fringes Posted March 29, 2015 Posted March 29, 2015 I saw over i the Infusions section that someone reported the infusions site as down. When I checked https://www.wifipineapple.com/?downloads, I observed that the certificate expired today. I suspect that's why the Pineapple Bar iswn't working this morning. I tried to reach Seb in the chat room, but it's probably sleepy time over there, and there is probably someone else (Darren) that would handle the certificate anyway. Quote
HackingMexico Posted March 29, 2015 Posted March 29, 2015 Is there another way to get the infusions? It is time critical for me, as I am about to do a training in a few hours... Quote
fringes Posted March 29, 2015 Author Posted March 29, 2015 Did you go to the site in your browser? You can just click through the SSL warning. Quote
HackingMexico Posted March 29, 2015 Posted March 29, 2015 Yeah, but there is no link to download the infusions, just the firmware Quote
fringes Posted March 29, 2015 Author Posted March 29, 2015 (edited) I just noticed that, I think the URL is actually: https://www.wifipineapple.com/?infusions But there are no Download links there either. Still looking. Edit: I believe I answered your question in your post under the infusions support (https://forums.hak5.org/index.php?/topic/34961-infusions-site-offline/?p=259493 ) Still holding this topic for the expired certificate. Edited March 29, 2015 by fringes Quote
fringes Posted March 30, 2015 Author Posted March 30, 2015 In case it wasn't clear, this expired certificate is almost certainly breaking the Pineapple Bar infusion. Quote
SimpleSteps008 Posted March 30, 2015 Posted March 30, 2015 Any Idea or news on when the bar might be back up and running? Quote
fringes Posted March 30, 2015 Author Posted March 30, 2015 (edited) Well, there is a new cert and it expires: 5/1/2017 And https://www.wifipineapple.com/?downloads&list_infusions&mk5 seems to return the correct JSON data. I rebooted my MkV, and still no infusions on the pineapple bar. Since the above link is returning the data to my browser and the certs now look good, I'm wondering if there were any kind of caches on the pineapple that could be causing this. Or could the new certificate have a trust chain that isn't accepted by the pineapple? I didn't save the old cert, so I can't compare them. Edited March 30, 2015 by fringes Quote
fringes Posted March 30, 2015 Author Posted March 30, 2015 Ok, I got my pineapple bar to work again. They got the cert from a new source, and none of the interediate issuers were in the trust chain: /etc/ssl/certs/cacert.pem I simply exported the three issuers (root and CAs) and concatenated them into a new cacert.pem. Seb, please issue a new /etc/ssl/certs/cacert.pem, as I don't think everyone will be up for this. Quote
tempwifi Posted March 31, 2015 Posted March 31, 2015 Hello Fringes, I think you only need two certificates (Root & Intermediary CA). I tested and it works. They can append this to the cacert.pem file if they are not able to export themselves to Base64(only the text in blue): >>> GeoTrust Global CA==================-----BEGIN CERTIFICATE-----MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9iYWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDviS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKInZ57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfStQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcFPseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Unhw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==-----END CERTIFICATE-----GeoTrust DV SSL CA - G4=======================-----BEGIN CERTIFICATE-----MIIERDCCAyygAwIBAgIDAjp4MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9iYWwgQ0EwHhcNMTQwODI5MjIyNDU4WhcNMjIwNTIwMjIyNDU4WjBmMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UECxMURG9tYWluIFZhbGlkYXRlZCBTU0wxIDAeBgNVBAMTF0dlb1RydXN0IERWIFNTTCBDQSAtIEc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30GUetr35DFDtuoBG1zOY+r6baPZau4tmnX51ZxbvTTf2BzJbdgEiNputbe18DCuQNZd+sRTwdQinQROEaaV1UV8QQVY4Ezd+e5VvV9G3K0TCJ0s5PeC5gcrng6MNKHOxKHggXCGAAY/Lep8myiuGyiLOQnT5/BFpLG6EWeQVXuP3u04XKHh44PEw3KRT5juHMKAqmSlPoNiHMzgnvhawBMSfaKni6PnnyrXm8rL7ZcBnCiEUQRQQby0/HjpG88U6h8P/C4BMo22NcsKGDvsWj48G9OZQx4v973zWxK5B17tPtGph8x3cifU2XWiY0uTNr3lXNe/X3kNszKnC7JjIwIDAQABo4IBHTCCARkwHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwRfap9ZbjKzE4wHQYDVR0OBBYEFAtQ7HfvKpv/7AOhCv+txuQqGMc+MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6Ly9nLnN5bWNiLmNvbS9jcmxzL2d0Z2xvYmFsLmNybDAuBggrBgEFBQcBAQQiMCAwHgYIKwYBBQUHMAGGEmh0dHA6Ly9nLnN5bWNkLmNvbTBMBgNVHSAERTBDMEEGCmCGSAGG+EUBBzYwMzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL2NwczANBgkqhkiG9w0BAQsFAAOCAQEAMyTVkKopDDW5L8PHQpPAxhBLAwh2hBCi4OdTEifyCtp/Otz9XHlajxd0Q1Ox1dFdWbmmhGTK8ToKWZYQv6mBV4tch9x/4+S7BXqgMgkTThCBKB+cA2K89AG1KYNGB7nnuF3I6dHdrTv4NNvB0ZWpkRjtPCw3EU3M/lM+UEP5w1ZBrFObbAWymuLgWVcwMrYmThMlzfpIcA91VWAR9TvVXlo8i1sPD2JCSGGFixD0wYi/f1+KwtfNK5RcHzRKCK/rromoSHVVlR27wJoBufQDIj7U5lIwDWe5wJH9LUwwjr2MpQSRu6Srfw/Yb/BmAMmjXPWwj4PmnFrmtrnFvL7kAg==-----END CERTIFICATE----- <<< HTH -- Quote
tempwifi Posted March 31, 2015 Posted March 31, 2015 I forgot a little hint about troubleshooting this issue: you can use tcpdump to capture the traffic, then open the pcap file in Wireshark and you will see a "TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Certificate Expired)". Quote
Sebkinne Posted March 31, 2015 Posted March 31, 2015 Hey everyone, Sorry for the slow update on this issue, I have been travelling back to Europe the past couple of days. All systems are back to normal, no need to do anything on your ends. Best regards, Sebkinne Quote
fringes Posted March 31, 2015 Author Posted March 31, 2015 Thanks, Seb! Now it works with just the root and I restored the original trust store. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.