TheHackerNextDoor Posted April 27, 2014 Posted April 27, 2014 Hi all, I'm going to make this a lot shorter, because I just finished writing this and Google Chrome decided to crash. I want to write an app for the pineapple so people can control it from an iPod, iPhone, or iPad. I have the technical experience to do this. A few questions I have: Hosting. Should I host the server, or should I allow anybody to host it? Note: Encryption will be used on either end, plus an ID system, so no security problems with that. The only problem I can think of is DoSes/DDoses. Price. Free on Cydia, $0.99 on the app store, or free with ads on the app store? Please keep in mind screen space is a luxury. Things it can do. All I have thought of so far is an infusion manager, and LED manager, and a command executer. What else should it do? Of course, some of you will be asking why. Here are a few reasons: - Security. If you're managing your Pineapple over 3G or public WiFi, the web interface can easily be sniffed. - Efficiency: Most 3G plans have a data cap. By rendering it on the client side, and just communicating with the Pineapple for information, you cut down on the amount of data being tossed around. - Ease: As someone who's managed the pineapple from my iPod 5, I can tell you it's not much fun, because the web interface is designed for a computer. Quote
Sebkinne Posted April 27, 2014 Posted April 27, 2014 Hi all, I'm going to make this a lot shorter, because I just finished writing this and Google Chrome decided to crash. I want to write an app for the pineapple so people can control it from an iPod, iPhone, or iPad. I have the technical experience to do this. A few questions I have: Hosting. Should I host the server, or should I allow anybody to host it? Note: Encryption will be used on either end, plus an ID system, so no security problems with that. The only problem I can think of is DoSes/DDoses. Price. Free on Cydia, $0.99 on the app store, or free with ads on the app store? Please keep in mind screen space is a luxury. Things it can do. All I have thought of so far is an infusion manager, and LED manager, and a command executer. What else should it do? Of course, some of you will be asking why. Here are a few reasons: - Security. If you're managing your Pineapple over 3G or public WiFi, the web interface can easily be sniffed. - Efficiency: Most 3G plans have a data cap. By rendering it on the client side, and just communicating with the Pineapple for information, you cut down on the amount of data being tossed around. - Ease: As someone who's managed the pineapple from my iPod 5, I can tell you it's not much fun, because the web interface is designed for a computer. There are a few things you have to watch out for: 1. WiFi Pineapple is a registered trademark of hak5. Someone tried to do this for an Android app and it seemed like it was made by us. In general, this can cause brand confusion. 2. This is also why taking money for the app could cause issues with our brand. 3. If you hosted a server, you would have to adhere to some laws. Any traffic passing through you could be illegal material. That can break several laws. Also, this is often again NDA contracts testers sign. They will not be allowed to have their clients data passed through your server. There are several security issues that can arise with this too. 4. We are working on a network accessible API to control the Pineapple. You may want to wait for this to be out as it'll just mean double the work for you. We also have another project planned in regards to this but I cannot go into detail on this currently. I do promise however, that waiting for out API would be wise. There are numerous other things we would need to discuss - if you do want to go ahead and make the app, please email darren@hak5.org and seb@hak5.org with more details and we'll get back to you on it ASAP. Edit: we will most likely optimize the UI for mobile devices soon, fixing the screen real estate issues :) Best regards, Sebkinne Quote
TheHackerNextDoor Posted April 27, 2014 Author Posted April 27, 2014 There are a few things you have to watch out for: 1. WiFi Pineapple is a registered trademark of hak5. Someone tried to do this for an Android app and it seemed like it was made by us. In general, this can cause brand confusion. 2. This is also why taking money for the app could cause issues with our brand. 3. If you hosted a server, you would have to adhere to some laws. Any traffic passing through you could be illegal material. That can break several laws. Also, this is often again NDA contracts testers sign. They will not be allowed to have their clients data passed through your server. There are several security issues that can arise with this too. 4. We are working on a network accessible API to control the Pineapple. You may want to wait for this to be out as it'll just mean double the work for you. We also have another project planned in regards to this but I cannot go into detail on this currently. I do promise however, that waiting for out API would be wise. There are numerous other things we would need to discuss - if you do want to go ahead and make the app, please email darren@hak5.org and seb@hak5.org with more details and we'll get back to you on it ASAP. Edit: we will most likely optimize the UI for mobile devices soon, fixing the screen real estate issues :) Best regards, Sebkinne Thanks for that information. I'll wait for the API to come out, plus I'll also email those emails once I have of the details worked out. Regarding the server legal issues, could I not put a TOS that they must agree to stating that they have to take responsibility? Quote
Sebkinne Posted April 27, 2014 Posted April 27, 2014 Thanks for that information. I'll wait for the API to come out, plus I'll also email those emails once I have of the details worked out. Regarding the server legal issues, could I not put a TOS that they must agree to stating that they have to take responsibility? Sorry for my a little blunt response! We really love it when members of our community contribute to out products, and are keen to see what you had in mind. I'm sometimes fast in my responses :) Send us and email, let's have a chat, we can update you on some API ideas and maybe you can give some input there. Best regards, Sebkinne Quote
newbi3 Posted April 27, 2014 Posted April 27, 2014 What features would require this to have a server to phone home to? Quote
TheHackerNextDoor Posted April 27, 2014 Author Posted April 27, 2014 What features would require this to have a server to phone home to? Everything. They can't communicate with each other, unless the Pineapple ran the server itself, which wouldn't work on public WiFi or 3G. Quote
TheHackerNextDoor Posted April 28, 2014 Author Posted April 28, 2014 Guys? I kind of need more user input before I can start writing this app... Quote
m40295 Posted April 28, 2014 Posted April 28, 2014 (edited) i would love to see this features i would like to see is activating/deactivating infusions now many users on network maby iphone assisted attack options (as some tools have been ported beef metasploit) logveiwer nmap contunious to see when a new ip is added just some idea thoughts what kind of user input would you like i would perfer free as most of the infusions addons are free as its for the greater good of our communty tho i am not against a .99 fee i would not pay it as i refuse to give apple any more money Edited April 28, 2014 by m40295 Quote
TheHackerNextDoor Posted April 28, 2014 Author Posted April 28, 2014 Why 99c if its on the appstore? There is a developer fee of $99/year that I must cover. I only get about 70 cents of that dollar, so I'll have to sell at least about 145 apps a year. Quote
TheHackerNextDoor Posted April 28, 2014 Author Posted April 28, 2014 i would love to see this features i would like to see is activating/deactivating infusions now many users on network maby iphone assisted attack options (as some tools have been ported beef metasploit) logveiwer nmap contunious to see when a new ip is added just some idea thoughts what kind of user input would you like i would perfer free as most of the infusions addons are free as its for the greater good of our communty tho i am not against a .99 fee i would not pay it as i refuse to give apple any more money You wouldn't be paying Apple, you'd be paying me. Infusion manager is already planned. How many users on a network would be accessible in Karma, which is accessible in the infusion manager. The logviewer is an infusion, again, located in the infusion manager :) I do like the idea of a continuous nmap scanner. I'll add that to the list later. Quote
m40295 Posted April 28, 2014 Posted April 28, 2014 well i wont be able to pay for it but i have tons of ideas if you need testers i dont use appstore or creditcards online set has a web/interface you could intagrate for s.e.t attacks Quote
TheHackerNextDoor Posted April 28, 2014 Author Posted April 28, 2014 well i wont be able to pay for it but i have tons of ideas if you need testers i dont use appstore or creditcards online set has a web/interface you could intagrate for s.e.t attacks well i wont be able to pay for it but i have tons of ideas if you need testers i dont use appstore or creditcards online set has a web/interface you could intagrate for s.e.t attacks Sorry, but you couldn't test it before release without being connected to my apple development account. Quote
newbi3 Posted April 28, 2014 Posted April 28, 2014 I'm not sure that I would use a phone app to manage my pineapple but some people would Regardless of my view I'd like to see what you come up with Quote
m40295 Posted April 29, 2014 Posted April 29, 2014 so your asking for input then your going to SELL it to us I thought communty based projects were for the greater good of the community I am not apposed to making money. but to ask for ideas then charge for a app seems greedy to me will hak5 be making money off this app or just you free infusions and communty based evolution is why I bought he mkv. I love the "for the greater good of the community " aspect. I think personally any apps to be made by asking for user input should be free to the community just my thought I wasent asking for prerelease or a dev account. I like many enjoy helping communty based projects Quote
newbi3 Posted April 29, 2014 Posted April 29, 2014 He has to pay overhead for the App Store after his expenses unless he sells over 145 copies of the app he will not have payed for his expenses. He did say it could be free with ads and it will be free in cydia for those who jailbreak Quote
TheHackerNextDoor Posted April 29, 2014 Author Posted April 29, 2014 so your asking for input then your going to SELL it to us I thought communty based projects were for the greater good of the community I am not apposed to making money. but to ask for ideas then charge for a app seems greedy to me will hak5 be making money off this app or just you free infusions and communty based evolution is why I bought he mkv. I love the "for the greater good of the community " aspect. I think personally any apps to be made by asking for user input should be free to the community just my thought I wasent asking for prerelease or a dev account. I like many enjoy helping communty based projects I don't know if you just don't want to pay $0.99 or what, but since you couldn't take the time to read the above posts, I'll say again that putting apps on the appstore costs money. Quote
newbi3 Posted April 29, 2014 Posted April 29, 2014 It doesnt cost infusion developers anything to create an infusion and throw it in the pineapple bar, there is no overhead for that like there is with putting an app into Apples App Store. A question I have for you though is will this be open sourced or do apples rules prevent open sourcing stuff in the app store? Quote
TheHackerNextDoor Posted April 29, 2014 Author Posted April 29, 2014 It doesnt cost infusion developers anything to create an infusion and throw it in the pineapple bar, there is no overhead for that like there is with putting an app into Apples App Store. A question I have for you though is will this be open sourced or do apples rules prevent open sourcing stuff in the app store? I don't think there are any rules against open-sourcing an app, and even if there are, I could release the code after say 10,000 people download it. It's like flappy bird, if it was taken off the app store, by no matter who, it stays on devices that have it downloaded. So that's always an option. Another alternative would be to keep the source code on the deep web only. Of course, I doubt Apple will have a problem with open-sourcing it. Quote
newbi3 Posted April 29, 2014 Posted April 29, 2014 Then anyone with a Mac can compile it them selfs and put it onto their iOS device I see no greed in this and I'm interested to see what you develop :) Quote
TheHackerNextDoor Posted April 29, 2014 Author Posted April 29, 2014 Then anyone with a Mac can compile it them selfs and put it onto their iOS device I see no greed in this and I'm interested to see what you develop :) Except you can't put it on without a developer account - $99/year, or jailbreak, and I might put it in the Cydia app store anyway. Quote
xrad Posted April 29, 2014 Posted April 29, 2014 (edited) I would buy it......... $0.99 isn't $39.99. I would pay $4.99 if it's a good app. For anyone that doesn't use cc online.........there is always iTunes gift cards. For someone to say your going to get rich is ridiculous, I hope you at least make it compatible with 5.1.2 please, so I can use it on an old iPad 1. Features: Anything and everything you can throw at it. Server based?: Will the server always be around.........even if you only sell 12 apps? Glad to see this comining, and looking forward to see what Sebkinne has in store for the UI on mobile devices. Edited April 29, 2014 by xrad Quote
Foxtrot Posted April 29, 2014 Posted April 29, 2014 To me it seems wrong to pay for an app that a) doesn't do anything more than the web UI (afaik), and in the future as the UI is updated to do more the app will fall behind, and b) It should be free because we are all the community, I know you're saying you're not trying to just get money, but from the first post it seems like you are. Just my two cents. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.