Xeph Posted July 25, 2013 Posted July 25, 2013 Hi, New owner of the Pineapple, and I have a couple questions, and was hoping someone could help me out: I noticed that http://wifipineapple.com/wp4.sh is missing. Earlier posts indicated that it was gone due to a DNS update, but I'm still unable to find it. Is this a similar issue, or has it moved. It took me a couple searches to determine the 172.16.42.1/pineapple address listed in the book had been switched to 1471, so I'm unsure if it has moved recently. Also, I noticed a couple tutorials for the core products but I was wondering if there were some for the pineapple bar modules - my searches so far have come up nil. Also, I don't know if this is the place for this particular question, but as I'm looking to use this device in a professional capacity, is there any issues with the interception of packets from a legal standpoint. I know google got into some hot water a couple years ago for that during the google street view and mapping launch, but I was wondering if anyones ever addressed the legal implications of packet capturing during a penetration test or other security service. Thanks much! -A- Quote
Mr-Protocol Posted July 25, 2013 Posted July 25, 2013 Here is the wp4.sh http://wifipineapple.com/mk4/scripts/wp4.sh #!/bin/bash #define variables echo "$(tput setaf 1) _ ___ _______ ____ _ __ " echo " | | / (_) ____(_) / __ \\(_)___ ___ ____ _____ ____ / /__ " echo " | | /| / / / /_ / / / /_/ / / __ \/ _ \/ __ '/ __ \/ __ \/ / _ \\" echo " | |/ |/ / / __/ / / / ____/ / / / / __/ /_/ / /_/ / /_/ / / __/" echo " |__/|__/_/_/ /_/ /_/ /_/_/ /_/\___/\__,_/ .___/ .___/_/\___/ " echo " $(tput sgr0) OWN the Network $(tput setaf 1)/_/ /_/$(tput sgr0) v2.1" echo "" echo -n "Pineapple Netmask [255.255.255.0]: " read pineapplenetmask if [[ $pineapplenetmask == '' ]]; then pineapplenetmask=255.255.255.0 #Default netmask for /24 network fi echo -n "Pineapple Network [172.16.42.0/24]: " read pineapplenet if [[ $pineapplenet == '' ]]; then pineapplenet=172.16.42.0/24 # Pineapple network. Default is 172.16.42.0/24 fi echo -n "Interface between PC and Pineapple [eth0]: " read pineapplelan if [[ $pineapplelan == '' ]]; then pineapplelan=eth0 # Interface of ethernet cable directly connected to Pineapple fi echo -n "Interface between PC and Internet [wlan0]: " read pineapplewan if [[ $pineapplewan == '' ]]; then pineapplewan=wlan0 #i.e. wlan0 for wifi, ppp0 for 3g modem/dialup, eth0 for lan fi temppineapplegw=`netstat -nr | awk 'BEGIN {while ($3!="0.0.0.0") getline; print $2}'` #Usually correct by default echo -n "Internet Gateway [$temppineapplegw]: " read pineapplegw if [[ $pineapplegw == '' ]]; then pineapplegw=`netstat -nr | awk 'BEGIN {while ($3!="0.0.0.0") getline; print $2}'` #Usually correct by default fi echo -n "IP Address of Host PC [172.16.42.42]: " read pineapplehostip if [[ $pineapplehostip == '' ]]; then pineapplehostip=172.16.42.42 #IP Address of host computer fi echo -n "IP Address of Pineapple [172.16.42.1]: " read pineappleip if [[ $pineappleip == '' ]]; then pineappleip=172.16.42.1 #Thanks Douglas Adams fi #Display settings #echo Pineapple connected to: $pineapplelan #echo Internet connection from: $pineapplewan #echo Internet connection gateway: $pineapplegw #echo Host Computer IP: $pineapplehostip #echo Pineapple IP: $pineappleip #echo Network: $pineapplenet #echo Netmask: $pineapplenetmask echo "" echo "$(tput setaf 6) _ . $(tput sgr0) $(tput setaf 7)___$(tput sgr0) $(tput setaf 3)\||/$(tput sgr0) Internet: $pineapplegw - $pineapplewan" echo "$(tput setaf 6) ( _ )_ $(tput sgr0) $(tput setaf 2)<-->$(tput sgr0) $(tput setaf 7)[___]$(tput sgr0) $(tput setaf 2)<-->$(tput sgr0) $(tput setaf 3),<><>,$(tput sgr0) Computer: $pineapplehostip" echo "$(tput setaf 6) (_ _(_ ,)$(tput sgr0) $(tput setaf 7)\___\\$(tput sgr0) $(tput setaf 3)'<><>'$(tput sgr0) Pineapple: $pineapplenet - $pineapplelan" #Bring up Ethernet Interface directly connected to Pineapple ifconfig $pineapplelan $pineapplehostip netmask $pineapplenetmask up # Enable IP Forwarding echo '1' > /proc/sys/net/ipv4/ip_forward #echo -n "IP Forwarding enabled. /proc/sys/net/ipv4/ip_forward set to " #cat /proc/sys/net/ipv4/ip_forward #clear chains and rules iptables -X iptables -F #echo iptables chains and rules cleared #setup IP forwarding iptables -A FORWARD -i $pineapplewan -o $pineapplelan -s $pineapplenet -m state --state NEW -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A POSTROUTING -t nat -j MASQUERADE #echo IP Forwarding Enabled #remove default route route del default #echo Default route removed #add default gateway route add default gw $pineapplegw $pineapplewan #echo Pineapple Default Gateway Configured #instructions #echo All set. Now on the Pineapple issue: route add default gw $pineapplehostip br-lan #ping -c1 $pineappleip #if [ $? -eq 0 ]; then #echo "ICS configuration successful." #echo "Issuing on Pineapple: route add default gw $pineapplehostip br-lan" #echo " ssh root@$pineappleip 'route add default gw '$pineapplehostip' br-lan'" #echo "Enter Pineapple password if prompted" #ssh root@$pineappleip 'route add default gw '$pineapplehostip' br-lan' #fi echo "" echo "Browse to http://$pineappleip:1471 -- Happy Hacking!" echo "" Not really much on tutorials that I have seen. Yes, you violate many laws (depending on country, state, etc.) if you just start watching traffic. I am not a lawyer, but from my understanding you need to own the network or have the proper permissions. As well as a warning banner notifying the users before use that their traffic is being monitored. That is just the quick overview, it's a lot more intricate than that, review with a lawyer. But the bottom line is, yes it's illegal to just start looking at traffic being passed through your device. Quote
Xeph Posted July 25, 2013 Author Posted July 25, 2013 Awesome, thanks much for the assist! I'm wondering if theres the legal loophole with scanners where you can play cellular conversations, it's just illegal to *listen* to it. Quote
Mr-Protocol Posted July 25, 2013 Posted July 25, 2013 In regards to Wifi, there has been a case where the judge claimed that unencrypted wifi is ok to sniff over the air, but anything that requires cracking encryption or a password is illegal. I am pretty sure this is still up in the air in what is acceptable. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.