MITM

[Whistle Master]

Has anyone gotten this to work?

Well, I have and other beta testers too ;)

Jokes apart, this is a rather complex module to run. It requires a specific network setup: as I said, it runs only on NAT'ed network, not yet on bridged interfaces (i.e. br-lan), this means you have to use the WAN / LAN port on the pineapple to provide internet access. As soon as I have ebtables working correctly on my setup, I will work on the update for bridged interfaces.

[stealthkit]

Ok I have reflashed the pineapple again and wiped & reinstalled the usb key. Everything seems ok now! Thank you soooo much!!!!

I am one happy bunny now! :-)

My only question remaining is how to do live sniffing and injection from a remote pentest workstation. Any ideas?

If you want live traffic monitoring and a true mitm attack, then you need to look at doing ARP Poisoning. You can do this in Windows and or Linux as all you are doing is creating an anouncement to the router that you are basically now the router. This is done by poisioning the ARP cache to think you are the default gateway and so everything is routed to you which you NAT back to the router. Since you keep asking about live captures I would recommend "easy-creds" in Backtrack 5 r3. Everything is contained in one package just follow each part 1 and so on. It is scripted so you don't have to do it manually. Also remember it is illegal to take creds from someone who hasen't agreeed to a pen test.

Hope this helps ;)

-Stealthkit

[Sebkinne]

If you want live traffic monitoring and a true mitm attack, then you need to look at doing ARP Poisoning. You can do this in Windows and or Linux as all you are doing is creating an anouncement to the router that you are basically now the router. This is done by poisioning the ARP cache to think you are the default gateway and so everything is routed to you which you NAT back to the router. Since you keep asking about live captures I would recommend "easy-creds" in Backtrack 5 r3. Everything is contained in one package just follow each part 1 and so on. It is scripted so you don't have to do it manually. Also remember it is illegal to take creds from someone who hasen't agreeed to a pen test.

Hope this helps ;)

-Stealthkit

Well, no. The Pineapple is already the man in the middle. clients <-> pineapple <-> internet. That IS a true MITM attack ;) You'll need arpspoofing if you aren't the router. Seeing as we are.. ;)

[NullNull]

Well, no. The Pineapple is already the man in the middle. clients <-> pineapple <-> internet. That IS a true MITM attack ;) You'll need arpspoofing if you aren't the router. Seeing as we are.. ;)

But if you connect your pineapple to an already existing network as a client?

[Sebkinne]

But if you connect your pineapple to an already existing network as a client?

Same thing. The clients of the pineapple don't necessarily see what is behind it. Makes no difference if it is 3g, wifi or ethernet. The only thing that would show the difference is a traceroute.

Still, because the clients see the pineapple as the router (which is what it is ofc), there is no need for arp poisoning.

[NullNull]

I'm sorry if this sounds stupid and off topic but if i have my pineapple connected as a client to my Home network will the clients of this network (Home) recognize the pineapple as the Home router?

[khaotic57]

It should as long as you have karma enabled and your home network is not secured

[stealthkit]

Well, no. The Pineapple is already the man in the middle. clients <-> pineapple <-> internet. That IS a true MITM attack ;) You'll need arpspoofing if you aren't the router. Seeing as we are.. ;)

You are right... I am not sure why I did not think of it. I will make a note that my brain shuts off after 4am. On a side note I did come up with an idea for a module at 4am. It is basically a spanning-tree exploit/DOS for people who did not set up spanning-tree correctly across their network. I have seen about 2 out 3 networks or so, have spanning-tree emplemented incorrectly. Just enabling spanning-tree on the switchports which it seems a fair amount of people are guilty of doing, will not pertect them against a spanning-tree loop. It would basically let a broadcast storm occur and if they don't know how to troubleshoot it, then their network will be down for a long time till they can find the loop. I need to figure out how to get both the LAN/WAN ethernet interfaces to be just a dumb switch with no layer 3. Basically those 2 ports would have to act like a mini switch. I might persue this if I get some down time at the office to set up a test enviroment, so I don't crash my compaines core 6509-E VSS stack testing. Sorry for being off topic a little bit.

-Stealthkit

[stealthkit]

BTW WM are the python scripts UpsideDown.py and Fool.py doing basically the same thing? Not complaining just curious as last night was the first time I was able to see the Fool.py script work. Glad to see it working. :)

-Stealthkit

[Whistle Master]

More or less ;) Fool.py uses webkit-transform to rotate the whole page, which is faster than using BeautifulSoup and convert to rotate each piece of the web page :P But those are mainly examples to show how it's possible to manipulate transmitted data.

[stealthkit]

Gotcha ;) Ya Fool.py worked very quickly... Impressed

-Stealthkit

[Sadistic]

ok i am not sure if i am not doing something right here but after installing the MITM Module i start the install the required dependencies and after a few mins the pineapple reboots its self can someone please help me out with the problem

[Whistle Master]

Someone else got the issue. Be sure to have enough memory using swap.

Figured it out. Was running out of memory during the pip install and needed to setup a swap partition on my thumbdrive to prevent it from OOM'ing during the install.

[Sadistic]

Thank Whistle that got it to work i looked all over the forum and could not find anything about this problem don't know how i missed it

[Boba Fett]

Hi. I got some troubles too.

When I install the MITM Module, the Pineapple reboot.

I test : which mitmdump and returns nothing.

My usb is a 8gb. 3gb are swap space.

Anyone can make a guide or a video, really, this is a great module and a lot of people cant make it works.

Thanks.

[stealthkit]

Hi. I got some troubles too.

When I install the MITM Module, the Pineapple reboot.

I test : which mitmdump and returns nothing.

My usb is a 8gb. 3gb are swap space.

Anyone can make a guide or a video, really, this is a great module and a lot of people cant make it works.

Thanks.

Make sure not to share you internet to "br-lan" that is a bridge or virtual interface. You will have to share your internet to physical interface "eth0-1" or "wlan0-1" to get the module to work. Also make sure that you turn off sslstrip or anything else that that is cpu intensive. Hopefully this helps :)

-Stealthkit

[piffdos]

Hey man,

So I am working on getting the mitm module installed, I grabbed the mitm from the pineapple bar, then went to the tab and saw "MITM proxy not installed" so I chose install, and I was instructed to wait, and not refresh. Well I waited and waited and nothing happened. It would be nice to get an estimate of how long the average install takes so I dont think something went wrong.

finally I went to /usb/infustions/mitm and ran ./install.sh

which seems to still be running and installing quite a few packages, but some have failed during install

mkdir: can't create directory '/usb/usr/lib/ImageMagick-6.7.8/config': No such file or directory

cp: can't create '/usb/usr/lib/ImageMagick-6.7.8/config/': No such file or directory

cp: can't create '/usb/usr/lib/ImageMagick-6.7.8/config/': No such file or directory

I havent tried to use it yet, but basically my suggestion was to provide some sort of progress bar on the browser for the module installation so people dont think something has gone horribly wrong with the install.

Thanks !

[Boba Fett]

Make sure not to share you internet to "br-lan" that is a bridge or virtual interface. You will have to share your internet to physical interface "eth0-1" or "wlan0-1" to get the module to work. Also make sure that you turn off sslstrip or anything else that that is cpu intensive. Hopefully this helps :)

-Stealthkit

Where I config this? Networkmanager module?

[Boba Fett]

Ok, I make it work. I download Networkmanager Module and in the ICS select Share from NONE to NONE. And works.

[Boba Fett]

When I use Fool script on the MiTM module, some pages give me 502 Bad Gateway error, this is normal?

[velocityserial]

this is how i got MITM module to work 2.8.0

Open pineapple control center shut off any and all running procs wifi ,cron jobs,karma whatever, go to Advanced TAB and clear cache.

Next set up USB partition,make it primary EXT4 and a swap of 2 gig or more, now open USB TAB and under (config swap) change the 0 to a 1 then Update fstab.
Now go to pineapple bar infusions MITM, install to USB wait for download to complete, now install the dependency's this is going to take a few mins so dont leave that page for anything,

It took me 30 mins that could be because im 1/4 mile away from neighbors AP, alpha parabolic antenna & alpha 36h card lol ,

anyway do not leave that page it will install if you follow these directions took me several times to get it to work and reading over this thread 3-4 times before i got it to work now im' sure it will work for all.

hope i have helped in some way.and thanks to all who posted here so i could figure it out.

[toysldr]

It's pretty irritating installing this infusion, I've reset to factory setting several times. Reflashed the firmware, repartitioned the USB, made sure that no other processes were running. Followed all instructions to the letter... It always freezes at "Installing...." I do not have a swap of 2 gig or more on the USB since I'm using the shipped Sandisk Cruzer. Not really sure what else to try.

[Boba Fett]

And nevere get installed? I have to wait like 10 minutes but get installed at least. Working fine.

[toysldr]

I let it sit all night last night.... Never installed. I doubt there are that many things that needed to be installed on it.

[Vulture]

I let it sit all night last night.... Never installed. I doubt there are that many things that needed to be installed on it.

Read over velocityserial's comments those are good instructions for getting things to work properly. The issue is with the install script executing the python install script, basically it causes a huge amount of load on the router and results in a reset unless you follow the instructions velocityserial laid out. He is essentially making sure you aren't running any extra services, then also making sure you have enough swap memory as that is a quick way to crash the pineapple.