Jump to content
WiFiJuice

Modules Requests Discussion

Recommended Posts

15 hours ago, NovaSam said:

Enjoy Wifite goodness,

opkg update

opkg install reaver

wget https://raw.github.com/psyvisions/wifite/master/wifite.py

mv wifite.py /bin/

cd ..

cd /bin/

chmod +x wifite.py

wifite.py -mac -aircrack

Pretty neat my only problem with wifite is that most of the time it's been a hit and miss.

for example their have been times where its failed to capture a handshake and I have manually ran the airodump-ng and replay-ng and gotten the handshake with no problems also wifite doesn't really work to well with the pixiewps attack it's been hit and misses with that personally I've had better luck with https://github.com/aanarchyy/bully when it comes to wps attacks it will either work or not find the pin and that happens normally within the first 45 seconds of running the tool.

Share this post


Link to post
Share on other sites

Im honestly not sure if this is possible on the pineapple, but would be great if it were, or something similar. 

 

 

 

Share this post


Link to post
Share on other sites

The pineapple is an evil twin attack on steroids. If you want to ask for a wifi password then just install Evil Portal and create a nice looking portal for them to enter their wifi password.

Share this post


Link to post
Share on other sites

With DeadUpdate having come out recently, the first thing I thought was to build a module for the pineapple. I haven't had the chance to pick up a new nano yet so I'm not able to develop it right now, but I figured I'd drop the idea here in case anyone else wanted to run with it :) Though one interesting thing to note is that since this is a vulnerability in an automatic updater tool, it's likely that it'll automatically be patched and end users would be none the wiser. So it's debatable how useful a module such as this might be.

 

TL;DR push arbitrary executables to ASUS laptops for fun and profit.

 

Share this post


Link to post
Share on other sites

You've said it "it's debatable how useful a module such as this might be" 

Share this post


Link to post
Share on other sites
15 minutes ago, ale said:

You've said it "it's debatable how useful a module such as this might be" 

I did indeed say that. It's hard to know how long a bug will stay valid when that bug is in software that is literally designed to automatically update.

Share this post


Link to post
Share on other sites

What I'm trying to say is that do you really think this worth making a module for? 

Share this post


Link to post
Share on other sites
36 minutes ago, ale said:

What I'm trying to say is that do you really think this worth making a module for? 

Absolutely. Any idea is worth trying to make a module for.

  • Upvote 1

Share this post


Link to post
Share on other sites

Are there any plans for a Kismet module? I'm in the process of manually installing Kismet, but it'd be great to interact with the application through the GUI, which is what makes the device so useful. 

Share this post


Link to post
Share on other sites

A couple people have said they were but nothing has come out of that yet.

Share this post


Link to post
Share on other sites

I know its not using the web UI but I like using Horst on a terminal UI from my tetra as a similar tool.
I find using a 3rd radio (wlan2mon) can be a bit choppy with update frequency (guess USB issue) but if your not using wlan1mon for anything else and use it for Horst its flawless. Not tried it on the Nano yet tho so not sure how it would perform.

https://wiki.openwrt.org/doc/howto/wireless.tool.horst

Share this post


Link to post
Share on other sites
23 minutes ago, Just_a_User said:

I know its not using the web UI but I like using Horst on a terminal UI from my tetra as a similar tool.
I find using a 3rd radio (wlan2mon) can be a bit choppy with update frequency (guess USB issue) but if your not using wlan1mon for anything else and use it for Horst its flawless. Not tried it on the Nano yet tho so not sure how it would perform.

https://wiki.openwrt.org/doc/howto/wireless.tool.horst

Great info, thanks! I'll check it out and report back how this performs on the Nano. 

  • Upvote 1

Share this post


Link to post
Share on other sites

It´s running well on the nano :cool:

  • Upvote 1

Share this post


Link to post
Share on other sites

Can confirm it seems to run well on the nano. For the benefit of anyone in my (previous) shoes:

Install

opkg update
opkg install horst

Run Horst

iw wlan1 interface add mon0 type monitor
horst -i mon0

 

Haven't yet confirmed whether output can be logged to file or work with GPS, which was my original intent with Kismet.

Share this post


Link to post
Share on other sites

If you check out the "horst --help" you should see a -o option to output a csv file. might help, might not.

  • Upvote 1

Share this post


Link to post
Share on other sites

Hey guys, 

Just started writing my first module for the NANO. I'm quite new to php, html and js. Maybe thats why I encountered some little problems here and there.

The biggest one in the moment is: If I get the module on my NANO and try to open it - nothing happens. I assume I've got a syntax error or something, but just cant find it. 

Is there a way to get some output, so I see the error messages that would pop up ?

Or maybe someone of you could help me with my code. Its here on github: https://github.com/nrohsak/TestModule

Thanks in advance 

greetings nrohsakul

Share this post


Link to post
Share on other sites

Hey nrohsakul,

You can see JS errors in your browsers developer console

https://developer.chrome.com/devtools

https://developer.mozilla.org/en-US/docs/Tools/Browser_Console

And I recommend showing PHP errors

nano /etc/php.ini

press crtl + w and search for "display_errors" and set it to "On"

display_errors = On

then restart nginx

/etc/init.d/nginx restart

Now your developer environment should be all good to go!

Share this post


Link to post
Share on other sites
11 minutes ago, newbi3 said:

Hey nrohsakul,

You can see JS errors in your browsers developer console

https://developer.chrome.com/devtools

https://developer.mozilla.org/en-US/docs/Tools/Browser_Console

And I recommend showing PHP errors


nano /etc/php.ini

press crtl + w and search for "display_errors" and set it to "On"


display_errors = On

then restart nginx


/etc/init.d/nginx restart

Now your developer environment should be all good to go!

 Thank you very much newbi3 ! 

Found the mistake in under a minute with your advice.

Now I'm facing the next problem..

I got this Button:

<button type="button" class="btn btn-sm" ng-show="scanning" ngclick="abortScan()">Stop Scan</button>
$scope.abortScan = (function() {
      $api.request({
        module: 'Wardriver',
        action: 'abortScan'
      });
      
      $scope.scanning = false;
  });
private function abortScan()
    {
      exec("killall -9 airodump-ng && mv /pineapple/api/wardrive-01.kismet.csv /pineapple/modules/Wardriver/log/");
    }

Which should kill airodump-ng and move the log to the logs dir. But when I press it, nothing happens. 

Any Ideas ?

Share this post


Link to post
Share on other sites

You module.php file needs to implement the route() method

http://wiki.wifipineapple.com/#!./creating_modules.md#module.php

this method is what maps an action in the request to a function that gets called

public function route()
{
	// create a case for each possible action passed in the request
	switch($this->request->action) {
		// what happens when an "abortScan" action is requested
		case "abortScan":
			// call the abortScan method
			$this->abortScan();
			// break the case - don't forget to do this otherwise what ever case comes next will also get called
			break;
	}
}

 

Share this post


Link to post
Share on other sites
1 minute ago, newbi3 said:

You module.php file needs to implement the route() method

Got that already. Sorry that I'd only showed the function to you. 

That would be my whole module.php:

<?php namespace pineapple;

class Wardriver extends Module
{
    public function route()
    {
        switch ($this->request->action) {
            case 'scanForNetworks':
              $this->scanForNetworks();
              break;
            case 'abortScan':
              $this->abortScan();
              break;
        }
    }

    private function scanForNetworks()
    {
      $this->execBackground("airodump-ng --write wardrive --output-format kismet wlan1mon &> /dev/null ");
    }

    private function abortScan()
    {
      exec("killall -9 airodump-ng && cp -f /pineapple/api/wardrive-* /pineapple/modules/Wardriver/log/");
    }
}

 

Share this post


Link to post
Share on other sites

It might be working, one thing you arent doing is giving a response back.

private function abortScan()
{
	exec("killall -9 airodump-ng && cp -f /pineapple/api/wardrive-* /pineapple/modules/Wardriver/log/");
	// give some sort of response back
	$this->response = array("aborted" => true);
}

and then handle the response in your JS

$scope.abortScan = (function() {
      $api.request({
        module: 'Wardriver',
        action: 'abortScan'
      }, function(response){
        console.log(response);
        if (response.aborted) {
			$scope.scanning = false;
        }
      });
});

 

Share this post


Link to post
Share on other sites

Just tried it out. But still nothing. Not even the logs get moved..

Thanks for your help though. Argh I guess it's something really easy so nobody gets it.

 

Share this post


Link to post
Share on other sites
18 minutes ago, nrohsakul said:

Just tried it out. But still nothing. Not even the logs get moved..

Thanks for your help though. Argh I guess it's something really easy so nobody gets it.

 

Test if your abortScan method is getting called by writing something to a file

Share this post


Link to post
Share on other sites
Just now, newbi3 said:

Test if your abortScan method is getting called by writing something to a file

How can I test that ? 

Share this post


Link to post
Share on other sites
private function abortScan()
{
    // this will write to a file in /tmp called does_it_work.txt
    // if the abortScan method is getting called then this file will exist
    file_put_contents("/tmp/does_it_work.txt", "this function got called!");

	exec("killall -9 airodump-ng && cp -f /pineapple/api/wardrive-* /pineapple/modules/Wardriver/log/");

	// give some sort of response back
	$this->response = array("aborted" => true);
}

you can also test by starting airodump and then checking if its still running from the command line after the abortScan method is called

ps | grep airodump

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...