Jump to content

Wifi Pineapple on Raspberry Pi


sUbZeRo

Recommended Posts

So I was reading around the internet today and came across this article from Pentura Labs. It looks like they have ported part of the wifi pineapple to the Raspberry Pi. I dont know much about drivers and patching in Linux so I'm wondering if anyone here can make use of this so we can deploy this concept on the Raspberry Pi? This would give us alot of advantages to the Hornet UB like faster CPU, more memory, and 2x USB.

If someone wants to try to get this to work with the Raspberry Pi version of Kali linux I can help test. Good luck guys!

http://penturalabs.wordpress.com/2013/06/24/yellow-for-a-slice-of-pineapple-pi/

https://github.com/PenturaLabs/Pineapple-Pi

Link to comment
Share on other sites

swoot swoot!

link for the lazy: https://forums.hak5.org/index.php?/topic/25530-wifi-pineapplef-bomb/

Cheers and good luck!

telot

Link to comment
Share on other sites

Thanks for the response Telot! This is great news. Can you tell me what you used for a base OS? Raspbian? I think starting with the new Kali linux on the Pi may give alot of preconfigured goodies to play with. Would you recommend starting with Kali image then following your instructions?

Link to comment
Share on other sites

I think I used pwnpi, as Kali hadn't been released yet. That said, I would definitely go with kali, as its a much more robust and awesome distro for sure. Good luck!

telot

Link to comment
Share on other sites

Telot, after following your post I got it going on Pwnpi 3.0. I couldn't apt-get the first step in Kali. I have the AP up with hostapd and dnsmasq is running. I can see the AP on my tablet but it just sits at obtaining IP address. Did you see this? Any ideas?

I am using Alfa AWUS036NHA for hostapd with nl80211 driver.

Link to comment
Share on other sites

inTheDMZ, I removed dnsmasq, installed dhcp3-server(isc-dhcp-server), edited your config, and launched it. It is working perfectly now! Now I just have to get my T-Mobile Rocket to connect and bridge them and I should be good to go. Thanks for the help!!

Telot, which 3G cellular dongle did you use?

Link to comment
Share on other sites

I got my 3G dongle connected with sakis3g script. The only problem I have now is I cant bridge ppp0 and wlan0. I need to share ppp0 with wlan0 so the clients have internet access. Anyone have an idea how to do this and keep the iptables for sslstrip going?

Link to comment
Share on other sites

inTheDMZ, I tried this and I am still not getting a connection. I do get an IP from the pi and my 3G dongle is connected and has an IP on ppp0.

iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o ppp0 -j MASQUERADE
iptables
-A FORWARD -s 192.168.1.0/24 -o ppp0 -j ACCEPT
iptables
-A FORWARD -d 192.168.1.0/24 -m state --state ESTABLISHED,RELATED -i ppp0 -j ACCEPT

Link to comment
Share on other sites

Sorry inTheDMZ, I should have included all my rules. Here is what I was trying. I also tried this without the sslstip rules with no luck. I wonder wh this is working for the pineapple when the 3G dongle is at usb0 but not when its at ppp0. I think they both use usbmodeswitch to change them to serial.

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o ppp0 -j MASQUERADE
iptables -A FORWARD -s 192.168.1.0/24 -o ppp0 -j ACCEPT
iptables -A FORWARD -d 192.168.1.0/24 -m state --state ESTABLISHED,RELATED -i ppp0 -j ACCEPT

Link to comment
Share on other sites

I can ping google from the pi over 4G so its got to be something with the iptables or forwarding.

root@pwnpi:~# ifconfig
eth0 Link encap:Ethernet HWaddr b8:27:eb:82:94:2f
inet addr:192.168.1.20 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1849 errors:0 dropped:0 overruns:0 frame:0
TX packets:1617 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:148721 (145.2 KiB) TX bytes:159062 (155.3 KiB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:382 errors:0 dropped:0 overruns:0 frame:0
TX packets:382 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:22252 (21.7 KiB) TX bytes:22252 (21.7 KiB)

mon.wlan0 Link encap:UNSPEC HWaddr 00-C0-CA-57-2D-A0-00-00-00-00-00-00-00-00-00-00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5474 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:892723 (871.7 KiB) TX bytes:0 (0.0 B)

ppp0 Link encap:Point-to-Point Protocol
inet addr:22.212.214.213 P-t-P:10.0.0.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:87 errors:0 dropped:0 overruns:0 frame:0
TX packets:123 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:8369 (8.1 KiB) TX bytes:9606 (9.3 KiB)

wlan0 Link encap:Ethernet HWaddr 00:c0:ca:57:2d:a0
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:318 errors:0 dropped:0 overruns:0 frame:0
TX packets:229 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:38251 (37.3 KiB) TX bytes:36923 (36.0 KiB)

root@pwnpi:~# ping google.com
PING google.com (74.125.130.100) 56(84) bytes of data.
64 bytes from gh-in-f100.1e100.net (74.125.130.100): icmp_req=1 ttl=43 time=218 ms
64 bytes from gh-in-f100.1e100.net (74.125.130.100): icmp_req=2 ttl=43 time=215 ms
^C
--- google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 215.608/217.105/218.603/1.568 ms

Link to comment
Share on other sites

I got this working. My default gateway was 192.168.1.254 instead of 192.168.1.1 in the dhcp server config. I also set my script to run at boot. So now I hit the power button on my battery, it boots the pi, connects to 3g, runs hostapd with karma, sets up ip tables and runs sslstrip. I can connect to the wifi and ssh into the pi to run aditional commands. My next task is to configure the pi to read a switch that will boot either sslstrip mode, AP mode, or some other mode i have yet to come up with maybe metasploit mode. I have to learn about the pi GPIO and get a script to read the switch position now.

Thanks alot to Telot and inTheDMZ for their help!!!!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...