Whistle Master Posted February 10, 2013 Author Share Posted February 10, 2013 Has anyone gotten this to work? Well, I have and other beta testers too ;) Jokes apart, this is a rather complex module to run. It requires a specific network setup: as I said, it runs only on NAT'ed network, not yet on bridged interfaces (i.e. br-lan), this means you have to use the WAN / LAN port on the pineapple to provide internet access. As soon as I have ebtables working correctly on my setup, I will work on the update for bridged interfaces. Quote Link to comment Share on other sites More sharing options...
stealthkit Posted February 10, 2013 Share Posted February 10, 2013 Ok I have reflashed the pineapple again and wiped & reinstalled the usb key. Everything seems ok now! Thank you soooo much!!!! I am one happy bunny now! :-) My only question remaining is how to do live sniffing and injection from a remote pentest workstation. Any ideas? If you want live traffic monitoring and a true mitm attack, then you need to look at doing ARP Poisoning. You can do this in Windows and or Linux as all you are doing is creating an anouncement to the router that you are basically now the router. This is done by poisioning the ARP cache to think you are the default gateway and so everything is routed to you which you NAT back to the router. Since you keep asking about live captures I would recommend "easy-creds" in Backtrack 5 r3. Everything is contained in one package just follow each part 1 and so on. It is scripted so you don't have to do it manually. Also remember it is illegal to take creds from someone who hasen't agreeed to a pen test. Hope this helps ;) -Stealthkit Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted February 10, 2013 Share Posted February 10, 2013 If you want live traffic monitoring and a true mitm attack, then you need to look at doing ARP Poisoning. You can do this in Windows and or Linux as all you are doing is creating an anouncement to the router that you are basically now the router. This is done by poisioning the ARP cache to think you are the default gateway and so everything is routed to you which you NAT back to the router. Since you keep asking about live captures I would recommend "easy-creds" in Backtrack 5 r3. Everything is contained in one package just follow each part 1 and so on. It is scripted so you don't have to do it manually. Also remember it is illegal to take creds from someone who hasen't agreeed to a pen test. Hope this helps ;) -Stealthkit Well, no. The Pineapple is already the man in the middle. clients <-> pineapple <-> internet. That IS a true MITM attack ;) You'll need arpspoofing if you aren't the router. Seeing as we are.. ;) Quote Link to comment Share on other sites More sharing options...
NullNull Posted February 10, 2013 Share Posted February 10, 2013 Well, no. The Pineapple is already the man in the middle. clients <-> pineapple <-> internet. That IS a true MITM attack ;) You'll need arpspoofing if you aren't the router. Seeing as we are.. ;) But if you connect your pineapple to an already existing network as a client? Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted February 10, 2013 Share Posted February 10, 2013 But if you connect your pineapple to an already existing network as a client? Same thing. The clients of the pineapple don't necessarily see what is behind it. Makes no difference if it is 3g, wifi or ethernet. The only thing that would show the difference is a traceroute. Still, because the clients see the pineapple as the router (which is what it is ofc), there is no need for arp poisoning. Quote Link to comment Share on other sites More sharing options...
NullNull Posted February 10, 2013 Share Posted February 10, 2013 I'm sorry if this sounds stupid and off topic but if i have my pineapple connected as a client to my Home network will the clients of this network (Home) recognize the pineapple as the Home router? Quote Link to comment Share on other sites More sharing options...
khaotic57 Posted February 10, 2013 Share Posted February 10, 2013 It should as long as you have karma enabled and your home network is not secured Quote Link to comment Share on other sites More sharing options...
stealthkit Posted February 11, 2013 Share Posted February 11, 2013 Well, no. The Pineapple is already the man in the middle. clients <-> pineapple <-> internet. That IS a true MITM attack ;) You'll need arpspoofing if you aren't the router. Seeing as we are.. ;) You are right... I am not sure why I did not think of it. I will make a note that my brain shuts off after 4am. On a side note I did come up with an idea for a module at 4am. It is basically a spanning-tree exploit/DOS for people who did not set up spanning-tree correctly across their network. I have seen about 2 out 3 networks or so, have spanning-tree emplemented incorrectly. Just enabling spanning-tree on the switchports which it seems a fair amount of people are guilty of doing, will not pertect them against a spanning-tree loop. It would basically let a broadcast storm occur and if they don't know how to troubleshoot it, then their network will be down for a long time till they can find the loop. I need to figure out how to get both the LAN/WAN ethernet interfaces to be just a dumb switch with no layer 3. Basically those 2 ports would have to act like a mini switch. I might persue this if I get some down time at the office to set up a test enviroment, so I don't crash my compaines core 6509-E VSS stack testing. Sorry for being off topic a little bit. -Stealthkit Quote Link to comment Share on other sites More sharing options...
stealthkit Posted February 11, 2013 Share Posted February 11, 2013 BTW WM are the python scripts UpsideDown.py and Fool.py doing basically the same thing? Not complaining just curious as last night was the first time I was able to see the Fool.py script work. Glad to see it working. :) -Stealthkit Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted February 11, 2013 Author Share Posted February 11, 2013 More or less ;) Fool.py uses webkit-transform to rotate the whole page, which is faster than using BeautifulSoup and convert to rotate each piece of the web page :P But those are mainly examples to show how it's possible to manipulate transmitted data. Quote Link to comment Share on other sites More sharing options...
stealthkit Posted February 11, 2013 Share Posted February 11, 2013 Gotcha ;) Ya Fool.py worked very quickly... Impressed -Stealthkit Quote Link to comment Share on other sites More sharing options...
Sadistic Posted February 12, 2013 Share Posted February 12, 2013 ok i am not sure if i am not doing something right here but after installing the MITM Module i start the install the required dependencies and after a few mins the pineapple reboots its self can someone please help me out with the problem Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted February 12, 2013 Author Share Posted February 12, 2013 Someone else got the issue. Be sure to have enough memory using swap. Figured it out. Was running out of memory during the pip install and needed to setup a swap partition on my thumbdrive to prevent it from OOM'ing during the install. Quote Link to comment Share on other sites More sharing options...
Sadistic Posted February 12, 2013 Share Posted February 12, 2013 Thank Whistle that got it to work i looked all over the forum and could not find anything about this problem don't know how i missed it Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted February 15, 2013 Share Posted February 15, 2013 Hi. I got some troubles too. When I install the MITM Module, the Pineapple reboot. I test : which mitmdump and returns nothing. My usb is a 8gb. 3gb are swap space. Anyone can make a guide or a video, really, this is a great module and a lot of people cant make it works. Thanks. Quote Link to comment Share on other sites More sharing options...
stealthkit Posted February 17, 2013 Share Posted February 17, 2013 Hi. I got some troubles too. When I install the MITM Module, the Pineapple reboot. I test : which mitmdump and returns nothing. My usb is a 8gb. 3gb are swap space. Anyone can make a guide or a video, really, this is a great module and a lot of people cant make it works. Thanks. Make sure not to share you internet to "br-lan" that is a bridge or virtual interface. You will have to share your internet to physical interface "eth0-1" or "wlan0-1" to get the module to work. Also make sure that you turn off sslstrip or anything else that that is cpu intensive. Hopefully this helps :) -Stealthkit Quote Link to comment Share on other sites More sharing options...
piffdos Posted February 17, 2013 Share Posted February 17, 2013 Hey man, So I am working on getting the mitm module installed, I grabbed the mitm from the pineapple bar, then went to the tab and saw "MITM proxy not installed" so I chose install, and I was instructed to wait, and not refresh. Well I waited and waited and nothing happened. It would be nice to get an estimate of how long the average install takes so I dont think something went wrong. finally I went to /usb/infustions/mitm and ran ./install.sh which seems to still be running and installing quite a few packages, but some have failed during install mkdir: can't create directory '/usb/usr/lib/ImageMagick-6.7.8/config': No such file or directory cp: can't create '/usb/usr/lib/ImageMagick-6.7.8/config/': No such file or directory cp: can't create '/usb/usr/lib/ImageMagick-6.7.8/config/': No such file or directory I havent tried to use it yet, but basically my suggestion was to provide some sort of progress bar on the browser for the module installation so people dont think something has gone horribly wrong with the install. Thanks ! Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted February 19, 2013 Share Posted February 19, 2013 Make sure not to share you internet to "br-lan" that is a bridge or virtual interface. You will have to share your internet to physical interface "eth0-1" or "wlan0-1" to get the module to work. Also make sure that you turn off sslstrip or anything else that that is cpu intensive. Hopefully this helps :) -Stealthkit Where I config this? Networkmanager module? Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted February 19, 2013 Share Posted February 19, 2013 Ok, I make it work. I download Networkmanager Module and in the ICS select Share from NONE to NONE. And works. Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted February 27, 2013 Share Posted February 27, 2013 When I use Fool script on the MiTM module, some pages give me 502 Bad Gateway error, this is normal? Quote Link to comment Share on other sites More sharing options...
velocityserial Posted March 13, 2013 Share Posted March 13, 2013 this is how i got MITM module to work 2.8.0 Open pineapple control center shut off any and all running procs wifi ,cron jobs,karma whatever, go to Advanced TAB and clear cache. Next set up USB partition,make it primary EXT4 and a swap of 2 gig or more, now open USB TAB and under (config swap) change the 0 to a 1 then Update fstab.Now go to pineapple bar infusions MITM, install to USB wait for download to complete, now install the dependency's this is going to take a few mins so dont leave that page for anything, It took me 30 mins that could be because im 1/4 mile away from neighbors AP, alpha parabolic antenna & alpha 36h card lol , anyway do not leave that page it will install if you follow these directions took me several times to get it to work and reading over this thread 3-4 times before i got it to work now im' sure it will work for all. hope i have helped in some way.and thanks to all who posted here so i could figure it out. Quote Link to comment Share on other sites More sharing options...
toysldr Posted March 21, 2013 Share Posted March 21, 2013 It's pretty irritating installing this infusion, I've reset to factory setting several times. Reflashed the firmware, repartitioned the USB, made sure that no other processes were running. Followed all instructions to the letter... It always freezes at "Installing...." I do not have a swap of 2 gig or more on the USB since I'm using the shipped Sandisk Cruzer. Not really sure what else to try. Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted March 21, 2013 Share Posted March 21, 2013 And nevere get installed? I have to wait like 10 minutes but get installed at least. Working fine. Quote Link to comment Share on other sites More sharing options...
toysldr Posted March 21, 2013 Share Posted March 21, 2013 I let it sit all night last night.... Never installed. I doubt there are that many things that needed to be installed on it. Quote Link to comment Share on other sites More sharing options...
Vulture Posted March 25, 2013 Share Posted March 25, 2013 I let it sit all night last night.... Never installed. I doubt there are that many things that needed to be installed on it. Read over velocityserial's comments those are good instructions for getting things to work properly. The issue is with the install script executing the python install script, basically it causes a huge amount of load on the router and results in a reset unless you follow the instructions velocityserial laid out. He is essentially making sure you aren't running any extra services, then also making sure you have enough swap memory as that is a quick way to crash the pineapple. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.