Jump to content

PineAP ssid_file


Thraks

Recommended Posts

Posted

This should be fairly straight forward, but has the location SSID's for PineAP are stored changed from "/etc/pineapple/ssid_file"? My pool location still points to the default "/etc/pineapple/", but I'm not able to see any SSID's in ssid_file, and it has a file size of 0 bytes. This is persistent through restarts, adding new SSIDs via GUI, as well as adding them to ssid_file (obv file size changes here) yet the list of existent ssids in PineAP is persistent and functional.

I've grep'd to locate ssid's i know should be in the file, but that comes up with empty results as well. 

Posted

its now stored as a database.  I dont know why some of the options to change location are still in the webui because they dont seem like they are relevant.  Ive noticed this a while ago and wondered why those options were still there.  @Foxtrot 

Posted
1 hour ago, Thraks said:

That makes a lot more sense. Anyway to import to that db that you're aware of?

I think SSID's are stored in /etc/pineapple/pineapple.db (so location is as per the GUI option) which is a sqlight3 database AFAIK there are a few tools to view/open/edit after downloading it.

I also think notifications are in there along with notes, maybe more as  i haven't spent much time digging.

Posted
5 minutes ago, Just_a_User said:

I think SSID's are stored in /etc/pineapple/pineapple.db (so location is as per the GUI option) which is a sqlight3 database AFAIK there are a few tools to view/open/edit after downloading it.

I also think notifications are in there along with notes, maybe more as  i haven't spent much time digging.

Thanks, you're right it is in pineapple.db

Incase anyone else is interested other tables are:

api_tokens, downloads, notes, notifications, ssids, tracking

Kind of a shame they moved from the simple list file. Made swapping, importing, comparing and joining super easy. But then again, it can't hurt to learn sql.

 

Anyway, thanks for your help guys.

 

Posted
4 hours ago, b0N3z said:

its now stored as a database.  I dont know why some of the options to change location are still in the webui because they dont seem like they are relevant.  Ive noticed this a while ago and wondered why those options were still there.  @Foxtrot 

The change location is still there because it allows you to change the location of the database, should the user want to. It will (and should) always be named 'pineapple.db'. This is why the "Change Location" input box omit the filename.

Posted
2 hours ago, Dave-ee Jones said:

is the Pineapple hosting an SQL server as well ...

No, the SQL DB(s) we use are SQLite, and we manipulate it by opening connections to it, modifying, and closing the connection.

2 hours ago, Dave-ee Jones said:

(phpMyAdmin maybe?)

Absolutely not.

Posted
8 minutes ago, Foxtrot said:

No, the SQL DB(s) we use are SQLite, and we manipulate it by opening connections to it, modifying, and closing the connection.

Absolutely not.

Alright, calm down, was just curious. ?️

Posted
8 hours ago, Dave-ee Jones said:

Alright, calm down, was just curious. ?️

Maybe wrong but i think its because phpmyadmin has had 244 known CVE over the last 17  years so would possibly be a massive target/weakness on the pineapples. ? probably best to avoid it if possible.

Posted
15 hours ago, Just_a_User said:

Maybe wrong but i think its because phpmyadmin has had 244 known CVE over the last 17  years so would possibly be a massive target/weakness on the pineapples. ? probably best to avoid it if possible.

In their defence 17 years is a long time and I'm pretty sure Microsoft's Windows has had more than that in the past 10 years.

I do use phpMyAdmin for my SQL server though, but it's not like it's open to the world ready for anyone to start hacking at it whenever they feel like it. Alternatives?

Posted
7 hours ago, Dave-ee Jones said:

In their defence 17 years is a long time and I'm pretty sure Microsoft's Windows has had more than that in the past 10 years.

I do use phpMyAdmin for my SQL server though, but it's not like it's open to the world ready for anyone to start hacking at it whenever they feel like it. Alternatives?

You kinda just made my point for me - Microsoft has millions of targets... erm i mean CVE, phpmyadmin = musch less,  custom bit of code on a bespoke wifi auditing device = way way less.

Im just thinking if the pineapple is potentially picking up a red team or blackhat during an audit... i dunno though, Im just thinking out loud.

Posted

Comparing phpmyadmin to any full fledge operating system is almost ludacris. Windows has an attack surface that is exponentially that of phpmyadmin.

That’s like saying that it’s not so bad that my hobby level drone is a flying telnet server because a Boeing jetliner has a million more vulnerabilities.

 

Posted
17 hours ago, Thraks said:

That’s like saying that it’s not so bad that my hobby level drone is a flying telnet server because a Boeing jetliner has a million more vulnerabilities.

Not entirely true, but funny.

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...