russell@fulton.geek.nz Posted August 15, 2016 Share Posted August 15, 2016 HI folks I did the "pineapple" workshop at AusCERT conference back in May and finally got around to getting the nano deployed at work. I actually brought the full pack with the other toys so I need to set up the nano from scratch. Pleased to report that the workshop notes still work fine -- the only thing I had problems with was getting the routing working properly ( there was no default route shown in the network config). I 'fixed this by the time honoured method of unplugging it and putting it back in ;) all looks good now. remnux@remnux:~$ ifconfig eth0 Link encap:Ethernet HWaddr 00:0c:29:2e:5f:1c inet addr:192.168.20.130 Bcast:192.168.20.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe2e:5f1c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:7976 errors:0 dropped:0 overruns:0 frame:0 TX packets:3981 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1401121 (1.4 MB) TX bytes:1379223 (1.3 MB) eth1 Link encap:Ethernet HWaddr 00:c0:ca:90:d3:9d inet addr:172.16.42.42 Bcast:172.16.42.255 Mask:255.255.255.0 inet6 addr: fe80::2c0:caff:fe90:d39d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:4 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:228 (228.0 B) TX bytes:578 (578.0 B remnux@remnux:~/wifipa$ sudo bash wp6.sh _ ___ _______ ____ _ __ | | / (_) ____(_) / __ \(_)___ ___ ____ _____ ____ / /__ | | /| / / / /_ / / / /_/ / / __ \/ _ \/ __ '/ __ \/ __ \/ / _ \ | |/ |/ / / __/ / / / ____/ / / / / __/ /_/ / /_/ / /_/ / / __/ |__/|__/_/_/ /_/ /_/ /_/_/ /_/\___/\__,_/ .___/ .___/_/\___/ /_/ /_/ v6.2 _ . ___ \||/ Internet: eth0 192.168.20.2 ( _ )_ <--> [___] <--> ,<><>, Pineapple: eth1 172.16.42.42 (_ _(_ ,) \___\ '<><>' Network: 172.16.42.0/24 But attemts to load new modules fail. I am betting that the problem is that the nano is trying to use Google DNS which won't work from inside our network but I can see where to change it. Quote Link to comment Share on other sites More sharing options...
russell@fulton.geek.nz Posted August 15, 2016 Author Share Posted August 15, 2016 Oops. meant to include the routing table: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 172.16.42.42 0.0.0.0 UG 0 0 0 br-lan 172.16.42.0 * 255.255.255.0 U 0 0 0 br-lan Quote Link to comment Share on other sites More sharing options...
b0N3z Posted August 15, 2016 Share Posted August 15, 2016 Your Routing table looks correct but for network that should be the gateway for the network you are connected to not the pineapple itself. so for mine it was internet: eth0=192.168.0.100 (my pc) Pineapple: eth1=172.16.42.42 (pineapple) Network: 192.168.0.1 (my network gateway or router) Quote Link to comment Share on other sites More sharing options...
russell@fulton.geek.nz Posted August 15, 2016 Author Share Posted August 15, 2016 Thanks for the prompt response! The network was set by wp6.sh and it picked the correct gateway address?? hmmm... Ah! it is hard coded in the script and is not actually used in any configuration. It is just printed. Lets see what tcpdump on the external interface of my laptop says when I try to get modules: listening on en3, link-type EN10MB (Ethernet), capture size 262144 bytes 10:39:36.642885 IP bluebottle.insec.auckland.ac.nz.58311 > google-public-dns-b.google.com.domain: 42869+ A? www.wifipineapple.com. (39) 10:39:41.647346 IP bluebottle.insec.auckland.ac.nz.53756 > google-public-dns-b.google.com.domain: 56401+ A? www.wifipineapple.com. (39) 10:39:42.477325 IP bluebottle.insec.auckland.ac.nz.50273 > google-public-dns-b.google.com.domain: 57283+ AAAA? 3.openwrt.pool.ntp.org. (40) 10:39:46.652565 IP bluebottle.insec.auckland.ac.nz.56182 > google-public-dns-b.google.com.domain: 61055+ A? www.wifipineapple.com. (39) 10:39:47.483060 IP bluebottle.insec.auckland.ac.nz.60021 > google-public-dns-b.google.com.domain: 24482+ AAAA? 3.openwrt.pool.ntp.org. (40) 10:39:52.487384 IP bluebottle.insec.auckland.ac.nz.63384 > google-public-dns-b.google.com.domain: 15637+ AAAA? 3.openwrt.pool.ntp.org. (40) 10:39:57.492908 IP bluebottle.insec.auckland.ac.nz.53060 > google-public-dns-b.google.com.domain: 50745+ A? 3.openwrt.pool.ntp.org. (40) 10:40:02.497604 IP bluebottle.insec.auckland.ac.nz.55421 > google-public-dns-b.google.com.domain: 51612+ A? 3.openwrt.pool.ntp.org. (40) 10:40:07.503074 IP bluebottle.insec.auckland.ac.nz.52182 > google-public-dns-b.google.com.domain: 3242+ A? 3.openwrt.pool.ntp.org. (40) The traffic is hitting the LAN but won't make it out to the Internet. So it's back to my initial question: How do I point the WP to a local DNS (and NTP) server? We block both at the border. Quote Link to comment Share on other sites More sharing options...
b0N3z Posted August 15, 2016 Share Posted August 15, 2016 what did you choose on the wp6 script to setup, guided or manual? Quote Link to comment Share on other sites More sharing options...
russell@fulton.geek.nz Posted August 15, 2016 Author Share Posted August 15, 2016 I pulled the version from GitHub -- which is different from the one we used in the workshop and does not offer a menu. It just asks you if you want to use the saved setting and if you say no you get prompted: Connect using saved settings [Y/n]? n Select WiFi Pineapple Interface: 0) docker0 172.17.42.1 1) eth0 192.168.20.130 2) eth1 172.16.42.42 > 2 Select Internet Interface: 0) docker0 172.17.42.1 1) eth0 192.168.20.130 2) eth1 172.16.42.42 > 1 Choose Internet Gateway: 0) 192.168.20.2 > Keep default IP settings? [Y/n]? Save settings for next session [Y/n]? My point is that the pineapple is getting packets out of the VM and on to the LAN do the local routing is working fine. The problem is that those DNS packets will be dropped by our firewall so I need to tell it to use our local DNS. Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted August 16, 2016 Share Posted August 16, 2016 If you want to make the WiFi Pineapple use a custom DNS server, simply edit the /etc/config/network file on your WiFi Pineapple. Quote Link to comment Share on other sites More sharing options...
russell@fulton.geek.nz Posted August 16, 2016 Author Share Posted August 16, 2016 dopey question ;) How do I get a shell? I tried ssh but got connection refused. remnux@remnux:~$ ssh 172.16.42.42 ssh: connect to host 172.16.42.42 port 22: Connection refused Quote Link to comment Share on other sites More sharing options...
b0N3z Posted August 16, 2016 Share Posted August 16, 2016 ssh root@172.16.42.1 and enter the password you set for the pineapple when you set it up also, if you wget http://wifipineapple.com/wp6.sh it might be a newer version which has those options, i think, i havent downloaded it lately so it could have been updated again idk Quote Link to comment Share on other sites More sharing options...
Foxtrot Posted August 16, 2016 Share Posted August 16, 2016 9 hours ago, russell@fulton.geek.nz said: dopey question ;) How do I get a shell? I tried ssh but got connection refused. remnux@remnux:~$ ssh 172.16.42.42 ssh: connect to host 172.16.42.42 port 22: Connection refused 172.16.42.42 is the IP Address you have on the NANOs network. 172.16.42.1 is the NANOs IP. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.