Future versions for the MK4

[Sebkinne]

Hey everyone,

Something that has been asked again and again is "What is coming next"? You wanted a list of concrete planned things for the next, so here it is!

What of the below things do you want to see next? Have we left something out that you really want? Something crucial we forgot? Let us know here!

This does not include the below features/changes that are being made to cloud.wifipineapple.com. Those are almost complete and will go live very soon.

Pineapple Features:

• Reset ALL user data. Messed something up bad?
  This may be your way of saving your device.
  
• Modules
  -Multi-install modules
  -Keep modules after upgrade
  -Downloading: Progress indicator
  -Change color of out of date modules so that they can be located faster
  
• Keep some things (like modules) after an upgrade.
  
• Built in Macchanger
  
• Network manager UI (includes tethering etc. Will only support onboard devices - use modules for other things)
  
• LED controller
  
• Select what interface you want to launch Karma from
  
• Optional "Sticky" Navbar (will always be on top of screen even if you scroll).
  
• Integration of anonymous statistical information gathering.
  

Pineapple Bug Fixes:

• Fix module updates failing
  
• Fix changing password through UI if it has spaces / illegal characters.
  

Cloud Website:

• Re-vamped user experience.
  
• Make suggestions / bug reports.
  
• VOTE on what features you would like to see.
  

Please leave any comments and suggestions in this thread.

[whitehat]

What a wonderful set of updates!!

The Pineapple is great, but it is getting old so I'm glad to see new features coming :)

I would love to see:

1. better range,

2. much smaller size, FEWER LED's (not more! I'm a hacker not a raver hehe),

3. easier/better unbricking -- my Mk 4 is still bricked after reading the TuTs and unbricking threads

4. some sort of softcore pornography when you connect to the device, even if it's just ANSI boobs,

5. built in battery (must be thin!)

6. auto updating

7. some sort of physical fail-safe device, in case it falls into enemy hands (explosion may be taking it too far, but you could make it electrocute anyone who tries to open it without unlocking some sort of hidden lock

Edited November 26, 2012 by whitehat

[Sebkinne]

What a wonderful set of updates!!

The Pineapple is great, but it is getting old so I'm glad to see new features coming :)

I would love to see:

1. better range,

2. much smaller size, FEWER LED's (not more! I'm a hacker not a raver hehe),

3. easier/better unbricking -- my Mk 4 is still bricked after reading the TuTs and unbricking threads

4. some sort of softcore pornography when you connect to the device, even if it's just ANSI boobs,

5. built in battery (must be thin!)

6. auto updating

7. some sort of physical fail-safe device, in case it falls into enemy hands (explosion may be taking it too far, but you could make it electrocute anyone who tries to open it without unlocking some sort of hidden lock

I think I may have not made this clear - this is for the MK4.

[loozr]

Nice to see what might be up in the next releases!

Anywho, might just be me, but I thought that macchanger(and sslstrip as well) already was integrated in the flash, since I have never had to install any of those manually(sslstrip might get installed via the module though)?

[Offtopic]

And a little thing I have been curious about for a while; how much of the flash is actually cleaned when re-flashing via webinterface? Absolutely everything? Or just user settings and such, i.e. no core files?

What exactly is the difference in flash via webinterface and clean flash via serial? Nothing besides beginning the flash from webinterface rather than console?

[/Offtopic]

[Sebkinne]

Nice to see what might be up in the next releases!

Anywho, might just be me, but I thought that macchanger(and sslstrip as well) already was integrated in the flash, since I have never had to install any of those manually(sslstrip might get installed via the module though)?

[Offtopic]

And a little thing I have been curious about for a while; how much of the flash is actually cleaned when re-flashing via webinterface? Absolutely everything? Or just user settings and such, i.e. no core files?

What exactly is the difference in flash via webinterface and clean flash via serial? Nothing besides beginning the flash from webinterface rather than console?

[/Offtopic]

Macchanger - Yes, it is. But it doesn't work for most people out of the box. It requires a bit of fiddling. The way we can do it is allow it to happen on the karma interface on boot etc etc.

Flashing over SSH and over the web-interface is the exact same thing. All the webUI does is download and check the upgrade for you. Once it is happy it will execute "sysupgrade -n /tmp/upgrade.bin".

People saying that flashing over SSH fixed something webinterface flashing didn't is.. not really possible. In the end, it is the same file being installed by the same command.

The difference to Serial is that you downgrade to a stock OpenWRT image. It completely re-flashes the device's Kernel and RootFS. Now, the sysupgrade pretty much does the same thing just in a different way.

Why can you not sysupgrade when there is a brick? Because the device doesn't boot and you will therefore need to get direct access to the bootloader. Theoretically you could flash our firmware (but not the file we provide) directly. There are too many issues with that though so we go the sysupgrade route.

[WatskeBart]

No integrated version of Interceptor?

Would be a great addition IMHO ^_^

[Whistle Master]

802.1x bypass :P

I'm working on such a module by the way ;) I take this opportunity to ask Pwn Plug users with Elite version if they could send me the following scripts:

/var/pwnplug/scripts/Enable_NAC_Bypass_mode.sh

/var/pwnplug/scripts/Disable_NAC_Bypass_mode.sh

This would help me a lot to quickly propose a beta module for our pineapple ! Thanks !

[condor]

How about some neinsager support? I'm having some good times trying to get that worked out.

[barry99705]

Yea, whatever happened to the MK3 backpack?

[digininja]

802.1x bypass :P

I'm working on such a module by the way ;) I take this opportunity to ask Pwn Plug users with Elite version if they could send me the following scripts:

/var/pwnplug/scripts/Enable_NAC_Bypass_mode.sh

/var/pwnplug/scripts/Disable_NAC_Bypass_mode.sh

This would help me a lot to quickly propose a beta module for our pineapple ! Thanks !

If you are writing scripts that you want us to use please don't look at their scripts. However hard you try you will end up copying some part of them and if we include them then we will be breaching their copyright.

[wirefall]

I vote for 802.1x bypass or at least patching to allow forwarding of reserved MACs.

I've configured the pineapple to be an inline pentest dropbox (3G, no wireless). This effort was inspired by Duckwall's Defcon 19 presentation - A Bridge too Far. It works fine except when attempting to insert it between an 802.1x client and the switch.

802.1D compliant bridges drop packets with these reserved MAC addresses.

References:

https://dev.openwrt.org/ticket/12304

https://lists.linux-foundation.org/pipermail/bridge/2010-October/007378.html

Any chance of having the OpenWRT patch removed or Benjamin Poirier's recommended solution applied?