Jump to content
Hak5 Forums
Sebkinne

[RC Release] WiFi Pineapple Firmware v2.1.0-RC2

Recommended Posts

Hey everyone,

Over the past couple of months we have been working hard on the next WiFi Pineapple Firmware. This time however we decided to give the community a peek into the latest and greatest.

We would love to get feedback from the you all on this release and hopefully iron out any bugs that you find. Just leave any feedback in this thread :)

Remember: This is an RC release. It might eat your pet, drink your coffee, or start a VIM vs EMACS war. Flash this at your own risk.

Known Issues:

  • There are some issues with Probe Requests being logged multiple times
  • There is an issue with the recon live websockets opening multiple times 

Changelog:

  • Setup
    • It is now possible to configure the timezone, wireless country code, firewall rules, and filters during Setup.
    • The changelog and other important information is displayed on first setup.
  • Recon
    • There is now a live mode, allowing recon results to be streamed directly to the browser. No more waiting for a scan to complete before viewing the landscape.
    • Recon results are now much more accurate due to the smarter scanning behavior of PineAP.
    • OUI lookup has been improved and MAC addresses are verified to check if they have been randomly generated.
    • The last seen column has been added, showing when an AP or client was last seen.
  • PineAP
    • The PineAP suite has been completely re-written to be more robust and provide better results.
    • Added options to enable or disable client (dis)connection notifications.
  • Clients
    • Connections and disconnections are now shown as notifications.
  • Filters
    • Fixed an issue where SSID filter modes would not persist across reboots.
    • Fixed an issue where connections to the Management network were denied.
  • Tracking
    • Fixed an issue where variables would not resolve on the WiFi Pineapple TETRA.
  • Module Manager
    • Users will not be asked to confirm a destination on the WiFi Pineapple TETRA.
  • Configuration
    • Users can now run a custom script on reset button press.
  • Advanced
    • Upgrades will now be able to hotfix some issues before an upgrade.
  • Networking
    • On the WiFi Pineapple TETRA it is now possible to allow SSH and webinterface access over the WAN port.
    • OUI Lookups
      • Added the ability to look up the OUI of a MAC address.
      • Added the ability to download and clear the OUI lookup file.
  • Reporting
    • The reporting module has been refactored.
  • Notes
    • It is now possible to take notes on BSSIDs, SSIDs, and MAC address (via the recon modal)
  • Profiling
    • This module has been removed for the time being.
  • Help
    • Updated help text where appropriate.
    • More comprehensive debug script output.
  • General
    • LEDS can now be controlled using the led command.
    • CLI capable modules can now be controlled using the module command.
    • AutoSSH now defaults to disabled when not setup.
    • libnet0 and libnet1 are now built into the firmare (fixes issues with ettercap, reaver, etc).
    • Aircrack-ng has been updated to the latest version.
    • Various other fixes.

 

Flashing Instructions:

  • Download the upgrade bin from below
  • Verify it's checksum
  • SCP it to your WiFi Pineapple's /tmp/ directory
  • Execute "sysupgrade -n /tmp/tetra-2.1.0-rc2.bin"
  • Wait for the upgrade to complete and follow the usual setup instructions

Download: https://storage.googleapis.com/wifipineapple/tetra-2.1.0-rc2.bin
Sha256sum: 74e522f4c3fca92bba855c8e2f93deda5836796366e7a48c4a1643574c531990

  • Like 2
  • Upvote 1

Share this post


Link to post
Share on other sites

I can't wait to have a look at this but will have to wait another 8 hours until this evening... I will report back :)

Share this post


Link to post
Share on other sites

Thanks mate, just one quick question what are the chances of the Wifipineapple V getting a firmware update?

Share this post


Link to post
Share on other sites
21 minutes ago, fernandoblazin said:

Thanks mate, just one quick question what are the chances of the Wifipineapple V getting a firmware update?

At the moment pretty much zero unfortunately. It's something I'd have to do in my free time, and I have a lot of other projects I work on.. 

Share this post


Link to post
Share on other sites
Posted (edited)

❤️ to the team, loads of changes!

Im seeing some weirdness on recon last seen times

1525091907.png

Edited by Just_a_User

Share this post


Link to post
Share on other sites
Posted (edited)
4 hours ago, Just_a_User said:

❤️ to the team, loads of changes!

Im seeing some weirdness on recon last seen times

1525091907.png

I got the same results lol. Even after a second scan with at least 10 of the APs being scanned a second time.

Edited by b0N3z

Share this post


Link to post
Share on other sites

Interestingly, I can't reproduce this from a freshly flashed TETRA. What browser are you guys using?

 

Screenshot from 2018-04-30 18-22-44.png

Share this post


Link to post
Share on other sites
Posted (edited)
8 minutes ago, Foxtrot said:

What browser are you guys using? 

firefox 59.0.2 at the moment. its reboot persistent too.

update - it seems my mobile sees i correctly... hummm

Edited by Just_a_User

Share this post


Link to post
Share on other sites
2 hours ago, Just_a_User said:

firefox 59.0.2 at the moment. its reboot persistent too

Yep, I can reproduce it in Firefox 59.0.2. My browser is Chrome and it works well.

We'll look into this ASAP, thank you both for the report 🙂

Share this post


Link to post
Share on other sites

Where would be the best place to post missing OUI entries? new thread or?

just came across a samsung one marked as unknown

Share this post


Link to post
Share on other sites
4 hours ago, Just_a_User said:

Where would be the best place to post missing OUI entries? new thread or?

just came across a samsung one marked as unknown

We use the IEEE OUI file, which is authoritative (all OUIs need to be registered with the IEEE). What's the OUI you were trying to look up?

Share this post


Link to post
Share on other sites
6 minutes ago, Sebkinne said:

We use the IEEE OUI file, which is authoritative (all OUIs need to be registered with the IEEE). What's the OUI you were trying to look up?

https://hwaddress.com/oui-iab/24-18-1D  I cant see it ATM so cant screen grab the browser output. maybe was my browser?

Share this post


Link to post
Share on other sites

I'm liking this update:

Live recon is working well although last seen shows as  "at NaN-aN-aN aN:aN"    with Firefox

Wifi region setup works well and as i'm currently in Taiwan I can use channels 12 &13 whilst still at 30db.

I plan to test a USB wlan2 adapter next to see if it is stable.

 

On the whole this looks like some very good work, many thanks!

Share this post


Link to post
Share on other sites
Posted (edited)

Ive noticed this on both the Tetra and Nano, but when I ssh in to edit my 'ssid_file' in '/etc/pineapple' it has nothing in it even though PineAP shows 8 AP's.  I added 900 some AP's to the file and it does not show any in the PineAP module or on the Dashboard.  I tried to change the path of the pool to the sdcard on the nano and got the same results.  I have rebooted both Pineapples after making the changes and then did a full reset just to make sure and go the same results.  Firefox and Chrome if that helps.

Edited by b0N3z

Share this post


Link to post
Share on other sites
19 minutes ago, b0N3z said:

Ive noticed this on both the Tetra and Nano, but when I ssh in to edit my 'ssid_file' in '/etc/pineapple' it has nothing in it even though PineAP shows 8 AP's.  I added 900 some AP's to the file and it does not show any in the PineAP module or on the Dashboard.  I tried to change the path of the pool to the sdcard on the nano and got the same results.  I have rebooted both Pineapples after making the changes and then did a full reset just to make sure and go the same results.  Firefox and Chrome if that helps.

SSIDs are now stored in a sqlite3 database configurable in

/tmp/pineap.conf

or through the web interface. To list them manually, use the command

pineap /tmp/pineap.conf list_ssids

To add them manually use the

pineap add_ssid

or

add_ssid_file

subcommands. Type

pineap

 with no arguments for help. 

  • Like 2

Share this post


Link to post
Share on other sites
3 hours ago, Tesla said:

SSIDs are now stored in a sqlite3 database configurable in

<snip>

This is why the file doesn't work anymore. We do however not recommend you manually update the database - the cli tool @Tesla mentioned will handle that for you. You should also not directly modify the /tmp/pineap.conf file, but rather it's UCI configuration file in /etc/config/pineapd - though you really shouldn't edit this either, as the webinterface knows how to handle that.

  • Like 1

Share this post


Link to post
Share on other sites
Posted (edited)

Just some issues/thoughts/suggestions - feel free to ignore

Love the new setup, clear and logical.

Recon live is super quick and I love the highlighted unknown OUI's, handy - maybe red/other for mac's with notes?  - I have had it a coupe of times where there is text (SSID?) appearing in front of the progress bar, struggling to replicate on purpose. EDIT caught it on screen this time Once triggered its persistent until you disable/re-enable PineAP.

1525183330.png

PineAP seems OK i had some issue with it stopping, im not sure what it is and struggle to replicate. maybe something to do with recon scans while using pineap running ssid collection, beacon response etc but cant confirm. have now had a long run without issues so really not sure.

Client connect disconnect notifications is great addition! maybe an on/off?

Filters - not sure if possible but would be cool if you can use wildcards on ssid's like AP* instead of AP1,AP2,AP3...

Tracking - still something i dont use a whole lot, maybe a script save and load facility with some example basic scripts included.

Module manager - for tetra it still asks for location of module dependencies, not sure if thats firmware or module though. module i think?

Configuration button script - love the addition, i sometimes miss the MK5 switches 🙂 but button is not always accessible so maybe have it also tied to a run/test script button on GUI?

Advanced hotfix patches - will this be in the same area as upgrades? just wondering.

Networking - SSH and GUI through ETH port on tetra is handy now and then and having it on quick buttons is super handy.

Reporting - Would be handy to be able to add other module logs to the report zip before sending.

Notes - Amazing! no more scraps of paper for me !!! Good luck deciding on an icon different to logging 😄 Just a pencil?

 

I will keep playing and using for now, great work done - thank you dev team ❤️

P.S. whats the chances of having a macchange on bootup option? with interface selection? slim/none? 🙂

Edited by Just_a_User

Share this post


Link to post
Share on other sites

"whats the chances of having a macchange on bootup option? with interface selection? slim/none?"

You could set the command up on your button script.... might be useful?

Share this post


Link to post
Share on other sites
Posted (edited)
27 minutes ago, PixL said:

You could set the command up on your button script.... might be useful?

Very true, but I was hoping to save the button script for something else and didn't really want to have to combine scripts.

Just thought it would make sense to be able to have the attacking interfaces randomized on boot up as a setting from the GUI sometimes. Maybe even in initial setup config might work if resetting before each engagement. i dunno, was just a thought.

Edited by Just_a_User

Share this post


Link to post
Share on other sites
6 hours ago, Just_a_User said:

Very true, but I was hoping to save the button script for something else and didn't really want to have to combine scripts.

Just thought it would make sense to be able to have the attacking interfaces randomized on boot up as a setting from the GUI sometimes. Maybe even in initial setup config might work if resetting before each engagement. i dunno, was just a thought.

Startup script?

Inject a bit of your own code in a script that's already run on startup?

Ask Sebkinne? 😛 

Share this post


Link to post
Share on other sites
16 hours ago, Just_a_User said:

1525183330.png

Thanks for that - we have trouble replicating it, but will ensure a proper error is shown if recon scans fail.

16 hours ago, Just_a_User said:

Client connect disconnect notifications is great addition! maybe an on/off?

Added to RC2 in the PineAP module.

16 hours ago, Just_a_User said:

Module manager - for tetra it still asks for location of module dependencies, not sure if thats firmware or module though. module i think?

This is an issue with the individual modules. Developers would need to check the device type and then not prompt for an install location.

16 hours ago, Just_a_User said:

Configuration button script - love the addition, i sometimes miss the MK5 switches 🙂 but button is not always accessible so maybe have it also tied to a run/test script button on GUI?

We understand the reasoning here, but decided against a way to run the script from the web interface. We don't want to allow random code execution through the UI.

16 hours ago, Just_a_User said:

Advanced hotfix patches - will this be in the same area as upgrades? just wondering.

This was introduced to be able to live-patch the pineapple before applying an upgrade. As such, this is not something that is visible to the end user, but happens as part of the normal firmware upgrade (where necessary).

16 hours ago, Just_a_User said:

Reporting - Would be handy to be able to add other module logs to the report zip before sending.

We used to have a system for this but it was not used by module developers. We might make this possible again in the future.

16 hours ago, Just_a_User said:

P.S. whats the chances of having a macchange on bootup option? with interface selection? slim/none? 🙂

We'll take a look at adding this for a future version, but are not looking to add additional features for this release.

Share this post


Link to post
Share on other sites
3 hours ago, Sebkinne said:

We understand the reasoning here, but decided against a way to run the script from the web interface. We don't want to allow random code execution through the UI.

What about a web CLI? That would be useful for that kind of thing. I feel like they're quite important with modern router web GUIs. Fortigate does it quite neatly.

Share this post


Link to post
Share on other sites

I'm so happy to hear about this update, thanks! I hope it will make my Nano more stable - I will install the new firmware version today.

Share this post


Link to post
Share on other sites

@Tesla  After further testing with the tetra and nano, I still cannot get the OUI to download.  I have reset all the browser caches and even tried a 3rd browser (fresh install).  Chrome, FIrefox and Vivaldi browsers.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×