Boba Fett Posted March 5, 2013 Share Posted March 5, 2013 This it´s the expected output method? ( [0] => h [1] => code:104 [2] => element_name:password [3] => element_id:Unknown [4] => form:Unknown [5] => url:http://cloud.wifipineapple.com/index.php?portal [6] => group:1430 ) Quote Link to comment Share on other sites More sharing options...
digininja Posted March 5, 2013 Share Posted March 5, 2013 Yes. That says that you typed a h (which has ascii code 104) on a form element called password, the element doesn't have an id and the form doesn't have a name. The URL you typed it on is http://cloud.wifipineapple.com/index.php?portal . The group is there to tie multiple key presses together if you have multiple users all typing at once. Quote Link to comment Share on other sites More sharing options...
Boba Fett Posted March 5, 2013 Share Posted March 5, 2013 Nice so its works! But its hard to read when the input its large Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted March 5, 2013 Author Share Posted March 5, 2013 Nice so its works! But its hard to read when the input its large The next version will be much cleaner and have eliminated input lag. Quote Link to comment Share on other sites More sharing options...
Vulture Posted March 26, 2013 Share Posted March 26, 2013 Seb, any info on the next version release? I have come back from the dead and it looks like the injection issues have been figured out! I tested this out and found that upon the initial connection of the client the first site seems to get the injection but after that no injection occurs. Additionally I noticed the horrible lag indicated above, let me know if there is anything I can assist with. Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted March 26, 2013 Author Share Posted March 26, 2013 Seb, any info on the next version release? I have come back from the dead and it looks like the injection issues have been figured out! I tested this out and found that upon the initial connection of the client the first site seems to get the injection but after that no injection occurs. Additionally I noticed the horrible lag indicated above, let me know if there is anything I can assist with. Nice to have you back! Personally I am more focused on the new UI than this module right now - but I'll put out a new version soon as lots of people seem to want it. I'll have to talk to Digininja a little before that though. Best, Seb Quote Link to comment Share on other sites More sharing options...
--nick-- Posted May 1, 2013 Share Posted May 1, 2013 (edited) Can somebody make a guide please and then link me to that guide? In what directory must I put my clonedsite.html? Can I just place any clonedsite.html in that location? Can somebody incorporate the jsapi api into the mark 4 firmware? Edited May 1, 2013 by --nick-- Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted May 1, 2013 Author Share Posted May 1, 2013 I think you are thinking of the wrong module? The keylogger injects into any page, you don't ever supply any cloned site.. Quote Link to comment Share on other sites More sharing options...
Lord Talon Posted May 2, 2013 Share Posted May 2, 2013 Hey Seb,GREAT WORK!! on the keylogger! :) how is the group id generated? ... i thought it would be cool to have a clean "chat-based" output file, grouped by users, something like: USER1 Thu, May 2nd 2013 - 17:30 | http://www.imdb.com/find?q=BLAAAA&s=all Inputtext Inputtext2 a little later in the same box Thu, May 2nd 2013 - 17:35 | http://www.anothersite.com another site or another box USER2 Thu, May 2nd 2013 - 17:32 | http://www.site.com typed between lines of user1 Thu, May 2nd 2013 - 17:45 | http://www.anothersite.com bla bla are you working currently on something like that?... if not i can try it myself to write a litte script :P to assign a log to a user, i think it would be nice to have a few more infos like "unique" user-id (mac, ip, etc.) and date/time Quote Link to comment Share on other sites More sharing options...
digininja Posted May 2, 2013 Share Posted May 2, 2013 The group id is a random number generated each time the k.js file is downloaded and ran. Its purpose is to allow all inputs from that page to be tied together. Feel free to make changes and send them over, we will have a look and see what we think. And not wanting to blow my own trumpet but I wrote the script. Seb helped with some debugging and packaging and WM helped with some stuff as well. Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted May 3, 2013 Author Share Posted May 3, 2013 And not wanting to blow my own trumpet but I wrote the script. Seb helped with some debugging and packaging and WM helped with some stuff as well. I was just about to post this. I just helped with packaging and debugging it. Digininja did the magic and WM did the module magic ;) Quote Link to comment Share on other sites More sharing options...
wifi_fun Posted May 7, 2013 Share Posted May 7, 2013 Total beginner question, I am seeing the javascript file being injected, I am using Wikipedia.org so it is not SSL, and can reach the file from my victim machine but I am not seeing data in the log on the module. Any ideas? I am running the pineapple through a shared network connection on a my Win8 laptop. Quote Link to comment Share on other sites More sharing options...
digininja Posted May 7, 2013 Share Posted May 7, 2013 It sounds like you know at least a bit about debugging so I'd suggest running something like Firebug and checking that the the javascript is loaded when the page loads. If it is then put a break point on the key press function and see if that gets hit. At some point something will be missing and hopefully we can help you fix it from there. Quote Link to comment Share on other sites More sharing options...
wifi_fun Posted May 8, 2013 Share Posted May 8, 2013 Worked on this a bit more tonight and below is what I have found: Found the URL generated and can put that URL in FireFox or IE and it posts data to the module screen without issue Loaded FireBug and stepped through the code and it looked like it was working fine Closed FireBug and continued entering in form fields and it worked Went to IE or a new page in FireFox and nothing was sent Verified that the file was included Started FireBug in FireFox on the same page and it started working again In summary, I am still not sure since it runs fine when FireBug is loaded but not before that. Any thoughts? Quote Link to comment Share on other sites More sharing options...
kpoeticg Posted May 18, 2013 Share Posted May 18, 2013 Has anybody else noticed this in the install.sh output? root@Pineapple:/usb/infusions/keylogger# ./install.shInstalling kmod-ebtables (3.7.6-1) to root...Collected errors: * satisfy_dependencies_for: Cannot satisfy the following dependencies for kmod-ebtables: * kernel (= 3.7.6-1-457c49a821916a4f100490a4508003ce) * * opkg_install_cmd: Cannot install package kmod-ebtables.Installing kmod-ebtables-ipv4 (3.7.6-1) to root...Collected errors: * satisfy_dependencies_for: Cannot satisfy the following dependencies for kmod-ebtables-ipv4: * kernel (= 3.7.6-1-457c49a821916a4f100490a4508003ce) * kmod-ebtables * * opkg_install_cmd: Cannot install package kmod-ebtables-ipv4.Installing ebtables (2.0.10-4-1) to usb...Collected errors: * satisfy_dependencies_for: Cannot satisfy the following dependencies for ebtables: * kmod-ebtables * * opkg_install_cmd: Cannot install package ebtables.Downloading http://cloud.wifipineapple.com/packages/Packages.gz. Quote Link to comment Share on other sites More sharing options...
--nick-- Posted May 21, 2013 Share Posted May 21, 2013 how can i add more sites to work in this module? i only receive logs from slashdot.org. why won't it do https? Quote Link to comment Share on other sites More sharing options...
digininja Posted May 21, 2013 Share Posted May 21, 2013 it won't do https as the messages are encrypted so it can't inject the logger It should do any http based site, you don't add new sites to it, it should just work Quote Link to comment Share on other sites More sharing options...
TimberSweet Posted May 21, 2013 Share Posted May 21, 2013 Has anybody else noticed this in the install.sh output? root@Pineapple:/usb/infusions/keylogger# ./install.sh Installing kmod-ebtables (3.7.6-1) to root... Collected errors: * satisfy_dependencies_for: Cannot satisfy the following dependencies for kmod-ebtables: * kernel (= 3.7.6-1-457c49a821916a4f100490a4508003ce) * * opkg_install_cmd: Cannot install package kmod-ebtables. Installing kmod-ebtables-ipv4 (3.7.6-1) to root... Collected errors: * satisfy_dependencies_for: Cannot satisfy the following dependencies for kmod-ebtables-ipv4: * kernel (= 3.7.6-1-457c49a821916a4f100490a4508003ce) * kmod-ebtables * * opkg_install_cmd: Cannot install package kmod-ebtables-ipv4. Installing ebtables (2.0.10-4-1) to usb... Collected errors: * satisfy_dependencies_for: Cannot satisfy the following dependencies for ebtables: * kmod-ebtables * * opkg_install_cmd: Cannot install package ebtables. Downloading http://cloud.wifipineapple.com/packages/Packages.gz. Yep, I get exactly the same and keylogger doesn't work on mine running 2.8.1. The proxy just crashes by the looks of it. Output from my install.sh below: Multiple packages (kmod-ebtables and kmod-ebtables) providing same name marked HOLD or PREFER. Using latest. Installing kmod-ebtables (3.7.6-1) to root... Collected errors: * satisfy_dependencies_for: Cannot satisfy the following dependencies for kmod-ebtables: * kernel (= 3.7.6-1-457c49a821916a4f100490a4508003ce) * * opkg_install_cmd: Cannot install package kmod-ebtables. Multiple packages (kmod-ebtables-ipv4 and kmod-ebtables-ipv4) providing same name marked HOLD or PREFER. Using latest. Installing kmod-ebtables-ipv4 (3.7.6-1) to root... Collected errors: * satisfy_dependencies_for: Cannot satisfy the following dependencies for kmod-ebtables-ipv4: * kernel (= 3.7.6-1-457c49a821916a4f100490a4508003ce) * kernel (= 3.3.8-1-d6597ebf6203328d3519ea3c3371a493) * * opkg_install_cmd: Cannot install package kmod-ebtables-ipv4. Installing ebtables (2.0.10-4-1) to usb... Collected errors: * opkg_install_pkg: Package ebtables md5sum mismatch. Either the opkg or the package index are corrupt. Try 'opkg update'. * opkg_install_cmd: Cannot install package ebtables. Downloading http://cloud.wifipineapple.com/packages/Packages.gz. Updated list of available packages in /var/opkg-lists/pineapple_packages. Package ruby (1.9.2-p0-1) installed in usb is up to date. Package ruby-gems (1.9.2-p0-1) installed in usb is up to date. Package ruby-core (1.9.2-p0-1) installed in usb is up to date. Package ruby-enc (1.9.2-p0-1) installed in usb is up to date. TS Quote Link to comment Share on other sites More sharing options...
digininja Posted May 21, 2013 Share Posted May 21, 2013 Looks like we need to rebuild the ebtables packages, I'll tell Seb. Quote Link to comment Share on other sites More sharing options...
TimberSweet Posted May 21, 2013 Share Posted May 21, 2013 Thanks. Just done a clean install on a 2.8.1 pineapple and with nothing else running apart from networkmanager it still fails. Symptoms are the same - pineapple will route traffic with the proxy off but as soon as the proxy is started, the traffic stops being routed. TS Quote Link to comment Share on other sites More sharing options...
digininja Posted May 21, 2013 Share Posted May 21, 2013 That will happen. The ebtables package is used to route traffic so if it doesn't get installed then things will break. Quote Link to comment Share on other sites More sharing options...
Skipper Posted July 7, 2013 Share Posted July 7, 2013 Sorry for gravedigging but can this be used alongside sslstrip? Quote Link to comment Share on other sites More sharing options...
tstusr Posted July 7, 2013 Share Posted July 7, 2013 (edited) That will happen. The ebtables package is used to route traffic so if it doesn't get installed then things will break. Is this already fixed? I installed the keylogger on a clean pineapple via the infusions web menu. It injects the js, but does not collect data. Thanks! PS: This is the output of my keylogger install.sh: root@Pineapple:/usb/infusions/keylogger# opkg update Downloading http://cloud.wifipineapple.com/packages/Packages.gz. Updated list of available packages in /var/opkg-lists/pineapple_packages. root@Pineapple:/usb/infusions/keylogger# ./install.sh Multiple packages (kmod-ebtables and kmod-ebtables) providing same name marked HOLD or PREFER. Using latest. Upgrading kmod-ebtables on usb from 3.3.8-1 to 3.7.6-1... Collected errors: * satisfy_dependencies_for: Cannot satisfy the following dependencies for kmod-ebtables: * kernel (= 3.7.6-1-457c49a821916a4f100490a4508003ce) * * opkg_install_cmd: Cannot install package kmod-ebtables. Collected errors: * pkg_init_from_file: Malformed package file ./dep/kmod-ebtables-ipv4.ipk. Installing ebtables (2.0.10-4-1) to usb... Collected errors: * opkg_install_pkg: Package ebtables md5sum mismatch. Either the opkg or the package index are corrupt. Try 'opkg update'. * opkg_install_cmd: Cannot install package ebtables. Downloading http://cloud.wifipineapple.com/packages/Packages.gz. Updated list of available packages in /var/opkg-lists/pineapple_packages. Package ruby (1.9.2-p0-1) installed in usb is up to date. Package ruby-gems (1.9.2-p0-1) installed in usb is up to date. Package ruby-core (1.9.2-p0-1) installed in usb is up to date. Package ruby-enc (1.9.2-p0-1) installed in usb is up to date. Edited July 9, 2013 by tstusr Quote Link to comment Share on other sites More sharing options...
makfor49 Posted September 29, 2013 Share Posted September 29, 2013 (edited) (is this topic alive? i hope yes) pineapple (2.8.1) tethering osx ics eth1 --> wlan0 client connect to pineapple (the ap is open , no security auth) client open a http site (many) and write on some fields (most in contact form, some in forum and blogs) i just reset my pineapple in pineapple running just the keylogger , nothing else the keylogger not grap key strokes ... i try to refresh ... i open the directory and is empty no file created when i give on my mac the "http://192.168.2.4/k.js" i receive the code when i give on client pc the "http://172.16.42.1/k.js" , i receive the code again !!! (are the above is right? or i have understand something wrong?) how can i check/test if the keylogger work/running ? any idea ??? thank you EDIT >>> (hi again) the keylogger begin to work after i close the cron from status page , the cron was start automatically so i thought that is not a problem (?) something else that i do (i doit after close the cron and before check if work) is that i go to configuration page of key logger , i show here the server ip (was the right) and i press SAVE !!! the "save" shutdown the key logger , so i start it again ... and know grap data ... now i open again the cron and the key logger still work fine ... !!!!!!!!??????!!!!!!! i cant understand what happen here ... ok i am noobie but that is little strange .... hihihihihi !!! (?) i have some problems about the results , sometime loose keystrokes and sometimes when i delete the text that i was wrote in the field a letter cant deleted ... i try to make more test 's thank you Edited September 29, 2013 by makfor49 Quote Link to comment Share on other sites More sharing options...
waddell Posted October 3, 2013 Share Posted October 3, 2013 (edited) Will this be ported over to Firmware v3.X? Also is there anywhere I can manually download this on my pc (just to inspect the code)? Edited October 3, 2013 by waddell Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.