Fira Posted October 23, 2013 Share Posted October 23, 2013 (edited) Well, i've had a few weeks to play with my pineapple now, and whilst i like the idea of it very much, it hasn't been a smooth ride at all. So after borking my pineapple for the umpteenth time, I'm gonna go through my re-install procedure, and comment on a few of the infusions.To be honest, I'm thinking the best ideas on this box are not as functional as they seem to have been a few years back (like Karma for example), but I don't think that is the fault of the pineapple. Vendors have tightened up on security a bit since the pinepple has come out. I definitely see this is a useful pivot box, but i find it lacking somewhat in some areas too. I'll keep playing with it, and reporting what I find. I know I have a lot to learn, and tricks to master but it's fun when it isn't infuriating! Question is, do I want to shell out for a MKV knowing that the MKIV looks good on paper mostly.... A note on the Ethernet Sockets... Eth0 (This is the one marked "PoE LAN") This port by default expects the gateway to be "172.16.42.42" unless you edit "etc/pineapple/spoofhost". More on that later... This port also has a DHCP running on it, so if you connect your attacker machine to the pineapple via this port, you may want to set a static IP somewhere on 172.16.42.0/24. If you are providing internet to the pineapple FROM your attacker machine, you will want to make sure your attacker machine has the IP 172.16.42.42 (default setting of gateway). Eth1 (This is the one marked "WAN LAN") This port has no DHCP running on it, and is expecting to be given a DHCP from another machine / router. If you use Windows to give your pineapple internet via ICS, it will most likely have a default DHCP pool of 192.168.137.0/24 (windows 7), or 192.168.0.0/24 (windows XP) so your pineapple will accept an DHCP lease from one of those ranges. Use an IP scanner on your windows machine to figure out what IP your pineapple has. Since you can't easily edit the DHCP pool of ICS on windows, you will have to use this ethernet port for the internet connection of your pineapple. You also won't be able to connect to your pineapple with the 172.* address from this adapter.Pineapple MK IV Fresh install on 3.0 Remove USB Factory Reset Pineapple Format USB in Gparted on linux login to pineapple change root password change pineapple SSID add "reboot" to the WPS button script in Configuration > Button configuration edit USB Fstab settings in Rescources > USB Plug in the USB drive and wait a minute for everything to settle. SSH into the WiFi Pineapple (typically "ssh email@example.com" and sometimes you need to clear the known hosts : "rm ~/.ssh/known_hosts") Issue "mkswap /dev/sda2" reboot issue "free" to check swap is enabled create folder /usb/www/ issue command "ln -s /usb/www/* /www/" to symlink the www folder to the usb drive. update ---------------------this is my custom network config (not mandatory) ssh in to change ssh ports nano /etc/config/dropbear issue nano /etc/config/network change gateway from 172.16.42.42 to 172.16.42.2 (for ics sharing from kali from eth0 on Kali to the PoE port on the pineapple) run ./wp4.sh on kali to set up ICS gateway 172.16.42.2 (I have edited the script to make this my default gateway) I do this because JasagerPwn 2.0 expects the attacker to be at this address... ------------------------------------------ this is with internet Update The Wifi Pineapple Bar Infusion my ICS seemed to work out of the box, but if not - install WiFI Manager infusion and Change ICS settings to Enable on boot yes, share from eth0 to wlan0 save change dnsspoof host to 172.16.42.2 * (one caveat I noticed from trying to figure out why it didn't redirect was sometimes an extra character gets appended to the end of a spoofhost. this was only noticable from sshing in and checking out "etc/pineapple/spoofhost") -------------------------------------------Other infusions.... Evil Portal This was a great infusion! First time I installed it, I didn't have enough space to edit it's settings, so I had to factory reset to test it unfortunately. However, once configured, it is awesome! Installing this and configuring it really needs to be one of the first things you install otherwise you'll find you can't edit the configuration files!One problem I ran into was not being able to stop it from starting at boot in the gui. The button just seemed to crash the tile to main screen. Get I like this infusion, but for me it has a couple of issues : Clicking "Connected Clients" causes the tile to close. comments aren't saved (seems to be ok this time) Sslstrip Going to test this next cos I never had any success with it.... infact, pretty much always said "sslstrip is not running" Failing this, I can hopefully use it on kali instead... Tile doesn't update to tell you it's installed. you have to refresh the browser it seems before it indicates it's installed... :/ Clicking start.... (seems to work) Seems to output a log file this time... rather than "sslstrip is not running" when i click the refresh link. i wonder how long before it breaks.... Ok so i connected my nexus 7 to the pineapple, and logged into facebook with the browser. shows HTTPS all the way. Let's do it again with the next infusion : (Edit : some things have turned up in the logs, although nothing useful so far - plus iceweasel doesn't really display any popups correcly) TrapCookies Installed, and just running trapcookies and sslstrip logged into facebook, gmail and myspace... no idea if it works.... iceweasel ain't much good to be honest...lets go find the logs... Empty. Completely empty. I must need to run it for longer I guess.... (edit - there are somethings in there, but not what I was looking for) Codeinject whenever this is switched on, all the HTTP internet stops working on the victim machine (although HTTPS seems to be fine). :/ Not sure why! wonder if it's cos I changed my gateway?--------------------------------------------------To be continued! Edited April 25, 2015 by Fira Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.