Jump to content

[Infusion idea] WiFi Pineapple iOS App - Thoughts?


TheHackerNextDoor
 Share

Recommended Posts

Hi all,

I'm going to make this a lot shorter, because I just finished writing this and Google Chrome decided to crash.

I want to write an app for the pineapple so people can control it from an iPod, iPhone, or iPad. I have the technical experience to do this.

A few questions I have:

Hosting. Should I host the server, or should I allow anybody to host it? Note: Encryption will be used on either end, plus an ID system, so no security problems with that. The only problem I can think of is DoSes/DDoses.

Price. Free on Cydia, $0.99 on the app store, or free with ads on the app store? Please keep in mind screen space is a luxury.

Things it can do. All I have thought of so far is an infusion manager, and LED manager, and a command executer. What else should it do?

Of course, some of you will be asking why. Here are a few reasons:

- Security. If you're managing your Pineapple over 3G or public WiFi, the web interface can easily be sniffed.

- Efficiency: Most 3G plans have a data cap. By rendering it on the client side, and just communicating with the Pineapple for information, you cut down on the amount of data being tossed around.

- Ease: As someone who's managed the pineapple from my iPod 5, I can tell you it's not much fun, because the web interface is designed for a computer.

Link to comment
Share on other sites

Hi all,

I'm going to make this a lot shorter, because I just finished writing this and Google Chrome decided to crash.

I want to write an app for the pineapple so people can control it from an iPod, iPhone, or iPad. I have the technical experience to do this.

A few questions I have:

Hosting. Should I host the server, or should I allow anybody to host it? Note: Encryption will be used on either end, plus an ID system, so no security problems with that. The only problem I can think of is DoSes/DDoses.

Price. Free on Cydia, $0.99 on the app store, or free with ads on the app store? Please keep in mind screen space is a luxury.

Things it can do. All I have thought of so far is an infusion manager, and LED manager, and a command executer. What else should it do?

Of course, some of you will be asking why. Here are a few reasons:

- Security. If you're managing your Pineapple over 3G or public WiFi, the web interface can easily be sniffed.

- Efficiency: Most 3G plans have a data cap. By rendering it on the client side, and just communicating with the Pineapple for information, you cut down on the amount of data being tossed around.

- Ease: As someone who's managed the pineapple from my iPod 5, I can tell you it's not much fun, because the web interface is designed for a computer.

There are a few things you have to watch out for:

1. WiFi Pineapple is a registered trademark of hak5. Someone tried to do this for an Android app and it seemed like it was made by us. In general, this can cause brand confusion.

2. This is also why taking money for the app could cause issues with our brand.

3. If you hosted a server, you would have to adhere to some laws. Any traffic passing through you could be illegal material. That can break several laws. Also, this is often again NDA contracts testers sign. They will not be allowed to have their clients data passed through your server. There are several security issues that can arise with this too.

4. We are working on a network accessible API to control the Pineapple. You may want to wait for this to be out as it'll just mean double the work for you. We also have another project planned in regards to this but I cannot go into detail on this currently. I do promise however, that waiting for out API would be wise.

There are numerous other things we would need to discuss - if you do want to go ahead and make the app, please email darren@hak5.org and seb@hak5.org with more details and we'll get back to you on it ASAP.

Edit: we will most likely optimize the UI for mobile devices soon, fixing the screen real estate issues :)

Best regards,

Sebkinne

Link to comment
Share on other sites

There are a few things you have to watch out for:

1. WiFi Pineapple is a registered trademark of hak5. Someone tried to do this for an Android app and it seemed like it was made by us. In general, this can cause brand confusion.

2. This is also why taking money for the app could cause issues with our brand.

3. If you hosted a server, you would have to adhere to some laws. Any traffic passing through you could be illegal material. That can break several laws. Also, this is often again NDA contracts testers sign. They will not be allowed to have their clients data passed through your server. There are several security issues that can arise with this too.

4. We are working on a network accessible API to control the Pineapple. You may want to wait for this to be out as it'll just mean double the work for you. We also have another project planned in regards to this but I cannot go into detail on this currently. I do promise however, that waiting for out API would be wise.

There are numerous other things we would need to discuss - if you do want to go ahead and make the app, please email darren@hak5.org and seb@hak5.org with more details and we'll get back to you on it ASAP.

Edit: we will most likely optimize the UI for mobile devices soon, fixing the screen real estate issues :)

Best regards,

Sebkinne

Thanks for that information. I'll wait for the API to come out, plus I'll also email those emails once I have of the details worked out.

Regarding the server legal issues, could I not put a TOS that they must agree to stating that they have to take responsibility?

Link to comment
Share on other sites

Thanks for that information. I'll wait for the API to come out, plus I'll also email those emails once I have of the details worked out.

Regarding the server legal issues, could I not put a TOS that they must agree to stating that they have to take responsibility?

Sorry for my a little blunt response!

We really love it when members of our community contribute to out products, and are keen to see what you had in mind. I'm sometimes fast in my responses :)

Send us and email, let's have a chat, we can update you on some API ideas and maybe you can give some input there.

Best regards,

Sebkinne

Link to comment
Share on other sites

i would love to see this

features i would like to see is

activating/deactivating infusions

now many users on network

maby iphone assisted attack options (as some tools have been ported beef metasploit)

logveiwer

nmap contunious to see when a new ip is added

just some idea thoughts

what kind of user input would you like

i would perfer free

as most of the infusions addons are free as its for the greater good of our communty

tho i am not against a .99 fee i would not pay it as i refuse to give apple any more money

Edited by m40295
Link to comment
Share on other sites

i would love to see this

features i would like to see is

activating/deactivating infusions

now many users on network

maby iphone assisted attack options (as some tools have been ported beef metasploit)

logveiwer

nmap contunious to see when a new ip is added

just some idea thoughts

what kind of user input would you like

i would perfer free

as most of the infusions addons are free as its for the greater good of our communty

tho i am not against a .99 fee i would not pay it as i refuse to give apple any more money

You wouldn't be paying Apple, you'd be paying me.

Infusion manager is already planned.

How many users on a network would be accessible in Karma, which is accessible in the infusion manager.

The logviewer is an infusion, again, located in the infusion manager :)

I do like the idea of a continuous nmap scanner. I'll add that to the list later.

Link to comment
Share on other sites

well i wont be able to pay for it but i have tons of ideas

if you need testers

i dont use appstore

or creditcards online

set has a web/interface you could intagrate for s.e.t attacks

well i wont be able to pay for it but i have tons of ideas

if you need testers

i dont use appstore

or creditcards online

set has a web/interface you could intagrate for s.e.t attacks

Sorry, but you couldn't test it before release without being connected to my apple development account.

Link to comment
Share on other sites

I'm not sure that I would use a phone app to manage my pineapple but some people would

Regardless of my view I'd like to see what you come up with

Link to comment
Share on other sites

so your asking for input then your going to SELL it to us

I thought communty based projects were for the greater good of the community

I am not apposed to making money.

but to ask for ideas then charge for a app seems greedy to me

will hak5 be making money off this app

or just you

free infusions and communty based evolution is why I bought he mkv. I love the "for the greater good of the community " aspect.

I think personally any apps to be made by asking for user input should be free to the community

just my thought

I wasent asking for prerelease or a dev account. I like many enjoy helping communty based projects

Link to comment
Share on other sites

He has to pay overhead for the App Store after his expenses unless he sells over 145 copies of the app he will not have payed for his expenses. He did say it could be free with ads and it will be free in cydia for those who jailbreak

Link to comment
Share on other sites

so your asking for input then your going to SELL it to us

I thought communty based projects were for the greater good of the community

I am not apposed to making money.

but to ask for ideas then charge for a app seems greedy to me

will hak5 be making money off this app

or just you

free infusions and communty based evolution is why I bought he mkv. I love the "for the greater good of the community " aspect.

I think personally any apps to be made by asking for user input should be free to the community

just my thought

I wasent asking for prerelease or a dev account. I like many enjoy helping communty based projects

I don't know if you just don't want to pay $0.99 or what, but since you couldn't take the time to read the above posts, I'll say again that putting apps on the appstore costs money.

Link to comment
Share on other sites

It doesnt cost infusion developers anything to create an infusion and throw it in the pineapple bar, there is no overhead for that like there is with putting an app into Apples App Store.

A question I have for you though is will this be open sourced or do apples rules prevent open sourcing stuff in the app store?

Link to comment
Share on other sites

It doesnt cost infusion developers anything to create an infusion and throw it in the pineapple bar, there is no overhead for that like there is with putting an app into Apples App Store.

A question I have for you though is will this be open sourced or do apples rules prevent open sourcing stuff in the app store?

I don't think there are any rules against open-sourcing an app, and even if there are, I could release the code after say 10,000 people download it. It's like flappy bird, if it was taken off the app store, by no matter who, it stays on devices that have it downloaded. So that's always an option. Another alternative would be to keep the source code on the deep web only. Of course, I doubt Apple will have a problem with open-sourcing it.

Link to comment
Share on other sites

Then anyone with a Mac can compile it them selfs and put it onto their iOS device I see no greed in this and I'm interested to see what you develop :)

Link to comment
Share on other sites

Then anyone with a Mac can compile it them selfs and put it onto their iOS device I see no greed in this and I'm interested to see what you develop :)

Except you can't put it on without a developer account - $99/year, or jailbreak, and I might put it in the Cydia app store anyway.

Link to comment
Share on other sites

I would buy it......... $0.99 isn't $39.99. I would pay $4.99 if it's a good app.

For anyone that doesn't use cc online.........there is always iTunes gift cards.

For someone to say your going to get rich is ridiculous,

I hope you at least make it compatible with 5.1.2 please, so I can use it on an old iPad 1.

Features: Anything and everything you can throw at it.

Server based?: Will the server always be around.........even if you only sell 12 apps?

Glad to see this comining, and looking forward to see what Sebkinne has in store for the UI on mobile devices.

Edited by xrad
Link to comment
Share on other sites

To me it seems wrong to pay for an app that a) doesn't do anything more than the web UI (afaik), and in the future as the UI is updated to do more the app will fall behind, and b) It should be free because we are all the community, I know you're saying you're not trying to just get money, but from the first post it seems like you are.

Just my two cents.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...