[RELEASE] WiFi Pineapple Firmware v2.0.2

[Sebkinne]

Hak5 is proud to release the firmware we’ve all been waiting for - the much anticipated WiFi Pineapple version 2.0.0!

This beast of a release brings a complete rewrite of the pineapple core, numerous enhancements to the web interface, updates to the OS and base packages across the board as well as dozens of performance tweaks, stability improvements and bug fixes.

For instance you can now sort and download recon and profiling data. OUI lookups are just clicks away and raw HEX frames can even be injected from PineAP - just to name a few. There's more in this release than we can even list in the changelog.

This has been one massive development effort, given the interdependent nature of the pineapple base. PineAP, the frame sniffer, the injection engine and control system have all been rewritten for rock solid performance. This undertaking couldn't have been realized bit by bit, hence the long period between releases. 

WiFi Pineapple firmware version 2.0.0 constitutes the combined efforts of Seb Kinne and recent additions to the Hak5 engineering team -- Foxtrot and Tesla. As long time contributors to the project, their code and countless hours testing in an official capacity now have made for the most robust WiFi Pineapple firmware to date. 

This would not have been possible without the feedback and contributions from you all - the Hak5 community. We're excited to have laid the groundwork for much quicker releases, with the backend development processes and build systems having been reworked substantially. The NANO and TETRA bases are now merged, along with the web interface and many interdependent systems - so in usual Hak5 fashion we look once more to your feedback as thoughts on the future of the fruit.
 

Download and changelog can be found at https://www.wifipineapple.com/downloads#tetra.

[Mr-Protocol]

Great work to all involved. Time to get out the army of pineapples for updates :-D.

[Foxtrot]

Hope everyone enjoys the release!

[Just_a_User]

Huge thanks to all involved, happy holidays and much love to all.

[PixL]

I've just opened my first Christmas present and it isn't even the 25th yet!  Good work to all involved, i'm sure i'll find some good questions to ask about it before long :)

[Rkiver]

Goddam that's a HELL of a lot of good work.

Now go take a break!

[PixL]

Now just to teach myself about raw beacon frames I think... like how to create them and what can be done with them.

[Sebkinne]

Hey everyone,

Due to a bug preventing clients from associating to the Management Access Point, we have re-released version 2.0.0 as version 2.0.1.

My deepest apologies for the inconvenience.

[Ret0n]

Awesome to hear! Thank you for all the hard work on this update.

[Struthian]

It has not gone so well for me.  I used the Web app on the pineapple to upgrade.   After awhile, I connected with the Android connector.  I went through the setup stuff, providing my password and so forth. I got into the web app through the Android connector.  After a couple of tries, I noticed the dashboard indicated 100% CPU utilization.  That did not sound healthy.  I also notice that the web app is not responsive to menu selections.  After some reboots, I did put it in Deny mode.  Still, nothing has gotten better.

During none of this was I able to reach the web app through the RJ45 Ethernet port.  The IP Address for it is pingable.

When I rebooted with the RJ45 connected, there was not 100% CPU utilization.

A couple of questions - how long does it take to finish flashing and get to reboot? 

If we wish to flash the device in the "Factory Reset" process, is it best to use the original binary given in that process or is it best to use 2.01 which was recently released?

If I am able to get to the app using the Android connector and/or the usb ethernet device, and it says 2.01 - but seems not quite right, should I do a factory reset or what?

Is it safe to run the Tetra without antennas attached?  They seem to be high impedance dipoles, so I would imagine that they are not necessary to simply start the box?

[Sebkinne]

1 hour ago, Struthian said:

It has not gone so well for me.  I used the Web app on the pineapple to upgrade.   After awhile, I connected with the Android connector.  I went through the setup stuff, providing my password and so forth. I got into the web app through the Android connector.  After a couple of tries, I noticed the dashboard indicated 100% CPU utilization.  That did not sound healthy.  I also notice that the web app is not responsive to menu selections.  After some reboots, I did put it in Deny mode.  Still, nothing has gotten better.

Don't worry too much about CPU utilization. We have stress tested the CPU and it can handle 100% over long periods of time (days).

 

1 hour ago, Struthian said:

During none of this was I able to reach the web app through the RJ45 Ethernet port.  The IP Address for it is pingable.

This is expected. The RJ45 port is a WAN port. It's to provide internet to the WiFi Pineapple TETRA. It has never functioned differently, and most likely never will out of the box.

 

1 hour ago, Struthian said:

A couple of questions - how long does it take to finish flashing and get to reboot? 

It can take ~10 minutes.

 

1 hour ago, Struthian said:

If we wish to flash the device in the "Factory Reset" process, is it best to use the original binary given in that process or is it best to use 2.01 which was recently released?

If you perform a firmware recovery, you'll be updated to 2.0.1 - we keep the firmware recovery files updated to the latest stable version.

 

1 hour ago, Struthian said:

Is it safe to run the Tetra without antennas attached?  They seem to be high impedance dipoles, so I would imagine that they are not necessary to simply start the box?

It will start, but you run the risk of burning out the radios / amps. You should always boot wireless equipment with antennas attached.

[Struthian]

Thank you Sebkinne - The Tetra seems to be up in every respect, except the RJ45 Wan Port. This includes using the Wifi Dongle provided by Hak5 in the "boost" kit.  I was not concerned for hardware with 100% CPU utilization but it seemed symptomatic since i never asked it do anything.  So why was it working so hard when I didn't ask it to do anything?  Why in particular in connection with the RJ45?

OK, so I have been connecting to the Pineapple through the RJ45.  Maybe I forgot how I enabled that?  However, with only that connection - and no wifi dongle, I am not able to connect to the web app.  How do I restore this?  Also, I'll try again, but it seems the Pineapple is not able to access the general internet with only the RJ45.  

Thanks for responding. I'll update if I get further with the RJ45 Lan connection. It's almost like I have a firewall blocking or something.  

[Just_a_User]

36 minutes ago, Struthian said:

So why was it working so hard when I didn't ask it to do anything?  Why in particular in connection with the RJ45?

If you run top or htop from ssh you should be able to see

36 minutes ago, Struthian said:

OK, so I have been connecting to the Pineapple through the RJ45.  Maybe I forgot how I enabled that?  However, with only that connection - and no wifi dongle, I am not able to connect to the web app.  How do I restore this?  Also, I'll try again, but it seems the Pineapple is not able to access the general internet with only the RJ45.  

Thanks for responding. I'll update if I get further with the RJ45 Lan connection. It's almost like I have a firewall blocking or something.  

Im pretty sure previous FW versions did allow this by default. This version has introduced a firewall on wan.

To allow access to the WebUI over the Tetra's LAN port add the following rule to your /etc/config/firewall

config rule
        option name 'Allow-WebUI'
        option src 'wan'
        option proto 'tcp'
        option dest_port '1471'
        option target 'ACCEPT'
        option family 'ipv4'

To allow ssh over the TETRA's LAN port add the following to /etc/config/firewall

config rule
        option name 'Allow-SSH'
        option src 'wan'
        option proto 'tcp'
        option dest_port '22'
        option target 'ACCEPT'
        option family 'ipv4'

Be aware that those ports and logins are now exposed to what ever you plug the LAN into, i.e. less secure.

[Just_a_User]

2 hours ago, Struthian said:

If we wish to flash the device in the "Factory Reset" process, is it best to use the original binary given in that process or is it best to use 2.01 which was recently released?

If you do a firmware recovery you should be using the special factory bin file then upgrade. From time to time the factory bin file may be updated.

[Sebkinne]

23 minutes ago, Just_a_User said:

Im pretty sure previous FW versions did allow this by default. This version has introduced a firewall on wan.

We always had a firewall on WAN, but it was rather permissive. We didn't disallow WAN connections on purpose, but it's also what most people expect. Either way, you weren't able to get an IP via DHCP on the WAN port.

[Just_a_User]

2 minutes ago, Sebkinne said:

We always had a firewall on WAN, but it was rather permissive. We didn't disallow WAN connections on purpose, but it's also what most people expect. Either way, you weren't able to get an IP via DHCP on the WAN port.

Yeah you never got an IP as in - direct connection from Tetra to PC.

But when connecting Tetra to router and browsing to e.g. http://192.168.1.50:1471 or ssh root@192.168.1.50 you could manage your tetra over network. I think that's what Struthian is referring to.

Granted its not the best way as your laptop isnt on the 172 network, but if you just want some basic functions this setup can be useful. I used it frequently so missed it immediately.

[Sebkinne]

5 minutes ago, Just_a_User said:

Yeah you never got an IP as in - direct connection from Tetra to PC.

But when connecting Tetra to router and browsing to e.g. http://192.168.1.50:1471 or ssh root@192.168.1.50 you could manage your tetra over network. I think that's what Struthian is referring to.

Granted its not the best way as your laptop isnt on the 172 network, but if you just want some basic functions this setup can be useful. I used it frequently so missed it immediately.

Ah fair enouhg. We'll add an option for this (along with Port forwarding for another feature) to the Networking module soon. We'll push it via the Module Manager, so no firmware upgrade needed.

[Struthian]

Thanks just_a_user - that was just the right thing.  I don't think I had done that before.  The strict firewall is a nice feature but I think that this should be be made clearer in the documentation.  I definitely will modify the /etc/config/firewall depending on where I am and what I'm doing.  It's odd because I think that the Wifi is a better idea to secure.  If I don't want someone accessing my Pineapple through the eth0 connector - I should think I simply would not plug it in.  Which of these to enable is potato potatoe to me.

Right now, I am experimenting and everything is behind another firewall anyway.

To Seb: I think this option should be available in the Web Gui as well as demonstrating how the firewall is set up.   Could be a good task for a module but, included out of the box, might save support staff some headaches.

Once upon a time, I was quite the hacking and pen testing guy (even though we didn't call it pen testing them) for VAX/VMS ... However, I moved on to other things.  All this represents a return to older ways and is fun. If it does not work out, I'll get a job shoveling coal at a steam railroad (kidding).   If you think I am dating myself, my first programs were on punched cards, then paper tape.   VAX/VMS was an exciting step up.

[Just_a_User]

Is anybody else not seeing any associated clients on recon scans?

[Struthian]

Further thoughts... 

I notice that it's possible to sftp into the pineapple out of the box.  To Seb's suggestion for an improved Networking module, include this too?  I also think it could be handy to have a "Lab mode" in which things are relatively open and protected behind a firewall and an "Engagement mode" in which things are more locked down, according to particular needs.  Lab mode could be tied to a particular router mac address etc.  So if that was not available, it would go into "Engagement mode".    By the way, another use for the RJ45 would be point to point, where the pineapple might be far from the laptop controlling it, no router in the middle.

[Struthian]

1 hour ago, Just_a_User said:

If you do a firmware recovery you should be using the special factory bin file then upgrade. From time to time the factory bin file may be updated.

Actually I did a firmware recovery and the "special factory bin file" gave me 2.01.  It sure looked like a reflash anyway.  Seb - is this just my imagination?

[Foxtrot]

52 minutes ago, Struthian said:

Actually I did a firmware recovery and the "special factory bin file" gave me 2.01.  It sure looked like a reflash anyway.  Seb - is this just my imagination?

The current factory bin file on WiFiPineapple.com is a 2.0.1 image.

 

[ale]

Now that's something that'll keep me busy during the holidays.

THANK YOU EVERYONE! AND HAPPY HOLIDAYS! 

[PixL]

All seems stable so far, although some modules will need updating to work properly and Recon doesn't show associated clients.

[Sebkinne]

Hi everyone,

Looks like we had to push another update to fix an issue where associated clients would not show up in the recon scan results. We'd like to apologize again for the inconvenience.

 

-Seb