Jump to content

State Of The Pineapple Address


telot

Recommended Posts

Hello and welcome to another one of telot's summarizing and planning threads! Since we seemed to have nailed down a great majority of the milestones set in the last thread like this, I thought it might be time for us to group up and brainstorm for the future.

To recap:

We've got pineapples sending emails, jamming wifi, and modules galore for the gui folks.

We've got sslstrip working wonderfully - and it is a sweet fruit.

We've got reaver installed and operational - glory be this apple of the pine.

We've got tango mode - thanks be to Darren.

We've got android tethering working like a champ - holy shit.

We've got translations for our non-english friends - Dios mio!

And out of left field here comes ettercap!

We've done a lot in the last months with this great new hardware and our amazing community of devs, coders, power users, noobs, and friends. But this hardwares going to have a while before EOL, so why be sated with our past accomplishments? The world is our pineapple flavored oyster! (gross as that sound...)

Here is my list, but please for the love of all that is juicy and alfa, post your suggestions and I will add them to the list.

sshfs

remote on the fly encrypted file access/storage for your dropbox

iPhone tethering

the apple folks among us are few, but very jealous of their android brothers

full disk encryption

No matter how well hidden, someone might find your box of doom. So why not encrypt it all and at least slow them down?

OSX module/mode

Again with the apple stuff, but judging by the OSX-related problem posts, changing between OSX and linux/windows with a module or button press would be amazing.

mdk3

Speaks for itself - awesome wifi tool.

BEEF

Its whats for your pineapple someday? There was talk about it back in April, but nothing came to be...perhaps a revisit?

mac changing abilities

Seb mentioned today its close being dev'd into the firmware - this opens so many doors to scripts and modules. Change on boot, change on schedule, change with button press and change on client ssid or mac...which leads me to.

client ssid or mac triggers

Perhaps we can create a golden list (as opposed to white/black listing) comprised of the mac address(s) the attacker knows will be in its vicinity. The pineapple is karma'ing like usual, but once this mac is seen on the pineapples connected clients list, it triggers action(s) such as sending an email to its owner, starting a tcpdump capture just for them with special filters, or even writing over its entire filesystem. You're about to get busted with your pineapple? Just turn on your phones wifi and theres no more evidence. I imagine you could also form triggers based off of ssid's being "Yes manned" by the pineapple.

tor/botnet

This gets a little crazy. I recently saw this guys talk at BSides: http://www.irongeek....elligent-f-bomb The F-bomb is a darpa funded pineapple...kind of. This guy took a pogo plug and turned it into a build your own wifi hacking, data stealing, scalable and throwable botnet with anonymized and decentralized command and control. Watch the video, if you like the pineapple, his F-BOMB project forks off in an interesting direction and its a worth while watch. Best of all, he plans to release it opensource in a few days. He does this with Archlinux - I think we could do it one better by porting some of the functionality and still have jasager on our favorite spikey green leafed hardware.

What else guys?

telot

Edited by telot
Link to comment
Share on other sites

Right, let me chime in here ;)

First of all, suggestions should go into the suggestions sub-forum. But that is besides the point because of a timeline.

I'll have to publish that soon.

  • sshfs
    Already more or less working. I can release a preview soon.
  • iPhone tethering
    Should be in the next release. I just don't have an iPhone to test.
  • full disk encryption
    A bit more complicated. On boot you will need to unlock the device. And that is a no-go as you would need serial access. SSH requires decrypted drive. (Correct me if I am wrong).
  • OSX module/mode
    Less of a module or a mode. Requires a few changes made. However there is something coming to allow these changes to be done in an easy way. (See http://cloud.wifipineapple.com/wiki/doku.php?id=guidemacics)
  • mdk3
    You want it? Post it into the suggestions forum and you'll have it in the next release. I use that forum as a bit of a todo list from the community.
  • Beef
    As far as I know that is a bit of a resource hogg, right? Maybe someday..?
  • mac changing abilities
    This works indeed, it just required a bit of work on the firmware end. Because of some changes to come soon I held of and waited with it for a while.
  • client ssid or mac triggers
    Funny you should mention this. We have something similar in the works. Stay tuned for updates.
  • tor/botnet
    Indeed. We can see what we can do there.

The thing is, lately we have been focusing on features that enhance the user experience. Take multi language support.

Of course we love sharing an over the horizon list with you guys, but some things should also be a surprise, don't you agree? ;)

Sometimes we play with things and are 100% sure that we make them work and can release them. Then we realize it is unrealistic and abandon it - for now. This is why a list of the releases isn't always the best idea.

But as I said, I will write up a plan of some sorts for you guys :)

Best Regards,

Sebkinne

Link to comment
Share on other sites

Telot I like the idea of "client ssid or mac triggers" but was thinking have a feature where on one page all the connected clients would be shown and listed with there info in a table.

you could see ip, mac, device name, ssid, ect and on the bottom of each client show info like feeedback from modules IE REDIRECTED: google.com TO /www/web/rickroll/index.html, PORT SCAN, ect

on top of that make a dropdown list where you could fire off stuff for that specific client and maybe a way to group clients into teams so you can manage each team different.

this would require work from module creators or monitoring log files so that there attacks on clients can be displayed in this idea I have.

Edited by petertfm
Link to comment
Share on other sites

Glad you enjoy the idea WM!

Seb - thanks for your input, and yes I will be putting these in the Suggestions subforum. I wanted to put it here first to spur some discussion and bounce ideas off each other. Also, this way I could save myself the trouble of suggesting something clearly impossible or something you're already working on :)

petertfm - what a great mod that'd be! I didn't even think of grouping macs/ssid's into "teams" so you can DNSspoof some, nmap others, let others just get to the internet without problems - awesome!

telot

Link to comment
Share on other sites

Its true - the mark3 had a very short lifespan. A faster proc and 2 more powerful USBs (1 3G and 1 Wifi dongle would be awesome) with SD card slot as well for storage would pretty much make me the happiest camper around. Not that I'm complaining! The mark4 is an amazingly simple and inexpensive little router that (as this thread says...) has tons more potential for the future.

As for mark5, you'd have to ask Seb, Darren and Robin

telot

Link to comment
Share on other sites

MK5 needs to be more powerful than a raspberry pi, in the past month the community started brain storming really heavy and the more stuff we jam into the MK4 the more it starts to reboot and now we are going to the point of backpacking two, we need to consolidate into one.

We need to be like backtrack, the F-bomb is coming soon on archlinux, so we need to get into something more flexible.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...