Jump to content

Concern on Web UI Security

IMcPwn

By IMcPwn
in WiFi Pineapple NANO

 Share

Recommended Posts

IMcPwn Newbie

IMcPwn

Posted
Posted

Hi, I really love the new UI design, besides the pre-login phase. It looks as below:

FKNiMt5l.png

Initially this concerned me because I thought it showed data in the background before you logged in which is false.

Later when I was learning the new API on my own I developed a module called "Reboot" that does as expected, reboots and turns off the machine. My problem is the below is shown even before I log in:

5dlgTgxl.png

In the background there is a leak of information about the module. This can be viewed for any module that's installed to see what the Pineapple owner might be doing or working on. Would it be possible to have an option to force a user to look at a generic login page before viewing anything or do you think that would be excessive?

Thanks for the consideration

Link to comment
Share on other sites
telot Newbie

telot

Posted
Posted

I noticed the same thing as well IMcPwn. I was going to dig into the html a bit and see if I can't change the logo and "WIFI Pineapple" text to be a bit more...inconspicuous. Not that a layperson would have any idea, but if they googled WIFI Pineapple you'd be busted immediately. I'd prefer it to be a bit more subtle, along the lines of "Router Login Page" or something similar. I'll let you know if I find the location of that field if you're interested in changing it yourself.

telot

Link to comment
Share on other sites
telot Newbie

telot

Posted
Posted (edited)

herp derp. was right in /pineapple/index.html line 78. Couldn't be easier.

uVDBh4e.png

EDIT: Thanks audibleblink! I'll change that too!

telot

Edited by telot
Link to comment
Share on other sites
audibleblink Newbie

audibleblink

Posted
Posted (edited)

One might also add:

.modal {
  background-color: black
}

to the css file in the same folder (or through the advanced tab) to black out the areas behind the modal until a more permanent solution is found.

dh0wOJY.png

Edited by audibleblink
Link to comment
Share on other sites
telot Newbie

telot

Posted
Posted

haha I changed the logo.png to a cisco logo for extra fun :)

T3znqOM.png

telot

  • Upvote 2
Link to comment
Share on other sites
telot Newbie

telot

Posted
Posted

Thanks audioblink! Appending your code to /pineapple/css/main.css worked like a charm. Good stuff!

telot

Link to comment
Share on other sites
Havenbreaker Newbie

Havenbreaker

Posted
Posted

One might also add:

.modal {
  background-color: black
}

@audibleblink I have been messing with the CSS for the past few weeks and that visible background has been bugging the heck out of me thanks for pointing out that format line I finally have all my CSS running in a fairly streamline format minus a few borders here and there...

455d828747.png
8d531a84ca.png
3e57aed56b.png
Ok ok I know I have a little bit to much of a Hitman liking but hey it works and for me the Red on Black is a lot easier to read and deal with for extented periods of time then the bright white...
Link to comment
Share on other sites
Darren Kitchen Grand Master

Darren Kitchen

Posted
Posted

I think the concern may be if a connected target joins the network then for some reasons getting curious as to what might be hosted on port 1471 of the gateway. -- ya know, like your average users tend to do, right?

That edge case aside, I'd say given the creativity of the community as illustrated above, this may be an opportunity for a fun module.

Also -- I like your CSS Havenbreaker! One of the initial dream features has been a dark "1337 mode" (for night time use) but we keep pushing it back as it's rather low priority. It seems you've already taken a pretty good stab at it :)

  • Upvote 1
Link to comment
Share on other sites
Havenbreaker Newbie

Havenbreaker

Posted
Posted

I think the concern may be if a connected target joins the network then for some reasons getting curious as to what might be hosted on port 1471 of the gateway. -- ya know, like your average users tend to do, right?

That edge case aside, I'd say given the creativity of the community as illustrated above, this may be an opportunity for a fun module.

Also -- I like your CSS Havenbreaker! One of the initial dream features has been a dark "1337 mode" (for night time use) but we keep pushing it back as it's rather low priority. It seems you've already taken a pretty good stab at it :)

@darren I just got the mobile render to play nicely with the "dark "1337 mode"" shrinking and enlarging my desktop browser in emulator mode to get the different CSS to kick off was "fun" per say...

Link to comment
Share on other sites
IMcPwn Newbie

IMcPwn

Posted
  • Author
Posted (edited)

@Darren

I'm not concerned with regular users. This is for the sysadmins or people who would look up WiFi Pineapple to find out what it is or people who already own one being able to find out information about yours. Ex: they could find out if you have Cabinet or any other module installed by going to http://172.16.42.1:1471/#/modules/Cabinet without needing to log on.

@audibleblink's CSS solves the issue of someone looking up WiFi Pineapple and going to your site and to find out information unless they know you can disable that CSS on the right side of Chrome's Developer Tools which makes it look exactly how it did before.

l3dOmFNl.png

Edited by IMcPwn
Link to comment
Share on other sites
barry99705 Veteran

barry99705

Posted
Posted

I think the concern may be if a connected target joins the network then for some reasons getting curious as to what might be hosted on port 1471 of the gateway. -- ya know, like your average users tend to do, right?

That edge case aside, I'd say given the creativity of the community as illustrated above, this may be an opportunity for a fun module.

Also -- I like your CSS Havenbreaker! One of the initial dream features has been a dark "1337 mode" (for night time use) but we keep pushing it back as it's rather low priority. It seems you've already taken a pretty good stab at it :)

Also a good battery saver for those of us with oled phones. Black is off!

Link to comment
Share on other sites
audibleblink Newbie

audibleblink

Posted
Posted

unless they know you can disable that CSS on the right side of Chrome's Developer Tools

Oh man, if they're on your physical machine, you've got bigger problems!

In all seriousness though, tab-closing and relying on the obscurity of the port number you host the GUI on shouldn't be an acceptable _permanent_ solution. Not ideal that one could enumerate your modules. That said, I appreciate how complex the software development process is and the prioritization game that comes with it. Yinz do great work, Hak5 team.

+1 for adding "not exposing information behind the login modal" somewhere on the back log.

Link to comment
Share on other sites
audibleblink Newbie

audibleblink

Posted
Posted

I blocked the entire client network, so in my case, it would, if the secure network gives you an IP in that same range. I'm not sure since I've never set it up that way. I've always accessed pineapples through a reverse tunnel and then binding the UI management port to some localhost port.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...