we seemed to have nailed down a great majority of the milestones set in the last thread like this, I thought it might be time for us to group up and brainstorm for the future. To recap: We've got pineapples sending emails, jamming wifi, and modules galore for the gui folks. We've got sslstrip working wonderfully - and it is a sweet fruit. We've got reaver installed and operational - glory be this apple of the pine. We've got tango mode - thanks be to Darren. We've got android tethering working like a champ - holy shit. We've got translations for our non-english friends - Dios mio! And out of left field here comes ettercap! We've done a lot in the last months with this great new hardware and our amazing community of devs, coders, power users, noobs, and friends. But this hardwares going to have a while before EOL, so why be sated with our past accomplishments? The world is our pineapple flavored oyster! (gross as that sound...) Here is my list, but please for the love of all that is juicy and alfa, post your suggestions and I will add them to the list. sshfs remote on the fly encrypted file access/storage for your dropbox iPhone tethering the apple folks among us are few, but very jealous of their android brothers full disk encryption No matter how well hidden, someone might find your box of doom. So why not encrypt it all and at least slow them down? OSX module/mode Again with the apple stuff, but judging by the OSX-related problem posts, changing between OSX and linux/windows with a module or button press would be amazing. mdk3 Speaks for itself - awesome wifi tool. BEEF Its whats for your pineapple someday? There was talk about it back in April, but nothing came to be...perhaps a revisit? mac changing abilities Seb mentioned today its close being dev'd into the firmware - this opens so many doors to scripts and modules. Change on boot, change on schedule, change with button press and change on client ssid or mac...which leads me to. client ssid or mac triggers Perhaps we can create a golden list (as opposed to white/black listing) comprised of the mac address(s) the attacker knows will be in its vicinity. The pineapple is karma'ing like usual, but once this mac is seen on the pineapples connected clients list, it triggers action(s) such as sending an email to its owner, starting a tcpdump capture just for them with special filters, or even writing over its entire filesystem. You're about to get busted with your pineapple? Just turn on your phones wifi and theres no more evidence. I imagine you could also form triggers based off of ssid's being "Yes manned" by the pineapple. tor/botnet This gets a little crazy. I recently saw this guys talk at BSides: http://www.irongeek....elligent-f-bomb The F-bomb is a darpa funded pineapple...kind of. This guy took a pogo plug and turned it into a build your own wifi hacking, data stealing, scalable and throwable botnet with anonymized and decentralized command and control. Watch the video, if you like the pineapple, his F-BOMB project forks off in an interesting direction and its a worth while watch. Best of all, he plans to release it opensource in a few days. He does this with Archlinux - I think we could do it one better by porting some of the functionality and still have jasager on our favorite spikey green leafed hardware. What else guys? telot Edited August 7, 2012 by telot Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted August 7, 2012 Share Posted August 7, 2012 Gosh, 15 modules to my credit... and still counting :P I like the client ssid or mac triggers idea, maybe my next module who knows ;) Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted August 7, 2012 Share Posted August 7, 2012 Right, let me chime in here ;) First of all, suggestions should go into the suggestions sub-forum. But that is besides the point because of a timeline. I'll have to publish that soon. sshfsAlready more or less working. I can release a preview soon. iPhone tetheringShould be in the next release. I just don't have an iPhone to test. full disk encryptionA bit more complicated. On boot you will need to unlock the device. And that is a no-go as you would need serial access. SSH requires decrypted drive. (Correct me if I am wrong). OSX module/modeLess of a module or a mode. Requires a few changes made. However there is something coming to allow these changes to be done in an easy way. (See http://cloud.wifipineapple.com/wiki/doku.php?id=guidemacics) mdk3You want it? Post it into the suggestions forum and you'll have it in the next release. I use that forum as a bit of a todo list from the community. BeefAs far as I know that is a bit of a resource hogg, right? Maybe someday..? mac changing abilitiesThis works indeed, it just required a bit of work on the firmware end. Because of some changes to come soon I held of and waited with it for a while. client ssid or mac triggersFunny you should mention this. We have something similar in the works. Stay tuned for updates. tor/botnetIndeed. We can see what we can do there. The thing is, lately we have been focusing on features that enhance the user experience. Take multi language support. Of course we love sharing an over the horizon list with you guys, but some things should also be a surprise, don't you agree? ;) Sometimes we play with things and are 100% sure that we make them work and can release them. Then we realize it is unrealistic and abandon it - for now. This is why a list of the releases isn't always the best idea. But as I said, I will write up a plan of some sorts for you guys :) Best Regards, Sebkinne Quote Link to comment Share on other sites More sharing options...
PineDominator Posted August 7, 2012 Share Posted August 7, 2012 (edited) Telot I like the idea of "client ssid or mac triggers" but was thinking have a feature where on one page all the connected clients would be shown and listed with there info in a table. you could see ip, mac, device name, ssid, ect and on the bottom of each client show info like feeedback from modules IE REDIRECTED: google.com TO /www/web/rickroll/index.html, PORT SCAN, ect on top of that make a dropdown list where you could fire off stuff for that specific client and maybe a way to group clients into teams so you can manage each team different. this would require work from module creators or monitoring log files so that there attacks on clients can be displayed in this idea I have. Edited August 7, 2012 by petertfm Quote Link to comment Share on other sites More sharing options...
telot Posted August 7, 2012 Author Share Posted August 7, 2012 Glad you enjoy the idea WM! Seb - thanks for your input, and yes I will be putting these in the Suggestions subforum. I wanted to put it here first to spur some discussion and bounce ideas off each other. Also, this way I could save myself the trouble of suggesting something clearly impossible or something you're already working on :) petertfm - what a great mod that'd be! I didn't even think of grouping macs/ssid's into "teams" so you can DNSspoof some, nmap others, let others just get to the internet without problems - awesome! telot Quote Link to comment Share on other sites More sharing options...
potato Posted August 8, 2012 Share Posted August 8, 2012 So are you guys going to keep using the same mark iv hardware untill the chipset becomes EOL or will there be a Mark 5 in 6 months? Quote Link to comment Share on other sites More sharing options...
PineDominator Posted August 8, 2012 Share Posted August 8, 2012 I myself would invite a mk5, as long as we get at least 64MB of ram and maybe faster processor. I know a lot of people were upset that the mk3 ended so fast. Quote Link to comment Share on other sites More sharing options...
telot Posted August 8, 2012 Author Share Posted August 8, 2012 Its true - the mark3 had a very short lifespan. A faster proc and 2 more powerful USBs (1 3G and 1 Wifi dongle would be awesome) with SD card slot as well for storage would pretty much make me the happiest camper around. Not that I'm complaining! The mark4 is an amazingly simple and inexpensive little router that (as this thread says...) has tons more potential for the future. As for mark5, you'd have to ask Seb, Darren and Robin telot Quote Link to comment Share on other sites More sharing options...
barry99705 Posted August 8, 2012 Share Posted August 8, 2012 Heh, MK5 will probably be a raspberry pi! Quote Link to comment Share on other sites More sharing options...
telot Posted August 9, 2012 Author Share Posted August 9, 2012 Relevant: http://telot.org/RpiMark5.jpg telot Quote Link to comment Share on other sites More sharing options...
PineDominator Posted August 9, 2012 Share Posted August 9, 2012 Relevant: http://telot.org/RpiMark5.jpg telot maybe an updated pi with integrated wifi? probably add some more to the cost. would be cool to get more power through the usb ports as I hear that is a complaint. Quote Link to comment Share on other sites More sharing options...
Molotof Posted August 9, 2012 Share Posted August 9, 2012 MK5 needs to be more powerful than a raspberry pi, in the past month the community started brain storming really heavy and the more stuff we jam into the MK4 the more it starts to reboot and now we are going to the point of backpacking two, we need to consolidate into one. We need to be like backtrack, the F-bomb is coming soon on archlinux, so we need to get into something more flexible. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.